Chrome Addon History Cleaner will sich nicht entfernen lassen

Maliko · 21.09.2017, 09:31

Moin,

ich hab mir da so nen kleinen Plagegeist in Chrome eingefangen (nja, eigentlich ist es mehr als einer gewesen, aber den Rest bin ich selbst losgeworden). Jetzt hab ich hier noch ein Addon, welches sich einfach nicht entfernen lassen will, weil es sich durch eine Unternehmensrichtlinie installiert hat. Und zwar geht es um das Chrome-Addon History Cleaner.

Kann mir da jemand bei helfen den Plagegeist loszuwerden? Er bremst zwar den Rechner nicht aus, aber seitdem ich das Ding im Browser habe, werden sämtliche Suchanfragen aus der URL-Leiste nach Yahoo weitergeleitet.

Ich hab bereits mit dem adwCleaner versucht das Ding loszuwerden, er findet aber nix mehr (hab zuerst einen normalen SUchdurchlauf gemacht und anschließend in den Optionen noch Chrome Richtlinien angehackt. Jetzt findet er gar nix mehr. Das Addon ist aber immer noch da.

Hier die Logs:

Ohne Chrome Richtlinien:

Code:

ATTFilter

# AdwCleaner 7.0.2.1 - Logfile created on Thu Sep 21 07:39:58 2017
# Updated on 2017/29/08 by Malwarebytes 
# Database: 09-20-2017.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy, SearchProvider found: Trovi search - trovi.search
PUP.Optional.Legacy, SearchProvider found: ICQ Search - search.icq.com

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271 


*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [2686 B] - [2017/8/2 17:29:42]
C:/AdwCleaner/AdwCleaner[C1].txt - [2412 B] - [2017/9/20 14:5:49]
C:/AdwCleaner/AdwCleaner[S0].txt - [2512 B] - [2017/8/2 17:28:53]
C:/AdwCleaner/AdwCleaner[S1].txt - [1746 B] - [2017/9/20 14:5:27]


########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########

Mit Chrome Richtlinien:

Code:

ATTFilter

# AdwCleaner 7.0.2.1 - Logfile created on Thu Sep 21 08:26:58 2017
# Updated on 2017/29/08 by Malwarebytes 
# Database: 09-20-2017.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [2686 B] - [2017/8/2 17:29:42]
C:/AdwCleaner/AdwCleaner[C1].txt - [2412 B] - [2017/9/20 14:5:49]
C:/AdwCleaner/AdwCleaner[C2].txt - [1466 B] - [2017/9/21 7:41:59]
C:/AdwCleaner/AdwCleaner[S0].txt - [2512 B] - [2017/8/2 17:28:53]
C:/AdwCleaner/AdwCleaner[S1].txt - [1746 B] - [2017/9/20 14:5:27]
C:/AdwCleaner/AdwCleaner[S2].txt - [1463 B] - [2017/9/21 7:39:58]


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########

Danke schon mal im Vorraus.

M-K-D-B · 21.09.2017, 14:00

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Wenn du mit AdwCleaner zuerst die Richtlinien für Chrome löschen lässt, solltest du die Erweiterung schon entfernen können (manuell).
Wir schauen kurz nach:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Maliko · 21.09.2017, 14:53

Bitte schön

FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2017
durchgeführt von jdhel (Administrator) auf DESKTOP-3KI17HI (21-09-2017 15:46:48)
Gestartet von C:\Users\jdhel\Desktop\Reinigung
Geladene Profile: jdhel (Verfügbare Profile: jdhel)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) D:\VMware Player\vmware-authd.exe
(Electronic Arts) F:\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Electronic Arts) F:\Origin\Origin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Akamai Technologies, Inc.) C:\Users\jdhel\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\jdhel\AppData\Roaming\Spotify\Spotify.exe
(Akamai Technologies, Inc.) C:\Users\jdhel\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\jdhel\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GOG.com) F:\GOG Galaxy\GalaxyClient.exe
(Spotify Ltd) C:\Users\jdhel\AppData\Roaming\Spotify\Spotify.exe
(GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(AVAST Software) C:\Users\jdhel\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(GOG.com) F:\GOG Galaxy\GalaxyClient Helper.exe
(Spotify Ltd) C:\Users\jdhel\AppData\Roaming\Spotify\Spotify.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.107.36.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.107.36.0\OverwolfHelper64.exe
(GOG.com) F:\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG.com) F:\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) F:\GOG Galaxy\GalaxyClient Helper.exe
(Spotify Ltd) C:\Users\jdhel\AppData\Roaming\Spotify\Spotify.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.107.36.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.107.36.0\OverwolfBrowser.exe
() F:\Origin\QtWebEngineProcess.exe
() F:\Origin\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) F:\Steam\Steam.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.21.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1052488 2017-09-10] ()
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [Steam] => F:\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [GalaxyClient] => F:\GOG Galaxy\GalaxyClient.exe [5161536 2017-09-18] (GOG.com)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [EADM] => F:\Origin\Origin.exe [3098944 2017-09-12] (Electronic Arts)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [160824 2017-07-10] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [Akamai NetSession Interface] => C:\Users\jdhel\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [Spotify] => C:\Users\jdhel\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-19] (Spotify Ltd)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [Spotify Web Helper] => C:\Users\jdhel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-19] (Spotify Ltd)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\RunOnce: [Uninstall 17.3.6966.0824\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jdhel\AppData\Local\Microsoft\OneDrive\17.3.6966.0824\amd64"
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\RunOnce: [Uninstall 17.3.6966.0824] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jdhel\AppData\Local\Microsoft\OneDrive\17.3.6966.0824"
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\MountPoints2: {3d897df4-8967-11e7-a390-74d43585973c} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\MountPoints2: {f2b9ab42-6e49-11e7-a382-74d43585973c} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\MountPoints2: {f2b9ab83-6e49-11e7-a382-74d43585973c} - "G:\HiSuiteDownLoader.exe" 
Startup: C:\Users\jdhel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-07-30]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\jdhel\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
GroupPolicy: Beschränkung - Chrome <==== ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{147a30da-ca3c-4552-a96c-40f557afb5b8}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10341__170730__yaie
SearchScopes: HKU\S-1-5-21-2980919159-2059370-3087206838-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10341__170730__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-19] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-19] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-19] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-2980919159-2059370-3087206838-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-07-30] ()

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.initialpage123.com/?z=a154a92eb90c58c41835252g6z5t0q9e3tdmfz8z6c&from=cmefy&uid=ST3500418AS_9VMNJKQMXXXX9VMNJKQM&type=hp","hxxps://encrypted.google.com"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSuggestURL: Default -> hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default [2017-09-21]
CHR Extension: (Google Präsentationen) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-30]
CHR Extension: (BetterTTV) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-05-30]
CHR Extension: (From Dust) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2017-05-30]
CHR Extension: (Google Docs) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-30]
CHR Extension: (Google Drive) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-30]
CHR Extension: (Web Developer) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-08-02]
CHR Extension: (YouTube) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-30]
CHR Extension: (Tampermonkey) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-05-30]
CHR Extension: (Xdebug helper) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eadndfjplgieldjbigjakmdgkmoaaaoc [2017-05-30]
CHR Extension: (FrankerFaceZ) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2017-05-30]
CHR Extension: (ZenMate VPN - Top Internet Security & Unblock) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-08-02]
CHR Extension: (Google Tabellen) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-30]
CHR Extension: (Stylish- Benutzerdef. Motive f. jede Webseite) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-08-18]
CHR Extension: (EditThisCookie) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-08-25]
CHR Extension: (Google Docs Offline) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-30]
CHR Extension: (AdBlock) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-12]
CHR Extension: (Looper for YouTube) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2017-08-16]
CHR Extension: (Command & Conquer Tiberium Alliances) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe [2017-05-30]
CHR Extension: (History Cleaner) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcegkhchfikjgfochhmfmoadegikmfaa [2017-09-20]
CHR Extension: (Xdebug) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhodjblplijafdpjjfhhanfmchplpfgl [2017-05-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Google Mail) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-30]
CHR Extension: (Chrome Media Router) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-11]
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [401456 2017-03-19] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-07-10] (BlueStack Systems, Inc.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2017-05-30] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
S3 GalaxyClientService; F:\GOG Galaxy\GalaxyClientService.exe [532544 2017-09-18] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-08-25] (GOG.com)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365040 2017-03-17] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-30] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S3 Origin Client Service; F:\Origin\OriginClientService.exe [2120032 2017-09-12] (Electronic Arts)
R2 Origin Web Helper Service; F:\Origin\OriginWebHelperService.exe [3000160 2017-09-12] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1450824 2017-09-10] (Overwolf LTD)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-07-26] (TeamViewer GmbH)
R2 VMAuthdService; D:\VMware Player\vmware-authd.exe [99816 2017-06-19] (VMware, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7209bde3180ef5f7\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-06-21] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R2 vmparport; C:\Windows\system32\DRIVERS\vmparport.sys [49216 2017-06-19] (VMware, Inc.)
R0 vsock; C:\Windows\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [38368 2017-06-25] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-21 15:24 - 2017-09-21 15:46 - 000000000 ____D C:\FRST
2017-09-21 15:23 - 2017-09-21 15:46 - 000000000 ____D C:\Users\jdhel\Desktop\Reinigung
2017-09-21 10:06 - 2017-09-21 10:06 - 000000000 ___HD C:\OneDriveTemp
2017-09-21 09:38 - 2017-09-21 09:38 - 000004410 _____ C:\Windows\System32\Tasks\avast! BCU UpdateS-1-5-21-2980919159-2059370-3087206838-1001
2017-09-21 09:38 - 2017-09-21 09:38 - 000003516 _____ C:\Windows\System32\Tasks\avastBCLS-1-5-21-2980919159-2059370-3087206838-1001
2017-09-21 09:38 - 2017-09-21 09:38 - 000001158 _____ C:\Users\jdhel\Desktop\Avast Browser Cleanup.lnk
2017-09-21 09:38 - 2017-09-21 09:38 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Browser Cleanup
2017-09-21 09:38 - 2017-09-21 09:38 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\AVAST Software
2017-09-20 16:04 - 2017-09-20 16:04 - 009826968 _____ (Piriform Ltd) C:\Users\jdhel\Desktop\ccsetup534.exe
2017-09-20 16:04 - 2017-09-20 16:04 - 008182736 _____ (Malwarebytes) C:\Users\jdhel\Desktop\adwcleaner_7.0.2.1.exe
2017-09-20 15:43 - 2017-09-20 15:43 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Hex-Rays
2017-09-20 15:39 - 2017-09-20 15:39 - 000472389 _____ ( ) C:\Users\jdhel\Desktop\Sothink_Decompiler_Free_Download_Crack_Games.exe
2017-09-20 14:06 - 2017-09-20 14:06 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Eipix
2017-09-20 12:34 - 2017-09-20 12:34 - 000002240 _____ C:\Users\Public\Desktop\Spiel Myths of the World - Schwarze Rose.lnk
2017-09-20 12:33 - 2017-09-20 12:34 - 000000000 ____D C:\Program Files (x86)\Myths of the World - Schwarze Rose
2017-09-20 12:33 - 2017-09-20 12:33 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Myths of the World - Schwarze Rose
2017-09-20 12:33 - 2017-09-20 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Myths of the World - Schwarze Rose
2017-09-20 12:23 - 2017-09-20 16:02 - 000000000 ____D C:\ProgramData\TEMP
2017-09-20 12:23 - 2017-09-20 12:23 - 000001998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2017-09-20 12:23 - 2017-09-20 12:23 - 000001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weitere fantastische Spiele.lnk
2017-09-20 12:23 - 2017-09-20 12:23 - 000001030 _____ C:\Users\Public\Desktop\Spiele.lnk
2017-09-20 12:23 - 2017-09-20 12:23 - 000000000 ____D C:\ProgramData\Big Fish
2017-09-20 12:23 - 2017-09-20 12:23 - 000000000 ____D C:\Program Files (x86)\bfgclient
2017-09-20 12:21 - 2017-09-20 14:05 - 000000000 ____D C:\BigFishCache
2017-09-20 12:21 - 2017-09-20 12:23 - 000000000 ____D C:\Users\jdhel\AppData\Local\Big Fish
2017-09-20 11:53 - 2017-09-20 11:53 - 000001569 _____ C:\Users\jdhel\Desktop\Vermillion.lnk
2017-09-20 11:51 - 2017-09-20 11:51 - 000001565 _____ C:\Users\jdhel\Desktop\Maskerade.lnk
2017-09-19 22:36 - 2017-09-19 22:37 - 000000000 ____D C:\Users\jdhel\Desktop\WinSCP-5.11.1-Portable
2017-09-19 21:19 - 2017-09-19 21:19 - 000000000 ____D C:\Users\jdhel\AppData\Local\Echo
2017-09-19 20:50 - 2017-09-20 22:40 - 000000000 ____D C:\Users\jdhel\Downloads\GrabIt Downloads
2017-09-19 10:37 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-09-19 10:37 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-09-19 10:37 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-19 10:37 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-09-19 10:37 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-09-19 10:37 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-09-19 10:37 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-09-19 10:37 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-19 10:37 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-09-19 10:37 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialUIBroker.exe
2017-09-19 10:37 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-09-19 10:37 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-19 10:37 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-19 10:37 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-09-19 10:37 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-09-19 10:37 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-09-19 10:37 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-09-19 10:37 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-19 10:37 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-09-19 10:37 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-09-19 10:37 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-09-19 10:37 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-09-19 10:37 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2017-09-19 10:37 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-09-19 10:37 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-19 10:37 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-09-19 10:37 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-09-19 10:37 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-09-19 10:37 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-09-19 10:37 - 2017-09-05 06:14 - 004544000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsDesktopEngine.exe
2017-09-19 10:37 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2017-09-19 10:37 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-09-19 10:37 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-09-19 10:37 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-09-19 10:37 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-09-19 10:37 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-09-19 10:37 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-09-19 10:37 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-09-19 10:37 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-09-19 10:37 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-09-19 10:37 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-19 10:37 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-09-19 10:37 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RstrtMgr.dll
2017-09-19 10:37 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2017-09-19 10:36 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-09-19 10:36 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-09-19 10:36 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-09-19 10:36 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-09-19 10:36 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-09-19 10:36 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-09-19 10:36 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-09-19 10:36 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-09-19 10:36 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-09-19 10:36 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2017-09-19 10:36 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-09-19 10:36 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2017-09-19 10:36 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2017-09-19 10:36 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-19 10:36 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2017-09-19 10:36 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2017-09-19 10:36 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-19 10:36 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-09-19 10:36 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-09-19 10:36 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-09-19 10:36 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2017-09-19 10:36 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2017-09-19 10:36 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2017-09-19 10:36 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2017-09-19 10:36 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-19 10:36 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2017-09-19 10:36 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2017-09-19 10:36 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2017-09-19 10:36 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-09-19 10:36 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmCx.sys
2017-09-19 10:36 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2017-09-19 10:36 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2017-09-19 10:36 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-19 10:36 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-09-19 10:36 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2017-09-19 10:36 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2017-09-19 10:36 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2017-09-19 10:36 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\ngcrecovery.dll
2017-09-19 10:36 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-19 10:36 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-09-19 10:36 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-09-19 10:36 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\Phoneutil.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-19 10:36 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-09-19 10:36 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-09-19 10:36 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-19 10:36 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-19 10:36 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2017-09-19 10:36 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2017-09-19 10:36 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-09-19 10:36 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2017-09-19 10:36 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2017-09-19 10:36 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-09-19 10:36 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-09-19 10:36 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Phoneutil.dll
2017-09-19 10:36 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-19 10:36 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-19 10:36 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-09-19 10:36 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-09-19 10:36 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-09-19 10:36 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-09-19 10:36 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-19 10:36 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-19 10:36 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-19 10:36 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-09-19 10:36 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\BthHFSrv.dll
2017-09-19 10:36 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2017-09-19 10:35 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-09-19 10:35 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-09-19 10:35 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2017-09-19 10:35 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-09-19 10:35 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-19 10:35 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-19 10:35 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-19 10:35 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-19 10:35 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-09-19 10:35 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2017-09-19 10:35 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-09-19 10:35 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-09-19 10:35 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-09-19 10:35 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-09-19 10:35 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-09-19 10:35 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-09-19 10:35 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-09-19 10:35 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-19 10:35 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-09-19 10:35 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2017-09-19 10:35 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-09-19 10:35 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-19 10:35 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2017-09-19 10:35 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2017-09-19 10:35 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-19 10:35 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-19 10:35 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-09-19 10:35 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-09-19 10:35 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2017-09-19 10:35 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-19 10:35 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-09-19 10:35 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-09-19 10:35 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2017-09-19 10:35 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-09-19 10:35 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-09-19 10:35 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-09-19 10:35 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-19 10:35 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-09-19 10:35 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-09-19 10:35 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2017-09-19 10:35 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2017-09-19 10:35 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2017-09-19 10:35 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2017-09-19 10:35 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\winsrvext.dll
2017-09-19 10:35 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2017-09-19 10:35 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrPS.dll
2017-09-19 10:35 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-09-19 10:35 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-09-19 10:35 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-09-19 10:35 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-09-19 10:35 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\datamarketsvc.dll
2017-09-19 10:35 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-09-19 10:35 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2017-09-19 10:35 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-19 10:35 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-19 10:35 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-09-19 10:35 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-19 10:35 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-19 10:35 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2017-09-19 10:35 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2017-09-19 10:35 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-19 10:35 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-09-19 10:35 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2017-09-19 10:35 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-19 10:35 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-19 10:35 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-19 10:35 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2017-09-19 10:35 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2017-09-19 10:35 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-09-19 10:35 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-09-19 10:35 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-09-19 10:35 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2017-09-19 10:35 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-09-19 10:35 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2017-09-19 10:35 - 2017-09-05 06:19 - 005776384 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsDesktopEngine.exe
2017-09-19 10:35 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-19 10:35 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2017-09-19 10:35 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-19 10:35 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2017-09-19 10:35 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-09-19 10:35 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-19 10:35 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-09-19 10:35 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-09-19 10:35 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2017-09-19 10:35 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-09-19 10:35 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-09-19 10:35 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-09-19 10:35 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-19 10:35 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-19 10:35 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-09-19 10:35 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\RstrtMgr.dll
2017-09-19 10:35 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-09-19 10:35 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2017-09-19 10:35 - 2017-09-01 07:55 - 000031932 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2017-09-19 10:34 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-09-19 10:34 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-09-19 10:34 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2017-09-19 10:34 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2017-09-19 10:34 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2017-09-19 10:34 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2017-09-19 10:34 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2017-09-19 10:34 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-09-19 10:34 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-09-19 10:34 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2017-09-19 10:34 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-09-19 10:34 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\Windows\system32\SyncAppvPublishingServer.exe
2017-09-19 10:34 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2017-09-19 10:34 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe
2017-09-19 10:34 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamingUX.dll
2017-09-19 10:34 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-09-19 10:34 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-09-19 10:34 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-19 10:34 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\CfgSPCellular.dll
2017-09-19 10:34 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAPNCsp.dll
2017-09-19 10:34 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-09-19 10:34 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2017-09-19 10:34 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\csplte.dll
2017-09-19 10:34 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2017-09-19 10:34 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2017-09-19 10:34 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-09-19 10:34 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-09-19 10:34 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-19 10:34 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2017-09-19 10:34 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2017-09-19 10:34 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll
2017-09-19 10:34 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2017-09-19 10:34 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2017-09-19 10:34 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-09-19 10:34 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-09-19 10:34 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2017-09-19 10:34 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-09-19 10:34 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2017-09-19 10:34 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2017-09-19 10:34 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2017-09-19 10:34 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2017-09-19 10:34 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-09-19 10:34 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-09-19 10:34 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-09-19 10:34 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2017-09-19 10:34 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-09-19 10:34 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-19 10:34 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2017-09-19 10:34 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2017-09-19 10:34 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2017-09-19 10:34 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2017-09-19 10:34 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2017-09-19 10:34 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-19 10:34 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-09-19 10:34 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-09-19 10:34 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-19 10:34 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2017-09-18 17:05 - 2017-09-18 17:05 - 000000992 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2017-09-18 17:05 - 2017-09-18 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2017-09-18 17:05 - 2017-09-18 17:05 - 000000000 ____D C:\Program Files\Guild Wars 2
2017-09-18 17:04 - 2017-09-18 17:05 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Guild Wars 2
2017-09-18 14:46 - 2017-09-18 14:48 - 000000000 ____D C:\Users\jdhel\Desktop\Ausgaben
2017-09-18 14:46 - 2017-09-18 14:46 - 000047616 _____ C:\Users\jdhel\Desktop\2017-Arbeitsplan.xls
2017-09-18 14:44 - 2017-09-18 14:44 - 000008391 _____ C:\Users\jdhel\Desktop\blubb.sql
2017-09-18 14:35 - 2017-09-18 14:35 - 007897776 _____ (Tim Kosse) C:\Users\jdhel\Downloads\FileZilla_3.27.1_win64-setup.exe
2017-09-15 13:27 - 2017-09-15 13:27 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\Grafiken
2017-09-13 19:42 - 2017-09-13 19:42 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Microsoft Corporation
2017-08-25 12:44 - 2017-09-21 15:41 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\Facepalm Games
2017-08-24 22:34 - 2017-09-20 22:38 - 000000600 _____ C:\Users\jdhel\AppData\Roaming\winscp.rnd
2017-08-23 22:41 - 2017-08-23 22:41 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\Network Monitor 3
2017-08-23 22:40 - 2017-08-23 22:40 - 000001091 _____ C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
2017-08-23 22:40 - 2017-08-23 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Network Monitor 3.4
2017-08-23 22:40 - 2017-08-23 22:40 - 000000000 ____D C:\Program Files\Microsoft Network Monitor 3
2017-08-23 20:41 - 2017-08-23 20:41 - 000000000 ____D C:\Users\jdhel\AppData\LocalLow\Alawar
2017-08-23 20:28 - 2017-08-23 20:28 - 000000000 ____D C:\Users\jdhel\Desktop\ClamWinPortable
2017-08-23 10:35 - 2017-08-23 10:35 - 000000000 ____D C:\Users\jdhel\AppData\LocalLow\League of Geeks

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-21 15:42 - 2017-06-14 15:34 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\My Games
2017-09-21 15:42 - 2017-05-30 14:16 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Origin
2017-09-21 15:41 - 2017-06-15 23:29 - 000000000 ____D C:\Users\jdhel\AppData\LocalLow\DoMyBest
2017-09-21 15:33 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-21 15:33 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\AppReadiness
2017-09-21 15:19 - 2017-05-30 12:53 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-09-21 15:16 - 2017-08-15 14:19 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Spotify
2017-09-21 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\rescache
2017-09-21 12:25 - 2017-05-30 13:21 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-21 10:28 - 2017-08-02 19:28 - 000000000 ____D C:\AdwCleaner
2017-09-21 10:06 - 2017-07-27 08:17 - 000003372 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2980919159-2059370-3087206838-1001
2017-09-21 10:06 - 2017-05-30 13:06 - 000002385 _____ C:\Users\jdhel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-21 10:06 - 2017-05-30 13:06 - 000000000 ___RD C:\Users\jdhel\OneDrive
2017-09-21 09:48 - 2017-05-30 13:03 - 002936914 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-21 09:48 - 2017-03-20 06:41 - 001350294 _____ C:\Windows\system32\perfh007.dat
2017-09-21 09:48 - 2017-03-20 06:41 - 000331502 _____ C:\Windows\system32\perfc007.dat
2017-09-21 09:47 - 2017-05-30 13:56 - 000000000 ____D C:\Users\jdhel\AppData\Local\CrashDumps
2017-09-21 09:47 - 2017-05-30 13:37 - 000000000 ____D C:\ProgramData\Origin
2017-09-21 09:45 - 2017-05-30 13:15 - 000000000 ____D C:\Users\jdhel\AppData\Local\Overwolf
2017-09-21 09:43 - 2017-05-31 11:36 - 000000000 __SHD C:\Users\jdhel\IntelGraphicsProfiles
2017-09-21 09:43 - 2017-05-30 13:07 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-21 09:42 - 2017-07-23 22:39 - 000000000 ____D C:\ProgramData\VMware
2017-09-21 09:42 - 2017-05-30 12:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-21 09:42 - 2017-03-18 13:40 - 001048576 _____ C:\Windows\system32\config\BBI
2017-09-21 09:23 - 2017-08-15 14:19 - 000000000 ____D C:\Users\jdhel\AppData\Local\Spotify
2017-09-21 09:22 - 2017-03-18 23:01 - 000000000 ____D C:\Windows\INF
2017-09-20 15:40 - 2017-05-30 13:33 - 000000912 __RSH C:\ProgramData\ntuser.pol
2017-09-20 15:40 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-09-20 12:33 - 2017-07-22 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-09-20 11:34 - 2017-06-15 11:53 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2017-09-20 10:04 - 2017-06-16 09:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-19 23:48 - 2017-05-30 13:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-19 23:18 - 2017-05-30 12:53 - 000393592 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-19 23:16 - 2017-03-20 06:41 - 000000000 ____D C:\Windows\system32\de
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ___SD C:\Windows\system32\F12
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\SysWOW64\setup
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\setup
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\ShellExperiences
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-19 23:14 - 2017-05-30 13:01 - 000000000 ____D C:\Users\jdhel
2017-09-19 21:16 - 2017-08-03 13:46 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\GrabIt
2017-09-19 19:34 - 2017-05-30 13:03 - 000000000 ____D C:\Users\jdhel\AppData\Local\Packages
2017-09-19 10:43 - 2017-05-30 15:11 - 000000000 ____D C:\Windows\system32\MRT
2017-09-19 10:41 - 2017-05-30 15:11 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-19 10:41 - 2017-03-18 22:51 - 000000000 ____D C:\Windows\CbsTemp
2017-09-19 10:17 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-19 10:06 - 2017-05-30 13:16 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-09-18 16:45 - 2017-07-30 21:04 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\FileZilla
2017-09-18 15:09 - 2017-05-30 13:08 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-18 15:09 - 2017-05-30 13:08 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-18 13:38 - 2017-06-18 20:16 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Might & Magic Heroes VI
2017-09-18 11:03 - 2017-06-18 20:16 - 000000000 ____D C:\Users\jdhel\AppData\Local\Ubisoft Game Launcher
2017-09-14 22:22 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\LiveKernelReports
2017-09-13 19:42 - 2017-05-30 20:02 - 000000000 ____D C:\Users\jdhel\AppData\Local\Xamarin
2017-09-13 19:42 - 2017-05-30 19:59 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\Visual Studio 2017
2017-09-08 08:48 - 2017-07-29 15:12 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\The Surge
2017-09-08 08:44 - 2017-07-22 19:39 - 000001188 _____ C:\Users\jdhel\Desktop\Neues Textdokument.txt
2017-09-08 08:41 - 2017-08-11 15:53 - 000001028 _____ C:\Users\jdhel\Desktop\Andersdenker.txt
2017-09-05 22:34 - 2017-05-30 20:03 - 000000000 ____D C:\Users\jdhel\AppData\Local\Deployment
2017-09-05 22:33 - 2017-07-23 22:40 - 000000000 ____D C:\Users\jdhel\AppData\Local\VMware
2017-09-05 22:32 - 2017-07-23 22:40 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\VMware
2017-09-04 19:34 - 2017-07-21 23:28 - 000000000 ____D C:\Users\jdhel\AppData\Local\Hisuite
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-06-29 14:39 - 2017-06-29 21:34 - 000000113 _____ () C:\Users\jdhel\AppData\Roaming\D2Info0
2017-06-29 14:39 - 2017-06-29 21:39 - 000000008 _____ () C:\Users\jdhel\AppData\Roaming\DofusAppId0_1
2017-06-29 14:44 - 2017-06-29 16:35 - 000000008 _____ () C:\Users\jdhel\AppData\Roaming\DofusAppId0_2
2017-06-29 18:00 - 2017-06-29 20:01 - 000000008 _____ () C:\Users\jdhel\AppData\Roaming\DofusAppId0_3
2017-08-24 22:34 - 2017-09-20 22:38 - 000000600 _____ () C:\Users\jdhel\AppData\Roaming\winscp.rnd
2017-07-30 20:21 - 2017-07-30 20:21 - 000000894 _____ () C:\Users\jdhel\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
2017-06-24 23:01 - 2017-06-24 23:01 - 000000180 _____ () C:\Users\jdhel\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
2017-07-02 12:27 - 2017-06-29 14:23 - 006456928 _____ (Ankama Studio) C:\Users\jdhel\AppData\Local\Temp\AnkEB27.tmp.exe
2017-06-24 23:02 - 2017-06-25 09:46 - 000000064 _____ () C:\Users\jdhel\AppData\Local\Temp\ed16f0eeaeac05357b1db8bcf2eb1403.dll
2017-09-18 17:04 - 2017-09-18 17:04 - 032754344 _____ (ArenaNet) C:\Users\jdhel\AppData\Local\Temp\Gw2.exe
2017-07-17 11:29 - 2017-05-24 08:56 - 000785464 _____ (BlueStack Systems, Inc.) C:\Users\jdhel\AppData\Local\Temp\HD-Common.dll
2017-07-17 11:29 - 2017-05-24 08:57 - 000464952 _____ (BlueStack Systems, Inc.) C:\Users\jdhel\AppData\Local\Temp\HD-InstallerUtils.dll
2017-07-17 11:29 - 2017-05-24 08:54 - 000187416 _____ (BlueStack Systems) C:\Users\jdhel\AppData\Local\Temp\HD-LibraryHandler.dll
2017-07-17 11:29 - 2017-05-24 08:53 - 000246808 _____ (BlueStack Systems) C:\Users\jdhel\AppData\Local\Temp\HD-Logger-Native.dll
2017-07-17 11:29 - 2017-05-24 08:56 - 000385080 _____ (BlueStack Systems, Inc.) C:\Users\jdhel\AppData\Local\Temp\HD-Uninstaller.exe
2017-06-30 13:35 - 2017-06-30 13:35 - 000028097 _____ () C:\Users\jdhel\AppData\Local\Temp\i4jdel0.exe
2017-06-15 23:17 - 2017-06-15 23:17 - 036403960 _____ (AppWork GmbH) C:\Users\jdhel\AppData\Local\Temp\JDSetup131420350771637675.exe
2017-05-30 13:20 - 2017-02-23 10:17 - 000354176 _____ (NVIDIA Corporation) C:\Users\jdhel\AppData\Local\Temp\nvStInst.exe
2017-09-18 14:35 - 2017-09-18 14:35 - 000040448 ____N () C:\Users\jdhel\AppData\Local\Temp\proxy_vole2436449859471304029.dll
2017-07-22 19:16 - 2017-06-18 10:58 - 000064356 _____ () C:\Users\jdhel\AppData\Local\Temp\Uninstall.exe
2017-07-06 09:54 - 2017-07-06 09:54 - 013767776 _____ (Microsoft Corporation) C:\Users\jdhel\AppData\Local\Temp\vcredist_x86.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-20 16:22

==================== Ende von FRST.txt ============================

Maliko · 21.09.2017, 14:54

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2017
durchgeführt von jdhel (21-09-2017 15:47:15)
Gestartet von C:\Users\jdhel\Desktop\Reinigung
Windows 10 Pro Version 1703 (X64) (2017-05-30 10:57:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2980919159-2059370-3087206838-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2980919159-2059370-3087206838-503 - Limited - Disabled)
Gast (S-1-5-21-2980919159-2059370-3087206838-501 - Limited - Disabled)
jdhel (S-1-5-21-2980919159-2059370-3087206838-1001 - Administrator - Enabled) => C:\Users\jdhel

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

.NET Core SDK 1.0.4 (x64) (HKLM\...\{11ACCE3C-C179-472C-A8CA-0F467702B2DA}) (Version: 4.1.5012 - Microsoft Corporation) Hidden
.NET Core SDK 1.0.4 (x64) (HKLM-x32\...\{c56e80af-58a4-490b-a1cd-5718290133b9}) (Version: 1.0.4 - Microsoft Corporation)
„Der Herr der Ringe Online™“ v1903.0058.2732.4095 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1903.0058.2732.4095 - Standing Stone Games, LLC)
Active Directory Authentication Library für SQL Server (HKLM\...\{DCF8CB30-F4CE-476A-AB02-E8D620FADC70}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.33 - NVIDIA Corporation) Hidden
Application Verifier x64 External Package (HKLM\...\{01C2C51F-B0CF-BB5E-A010-E927D44F7720}) (Version: 10.1.15063.137 - Microsoft) Hidden
Avast Browser Cleanup (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Avast Browser Cleanup) (Version: 12.1.2272.125 - AVAST Software)
Batman™: Arkham Origins (HKLM\...\Steam App 209000) (Version:  - WB Games Montreal)
Beholder (HKLM-x32\...\{05922599-8938-47C9-A534-0CDFB3360B5F}) (Version: 1.5.0.9747 - Alawar Entertainment)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BioShock Infinite (HKLM\...\Steam App 8870) (Version:  - Irrational Games)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.14.1559 - BlueStack Systems, Inc.)
Borderlands (HKLM\...\Steam App 8980) (Version:  - Gearbox Software)
Brother MFL-Pro Suite DCP-L2520DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{E598B692-764A-413C-8530-59163D6B4AE3}) (Version: 4.6.01590 - Microsoft Corporation) Hidden
Command & Conquer™ Renegade (HKLM-x32\...\{24DFBE4C-FD7F-48F2-A7D9-D1A0929B2113}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
CrossCode (HKLM\...\Steam App 368340) (Version:  - Radical Fish Games)
Darksiders II (HKLM\...\Steam App 50650) (Version:  - Vigil Games)
DC Universe Online (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\DGC-DC Universe Online) (Version: 1.0.3.195 - Daybreak Game Company)
DC Universe Online Live (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\DG0-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Dex (HKLM-x32\...\1929434313_is1) (Version: 5.4.0.0 - GOG.com)
DiagnosticsHub_CollectionService (HKLM\...\{90A561D7-0C29-464D-94E1-2A7E1C553230}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
Dirty Bomb (HKLM\...\Steam App 333930) (Version:  - Splash Damage®)
Entity Framework 6.1.3 Tools  for Visual Studio 15 (HKLM-x32\...\{F8C0447E-D45C-4E52-94E8-C6340AAC9DB8}) (Version: 6.1.60104.0 - Microsoft Corporation) Hidden
Epistory - Typing Chronicles (HKLM\...\Steam App 398850) (Version:  - Fishing Cactus)
Facebook Gameroom 1.7.6419.39279 (HKLM-x32\...\{D4BD422A-BE4A-4318-B617-34FA42544193}) (Version: 1.7.6419.39279 - Facebook)
FileZilla Client 3.27.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.0.1 - Tim Kosse)
FINAL FANTASY XIII-2 (HKLM\...\Steam App 292140) (Version:  - SQUARE ENIX)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Git version 2.10.2 (HKLM\...\Git_is1) (Version: 2.10.2 - The Git Development Community)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GrabIt 1.7.4 Beta 2 (build 1014) (HKLM-x32\...\GrabIt_is1) (Version:  - Ilan Shemes)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version:  - Ansgar Becker)
icecap_collection_neutral (HKLM-x32\...\{64F3E6FC-68E3-4062-9C2C-ABD93FDFF309}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{0AD162D1-4973-4315-97E9-5DE9A92B4049}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{FE002482-71A5-4B32-9D08-60ADFAF19E07}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{9FBD9D6F-A511-45F5-B672-63A5087F6F89}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{0148E8AA-4A50-4673-B532-DB9F30F804BE}) (Version: 10.0.1737 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - ) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{27276DC1-66AA-4B16-918D-5AB1EEDF09C6}) (Version: 6.0.5 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.15063.0 (HKLM-x32\...\{A0007ADE-F6F6-410F-822F-7522B4F0BFDE}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{51783942-DFB0-4452-97CC-BDF2D4AB3A48}) (Version: 15.0.24.0 - Microsoft Corporation) Hidden
Java SE Development Kit 8 Update 131 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180131}) (Version: 8.0.1310.11 - Oracle Corporation)
Java SE Development Kit 8 Update 131 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180131}) (Version: 8.0.1310.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBrains PhpStorm 2017.1.4 (HKLM-x32\...\PhpStorm 2017.1.4) (Version: 171.4694.2 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{EBC73D1A-BF2B-38E0-4E8E-77511F951ABC}) (Version: 10.1.10586.212 - Microsoft) Hidden
Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{91BF6CA6-F6AA-4639-944A-627B7D02567E}) (Version: 4.6.01604 - Microsoft Corporation) Hidden
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.10 - Electronic Arts)
Microsoft Azure Authoring Tools - v2.9.5.3 (HKLM\...\{086C537B-DE1A-4A11-8441-6AAF076174B8}) (Version: 2.9.8699.20 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.5.3 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.5.3) (Version: 2.9.8699.20 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure Mobile App SDK V2.0 (HKLM-x32\...\{829D812B-3F25-4E8B-B1DF-1AD09164684C}) (Version: 2.0.50130.0 - Microsoft Corporation)
Microsoft Azure PowerShell - September 2016 (HKLM-x32\...\{CB3F8A12-1570-4964-8206-17274AB9EF4D}) (Version: 2.1.0 - Microsoft Corporation)
Microsoft Azure Storage Emulator - v5.1 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.1) (Version: 5.1.1760.1722 - Microsoft Corporation)
Microsoft Identity Extensions (HKLM\...\{F99F24BF-0B90-463E-9658-3FD2EFC3C992}) (Version: 2.0.1459.0 - Microsoft Corporation)
Microsoft Network Monitor 3.4 (HKLM\...\{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Network Monitor: NetworkMonitor Parsers 3.4 (HKLM\...\{963E5FEB-1367-46B9-851D-A957F1A3747F}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{E9AD0F97-5DF2-4F5B-BC5B-F524D21BF165}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30642.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{65C71B09-C33D-4F60-93EA-DF3AD1D40600}) (Version: 10.0.1981 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Might & Magic: Heroes VI (HKLM\...\Steam App 48220) (Version:  - Blackhole)
MSI Development Tools (HKLM-x32\...\{074120DA-7DA8-E059-BD8E-5750E97C6046}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Myths of the World: Schwarze Rose (HKLM-x32\...\BFG-Myths of the World - Schwarze Rose) (Version:  - )
NC Launcher (HKLM-x32\...\NCLauncherS_plaync) (Version:  - NCSOFT)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Observer (HKLM-x32\...\1449856523_is1) (Version: 1.0 - GOG.com)
Oceanhorn: Monster of Uncharted Seas (HKLM\...\Steam App 339200) (Version:  - Cornfox &amp; Bros.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
One Click Root (HKLM-x32\...\{6EAD0BE5-D1CF-4BE8-A66F-53FE9B8D89CC}) (Version: 1.0.0.4 - One Click Root)
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.3.55762 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.107.36.0 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (HKLM-x32\...\{8989DBC1-E87B-448F-9147-57EEEC5A24A5}) (Version: 1.0.0 - Overwolf) Hidden
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Prey (HKLM\...\Steam App 480490) (Version:  - Arkane Studios)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Secret World Legends (HKLM-x32\...\Secret World Legends_is1) (Version: 1.0.0 - Funcom)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
sptools_Microsoft.VisualStudio.OfficeDeveloperTools.Msi (HKLM-x32\...\{9AF6A196-25EA-477B-9852-90E73A4438A4}) (Version: 15.0.26309 - Microsoft Corporation) Hidden
sptools_Microsoft.VisualStudio.Vsto.Msi (HKLM-x32\...\{6A005912-B16B-4D76-8F77-BA1A47501B6F}) (Version: 15.0.26309 - Microsoft Corporation) Hidden
sptools_Microsoft.VisualStudio.Vsto.Msi.Resources (HKLM-x32\...\{B8754C90-152E-494A-828C-E6022F899B1D}) (Version: 15.0.26309 - Microsoft Corporation) Hidden
sptools_Microsoft.VisualStudio.Vsto.Msi.x64 (HKLM-x32\...\{C126CCCF-0F4C-4671-99D3-32B130945018}) (Version: 15.0.26309 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tales from the Borderlands (HKLM\...\Steam App 330830) (Version:  - Telltale Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.81460 - TeamViewer)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Secret of Monkey Island: Special Edition (HKLM\...\Steam App 32360) (Version:  - LucasArts)
The Surge Demo (HKLM\...\Steam App 646690) (Version:  - Deck13)
The Witcher 3 - Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.30.0.0 - GOG.com)
Tom Clancy's The Division Trial (HKLM\...\Steam App 588220) (Version:  - Massive Entertainment)
Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)
Train Valley (HKLM\...\Steam App 353640) (Version:  - Alexey Davydov)
TypeScript Power Tool (HKLM-x32\...\{F0B4CA92-9642-4BE6-8449-A786AD4FA628}) (Version: 2.2.3.0 - Microsoft Corporation) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity (HKLM-x32\...\Unity) (Version: 2017.1.0f3 - Unity Technologies ApS)
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{315BBDA9-CE84-D465-59F8-B9C765D953AC}) (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{4E8F20FD-6BC7-B65C-D4F2-5D7CEDE3352E}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{ADD45F52-630A-4F45-8879-A8DB80DF921B}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{233B73D9-650E-9CEC-1002-767C916C1B61}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{919D63C5-565C-F1C3-67D9-353FE902EF11}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{F4E7226B-6A1C-F4D6-1109-6E1CD5B3E633}) (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0AAB833E-034D-430B-D3E4-39C5753B14AC}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{D29934EC-24B6-0F5D-C6BB-E9ECCF220C12}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{2410D879-0C8F-B254-C207-455E119075B6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{485209AE-37CE-2208-59CB-7BB59AA85BE7}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6AFD985C-21B7-8F2D-86B2-19A0563A1195}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{AF5B9C51-F99A-59CC-70F5-214E9B535EE3}) (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{F2EB74A7-148A-8DC9-82A5-B5A88093EEC4}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{F48A9651-9D00-4D94-810E-8738A41F16C2}) (Version: 14.10.25008 - Microsoft Corporation) Hidden
video2brain Desktop App (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\bfe81a058ff573be) (Version: 1.3.2.87 - Lynda.com)
VMware Player (HKLM\...\{E5DF3245-80CF-48E8-AE2F-22D4D2DDD805}) (Version: 12.5.7 - VMware, Inc.)
VS Immersive Activate Helper (HKLM-x32\...\{D8A4EA2B-1A97-45A5-BF96-7493183F8524}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{2901E697-0E9C-404B-B7D0-6E2D43F64CE5}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{3B64C68E-14E0-4214-A53D-502E9FBD32E7}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS WCF Debugging (HKLM\...\{9E1EF6F7-ED70-4BD8-A1AE-83C5DEF0DA91}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{1070C8E8-4DFB-419F-984A-5C835828897E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{B9F4AA09-F4AC-4108-ADA0-27CDD45FCEC3}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{AEF5E0F2-31D1-454A-A992-C523C0007B4D}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{DE8B48BF-82B9-434A-B254-1EA2306E5FBA}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{B3988EC1-015B-4A61-A323-BCCCDD218E4F}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{F3217611-B414-4A3A-81BF-6A3A4DB7E743}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{D4DCEC6A-BC59-43D5-866A-AB057E64F73F}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{497A5ACE-DA03-4412-A110-910B2C450720}) (Version: 15.0.26424 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{37968509-8B79-4E9A-85D1-6AA39DA2211A}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{D396CF10-5F2B-417D-9571-0B669B99440E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{A32A9CF6-E7AA-48B8-A3D3-50C157E69F53}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Web Companion (HKLM-x32\...\{538ef96b-90a3-4657-9da0-d6b4857d141e}) (Version: 2.4.1558.3001 - Lavasoft)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
WinAppDeploy (HKLM-x32\...\{80859F5A-D13C-AB8E-4659-B630CFE2599D}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{C9966D24-DB2F-8514-EAA3-BEED85F3E166}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{30DCCFB4-068F-4C5C-BC10-5ECDCAEE55D4}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.795 (HKLM-x32\...\{5eb6fbea-73ee-4a8e-9042-110704768d7f}) (Version: 10.1.14393.795 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.15063.137 (HKLM-x32\...\{a07b4a01-ca27-4e28-9353-f325a308f128}) (Version: 10.1.15063.137 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{45B6202F-A716-C68A-199E-43B106B56A7E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{A249F631-CEBC-EDCB-4C49-700E551E66CA}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{357D0CD4-8B72-8D65-7015-81DFB2BF9150}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E71CB7F1-3E88-4450-1764-B3CC1E205C4A}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3E5375A1-0E4C-34E3-6294-C1C8BDA823E4}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{C49E6FDA-8196-0CAF-2CDD-CF1B0F4EA5AD}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{33D11371-82A5-852B-CDE2-5528CE406151}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E2F78B92-04DE-5350-14C0-7C281BF87D9E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{6CE744AE-7E0F-00AF-F1BD-077D9AFCBEC6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{FB431EE2-C835-6DE9-8DC3-C8FCDE028FE0}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{81A0EC8C-9462-BC98-0E5C-301DD7A46792}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FB82399D-9C48-9AF5-DCA1-CFE61BCA70A6}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{23909757-D6F0-7F7C-BD34-7E72BA9BD59C}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{FAD08838-3937-0F6C-8787-FDFDFBF63502}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D089A695-49F0-D3B2-0EBF-2BBC33A05CD6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D3A337CD-EA32-F4BA-03FA-825903190C92}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (HKLM-x32\...\{74B9E6F9-1793-4E90-22A1-A42254D04453}) (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (HKLM-x32\...\{1EE3550B-B5FB-B866-C153-1C609FBC1E89}) (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Workflow Manager Client 1.0 (HKLM\...\{47E0F408-748D-488D-8FA5-B8953E248A4C}) (Version: 2.1.10217.1 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{21A5C0D0-F524-4B52-99E6-C37FB90CC93D}) (Version: 2.1.10202.0 - Microsoft Corporation) Hidden
Xamarin PCL Profiles v1.0.9 (HKLM-x32\...\{5E6844AB-A867-419C-A376-B12B574AA5F7}) (Version: 1.0.9.0 - Xamarin) Hidden
Xamarin Workbooks and Inspector (HKLM-x32\...\{4C9771FB-6EB6-4E89-A2BE-BDE8B61C1BEC}) (Version: 1.2.2.9000 - Xamarin) Hidden
Xamarin.Bonjour v1.0.13 (HKLM-x32\...\{32B2DF61-DE93-4AF9-A7A6-79B03299A0AA}) (Version: 1.0.13.0 - Xamarin) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.30-1 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => D:\VMware Player\vmdkShellExt.dll [2017-06-19] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => D:\VMware Player\x64\vmdkShellExt64.dll [2017-06-19] (VMware, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-03-17] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-05-18] (NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0705D555-9EEF-444E-A49E-5379C0505D04} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {2C6D43EE-D3C0-4CF1-8592-364D382A7295} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {3E8173B6-8945-49DE-A5D0-74D6F073D8E7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
Task: {3FAAD68A-30BB-4EC6-B141-B9A5F4E1D98B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-30] (Google Inc.)
Task: {400FF4D9-6428-40DB-B1E2-E7EEA9579141} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {509D6CF5-AF11-43DB-B041-369F30BA13F8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-19] ()
Task: {53B82A94-93C9-4E86-A369-010BEBB34C03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-30] (Google Inc.)
Task: {90F5977B-DBB0-48F5-95BF-A1D863347496} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {9BAC65C3-48E7-4881-AE5B-DBD1C66538BA} - System32\Tasks\avastBCLS-1-5-21-2980919159-2059370-3087206838-1001 => C:\Users\jdhel\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [2016-06-27] (AVAST Software)
Task: {BB1A1B0B-4159-42FA-962F-ED23E55706F8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-19] ()
Task: {D5ED925F-D8E2-40A4-9076-219A45CF5AB1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-09-19] (Microsoft Corporation)
Task: {D88009D0-D513-40C7-9EE9-053D5AE71458} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {DB0C295B-BA1E-48CC-9405-BBC18DC5C3D2} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-09-10] (Overwolf LTD)
Task: {E417DAE6-C8B3-4262-BE2F-2B7AA1BE939C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {E5FF1921-B082-4234-84BA-347DCF1876DB} - System32\Tasks\avast! BCU UpdateS-1-5-21-2980919159-2059370-3087206838-1001 => C:\Users\jdhel\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe [2015-03-18] (AVAST Software)
Task: {E9E5C8CF-EB01-47F5-B7F7-BDC58F7CE4AB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {F58C44D2-144E-4F3C-B495-B8BFCFEF3717} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {FD6C48DE-8088-4CB5-8946-C95526C94BB2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\jdhel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Xdebug.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=nhodjblplijafdpjjfhhanfmchplpfgl

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-05-30 13:22 - 2017-06-21 09:07 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-06-26 11:44 - 2005-04-22 06:36 - 000143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-07-19 18:18 - 2017-07-19 18:18 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-23 10:08 - 2017-08-23 10:08 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-23 10:08 - 2017-08-23 10:08 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-23 10:08 - 2017-08-23 10:08 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-23 10:08 - 2017-08-23 10:08 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-09-18 15:09 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-09-18 15:09 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2017-09-19 10:09 - 2017-09-12 14:43 - 000021848 _____ () F:\Origin\QtWebEngineProcess.exe
2017-09-18 15:39 - 2017-09-18 15:39 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.21.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-09-18 15:39 - 2017-09-18 15:39 - 010634752 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-09-18 15:39 - 2017-09-18 15:39 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.21.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-09-18 15:38 - 2017-09-18 15:39 - 000020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-09-18 15:38 - 2017-09-18 15:39 - 029621760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-08-17 10:21 - 2017-08-17 10:21 - 000358912 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-08-17 10:21 - 2017-08-17 10:21 - 002536448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-09-18 15:38 - 2017-09-18 15:39 - 020305920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-08-17 10:21 - 2017-08-17 10:21 - 002415104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-09-18 15:38 - 2017-09-18 15:38 - 003028992 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-05-30 13:40 - 2017-05-30 13:40 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-15 14:08 - 2017-06-15 14:09 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-08-17 10:21 - 2017-08-17 10:21 - 001370112 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-30 13:22 - 2017-06-21 09:07 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-19 10:09 - 2017-08-14 21:29 - 000015360 _____ () F:\Origin\libEGL.DLL
2017-09-19 10:09 - 2017-08-14 21:29 - 003090944 _____ () F:\Origin\libGLESv2.dll
2017-08-15 14:19 - 2017-09-19 10:06 - 071818864 _____ () C:\Users\jdhel\AppData\Roaming\Spotify\libcef.dll
2017-06-26 11:44 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-09-10 10:34 - 2017-09-10 10:34 - 071940936 _____ () C:\Program Files (x86)\Overwolf\0.107.36.0\libcef.DLL
2017-05-30 13:22 - 2017-06-21 09:06 - 066837112 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000507968 _____ () F:\GOG Galaxy\PocoUtil.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 001076800 _____ () F:\GOG Galaxy\PocoNet.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 001854528 _____ () F:\GOG Galaxy\PocoData.dll
2017-05-30 13:39 - 2017-05-22 19:20 - 053018112 _____ () F:\GOG Galaxy\libcef.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000393280 _____ () F:\GOG Galaxy\PocoDataSQLite.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 001589312 _____ () F:\GOG Galaxy\PocoFoundation.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000307776 _____ () F:\GOG Galaxy\PocoNetSSL.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000330816 _____ () F:\GOG Galaxy\PocoJSON.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000130112 _____ () F:\GOG Galaxy\xdelta3.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000104000 _____ () F:\GOG Galaxy\zlib.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000520768 _____ () F:\GOG Galaxy\PocoXML.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000272448 _____ () F:\GOG Galaxy\PocoZip.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000425536 _____ () F:\GOG Galaxy\pcre.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000680000 _____ () F:\GOG Galaxy\sqlite.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000157760 _____ () F:\GOG Galaxy\PocoCrypto.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000152128 _____ () F:\GOG Galaxy\expat.dll
2012-11-27 09:10 - 2012-11-27 09:10 - 000107212 _____ () C:\Program Files (x86)\GtkSharp\2.12\bin\ZLIB1.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 001589312 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoFoundation.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000330816 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoJSON.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000104000 _____ () C:\ProgramData\GOG.com\Galaxy\redists\zlib.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000507968 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoUtil.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000520768 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoXML.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000425536 _____ () C:\ProgramData\GOG.com\Galaxy\redists\pcre.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000152128 _____ () C:\ProgramData\GOG.com\Galaxy\redists\expat.dll
2017-07-19 18:18 - 2017-07-19 18:18 - 000073384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2017-05-30 13:39 - 2017-05-22 19:20 - 001738752 _____ () F:\GOG Galaxy\libglesv2.dll
2017-05-30 13:39 - 2017-05-22 19:20 - 000078848 _____ () F:\GOG Galaxy\libegl.dll
2017-08-15 14:19 - 2017-09-19 10:06 - 002969200 _____ () C:\Users\jdhel\AppData\Roaming\Spotify\libglesv2.dll
2017-08-15 14:19 - 2017-09-19 10:06 - 000086640 _____ () C:\Users\jdhel\AppData\Roaming\Spotify\libegl.dll
2017-09-10 10:34 - 2017-09-10 10:34 - 002945864 _____ () C:\Program Files (x86)\Overwolf\0.107.36.0\libglesv2.dll
2017-09-10 10:34 - 2017-09-10 10:34 - 000086344 _____ () C:\Program Files (x86)\Overwolf\0.107.36.0\libegl.dll
2017-09-18 14:25 - 2017-08-04 23:19 - 000678176 _____ () F:\Steam\SDL2.dll
2017-05-30 13:39 - 2016-09-01 03:02 - 004969248 _____ () F:\Steam\v8.dll
2017-09-18 14:25 - 2017-09-07 06:51 - 002505504 _____ () F:\Steam\video.dll
2017-05-30 13:39 - 2016-09-01 03:02 - 001195296 _____ () F:\Steam\icuuc.dll
2017-05-30 13:39 - 2016-09-01 03:02 - 001563936 _____ () F:\Steam\icui18n.dll
2017-05-30 13:39 - 2016-01-27 09:49 - 000491008 _____ () F:\Steam\libavformat-56.dll
2017-05-30 13:39 - 2016-01-27 09:49 - 002549760 _____ () F:\Steam\libavcodec-56.dll
2017-05-30 13:39 - 2016-01-27 09:49 - 000332800 _____ () F:\Steam\libavresample-2.dll
2017-05-30 13:39 - 2016-01-27 09:49 - 000442880 _____ () F:\Steam\libavutil-54.dll
2017-05-30 13:39 - 2016-01-27 09:49 - 000485888 _____ () F:\Steam\libswscale-3.dll
2017-09-18 14:25 - 2017-09-07 06:51 - 000885024 _____ () F:\Steam\bin\chromehtml.DLL
2017-05-30 13:39 - 2016-07-05 00:17 - 000266560 _____ () F:\Steam\openvr_api.dll
2017-06-14 15:20 - 2017-05-17 03:54 - 000678176 _____ () F:\Steam\bin\cef\cef.win7\SDL2.dll
2017-09-18 14:25 - 2017-07-18 00:50 - 073115424 _____ () F:\Steam\bin\cef\cef.win7\libcef.dll
2017-05-30 13:39 - 2015-09-25 01:52 - 000119208 _____ () F:\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:D442BE9A [137]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2980919159-2059370-3087206838-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jdhel\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{004FCDCA-A245-439F-9DFB-7B9D5502F35E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AA140E75-6469-4E3E-9E83-E89A8BC5CAB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5436401D-E9BF-4BAD-8CFA-77D24094F7E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F1181298-0FD5-4848-A4EB-E6898A4594B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{417A59A3-AD00-4DDF-B116-3413060EADE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C9EC1317-3194-462C-A6AF-C73156E99C8B}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{02540D02-E567-4BF3-8032-29FE59DFA591}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{83182763-A44D-452A-BE34-CA5B0F43F4ED}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{50302696-709A-45C6-A367-07844AE7B47A}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{0E9B569E-CC8C-41FE-AFAD-513760C15501}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{843CCE53-F689-4076-97C5-F5125E778536}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{0ABB9C53-7238-41EA-891F-2C3F2D31AAE6}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{D79958D6-63E3-42C8-945E-8ACADD737832}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{924BECE6-A673-497A-806F-76E23D020DF3}] => (Allow) LPort=12292
FirewallRules: [{86AF7108-6BFD-4113-B7DD-BE4002E3D747}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [{251A6A87-3CCB-41B0-A7B9-A4DABA198B57}] => (Allow) F:\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{C5FC6FD7-608E-4D8F-98FF-BFFF601B214E}] => (Allow) F:\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{32AC4507-A82A-4E27-93B7-7DB18A6A9F68}] => (Allow) F:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{D17CE7F5-8764-4C03-B914-A7A35BB835F9}] => (Allow) F:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{0E6D2765-B4E6-4DD7-9C9E-A6CCB710E299}] => (Allow) F:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{5486CC24-AAF5-4544-AF0C-B65C2E68BF2B}] => (Allow) F:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{240F64AB-F185-4B81-BD43-733CBCE70846}] => (Allow) F:\Final Fantasy 14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{794E0C1A-7297-4DB6-9B35-F81B2D15661E}] => (Allow) F:\Final Fantasy 14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{47D4597B-DD2F-4097-9B9D-ED2C37778938}] => (Allow) F:\Final Fantasy 14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{AEB80472-FCA6-4793-961D-B19CCE898551}] => (Allow) F:\Final Fantasy 14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{DFE9E496-A4FD-4CCA-ABE0-B94043977FC5}] => (Allow) F:\Steam\steamapps\common\The Secret of Monkey Island Special Edition\MISE.exe
FirewallRules: [{C6DB7AEC-4CAD-44AC-A906-81DCE1D8B56A}] => (Allow) F:\Steam\steamapps\common\The Secret of Monkey Island Special Edition\MISE.exe
FirewallRules: [{93D42FC9-458B-45BE-B6E0-D3769E4E69A2}] => (Allow) F:\Steam\steamapps\common\Train Valley\train-valley.exe
FirewallRules: [{EC651275-2A58-423F-A282-FBBC9341E53E}] => (Allow) F:\Steam\steamapps\common\Train Valley\train-valley.exe
FirewallRules: [{348D2673-E3E7-4153-9A5E-F4299C8E152A}] => (Allow) F:\Steam\steamapps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{A9F856B7-616C-4972-B867-C3116081E94F}] => (Allow) F:\Steam\steamapps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{84389BE9-7693-4717-A990-E3AA69FC8DE4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{C924DD4F-39F4-44EA-BA45-F325A5043708}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A6DD3F61-0DE0-43C5-B82F-706B8F6F0823}] => (Allow) F:\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{05A0E7EF-6F47-4247-A5BA-3327EBA02460}] => (Allow) F:\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{87EE706E-6B82-40BD-B9F1-19852AB0BBE5}] => (Allow) F:\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{A5D98FC5-BFC2-4969-AB09-AB376B661F75}] => (Allow) F:\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{877058CF-5E22-49E8-828A-E127833707D8}] => (Allow) C:\Users\jdhel\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{0A90664A-8821-46AD-B0BD-8CE5718C72F1}] => (Allow) F:\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{DF3BFDD4-1885-4D9B-8E77-191578F032EA}] => (Allow) F:\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{78020352-DE65-4EBA-BCF2-8D09F976A135}] => (Allow) F:\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{33472498-7FEB-4E9A-B48F-D66921083D07}] => (Allow) F:\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{EBAF8D3F-D498-49FA-8935-6FCEA3321862}] => (Allow) F:\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{48BA952F-BA71-40C5-B96A-C775213918F9}] => (Allow) C:\Users\jdhel\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{40955BFA-C4A5-43C7-97C8-187C7D211F26}] => (Allow) F:\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{00F58739-69AF-43D5-A9AC-F8E7E9BF7EAA}] => (Allow) F:\Steam\steamapps\common\Epistory\Epistory.exe
FirewallRules: [{8B0CDEBD-12D2-4346-A560-3E741B97E56C}] => (Allow) F:\Steam\steamapps\common\Epistory\Epistory.exe
FirewallRules: [TCP Query User{0969CF0F-D443-4664-83F0-C2AF0BB6E704}F:\homefront the revolution\bin64\homefront2_release.exe] => (Block) F:\homefront the revolution\bin64\homefront2_release.exe
FirewallRules: [UDP Query User{34A4271E-AC4C-4CEC-9BAC-113EFDA8CF59}F:\homefront the revolution\bin64\homefront2_release.exe] => (Block) F:\homefront the revolution\bin64\homefront2_release.exe
FirewallRules: [TCP Query User{925EC287-7203-4BA5-B230-BAF33D9278EA}F:\geteven\binaries\win64\geteven.exe] => (Block) F:\geteven\binaries\win64\geteven.exe
FirewallRules: [UDP Query User{B79DEFB8-543D-4EAD-A905-80F279542508}F:\geteven\binaries\win64\geteven.exe] => (Block) F:\geteven\binaries\win64\geteven.exe
FirewallRules: [TCP Query User{7C6EBD26-C999-4924-B7E7-087B4876466B}D:\android studio\jre\bin\java.exe] => (Allow) D:\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{D1FA7CE3-55B4-4234-A493-23CFDCDE8FA1}D:\android studio\jre\bin\java.exe] => (Allow) D:\android studio\jre\bin\java.exe
FirewallRules: [{E653B7D0-6942-4632-900E-04E291537E36}] => (Allow) F:\Steam\steamapps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{F1AF0088-CBF0-48D3-88C9-C8ADF3D9DCCE}] => (Allow) F:\Steam\steamapps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{1588F8AE-8B6A-4051-A536-C26CE6BDA104}] => (Allow) C:\Users\jdhel\Desktop\bin\BlackDesert32.exe
FirewallRules: [{E8D54AAA-B6E4-427A-9DCD-61C7BEA7ABF2}] => (Allow) C:\Users\jdhel\Desktop\bin64\BlackDesert64.exe
FirewallRules: [{200CD498-6A2F-4AA0-85A1-2BCF4F170A49}] => (Allow) C:\Users\jdhel\Desktop\BlackDesert_Launcher.exe
FirewallRules: [{D737C799-843B-4AF5-8779-FE24C50FE780}] => (Allow) C:\Users\jdhel\Desktop\BlackDesert_Downloader.exe
FirewallRules: [{AE4BF869-0F74-4FDB-9923-3C63885EAE1C}] => (Allow) F:\Secret World Legends\ClientPatcher.exe
FirewallRules: [{CD29082C-CB2B-4A3E-B178-682185D0165D}] => (Allow) F:\Secret World Legends\ClientPatcher.exe
FirewallRules: [{63D832EA-BFF7-40DB-B811-A97AEDDA9370}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{EA9C7060-524D-4AFD-8460-977A0F82A11C}F:\sniper ghost warrior 3\win_x64\sgw3.exe] => (Block) F:\sniper ghost warrior 3\win_x64\sgw3.exe
FirewallRules: [UDP Query User{10784D86-3363-45BD-9E78-2B23833C95FC}F:\sniper ghost warrior 3\win_x64\sgw3.exe] => (Block) F:\sniper ghost warrior 3\win_x64\sgw3.exe
FirewallRules: [TCP Query User{F4C1F4EB-376A-46CF-A9D9-1F329CB0D9B4}F:\secret world legends\secretworldlegendsdx11.exe] => (Allow) F:\secret world legends\secretworldlegendsdx11.exe
FirewallRules: [UDP Query User{2D61F2BA-D93B-4CE6-B665-3BCD4FF1CBED}F:\secret world legends\secretworldlegendsdx11.exe] => (Allow) F:\secret world legends\secretworldlegendsdx11.exe
FirewallRules: [TCP Query User{0A9AEDBB-489C-4089-A1BC-E8F26A646CA0}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{F7A5E478-CA6E-4922-9B22-2513E06EF493}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{5ACEACA5-3581-48A5-8076-6824F47A27F8}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{993324F9-03F3-4F22-B2B2-DDC320C18DEA}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{183030AB-E161-484D-B669-09D06951AE92}] => (Allow) F:\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{AB5A0CAC-35CF-4085-B6B6-DA5641CDA1DC}] => (Allow) F:\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [TCP Query User{CF9AB387-C8A4-4845-88E4-A0B4761C1DCA}F:\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) F:\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{5EE18318-E56D-4877-806C-DADEFD84BC98}F:\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) F:\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [{BCCE67EF-0CC8-455F-A80C-7A29A737F620}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [{BCD3F521-C95C-4D3C-AF1B-27B0F6085C6E}] => (Allow) F:\Origin Games\Beholder\Beholder.exe
FirewallRules: [{6804F5AB-2F79-4FCA-8036-938FAF7C57D1}] => (Allow) F:\Origin Games\Beholder\Beholder.exe
FirewallRules: [{29A5BC9E-0C58-4C6A-BFA4-14983376DFA6}] => (Allow) F:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{C42ADD90-63B3-48B7-AF2B-BA0A06F30C33}] => (Allow) F:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{57605AFF-1B5D-4229-A9E0-96339F8D8849}] => (Allow) F:\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{C9060DE2-7C62-4FC4-9FE6-F70CE73DF079}] => (Allow) F:\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{43BA2CF6-3A06-424C-A2C2-D5B2BE7D75BC}] => (Allow) F:\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{B5F1068E-5300-4203-9111-F8FE7F4051F9}] => (Allow) F:\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{5117CEC4-A602-49E1-8C43-3ADABB643DB9}] => (Allow) F:\Steam\steamapps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{A988E0E0-58D3-4916-9B4D-C1EE7FED539D}] => (Allow) F:\Steam\steamapps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{C041F8EC-6EF9-405D-97FE-99DA573B5F99}] => (Allow) F:\Steam\steamapps\common\Oceanhorn\Oceanhorn.exe
FirewallRules: [{D048DC1A-A874-43AA-B457-AF6C27D8FB41}] => (Allow) F:\Steam\steamapps\common\Oceanhorn\Oceanhorn.exe
FirewallRules: [{621A0944-D32C-4FEA-9F07-EBBFFC8DE125}] => (Allow) D:\VMware Player\vmware-authd.exe
FirewallRules: [{4E8E77AA-5139-468A-B37F-BFBF81DF4547}] => (Allow) D:\VMware Player\vmware-authd.exe
FirewallRules: [TCP Query User{87318F7A-2108-4B6C-A946-72A534F50BE1}C:\users\jdhel\desktop\licenceserver(v1.3)\intellijidealicenseserver_windows_amd64.exe] => (Allow) C:\users\jdhel\desktop\licenceserver(v1.3)\intellijidealicenseserver_windows_amd64.exe
FirewallRules: [UDP Query User{B3764592-2F7E-4BA9-A7B3-12F098394BFE}C:\users\jdhel\desktop\licenceserver(v1.3)\intellijidealicenseserver_windows_amd64.exe] => (Allow) C:\users\jdhel\desktop\licenceserver(v1.3)\intellijidealicenseserver_windows_amd64.exe
FirewallRules: [TCP Query User{ADCF09CD-B453-4522-9F92-0E83C21C95A3}F:\kingdoms of amalur - reckoning\reckoning.exe] => (Block) F:\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [UDP Query User{3BFB40B2-A6D6-41D9-939D-0E770E16C1AF}F:\kingdoms of amalur - reckoning\reckoning.exe] => (Block) F:\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [{8B6147F7-851A-409C-8E92-F771F184A002}] => (Allow) F:\Steam\steamapps\common\The Surge\bin\TheSurgeDemo.exe
FirewallRules: [{63CFC8D9-C8DD-4177-BE5B-865A91B7B7F2}] => (Allow) F:\Steam\steamapps\common\The Surge\bin\TheSurgeDemo.exe
FirewallRules: [TCP Query User{3A769CDC-3401-4EA5-BBA6-4004CF415DC7}D:\unity\editor\unity.exe] => (Block) D:\unity\editor\unity.exe
FirewallRules: [UDP Query User{7D9CECF6-3AC6-4345-BADB-35A250173BB8}D:\unity\editor\unity.exe] => (Block) D:\unity\editor\unity.exe
FirewallRules: [TCP Query User{144D0C23-51B7-4872-A608-50E7BF622284}D:\unity\monodevelop\bin\monodevelop.exe] => (Block) D:\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{2AEE29B1-DC8E-41A4-80A5-5C675551CC76}D:\unity\monodevelop\bin\monodevelop.exe] => (Block) D:\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [{6EE723DD-3D2E-46DA-BF05-8CF43579C106}] => (Allow) F:\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{242C9B44-2122-4156-A68D-9EB481D6195D}] => (Allow) F:\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [TCP Query User{6A44C0CA-2953-4A22-A05C-2633CDCCC933}F:\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) F:\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{FDE7229D-9DF8-4CB6-8C3A-A5FFEC3DA266}F:\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) F:\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{286AD45D-89AB-4897-9E46-8FD58736AF1B}] => (Allow) F:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{5B32A09F-8A82-4B96-8C7E-F3507D2761A4}] => (Allow) F:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{8D259664-13B1-45B9-9381-C058FD1523CD}] => (Allow) F:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{914E1B1C-FA15-40DA-BAC4-C3B9C948EBC1}] => (Allow) F:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{F3183031-D370-4B45-BBF0-02ED6CBBED50}] => (Allow) F:\Steam\steamapps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{2E2CA662-54B1-4214-ADC5-3A815050D506}] => (Allow) F:\Steam\steamapps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{E7B03470-C2C2-4B66-99B2-27C2B1A63D1C}] => (Allow) F:\Steam\steamapps\common\CrossCode\crosscode-beta.exe
FirewallRules: [{0E7C91E8-B21D-464C-98DF-5FE31C12BE21}] => (Allow) F:\Steam\steamapps\common\CrossCode\crosscode-beta.exe
FirewallRules: [{FB18FA19-8D98-4F8B-A613-8169EA83DC66}] => (Allow) F:\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{6DAAD9BE-962C-45CC-9311-0700D8B06EC0}] => (Allow) F:\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [TCP Query User{DC7C52A8-D8F9-47D5-A957-3EF05C28B530}C:\users\jdhel\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jdhel\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7FF0909F-735C-43B9-9D7B-4DED3FE03ED9}C:\users\jdhel\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jdhel\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{0AE28B67-4BBE-447B-A69B-7276D3B05473}F:\der herr der ringe online\lotroclient.exe] => (Allow) F:\der herr der ringe online\lotroclient.exe
FirewallRules: [UDP Query User{DB0C7199-2BCA-465D-9AF1-006378D79980}F:\der herr der ringe online\lotroclient.exe] => (Allow) F:\der herr der ringe online\lotroclient.exe
FirewallRules: [{2DFD451C-3E09-4E1E-91B0-83C872B347C8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{466971BE-943E-4F25-95A6-C467FD187B5F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{51454DC2-FA9D-4AD6-9CA1-1CFF021135E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{338F3D6C-2E1D-4C54-BCBC-58CC2E79C9D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{CA834526-4BD5-4A3A-A20C-1CF707559585}C:\users\jdhel\appdata\local\vavoo\vavoo.exe] => (Allow) C:\users\jdhel\appdata\local\vavoo\vavoo.exe
FirewallRules: [UDP Query User{BF0EDB62-D791-4EBA-A7F9-645B94EAAFD0}C:\users\jdhel\appdata\local\vavoo\vavoo.exe] => (Allow) C:\users\jdhel\appdata\local\vavoo\vavoo.exe
FirewallRules: [TCP Query User{891EC8D0-2504-4754-A1DD-9C975E8D1DDC}C:\users\jdhel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jdhel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C2748AFB-52C7-4F70-8838-ECD80C0BC47F}C:\users\jdhel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jdhel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D6D1835D-BDC6-4C8D-B221-FC411D20A57A}] => (Allow) F:\Origin Games\Renegade\RenegadeLauncher.exe
FirewallRules: [{DBADE937-EA2D-4980-A060-D2C39C6891F7}] => (Allow) F:\Origin Games\Renegade\RenegadeLauncher.exe
FirewallRules: [{ADF359D0-D246-4ABF-BDF5-5F1BC1EAA95E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{22CBFC1C-9946-475C-8E40-B04CE8D756EE}F:\yonder the cloud catcher chronicles\yonderccc.exe] => (Block) F:\yonder the cloud catcher chronicles\yonderccc.exe
FirewallRules: [UDP Query User{767C780F-B8BF-446F-8F45-752140861616}F:\yonder the cloud catcher chronicles\yonderccc.exe] => (Block) F:\yonder the cloud catcher chronicles\yonderccc.exe
FirewallRules: [{C9620D38-57D6-4335-89B6-545E491E5DC2}] => (Allow) F:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{457CA3CE-2082-4738-8705-F18456C17058}] => (Allow) F:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{FDF1E271-0B6E-4638-8C55-1FD9B4C5DA7E}C:\users\jdhel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jdhel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E74D6803-3289-43CA-9712-F0060EE78E47}C:\users\jdhel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jdhel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6B269E07-FF02-4799-902A-4C427806752F}] => (Allow) F:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{41C87949-2F93-4567-8C8B-FAF36EC1F7D6}] => (Allow) F:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [TCP Query User{F9503B7D-599D-4E5E-B6CC-B07BE63A3928}F:\kingdoms of amalur - reckoning\reckoning.exe] => (Block) F:\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [UDP Query User{7E46AF22-C4B8-405C-A27C-34DFDD921843}F:\kingdoms of amalur - reckoning\reckoning.exe] => (Block) F:\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [TCP Query User{CA49B101-D935-44AD-A25E-A2BD396CA688}F:\yonder the cloud catcher chronicles\yonderccc.exe] => (Block) F:\yonder the cloud catcher chronicles\yonderccc.exe
FirewallRules: [UDP Query User{A0FDA7C7-BED0-4C04-AB7F-911C78DD45AB}F:\yonder the cloud catcher chronicles\yonderccc.exe] => (Block) F:\yonder the cloud catcher chronicles\yonderccc.exe
FirewallRules: [TCP Query User{93E91C4C-6AEF-4329-BF06-2BE83A4A8784}D:\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) D:\microsoft visual studio\2017\community\common7\ide\devenv.exe
FirewallRules: [UDP Query User{3BAE8070-15F3-4AC5-B1C2-08BDC2894A55}D:\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) D:\microsoft visual studio\2017\community\common7\ide\devenv.exe
FirewallRules: [TCP Query User{D8AB9703-3FA6-4E1B-ACB4-E96AC28885E9}D:\xampp\mercurymail\mercury.exe] => (Allow) D:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{3C99265F-71DC-40B0-A88A-A10A5410A331}D:\xampp\mercurymail\mercury.exe] => (Allow) D:\xampp\mercurymail\mercury.exe
FirewallRules: [{66C578EF-1FFF-4883-85AE-3EB76B4D711A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{607B1705-9035-4403-84F1-538EE7EEC2B3}] => (Allow) F:\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{36277266-87FE-4C30-8D26-523E602B404E}] => (Allow) F:\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe

==================== Wiederherstellungspunkte =========================

19-09-2017 10:37:38 Windows Update
19-09-2017 10:37:57 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/21/2017 09:46:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FacebookGameroom.exe, Version: 1.7.6419.39279, Zeitstempel: 0x597d6550
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2883.1553.0, Zeitstempel: 0x588c0e1e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01afc195
ID des fehlerhaften Prozesses: 0x2b8c
Startzeit der fehlerhaften Anwendung: 0x01d332ad55ea4ade
Pfad der fehlerhaften Anwendung: C:\Users\jdhel\AppData\Local\Facebook\Games\FacebookGameroom.exe
Pfad des fehlerhaften Moduls: C:\Users\jdhel\AppData\Local\Facebook\Games\libcef.dll
Berichtskennung: e554371e-59ae-44d2-baea-2dfcbaf7d1e8
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 09:46:43 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: FacebookGameroom.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 0779C195
Stapel:

Error: (09/21/2017 09:45:01 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\Windows\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/21/2017 09:45:01 AM) (Source: Perflib) (EventID: 1018) (User: )
Description: Das Zusammenstellen der Leistungsindikatorendaten vom Dienst "VMware" wurde für diese Sitzung deaktiviert, da mindestens ein Fehler von der Leistungsindikatorenbibliothek für diesen Dienst verursacht wurde. Die Fehler, die diese Aktion erzwungen haben, wurden in das Ereignisprotokoll der Anwendung geschrieben.

Error: (09/21/2017 09:45:01 AM) (Source: Perflib) (EventID: 1022) (User: )
Description: Windows kann die 64-Bit-Version der DLL für erweiterbare Leistungsindikatoren "VMware" in einer 32-Bit-Umgebung nicht öffnen. Wenden Sie sich an den Hersteller der Datei, um eine 64-Bit-Version zu erhalten. Sie können aber auch die 64-Bit-Version der DLL für erweiterbare Leistungsindikatoren öffnen, indem Sie die 64-Bit-Version der Leistungsüberwachung verwenden. Öffnen Sie den Ordner "Windows", öffnen Sie den Ordner "Syswow64", und starten Sie "Perfmon.exe", um dieses Programm zu verwenden.

Error: (09/21/2017 09:44:58 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (09/21/2017 09:44:57 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (09/21/2017 09:44:56 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\Windows\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/21/2017 09:44:52 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/21/2017 09:44:51 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.


Systemfehler:
=============
Error: (09/21/2017 10:06:31 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-3KI17HI)
Description: Ein DCOM-Server konnte nicht gestartet werden: {14286318-B6CF-49A1-81FC-D74AD94902F9}. Fehler:
"2"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding

Error: (09/21/2017 09:47:04 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet.

Error: (09/21/2017 09:45:41 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-3KI17HI)
Description: Ein DCOM-Server konnte nicht gestartet werden: {14286318-B6CF-49A1-81FC-D74AD94902F9}. Fehler:
"2"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding

Error: (09/21/2017 09:42:45 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "VMUSBArbService" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/21/2017 09:42:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (09/21/2017 09:41:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/21/2017 09:41:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/21/2017 09:41:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrYNSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/21/2017 09:41:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/21/2017 09:41:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-09-21 10:00:22.371
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:22.365
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:22.359
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:22.353
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:22.347
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:22.341
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:17.330
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:17.324
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:17.318
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:17.312
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 16262.78 MB
Verfügbarer physikalischer RAM: 11379.95 MB
Summe virtueller Speicher: 18694.78 MB
Verfügbarer virtueller Speicher: 13156.8 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:243.59 GB) (Free:107.49 GB) NTFS
Drive d: (Daten) (Fixed) (Total:465.76 GB) (Free:421.12 GB) NTFS
Drive f: (Games) (Fixed) (Total:687.37 GB) (Free:199.19 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 669F762F)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Maliko · 21.09.2017, 14:55

TDSS-Killer

Code:

ATTFilter

15:49:39.0991 0x25f4  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
15:49:39.0991 0x25f4  UEFI system
15:49:53.0896 0x25f4  ============================================================
15:49:53.0896 0x25f4  Current date / time: 2017/09/21 15:49:53.0896
15:49:53.0896 0x25f4  SystemInfo:
15:49:53.0896 0x25f4  
15:49:53.0896 0x25f4  OS Version: 10.0.15063 ServicePack: 0.0
15:49:53.0896 0x25f4  Product type: Workstation
15:49:53.0896 0x25f4  ComputerName: DESKTOP-3KI17HI
15:49:53.0896 0x25f4  UserName: jdhel
15:49:53.0896 0x25f4  Windows directory: C:\Windows
15:49:53.0896 0x25f4  System windows directory: C:\Windows
15:49:53.0896 0x25f4  Running under WOW64
15:49:53.0896 0x25f4  Processor architecture: Intel x64
15:49:53.0896 0x25f4  Number of processors: 8
15:49:53.0896 0x25f4  Page size: 0x1000
15:49:53.0896 0x25f4  Boot type: Normal boot
15:49:53.0896 0x25f4  CodeIntegrityOptions = 0x00000001
15:49:53.0896 0x25f4  ============================================================
15:49:54.0224 0x25f4  KLMD registered as C:\Windows\system32\drivers\14021734.sys
15:49:54.0224 0x25f4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
15:49:54.0383 0x25f4  System UUID: {1B87E00F-A737-52A3-4B0C-A3913E2DB8B5}
15:49:54.0670 0x25f4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:49:54.0670 0x25f4  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:49:54.0672 0x25f4  ============================================================
15:49:54.0672 0x25f4  \Device\Harddisk0\DR0:
15:49:54.0673 0x25f4  GPT partitions:
15:49:54.0673 0x25f4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {22CCAD01-B007-4355-9510-8B7E71150661}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x3A385000
15:49:54.0673 0x25f4  MBR partitions:
15:49:54.0673 0x25f4  \Device\Harddisk1\DR1:
15:49:54.0673 0x25f4  GPT partitions:
15:49:54.0695 0x25f4  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E72FA746-FA68-487C-B7A9-CD3A1FBF72ED}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
15:49:54.0695 0x25f4  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8C3BA217-8CDA-42DF-AE47-0BAD30754353}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x32000
15:49:54.0695 0x25f4  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {07CD3AEE-E1D6-41C7-9424-78E7470994C5}, Name: Microsoft reserved partition, StartLBA 0x113800, BlocksNum 0x8000
15:49:54.0695 0x25f4  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1D26D233-38E2-4605-B516-84ED66BD4223}, Name: Basic data partition, StartLBA 0x11B800, BlocksNum 0x1E72D000
15:49:54.0695 0x25f4  \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8E933EA0-3C2A-4899-AE3A-48F547836727}, Name: Basic data partition, StartLBA 0x1E848800, BlocksNum 0x55EBE000
15:49:54.0695 0x25f4  MBR partitions:
15:49:54.0695 0x25f4  ============================================================
15:49:54.0710 0x25f4  C: <-> \Device\Harddisk1\DR1\Partition4
15:49:54.0725 0x25f4  D: <-> \Device\Harddisk0\DR0\Partition1
15:49:54.0746 0x25f4  F: <-> \Device\Harddisk1\DR1\Partition5
15:49:54.0746 0x25f4  ============================================================
15:49:54.0746 0x25f4  Initialize success
15:49:54.0746 0x25f4  ============================================================
15:50:22.0359 0x0aec  ============================================================
15:50:22.0359 0x0aec  Scan started
15:50:22.0359 0x0aec  Mode: Manual; 
15:50:22.0359 0x0aec  ============================================================
15:50:22.0359 0x0aec  KSN ping started
15:50:22.0499 0x0aec  KSN ping finished: true
15:50:25.0054 0x0aec  ================ Scan system memory ========================
15:50:25.0054 0x0aec  System memory - ok
15:50:25.0055 0x0aec  ================ Scan services =============================
15:50:25.0189 0x0aec  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
15:50:25.0195 0x0aec  1394ohci - ok
15:50:25.0207 0x0aec  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\Windows\system32\drivers\3ware.sys
15:50:25.0210 0x0aec  3ware - ok
15:50:25.0253 0x0aec  [ AC251B31370C1E00F577928260B8939F, D60946F1C43A8C2B9C989A1E259FDA44055F94766615F344CF8E28A7F104BC70 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:50:25.0262 0x0aec  ACPI - ok
15:50:25.0272 0x0aec  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\Windows\System32\drivers\AcpiDev.sys
15:50:25.0272 0x0aec  AcpiDev - ok
15:50:25.0287 0x0aec  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
15:50:25.0288 0x0aec  acpiex - ok
15:50:25.0303 0x0aec  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
15:50:25.0303 0x0aec  acpipagr - ok
15:50:25.0325 0x0aec  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
15:50:25.0325 0x0aec  AcpiPmi - ok
15:50:25.0328 0x0aec  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\Windows\System32\drivers\acpitime.sys
15:50:25.0328 0x0aec  acpitime - ok
15:50:25.0346 0x0aec  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
15:50:25.0358 0x0aec  ADP80XX - ok
15:50:25.0390 0x0aec  [ 5A6D591D56791BA63CE73FCAD60D89A1, 7467E40EF0653A1A09CFD28A1EF8B75052D010E42C32F2E8B60B98ED87092CE1 ] AFD             C:\Windows\system32\drivers\afd.sys
15:50:25.0397 0x0aec  AFD - ok
15:50:25.0415 0x0aec  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
15:50:25.0417 0x0aec  ahcache - ok
15:50:25.0446 0x0aec  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\Windows\System32\AJRouter.dll
15:50:25.0447 0x0aec  AJRouter - ok
15:50:25.0465 0x0aec  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\Windows\System32\alg.exe
15:50:25.0466 0x0aec  ALG - ok
15:50:25.0471 0x0aec  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
15:50:25.0473 0x0aec  AmdK8 - ok
15:50:25.0478 0x0aec  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
15:50:25.0480 0x0aec  AmdPPM - ok
15:50:25.0483 0x0aec  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:50:25.0484 0x0aec  amdsata - ok
15:50:25.0490 0x0aec  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:50:25.0493 0x0aec  amdsbs - ok
15:50:25.0496 0x0aec  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:50:25.0497 0x0aec  amdxata - ok
15:50:25.0501 0x0aec  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\Windows\system32\drivers\appid.sys
15:50:25.0503 0x0aec  AppID - ok
15:50:25.0522 0x0aec  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:50:25.0523 0x0aec  AppIDSvc - ok
15:50:25.0552 0x0aec  [ 43116A8BCA28D336205D539EAAE200C6, AC4783D766949770FEBAA55BD38CA0DB703944D64A4AEC8754C023807002A72B ] Appinfo         C:\Windows\System32\appinfo.dll
15:50:25.0553 0x0aec  Appinfo - ok
15:50:25.0567 0x0aec  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\Windows\system32\drivers\applockerfltr.sys
15:50:25.0567 0x0aec  applockerfltr - ok
15:50:25.0582 0x0aec  [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:50:25.0585 0x0aec  AppMgmt - ok
15:50:25.0622 0x0aec  [ 91DB5775249920FD245851E0BC97D8C4, FCB53766AB377EF2E385CD2F6D0D2CEF485C07A5EAAB68FB1C798E6264832386 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
15:50:25.0628 0x0aec  AppReadiness - ok
15:50:25.0653 0x0aec  [ E496E21BEC53F24E193CA8CFBAB6CF79, 5194D6501422AB3C2D9FB22739130D684CB5B74B353D2F7FF1B91396ABD0FD6F ] AppVClient      C:\Windows\system32\AppVClient.exe
15:50:25.0662 0x0aec  AppVClient - ok
15:50:25.0674 0x0aec  [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm        C:\Windows\system32\drivers\AppvStrm.sys
15:50:25.0675 0x0aec  AppvStrm - ok
15:50:25.0695 0x0aec  [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr       C:\Windows\system32\drivers\AppvVemgr.sys
15:50:25.0697 0x0aec  AppvVemgr - ok
15:50:25.0702 0x0aec  [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs         C:\Windows\system32\drivers\AppvVfs.sys
15:50:25.0703 0x0aec  AppvVfs - ok
15:50:25.0764 0x0aec  [ BFFD13AC0E8D9B044B4D41E09C3E6991, FD1EB0785F79477D0ADF43976DC3FE8721615C9B98DEE693694F037E490EA92D ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
15:50:25.0797 0x0aec  AppXSvc - ok
15:50:25.0804 0x0aec  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:50:25.0806 0x0aec  arcsas - ok
15:50:25.0846 0x0aec  [ 6FCFBDF7D820CEB7426D988FA6E3DBA2, BC5C0564AB565F911FC99AD3D8C8FDA61E73BA4387CAAE3AE172DD443C56E617 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:50:25.0847 0x0aec  aspnet_state - ok
15:50:25.0850 0x0aec  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
15:50:25.0850 0x0aec  AsyncMac - ok
15:50:25.0881 0x0aec  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\Windows\system32\drivers\atapi.sys
15:50:25.0882 0x0aec  atapi - ok
15:50:25.0899 0x0aec  [ 329F315D04B64BC185A59FE17A2AD6CE, B9721AD1641E3E96D1C07294884506EBED5D05921A9F9FC263711C28AD040693 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
15:50:25.0905 0x0aec  AudioEndpointBuilder - ok
15:50:25.0935 0x0aec  [ 67ADB26CC1B504E9566B9106277DE92B, AF137C9FE9B3A231C7662F2E59EF12482396CFD8AC020DF6BDBFDD9A1209A98D ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:50:25.0950 0x0aec  Audiosrv - ok
15:50:25.0963 0x0aec  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:50:25.0964 0x0aec  AxInstSV - ok
15:50:25.0988 0x0aec  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:50:25.0995 0x0aec  b06bdrv - ok
15:50:26.0006 0x0aec  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
15:50:26.0006 0x0aec  BasicDisplay - ok
15:50:26.0034 0x0aec  [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
15:50:26.0035 0x0aec  BasicRender - ok
15:50:26.0047 0x0aec  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
15:50:26.0047 0x0aec  bcmfn2 - ok
15:50:26.0059 0x0aec  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:50:26.0064 0x0aec  BDESVC - ok
15:50:26.0066 0x0aec  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:50:26.0067 0x0aec  Beep - ok
15:50:26.0134 0x0aec  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\Windows\System32\bfe.dll
15:50:26.0143 0x0aec  BFE - ok
15:50:26.0240 0x0aec  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\Windows\System32\qmgr.dll
15:50:26.0266 0x0aec  BITS - ok
15:50:26.0318 0x0aec  [ 10EF2AD7903A91798A36ED7467622C7E, E4983CFD71AF0FAC38671E26FB47F7BFE93CA797C7FB2626BF2BA2B3DB49873B ] Bonjour Service C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
15:50:26.0323 0x0aec  Bonjour Service - ok
15:50:26.0336 0x0aec  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:50:26.0342 0x0aec  bowser - ok
15:50:26.0393 0x0aec  [ 06373FF017097FD40D60219980871FA0, 9366823AA3C248DD06FBFA237DCFDB2A9B7F93BA7115D235792DD81DDDA79C1F ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
15:50:26.0412 0x0aec  BrokerInfrastructure - ok
15:50:26.0421 0x0aec  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\Windows\System32\browser.dll
15:50:26.0423 0x0aec  Browser - ok
15:50:26.0462 0x0aec  [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
15:50:26.0465 0x0aec  BrYNSvc - ok
15:50:26.0514 0x0aec  [ 2849EE39189253B8CACD8F013C5E9D10, 75B60DAA23AFB71203AAC7A6738486F39A7F913B7A3B10D289C1075D62DA42C0 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
15:50:26.0525 0x0aec  BstHdLogRotatorSvc - ok
15:50:26.0548 0x0aec  [ 7DB8EE09821A6D81A19A6591C9B8AA3A, 0A9A826560884F95D64BDC8A2076AE33FB718A3A59C0BBEC48E48A5FB907ACA4 ] BstkDrv         C:\Program Files (x86)\BlueStacks\BstkDrv.sys
15:50:26.0552 0x0aec  BstkDrv - ok
15:50:26.0603 0x0aec  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
15:50:26.0605 0x0aec  BthAvrcpTg - ok
15:50:26.0651 0x0aec  [ E1E55BA45510B2B0309E2C77ABEB1BFE, EA7BDEC354190F1033B14847606220D414C1A52C938C9327A4765032D28B6960 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
15:50:26.0655 0x0aec  BthHFEnum - ok
15:50:26.0673 0x0aec  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
15:50:26.0674 0x0aec  bthhfhid - ok
15:50:26.0715 0x0aec  [ 47D2C4722BF3C7340B475B386AA8D78D, 045F63F8E2E222E192880EDDC4B54C3741F42ED9C13322678BE2AAF28BB240CD ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
15:50:26.0726 0x0aec  BthHFSrv - ok
15:50:26.0733 0x0aec  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
15:50:26.0735 0x0aec  BTHMODEM - ok
15:50:26.0767 0x0aec  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\Windows\system32\bthserv.dll
15:50:26.0771 0x0aec  bthserv - ok
15:50:26.0782 0x0aec  [ FF4F46CEF5ED7FDE650CA1D73D9FB663, 42B1E911793D57D148ABCB5CEC5990A62E4C8FE17F9D71951AEA3921DC6B4DE3 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
15:50:26.0784 0x0aec  buttonconverter - ok
15:50:26.0787 0x0aec  c2wts - ok
15:50:26.0804 0x0aec  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\Windows\System32\drivers\CAD.sys
15:50:26.0806 0x0aec  CAD - ok
15:50:26.0837 0x0aec  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\Windows\System32\drivers\capimg.sys
15:50:26.0840 0x0aec  CapImg - ok
15:50:26.0859 0x0aec  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:50:26.0862 0x0aec  cdfs - ok
15:50:26.0920 0x0aec  [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc          C:\Windows\System32\CDPSvc.dll
15:50:26.0935 0x0aec  CDPSvc - ok
15:50:26.0950 0x0aec  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\Windows\System32\CDPUserSvc.dll
15:50:26.0955 0x0aec  CDPUserSvc - ok
15:50:26.0999 0x0aec  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
15:50:27.0000 0x0aec  cdrom - ok
15:50:27.0025 0x0aec  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] CertPropSvc     C:\Windows\System32\certprop.dll
15:50:27.0028 0x0aec  CertPropSvc - ok
15:50:27.0034 0x0aec  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\Windows\system32\drivers\cht4sx64.sys
15:50:27.0038 0x0aec  cht4iscsi - ok
15:50:27.0097 0x0aec  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\Windows\System32\drivers\cht4vx64.sys
15:50:27.0124 0x0aec  cht4vbd - ok
15:50:27.0129 0x0aec  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\Windows\System32\drivers\circlass.sys
15:50:27.0130 0x0aec  circlass - ok
15:50:27.0134 0x0aec  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\Windows\system32\drivers\cldflt.sys
15:50:27.0134 0x0aec  CldFlt - ok
15:50:27.0167 0x0aec  [ AF0BF03C8574DD026FAF9A82A64C2D04, 363BF0C42181FA4CFBC3DB504F48496D62023F0E4A858DC8F739C08CC5AFA228 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
15:50:27.0176 0x0aec  CLFS - ok
15:50:27.0436 0x0aec  [ C9FF79CD4268FB18314B09BDE296F0AD, C113201D7FCCE9E77549402900AC910262CE99B3072DE2E04A794C3D09454BFF ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
15:50:27.0483 0x0aec  ClickToRunSvc - ok
15:50:27.0516 0x0aec  [ 6EA702AD5307947122E5C726047F0B8E, 98F22573944A69CFEDAEB79D308B703385CDFDE9C4CFBC8CDA44D837489122FE ] ClipSVC         C:\Windows\System32\ClipSVC.dll
15:50:27.0525 0x0aec  ClipSVC - ok
15:50:27.0542 0x0aec  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\Windows\System32\drivers\registry.sys
15:50:27.0542 0x0aec  clreg - ok
15:50:27.0559 0x0aec  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
15:50:27.0560 0x0aec  CmBatt - ok
15:50:27.0576 0x0aec  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\Windows\system32\Drivers\cng.sys
15:50:27.0583 0x0aec  CNG - ok
15:50:27.0586 0x0aec  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
15:50:27.0587 0x0aec  cnghwassist - ok
15:50:27.0627 0x0aec  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
15:50:27.0628 0x0aec  CompositeBus - ok
15:50:27.0630 0x0aec  COMSysApp - ok
15:50:27.0640 0x0aec  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\Windows\system32\drivers\condrv.sys
15:50:27.0640 0x0aec  condrv - ok
15:50:27.0668 0x0aec  [ 45E027357EB67E29DA732463FE0B6074, 5097151C35BD7E3B9381751AFFF01014624375A479044F761108267F6B8BFB06 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
15:50:27.0681 0x0aec  CoreMessagingRegistrar - ok
15:50:27.0754 0x0aec  [ C248D1CD850BDB079AE0B9774FA2EE79, A81A6625CC6BEA439E9654E1142061B6E4CC7AF6D83E09547D956B8C4FA411DB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:50:27.0765 0x0aec  cphs - ok
15:50:27.0785 0x0aec  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:50:27.0786 0x0aec  CryptSvc - ok
15:50:27.0801 0x0aec  [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC             C:\Windows\system32\drivers\csc.sys
15:50:27.0809 0x0aec  CSC - ok
15:50:27.0848 0x0aec  [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService      C:\Windows\System32\cscsvc.dll
15:50:27.0858 0x0aec  CscService - ok
15:50:27.0891 0x0aec  [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam             C:\Windows\system32\drivers\dam.sys
15:50:27.0893 0x0aec  dam - ok
15:50:27.0922 0x0aec  [ AA7F1C36F5BC779964CFA4F98D224D9F, 6DAF4FCE696B1D6A76E127A905C158724B13C20D2AA0F460F6C2E747E9525D98 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:50:27.0935 0x0aec  DcomLaunch - ok
15:50:27.0951 0x0aec  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:50:27.0956 0x0aec  defragsvc - ok
15:50:27.0975 0x0aec  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\Windows\system32\das.dll
15:50:27.0980 0x0aec  DeviceAssociationService - ok
15:50:28.0004 0x0aec  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
15:50:28.0007 0x0aec  DeviceInstall - ok
15:50:28.0030 0x0aec  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\Windows\System32\DevicesFlowBroker.dll
15:50:28.0037 0x0aec  DevicesFlowUserSvc - ok
15:50:28.0068 0x0aec  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
15:50:28.0069 0x0aec  DevQueryBroker - ok
15:50:28.0073 0x0aec  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
15:50:28.0075 0x0aec  Dfsc - ok
15:50:28.0091 0x0aec  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:50:28.0096 0x0aec  Dhcp - ok
15:50:28.0111 0x0aec  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
15:50:28.0112 0x0aec  diagnosticshub.standardcollector.service - ok
15:50:28.0181 0x0aec  [ 9B844411D91C9BF616D2BCD91CC20723, 78C57216B4350E0AB4957423737FEE48B04A6D3C9F6BAF1A998D0FC1BD78ED17 ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:50:28.0208 0x0aec  DiagTrack - ok
15:50:28.0213 0x0aec  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\Windows\system32\drivers\disk.sys
15:50:28.0215 0x0aec  Disk - ok
15:50:28.0262 0x0aec  [ 8BCFD0A4900E197DFA8679A13128EC79, DF09F3996F25F025E171DF3EF068BB9AC2DEC79BFCBCA5D58E9158CD7AD785B6 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
15:50:28.0270 0x0aec  DmEnrollmentSvc - ok
15:50:28.0281 0x0aec  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
15:50:28.0281 0x0aec  dmvsc - ok
15:50:28.0306 0x0aec  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
15:50:28.0308 0x0aec  dmwappushservice - ok
15:50:28.0322 0x0aec  [ 8FD84F504BFD27FA9261B33F39737E5A, EE73EDA1314680C15C22A2EC65756677E805C7F2F7C5C01543CDD3D68F96F79F ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:50:28.0326 0x0aec  Dnscache - ok
15:50:28.0343 0x0aec  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\Windows\System32\dot3svc.dll
15:50:28.0346 0x0aec  dot3svc - ok
15:50:28.0362 0x0aec  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\Windows\system32\dps.dll
15:50:28.0365 0x0aec  DPS - ok
15:50:28.0393 0x0aec  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\Windows\System32\drivers\drmkaud.sys
15:50:28.0393 0x0aec  drmkaud - ok
15:50:28.0404 0x0aec  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
15:50:28.0407 0x0aec  DsmSvc - ok
15:50:28.0418 0x0aec  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\Windows\System32\DsSvc.dll
15:50:28.0421 0x0aec  DsSvc - ok
15:50:28.0439 0x0aec  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\Windows\System32\dusmsvc.dll
15:50:28.0443 0x0aec  DusmSvc - ok
15:50:28.0492 0x0aec  [ 43693E1E7E73A8CE25E8E64F1063F26D, BA6ACA2A11D1B7A5FF93A464DF72E847988B1191A8B9BEDD2275590F7E9849A8 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:50:28.0518 0x0aec  DXGKrnl - ok
15:50:28.0529 0x0aec  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\Windows\System32\eapsvc.dll
15:50:28.0531 0x0aec  EapHost - ok
15:50:28.0600 0x0aec  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:50:28.0637 0x0aec  ebdrv - ok
15:50:28.0665 0x0aec  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] EFS             C:\Windows\System32\lsass.exe
15:50:28.0667 0x0aec  EFS - ok
15:50:28.0671 0x0aec  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
15:50:28.0672 0x0aec  EhStorClass - ok
15:50:28.0682 0x0aec  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
15:50:28.0683 0x0aec  EhStorTcgDrv - ok
15:50:28.0699 0x0aec  [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
15:50:28.0701 0x0aec  embeddedmode - ok
15:50:28.0732 0x0aec  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
15:50:28.0735 0x0aec  EntAppSvc - ok
15:50:28.0738 0x0aec  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
15:50:28.0739 0x0aec  ErrDev - ok
15:50:28.0782 0x0aec  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\Windows\system32\es.dll
15:50:28.0795 0x0aec  EventSystem - ok
15:50:28.0826 0x0aec  [ 0BF32186C3EC11315C33CC29EA8DD86C, 82B43762A5BC9C0AB7B5D1F96DC47B34700924B598070A7CCB30C92EB5EE1599 ] ew_usbccgpfilter C:\Windows\System32\drivers\ew_usbccgpfilter.sys
15:50:28.0827 0x0aec  ew_usbccgpfilter - ok
15:50:28.0841 0x0aec  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:50:28.0848 0x0aec  exfat - ok
15:50:28.0881 0x0aec  [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:50:28.0886 0x0aec  fastfat - ok
15:50:28.0909 0x0aec  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\Windows\system32\fxssvc.exe
15:50:28.0916 0x0aec  Fax - ok
15:50:28.0919 0x0aec  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\Windows\System32\drivers\fdc.sys
15:50:28.0920 0x0aec  fdc - ok
15:50:28.0926 0x0aec  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:50:28.0928 0x0aec  fdPHost - ok
15:50:28.0934 0x0aec  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:50:28.0935 0x0aec  FDResPub - ok
15:50:28.0944 0x0aec  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\Windows\system32\fhsvc.dll
15:50:28.0946 0x0aec  fhsvc - ok
15:50:28.0965 0x0aec  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
15:50:28.0966 0x0aec  FileCrypt - ok
15:50:28.0978 0x0aec  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:50:28.0979 0x0aec  FileInfo - ok
15:50:28.0981 0x0aec  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:50:28.0982 0x0aec  Filetrace - ok
15:50:28.0984 0x0aec  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
15:50:28.0985 0x0aec  flpydisk - ok
15:50:28.0992 0x0aec  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:50:28.0996 0x0aec  FltMgr - ok
15:50:29.0032 0x0aec  [ 3020F526B7E94A178D3EBF958397F7BC, DD0105BBEFFA7E1F54BC2199C7DB60F9C650D76DA36598E934F45D44BCE1DE3A ] FontCache       C:\Windows\system32\FntCache.dll
15:50:29.0053 0x0aec  FontCache - ok
15:50:29.0106 0x0aec  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:50:29.0108 0x0aec  FontCache3.0.0.0 - ok
15:50:29.0158 0x0aec  [ 58811D00A582A89B7839B4B2CE7302BE, D2B6C197BD257B462FC3E8E7A8E7C3F910282FDAA61DB00ADB64DA0698C203C7 ] FrameServer     C:\Windows\system32\FrameServer.dll
15:50:29.0180 0x0aec  FrameServer - ok
15:50:29.0193 0x0aec  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:50:29.0195 0x0aec  FsDepends - ok
15:50:29.0211 0x0aec  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:50:29.0211 0x0aec  Fs_Rec - ok
15:50:29.0245 0x0aec  [ 7C14404ADEF7D6F1D4D5346CF1849DDC, B8B44F3630A9A63F3E80D1A28BFEECC2372D75B68E25749B858EAD612FB784A4 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:50:29.0257 0x0aec  fvevol - ok
15:50:29.0330 0x0aec  [ F8B426A185DD67689BAAFACA0076274A, B2DD0896FE2D7BE89456B562F087FC5141AA83E7D969F7576D6803BE87242564 ] GalaxyClientService F:\GOG Galaxy\GalaxyClientService.exe
15:50:29.0352 0x0aec  GalaxyClientService - ok
15:50:29.0603 0x0aec  [ 7BBCFBA5CE2B7AC13BC5B3A44F1AC161, 21955A6234FF773A787DA8C3D6A5CC23231F8793AE124CA3010C43F84F649738 ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
15:50:29.0692 0x0aec  GalaxyCommunication - ok
15:50:29.0713 0x0aec  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
15:50:29.0713 0x0aec  gencounter - ok
15:50:29.0716 0x0aec  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\Windows\System32\drivers\genericusbfn.sys
15:50:29.0716 0x0aec  genericusbfn - ok
15:50:29.0725 0x0aec  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
15:50:29.0728 0x0aec  GPIOClx0101 - ok
15:50:29.0763 0x0aec  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\Windows\System32\gpsvc.dll
15:50:29.0778 0x0aec  gpsvc - ok
15:50:29.0781 0x0aec  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
15:50:29.0782 0x0aec  GpuEnergyDrv - ok
15:50:29.0824 0x0aec  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:50:29.0826 0x0aec  gupdate - ok
15:50:29.0831 0x0aec  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:50:29.0833 0x0aec  gupdatem - ok
15:50:29.0855 0x0aec  [ B23BDC42F7F8EB7A37587FA029B81ADE, 1ABE941F0FDB36CF7B6556B2124FAEDF296EB04B7789CFC8056D55C2B00B5B54 ] hcmon           C:\Windows\system32\DRIVERS\hcmon.sys
15:50:29.0858 0x0aec  hcmon - ok
15:50:29.0910 0x0aec  [ BF14976E8223D334B21792FB8B74D7FF, 0939B6605E9BCE2EC888AF3F3DA953351AB56E993B2C8BC6A6DC577D287811FD ] HdAudAddService C:\Windows\System32\drivers\HdAudio.sys
15:50:29.0924 0x0aec  HdAudAddService - ok
15:50:29.0948 0x0aec  [ 02B9639D9997E95CDF2F4C4F3BDCC73D, 612F472A72E44199E0B1ECEE6FF2836359039402212CBD26D1A1CDDAC61052A9 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
15:50:29.0949 0x0aec  HDAudBus - ok
15:50:29.0953 0x0aec  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
15:50:29.0954 0x0aec  HidBatt - ok
15:50:29.0970 0x0aec  [ 1FE8E2676CD512181F84B27EE86CE29C, C694918ABD6533C04CF1F48A0ACB279391B020B3842AB47E7F1402DCC2DBA7BB ] HidBth          C:\Windows\System32\drivers\hidbth.sys
15:50:29.0972 0x0aec  HidBth - ok
15:50:29.0976 0x0aec  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
15:50:29.0977 0x0aec  hidi2c - ok
15:50:29.0981 0x0aec  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
15:50:29.0982 0x0aec  hidinterrupt - ok
15:50:30.0013 0x0aec  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\Windows\System32\drivers\hidir.sys
15:50:30.0014 0x0aec  HidIr - ok
15:50:30.0028 0x0aec  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\Windows\system32\hidserv.dll
15:50:30.0029 0x0aec  hidserv - ok
15:50:30.0038 0x0aec  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
15:50:30.0039 0x0aec  HidUsb - ok
15:50:30.0064 0x0aec  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:50:30.0068 0x0aec  HomeGroupListener - ok
15:50:30.0091 0x0aec  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:50:30.0099 0x0aec  HomeGroupProvider - ok
15:50:30.0102 0x0aec  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:50:30.0103 0x0aec  HpSAMD - ok
15:50:30.0154 0x0aec  [ BB1AE72906564A6E81B79D73A05AE21F, 9BAC18FE0F99479E7B2AB804A0B4C286E55155A8C051CC7D20CE94798EEA0721 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:50:30.0167 0x0aec  HTTP - ok
15:50:30.0188 0x0aec  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\Windows\System32\hvhostsvc.dll
15:50:30.0190 0x0aec  HvHost - ok
15:50:30.0210 0x0aec  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\Windows\system32\drivers\hvservice.sys
15:50:30.0211 0x0aec  hvservice - ok
15:50:30.0226 0x0aec  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:50:30.0227 0x0aec  hwpolicy - ok
15:50:30.0230 0x0aec  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
15:50:30.0231 0x0aec  hyperkbd - ok
15:50:30.0234 0x0aec  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
15:50:30.0236 0x0aec  i8042prt - ok
15:50:30.0239 0x0aec  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\Windows\System32\drivers\iagpio.sys
15:50:30.0240 0x0aec  iagpio - ok
15:50:30.0243 0x0aec  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\Windows\System32\drivers\iai2c.sys
15:50:30.0244 0x0aec  iai2c - ok
15:50:30.0248 0x0aec  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
15:50:30.0249 0x0aec  iaLPSS2i_GPIO2 - ok
15:50:30.0252 0x0aec  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
15:50:30.0253 0x0aec  iaLPSS2i_GPIO2_BXT_P - ok
15:50:30.0257 0x0aec  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
15:50:30.0260 0x0aec  iaLPSS2i_I2C - ok
15:50:30.0265 0x0aec  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
15:50:30.0267 0x0aec  iaLPSS2i_I2C_BXT_P - ok
15:50:30.0270 0x0aec  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
15:50:30.0270 0x0aec  iaLPSSi_GPIO - ok
15:50:30.0274 0x0aec  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
15:50:30.0275 0x0aec  iaLPSSi_I2C - ok
15:50:30.0293 0x0aec  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
15:50:30.0301 0x0aec  iaStorAV - ok
15:50:30.0310 0x0aec  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:50:30.0314 0x0aec  iaStorV - ok
15:50:30.0324 0x0aec  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\Windows\System32\drivers\ibbus.sys
15:50:30.0330 0x0aec  ibbus - ok
15:50:30.0347 0x0aec  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\Windows\System32\tetheringservice.dll
15:50:30.0351 0x0aec  icssvc - ok
15:50:30.0496 0x0aec  [ E4E5B3C6EC025DFC8DEB31BA9EACC3F3, 44D4CEB5B4B981838CE9A969F14DAEB3E2B0AD8415FCF984194EC7DF9F514699 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:50:30.0579 0x0aec  igfx - ok
15:50:30.0631 0x0aec  [ 4548476A880376F4EA87908543F11DDB, 0E07CB97A539A536BBD1D989FB1C547686B69259D9DA83B4EF939DC9617A2DFD ] igfxCUIService2.0.0.0 C:\Windows\system32\igfxCUIService.exe
15:50:30.0644 0x0aec  igfxCUIService2.0.0.0 - ok
15:50:30.0680 0x0aec  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:50:30.0716 0x0aec  IKEEXT - ok
15:50:30.0729 0x0aec  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\Windows\System32\drivers\IndirectKmd.sys
15:50:30.0730 0x0aec  IndirectKmd - ok
15:50:30.0763 0x0aec  [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:50:30.0770 0x0aec  IntcDAud - ok
15:50:30.0795 0x0aec  [ 6A2F7D5343F7F9FD84B5F31069DB40D1, A0337E758D6E25D7BF603639F89B103700E3FA3D6478F62329FCE51C1C9B4991 ] IntelHaxm       C:\Windows\system32\DRIVERS\IntelHaxm.sys
15:50:30.0797 0x0aec  IntelHaxm - ok
15:50:30.0812 0x0aec  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:50:30.0813 0x0aec  intelide - ok
15:50:30.0831 0x0aec  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\Windows\system32\drivers\intelpep.sys
15:50:30.0832 0x0aec  intelpep - ok
15:50:30.0842 0x0aec  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
15:50:30.0845 0x0aec  intelppm - ok
15:50:30.0855 0x0aec  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\Windows\system32\drivers\iorate.sys
15:50:30.0856 0x0aec  iorate - ok
15:50:30.0860 0x0aec  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:50:30.0861 0x0aec  IpFilterDriver - ok
15:50:30.0900 0x0aec  [ 16DBEB4BBB9A79490D772F136FF9696E, C4246BAD502D333B5E76520C9F2AD09CF00719341FD9C522FD76DDBD911AE125 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:50:30.0911 0x0aec  iphlpsvc - ok
15:50:30.0916 0x0aec  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
15:50:30.0917 0x0aec  IPMIDRV - ok
15:50:30.0921 0x0aec  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:50:30.0924 0x0aec  IPNAT - ok
15:50:30.0975 0x0aec  [ 108C608A0BA68A02AFEB9208D42210BF, 40A29D197742813743A9789FA01E932D9704D19D39BDDF2D1807165B40E854AC ] IpOverUsbSvc    C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
15:50:30.0975 0x0aec  IpOverUsbSvc - ok
15:50:30.0988 0x0aec  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\Windows\System32\IpxlatCfg.dll
15:50:30.0990 0x0aec  IpxlatCfgSvc - ok
15:50:30.0994 0x0aec  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\Windows\system32\drivers\irda.sys
15:50:30.0996 0x0aec  irda - ok
15:50:30.0998 0x0aec  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:50:30.0999 0x0aec  IRENUM - ok
15:50:31.0003 0x0aec  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\Windows\System32\irmon.dll
15:50:31.0004 0x0aec  irmon - ok
15:50:31.0007 0x0aec  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:50:31.0007 0x0aec  isapnp - ok
15:50:31.0053 0x0aec  [ 618707F3F742BF67AB578808171F60EB, AC9322483A450856B60F61D0CC58380148C52451863364C6FF3A2FAB4173A7A5 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
15:50:31.0056 0x0aec  iScsiPrt - ok
15:50:31.0066 0x0aec  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
15:50:31.0067 0x0aec  kbdclass - ok
15:50:31.0080 0x0aec  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
15:50:31.0080 0x0aec  kbdhid - ok
15:50:31.0083 0x0aec  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\Windows\System32\drivers\kdnic.sys
15:50:31.0084 0x0aec  kdnic - ok
15:50:31.0091 0x0aec  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] KeyIso          C:\Windows\system32\lsass.exe
15:50:31.0093 0x0aec  KeyIso - ok
15:50:31.0122 0x0aec  [ 588332B483111CCDCA8E8AB2F239489E, EE3D633F4C013ED5166020C95A4BF6003988C629133B8CD950D9C8EBA131A484 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:50:31.0124 0x0aec  KSecDD - ok
15:50:31.0129 0x0aec  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:50:31.0131 0x0aec  KSecPkg - ok
15:50:31.0156 0x0aec  [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:50:31.0157 0x0aec  ksthunk - ok
15:50:31.0189 0x0aec  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:50:31.0194 0x0aec  KtmRm - ok
15:50:31.0217 0x0aec  [ ECFFCC67C47A86CA32D0953428699210, F5A06E82FDC092549623FD41C82B082092529808BA12339DE5B1D72B9B12072D ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:50:31.0222 0x0aec  LanmanServer - ok
15:50:31.0263 0x0aec  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:50:31.0269 0x0aec  LanmanWorkstation - ok
15:50:31.0294 0x0aec  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\Windows\System32\lfsvc.dll
15:50:31.0296 0x0aec  lfsvc - ok
15:50:31.0300 0x0aec  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
15:50:31.0302 0x0aec  LicenseManager - ok
15:50:31.0320 0x0aec  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\Windows\system32\drivers\lltdio.sys
15:50:31.0321 0x0aec  lltdio - ok
15:50:31.0332 0x0aec  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:50:31.0337 0x0aec  lltdsvc - ok
15:50:31.0366 0x0aec  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:50:31.0367 0x0aec  lmhosts - ok
15:50:31.0372 0x0aec  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:50:31.0373 0x0aec  LSI_SAS - ok
15:50:31.0377 0x0aec  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
15:50:31.0378 0x0aec  LSI_SAS2i - ok
15:50:31.0382 0x0aec  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
15:50:31.0383 0x0aec  LSI_SAS3i - ok
15:50:31.0388 0x0aec  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
15:50:31.0389 0x0aec  LSI_SSS - ok
15:50:31.0455 0x0aec  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\Windows\System32\lsm.dll
15:50:31.0466 0x0aec  LSM - ok
15:50:31.0485 0x0aec  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\Windows\system32\drivers\luafv.sys
15:50:31.0486 0x0aec  luafv - ok
15:50:31.0504 0x0aec  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\Windows\System32\moshost.dll
15:50:31.0507 0x0aec  MapsBroker - ok
15:50:31.0515 0x0aec  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\Windows\System32\drivers\mausbhost.sys
15:50:31.0525 0x0aec  mausbhost - ok
15:50:31.0533 0x0aec  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\Windows\System32\drivers\mausbip.sys
15:50:31.0536 0x0aec  mausbip - ok
15:50:31.0544 0x0aec  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\Windows\system32\drivers\megasas.sys
15:50:31.0547 0x0aec  megasas - ok
15:50:31.0551 0x0aec  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\Windows\system32\drivers\MegaSas2i.sys
15:50:31.0553 0x0aec  megasas2i - ok
15:50:31.0566 0x0aec  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\Windows\system32\drivers\megasr.sys
15:50:31.0576 0x0aec  megasr - ok
15:50:31.0600 0x0aec  [ 0AC256421B38CEF110FD2C6A22421E65, 5D8AF9775DF9A1C3BA0AF87A042621B0587CA2F36BFCACEDF10F4CDCB0F0A2AB ] MEIx64          C:\Windows\System32\drivers\TeeDriverW8x64.sys
15:50:31.0602 0x0aec  MEIx64 - ok
15:50:31.0616 0x0aec  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\Windows\System32\MessagingService.dll
15:50:31.0618 0x0aec  MessagingService - ok
15:50:31.0634 0x0aec  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
15:50:31.0645 0x0aec  mlx4_bus - ok
15:50:31.0654 0x0aec  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
15:50:31.0655 0x0aec  MMCSS - ok
15:50:31.0663 0x0aec  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\Windows\system32\drivers\modem.sys
15:50:31.0664 0x0aec  Modem - ok
15:50:31.0675 0x0aec  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\Windows\System32\drivers\monitor.sys
15:50:31.0676 0x0aec  monitor - ok
15:50:31.0691 0x0aec  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\Windows\System32\drivers\mouclass.sys
15:50:31.0692 0x0aec  mouclass - ok
15:50:31.0697 0x0aec  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
15:50:31.0697 0x0aec  mouhid - ok
15:50:31.0707 0x0aec  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:50:31.0708 0x0aec  mountmgr - ok
15:50:31.0712 0x0aec  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:50:31.0713 0x0aec  mpsdrv - ok
15:50:31.0737 0x0aec  [ 97106D80FD861D5762D5B93D1058D053, 4236FD178ECFC8978FFB3FC0890F357BB4AE10F88AF696617CCD24D93360BA3C ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:50:31.0750 0x0aec  MpsSvc - ok
15:50:31.0760 0x0aec  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:50:31.0761 0x0aec  MRxDAV - ok
15:50:31.0770 0x0aec  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:50:31.0775 0x0aec  mrxsmb - ok
15:50:31.0811 0x0aec  [ 84700F40C0E41AEA91F8F3D6218A8A68, 72BB529367095EE19F299232648B7E347590C9F4F89DE3FDA41724BFCAC1F49C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:50:31.0815 0x0aec  mrxsmb10 - ok
15:50:31.0849 0x0aec  [ BBE8708149EA1C0E981F31291F25895F, E7C9318DE94520606F5806F454BD28E050B9052409FDD5B934B3FF421C1A4C2B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:50:31.0857 0x0aec  mrxsmb20 - ok
15:50:31.0885 0x0aec  [ 44A8A52763381E5DCAE122330191493C, 578630611F151C6D20D52145312F4A824C6FF80E27F282A2109BA6E54FDDC9BB ] MsBridge        C:\Windows\system32\drivers\bridge.sys
15:50:31.0889 0x0aec  MsBridge - ok
15:50:31.0914 0x0aec  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\Windows\System32\msdtc.exe
15:50:31.0923 0x0aec  MSDTC - ok
15:50:31.0936 0x0aec  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:50:31.0937 0x0aec  Msfs - ok
15:50:31.0941 0x0aec  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
15:50:31.0943 0x0aec  msgpiowin32 - ok
15:50:31.0954 0x0aec  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:50:31.0955 0x0aec  mshidkmdf - ok
15:50:31.0959 0x0aec  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
15:50:31.0959 0x0aec  mshidumdf - ok
15:50:31.0973 0x0aec  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:50:31.0974 0x0aec  msisadrv - ok
15:50:31.0990 0x0aec  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:50:31.0995 0x0aec  MSiSCSI - ok
15:50:31.0998 0x0aec  msiserver - ok
15:50:32.0023 0x0aec  [ C2939119A17E52D74191EFC1E4CDEE09, B5738A32B02CDD816F086BA84C733D9597A0193F42C068D7B90E386D1CA92EE1 ] MSKSSRV         C:\Windows\system32\DRIVERS\MSKSSRV.sys
15:50:32.0024 0x0aec  MSKSSRV - ok
15:50:32.0036 0x0aec  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
15:50:32.0038 0x0aec  MsLldp - ok
15:50:32.0041 0x0aec  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\Windows\system32\DRIVERS\MSPCLOCK.sys
15:50:32.0042 0x0aec  MSPCLOCK - ok
15:50:32.0057 0x0aec  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\Windows\system32\DRIVERS\MSPQM.sys
15:50:32.0058 0x0aec  MSPQM - ok
15:50:32.0068 0x0aec  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:50:32.0075 0x0aec  MsRPC - ok
15:50:32.0084 0x0aec  [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt        C:\Windows\system32\drivers\mssecflt.sys
15:50:32.0088 0x0aec  MsSecFlt - ok
15:50:32.0097 0x0aec  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
15:50:32.0098 0x0aec  mssmbios - ok
15:50:32.0100 0x0aec  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\Windows\system32\DRIVERS\MSTEE.sys
15:50:32.0101 0x0aec  MSTEE - ok
15:50:32.0104 0x0aec  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
15:50:32.0104 0x0aec  MTConfig - ok
15:50:32.0108 0x0aec  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:50:32.0109 0x0aec  Mup - ok
15:50:32.0112 0x0aec  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
15:50:32.0113 0x0aec  mvumis - ok
15:50:32.0140 0x0aec  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:50:32.0147 0x0aec  NativeWifiP - ok
15:50:32.0188 0x0aec  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\Windows\System32\NaturalAuth.dll
15:50:32.0198 0x0aec  NaturalAuthentication - ok
15:50:32.0215 0x0aec  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\Windows\System32\ncasvc.dll
15:50:32.0219 0x0aec  NcaSvc - ok
15:50:32.0233 0x0aec  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\Windows\System32\ncbservice.dll
15:50:32.0239 0x0aec  NcbService - ok
15:50:32.0252 0x0aec  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
15:50:32.0255 0x0aec  NcdAutoSetup - ok
15:50:32.0270 0x0aec  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
15:50:32.0271 0x0aec  ndfltr - ok
15:50:32.0310 0x0aec  [ 64BB1D5A6A8711C980D2ABAB0ADFFF8E, 85061564E6684136D544A556896C9BDDC93146B94416F49DB8E9321E38DF46D0 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:50:32.0323 0x0aec  NDIS - ok
15:50:32.0327 0x0aec  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
15:50:32.0328 0x0aec  NdisCap - ok
15:50:32.0331 0x0aec  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
15:50:32.0333 0x0aec  NdisImPlatform - ok
15:50:32.0336 0x0aec  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:50:32.0336 0x0aec  NdisTapi - ok
15:50:32.0351 0x0aec  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
15:50:32.0352 0x0aec  Ndisuio - ok
15:50:32.0365 0x0aec  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
15:50:32.0365 0x0aec  NdisVirtualBus - ok
15:50:32.0373 0x0aec  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
15:50:32.0375 0x0aec  NdisWan - ok
15:50:32.0389 0x0aec  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
15:50:32.0391 0x0aec  ndiswanlegacy - ok
15:50:32.0407 0x0aec  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
15:50:32.0408 0x0aec  ndproxy - ok
15:50:32.0455 0x0aec  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
15:50:32.0461 0x0aec  Ndu - ok
15:50:32.0473 0x0aec  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\Windows\system32\drivers\NetAdapterCx.sys
15:50:32.0478 0x0aec  NetAdapterCx - ok
15:50:32.0488 0x0aec  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
15:50:32.0490 0x0aec  NetBIOS - ok
15:50:32.0519 0x0aec  [ BAD3C424788BC071C3EC82CFCDA954D2, 7AA11C36C8365B476361FC4F05C612066C5159C7C1813314E881E1A3A4B75271 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:50:32.0525 0x0aec  NetBT - ok
15:50:32.0542 0x0aec  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] Netlogon        C:\Windows\system32\lsass.exe
15:50:32.0545 0x0aec  Netlogon - ok
15:50:32.0572 0x0aec  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\Windows\System32\netman.dll
15:50:32.0580 0x0aec  Netman - ok
15:50:32.0623 0x0aec  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\Windows\System32\netprofmsvc.dll
15:50:32.0633 0x0aec  netprofm - ok
15:50:32.0649 0x0aec  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\Windows\System32\NetSetupSvc.dll
15:50:32.0655 0x0aec  NetSetupSvc - ok
15:50:32.0689 0x0aec  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:32.0692 0x0aec  NetTcpPortSharing - ok
15:50:32.0707 0x0aec  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\Windows\System32\drivers\netvsc.sys
15:50:32.0709 0x0aec  netvsc - ok
15:50:32.0729 0x0aec  [ 56CB676DC058995ED3AD61AF233B9975, 2658B1B5E0059D4C0CE8F82D327AFBBAD5CF6C5774C95039D39815092A74E4A1 ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
15:50:32.0737 0x0aec  NgcCtnrSvc - ok
15:50:32.0767 0x0aec  [ 7D50141D1705AFB6BF2683201699FEC1, 1D333DD10BA6987A2787F2CF492E38029E2744BAA6B9354E8B2B8D22971B3D79 ] NgcSvc          C:\Windows\system32\ngcsvc.dll
15:50:32.0780 0x0aec  NgcSvc - ok
15:50:32.0797 0x0aec  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:50:32.0802 0x0aec  NlaSvc - ok
15:50:32.0833 0x0aec  [ F554C5FD7BD1EFA4DA5CFE2EED86391F, 808D16D4547FA332F52523BD40D55606E722BC441786040B6C26B28B323D249C ] nm3             C:\Windows\system32\DRIVERS\nm3.sys
15:50:32.0834 0x0aec  nm3 - ok
15:50:32.0844 0x0aec  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:50:32.0845 0x0aec  Npfs - ok
15:50:32.0856 0x0aec  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
15:50:32.0857 0x0aec  npsvctrig - ok
15:50:32.0864 0x0aec  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\Windows\system32\nsisvc.dll
15:50:32.0866 0x0aec  nsi - ok
15:50:32.0878 0x0aec  [ 244C3E541E741C9D8F67E05D9D9AFBE7, 5848515910FD6FF01B94108E33BEBCA26D46DE54C6AC9CF9F5533180E16788AB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:50:32.0879 0x0aec  nsiproxy - ok
15:50:32.0969 0x0aec  [ 075F8C81457804BB79DD33FE69A96C57, EFAA1C6CEEC995E87EB15DA40178EA3534A73C8F6ADCF5F3FEC1C7BB99B78687 ] NTFS            C:\Windows\system32\drivers\NTFS.sys
15:50:33.0003 0x0aec  NTFS - ok
15:50:33.0012 0x0aec  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\Windows\system32\drivers\Null.sys
15:50:33.0012 0x0aec  Null - ok
15:50:33.0100 0x0aec  [ 43F315F0F7A179C46ED3BA44CFBBC162, 544FF013BF6E9569F22752470F6F21CAE5B654AE5FE793B86D22E926E0B783A8 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
15:50:33.0114 0x0aec  NvContainerLocalSystem - ok
15:50:33.0136 0x0aec  [ 43F315F0F7A179C46ED3BA44CFBBC162, 544FF013BF6E9569F22752470F6F21CAE5B654AE5FE793B86D22E926E0B783A8 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
15:50:33.0143 0x0aec  NvContainerNetworkService - ok
15:50:33.0147 0x0aec  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\Windows\System32\drivers\nvdimmn.sys
15:50:33.0148 0x0aec  nvdimmn - ok
15:50:33.0159 0x0aec  [ C27427C9D79DE00A01B9987B68485F60, D385AFADECC3B1ECD62211D5501050A66F6A334AE3799DDA8F8CA4C231CFB075 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:50:33.0162 0x0aec  NVHDA - ok
15:50:33.0460 0x0aec  [ E3BD60B7CB6E015359E8CBAAAC867E0D, 553422F32793621169F2465762EB2B345AAD58F191AAED29E9D89B40BF339B92 ] nvlddmkm        C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7209bde3180ef5f7\nvlddmkm.sys
15:50:33.0612 0x0aec  nvlddmkm - ok
15:50:33.0640 0x0aec  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:50:33.0641 0x0aec  nvraid - ok
15:50:33.0646 0x0aec  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:50:33.0648 0x0aec  nvstor - ok
15:50:33.0676 0x0aec  [ 530E825A38753DA3ED21FD689F961344, 9A72C18014F2D7E2CB31FB562A0CD47BC13E00B3C6CCFA4469229562D010FF2A ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:50:33.0676 0x0aec  NvStreamKms - ok
15:50:33.0739 0x0aec  [ A9FD0F6BD72EA00049EAD30EFB9A7602, 7205A0519EB41C64E4CB5715805DF140566BFE2508D568024A66455DCCAE8E25 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
15:50:33.0752 0x0aec  NvTelemetryContainer - ok
15:50:33.0782 0x0aec  [ 21D89A95055DEBEEAC9566536D0A8527, C2C753295BF6E0905CB6605888269873CF935ED1EB132A0456C93E5CBD4BE669 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
15:50:33.0783 0x0aec  nvvad_WaveExtensible - ok
15:50:33.0803 0x0aec  [ CFCE4D665B1169DCD2A0FB802EECE93A, BD65804670220EA94EB7E1FDE9B0FA4EB9E762E184E9BFE289B259D23CEAAB2D ] nvvhci          C:\Windows\System32\drivers\nvvhci.sys
15:50:33.0805 0x0aec  nvvhci - ok
15:50:33.0824 0x0aec  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\Windows\System32\APHostService.dll
15:50:33.0830 0x0aec  OneSyncSvc - ok
15:50:33.0946 0x0aec  [ D7263F094C3256FE3233C9B2AAC7239D, E96E87B9A6302D7A035130F5BD5F5B6C2BDBD691FD775C7E4FC60F223AF4766A ] Origin Client Service F:\Origin\OriginClientService.exe
15:50:33.0969 0x0aec  Origin Client Service - ok
15:50:34.0107 0x0aec  [ D1B23ADD5796AAA2FA2AE28BCB255659, 107EAEBADCAFDACC864518D1F7305C5C5664D729810E903D91C1EC5926AA7AA3 ] Origin Web Helper Service F:\Origin\OriginWebHelperService.exe
15:50:34.0139 0x0aec  Origin Web Helper Service - ok
15:50:34.0196 0x0aec  [ 6C7A7FDB373D42102A114CED1CB2EB30, 2ABEBB0687F77DFA5F65635042F4F15B7C31FCA8C037BA4A15385EC4579335D8 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:50:34.0198 0x0aec  ose - ok

Maliko · 21.09.2017, 14:56

Fortsetung TDSS-Killer

Code:

ATTFilter

15:50:34.0340 0x0aec  [ 62C94E9FE432791CDBB516BEE6198FA2, E9DDFC36243F0B6197C75349D4C03D318F415E9E1D904CE17698F71647EB3415 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
15:50:34.0360 0x0aec  OverwolfUpdater - ok
15:50:34.0401 0x0aec  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:50:34.0419 0x0aec  p2pimsvc - ok
15:50:34.0452 0x0aec  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\Windows\system32\p2psvc.dll
15:50:34.0462 0x0aec  p2psvc - ok
15:50:34.0473 0x0aec  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\Windows\System32\drivers\parport.sys
15:50:34.0475 0x0aec  Parport - ok
15:50:34.0489 0x0aec  [ ABE0711474C0518FD914F62AB4FB83E8, 17F38D28D0A2275A6A1E5BC2C60BF2459B0D642EDC42B59F4A1BCFC1100C8502 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:50:34.0492 0x0aec  partmgr - ok
15:50:34.0515 0x0aec  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:50:34.0526 0x0aec  PcaSvc - ok
15:50:34.0546 0x0aec  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\Windows\system32\drivers\pci.sys
15:50:34.0550 0x0aec  pci - ok
15:50:34.0592 0x0aec  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:50:34.0593 0x0aec  pciide - ok
15:50:34.0597 0x0aec  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:50:34.0598 0x0aec  pcmcia - ok
15:50:34.0615 0x0aec  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:50:34.0616 0x0aec  pcw - ok
15:50:34.0653 0x0aec  [ 10E48E45A03A7F4C2B7C11738BE87816, 44870E26C3B75D51F5035DE78E62F3EFF222D314DAACBD60AE40BF34BC706F2E ] pdc             C:\Windows\system32\drivers\pdc.sys
15:50:34.0654 0x0aec  pdc - ok
15:50:34.0694 0x0aec  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:50:34.0717 0x0aec  PEAUTH - ok
15:50:34.0775 0x0aec  [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:50:34.0801 0x0aec  PeerDistSvc - ok
15:50:34.0806 0x0aec  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
15:50:34.0807 0x0aec  percsas2i - ok
15:50:34.0820 0x0aec  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
15:50:34.0821 0x0aec  percsas3i - ok
15:50:34.0868 0x0aec  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:50:34.0871 0x0aec  PerfHost - ok
15:50:34.0930 0x0aec  [ D4D4AFF22AEC7595EF24DB0FDCC06259, 4D3D7ECB724FE41924BA7699316D50566FE828B5B53616EC50DFBEE91C6464FA ] PhoneSvc        C:\Windows\System32\PhoneService.dll
15:50:34.0945 0x0aec  PhoneSvc - ok
15:50:34.0958 0x0aec  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
15:50:34.0962 0x0aec  PimIndexMaintenanceSvc - ok
15:50:35.0024 0x0aec  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\Windows\system32\pla.dll
15:50:35.0058 0x0aec  pla - ok
15:50:35.0079 0x0aec  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:50:35.0082 0x0aec  PlugPlay - ok
15:50:35.0086 0x0aec  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\Windows\System32\drivers\pmem.sys
15:50:35.0087 0x0aec  pmem - ok
15:50:35.0099 0x0aec  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:50:35.0102 0x0aec  PNRPAutoReg - ok
15:50:35.0123 0x0aec  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:50:35.0130 0x0aec  PNRPsvc - ok
15:50:35.0157 0x0aec  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:50:35.0164 0x0aec  PolicyAgent - ok
15:50:35.0192 0x0aec  [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power           C:\Windows\system32\umpo.dll
15:50:35.0198 0x0aec  Power - ok
15:50:35.0202 0x0aec  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
15:50:35.0203 0x0aec  PptpMiniport - ok
15:50:35.0300 0x0aec  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
15:50:35.0333 0x0aec  PrintNotify - ok
15:50:35.0341 0x0aec  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\Windows\System32\drivers\processr.sys
15:50:35.0343 0x0aec  Processor - ok
15:50:35.0357 0x0aec  [ EBBAEA19BB7BF5E7CF09BE1C294E2699, 4FAF59D5393A6979627A061216676106A3941F2FBAE8E1CD5485E49BB57A6297 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:50:35.0364 0x0aec  ProfSvc - ok
15:50:35.0376 0x0aec  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\Windows\system32\drivers\pacer.sys
15:50:35.0377 0x0aec  Psched - ok
15:50:35.0400 0x0aec  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\Windows\system32\qwave.dll
15:50:35.0404 0x0aec  QWAVE - ok
15:50:35.0419 0x0aec  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:50:35.0420 0x0aec  QWAVEdrv - ok
15:50:35.0423 0x0aec  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:50:35.0424 0x0aec  RasAcd - ok
15:50:35.0435 0x0aec  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
15:50:35.0436 0x0aec  RasAgileVpn - ok
15:50:35.0446 0x0aec  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\Windows\System32\rasauto.dll
15:50:35.0450 0x0aec  RasAuto - ok
15:50:35.0453 0x0aec  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
15:50:35.0455 0x0aec  Rasl2tp - ok
15:50:35.0482 0x0aec  [ FCC5824BCB4D12AFC40C61CADDC7175C, 2C2464849320B2E18B9A94574AA20218AF4EA50E9947C990068F086061400275 ] RasMan          C:\Windows\System32\rasmans.dll
15:50:35.0495 0x0aec  RasMan - ok
15:50:35.0498 0x0aec  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:50:35.0500 0x0aec  RasPppoe - ok
15:50:35.0503 0x0aec  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
15:50:35.0504 0x0aec  RasSstp - ok
15:50:35.0520 0x0aec  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:50:35.0525 0x0aec  rdbss - ok
15:50:35.0539 0x0aec  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
15:50:35.0539 0x0aec  rdpbus - ok
15:50:35.0552 0x0aec  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:50:35.0554 0x0aec  RDPDR - ok
15:50:35.0570 0x0aec  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:50:35.0571 0x0aec  RdpVideoMiniport - ok
15:50:35.0582 0x0aec  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:50:35.0586 0x0aec  rdyboost - ok
15:50:35.0631 0x0aec  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\Windows\system32\drivers\ReFS.sys
15:50:35.0650 0x0aec  ReFS - ok
15:50:35.0680 0x0aec  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys
15:50:35.0690 0x0aec  ReFSv1 - ok
15:50:35.0717 0x0aec  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:50:35.0724 0x0aec  RemoteAccess - ok
15:50:35.0742 0x0aec  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:50:35.0745 0x0aec  RemoteRegistry - ok
15:50:35.0795 0x0aec  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\Windows\system32\RDXService.dll
15:50:35.0818 0x0aec  RetailDemo - ok
15:50:35.0837 0x0aec  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\Windows\System32\RMapi.dll
15:50:35.0843 0x0aec  RmSvc - ok
15:50:35.0852 0x0aec  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:50:35.0857 0x0aec  RpcEptMapper - ok
15:50:35.0875 0x0aec  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\Windows\system32\locator.exe
15:50:35.0876 0x0aec  RpcLocator - ok
15:50:35.0906 0x0aec  [ AA7F1C36F5BC779964CFA4F98D224D9F, 6DAF4FCE696B1D6A76E127A905C158724B13C20D2AA0F460F6C2E747E9525D98 ] RpcSs           C:\Windows\system32\rpcss.dll
15:50:35.0920 0x0aec  RpcSs - ok
15:50:35.0933 0x0aec  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\Windows\system32\drivers\rspndr.sys
15:50:35.0935 0x0aec  rspndr - ok
15:50:35.0951 0x0aec  [ AB7C0639DF052528C2CB06D0EAE115EC, 5D709DE453FBC3DD880859D2B11BCB780FEA8C0618AA47622C85BD414EC540BE ] rt640x64        C:\Windows\System32\drivers\rt640x64.sys
15:50:35.0959 0x0aec  rt640x64 - ok
15:50:35.0970 0x0aec  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
15:50:35.0971 0x0aec  s3cap - ok
15:50:35.0990 0x0aec  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] SamSs           C:\Windows\system32\lsass.exe
15:50:35.0992 0x0aec  SamSs - ok
15:50:35.0996 0x0aec  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:50:35.0997 0x0aec  sbp2port - ok
15:50:36.0009 0x0aec  [ 53F03A8A228D6C8016139A4B2583A2D8, 8EA046C7537B2D926D3AE1F058A9880F823EBEA6DC77F312082EDE1722F08236 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:50:36.0013 0x0aec  SCardSvr - ok
15:50:36.0025 0x0aec  [ CBCC25CDF5D30ACB253CC92ADC7D569C, 0DF0DE3B0F0007E4F3D663EB7CC503C38B5A99F5859A6BD8564F8153F1D925D5 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
15:50:36.0029 0x0aec  ScDeviceEnum - ok
15:50:36.0048 0x0aec  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:50:36.0048 0x0aec  scfilter - ok
15:50:36.0067 0x0aec  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\Windows\system32\schedsvc.dll
15:50:36.0078 0x0aec  Schedule - ok
15:50:36.0082 0x0aec  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\Windows\system32\drivers\scmbus.sys
15:50:36.0083 0x0aec  scmbus - ok
15:50:36.0101 0x0aec  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:50:36.0103 0x0aec  SCPolicySvc - ok
15:50:36.0122 0x0aec  [ 134FB9DCA9244455917D80D33CA31ACA, 0B17BB514A14096C8F67D73F27E52C90E4BD343B131BD554D7DD3B424B4E070B ] sdbus           C:\Windows\System32\drivers\sdbus.sys
15:50:36.0126 0x0aec  sdbus - ok
15:50:36.0129 0x0aec  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\Windows\System32\drivers\SDFRd.sys
15:50:36.0129 0x0aec  SDFRd - ok
15:50:36.0139 0x0aec  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:50:36.0143 0x0aec  SDRSVC - ok
15:50:36.0147 0x0aec  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\Windows\System32\drivers\sdstor.sys
15:50:36.0148 0x0aec  sdstor - ok
15:50:36.0157 0x0aec  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\Windows\system32\seclogon.dll
15:50:36.0159 0x0aec  seclogon - ok
15:50:36.0190 0x0aec  [ 1D4F5F50BEA1329FAEFA5D15F683F87F, C5E0BFFB4E4589AAD87D8BA0F779DC94ED6F85A8003B71D0A858CC32912A3F0F ] SecurityHealthService C:\Windows\system32\SecurityHealthService.exe
15:50:36.0196 0x0aec  SecurityHealthService - ok
15:50:36.0229 0x0aec  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\Windows\system32\SEMgrSvc.dll
15:50:36.0243 0x0aec  SEMgrSvc - ok
15:50:36.0247 0x0aec  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\Windows\System32\sens.dll
15:50:36.0249 0x0aec  SENS - ok
15:50:36.0271 0x0aec  Sense - ok
15:50:36.0315 0x0aec  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\Windows\System32\SensorDataService.exe
15:50:36.0330 0x0aec  SensorDataService - ok
15:50:36.0362 0x0aec  [ AA4BA5CCB3B01E23605ACE13F4A94ECE, 7D8374FA03C33CFC7EA7CF680F81B0090AB22076E389EB6B6233F696FC63E1B0 ] SensorService   C:\Windows\system32\SensorService.dll
15:50:36.0369 0x0aec  SensorService - ok
15:50:36.0382 0x0aec  [ 00897F867A525D2118DF98E2DCADA050, ADAEB414EE5F3EFE90AE8A56136FB0165CF68962661FE0B937150235DE1F4DE6 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:50:36.0385 0x0aec  SensrSvc - ok
15:50:36.0388 0x0aec  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\Windows\system32\drivers\SerCx.sys
15:50:36.0389 0x0aec  SerCx - ok
15:50:36.0394 0x0aec  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
15:50:36.0395 0x0aec  SerCx2 - ok
15:50:36.0411 0x0aec  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\Windows\System32\drivers\serenum.sys
15:50:36.0412 0x0aec  Serenum - ok
15:50:36.0422 0x0aec  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\Windows\System32\drivers\serial.sys
15:50:36.0425 0x0aec  Serial - ok
15:50:36.0433 0x0aec  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\Windows\System32\drivers\sermouse.sys
15:50:36.0435 0x0aec  sermouse - ok
15:50:36.0451 0x0aec  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:50:36.0460 0x0aec  SessionEnv - ok
15:50:36.0463 0x0aec  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
15:50:36.0464 0x0aec  sfloppy - ok
15:50:36.0495 0x0aec  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:50:36.0502 0x0aec  SharedAccess - ok
15:50:36.0540 0x0aec  [ 490F6144273A85A3CFF3D416850E0611, F703D32580405B9CEF0E601222C2CE584B076B2E58710D66A15AFEA2A6907514 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:50:36.0548 0x0aec  ShellHWDetection - ok
15:50:36.0572 0x0aec  [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc        C:\Windows\system32\Windows.SharedPC.AccountManager.dll
15:50:36.0575 0x0aec  shpamsvc - ok
15:50:36.0578 0x0aec  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:50:36.0579 0x0aec  SiSRaid2 - ok
15:50:36.0582 0x0aec  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:50:36.0583 0x0aec  SiSRaid4 - ok
15:50:36.0611 0x0aec  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\Windows\System32\smphost.dll
15:50:36.0614 0x0aec  smphost - ok
15:50:36.0632 0x0aec  [ 15684D78C67B63475EABAB5A6ECF32A8, 46BA6830BC42839E22F600ED591E23611E092C2342702F403553BB0B9177E835 ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
15:50:36.0640 0x0aec  SmsRouter - ok
15:50:36.0681 0x0aec  [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:50:36.0688 0x0aec  SNMPTRAP - ok
15:50:36.0728 0x0aec  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\Windows\system32\drivers\spaceport.sys
15:50:36.0743 0x0aec  spaceport - ok
15:50:36.0763 0x0aec  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\Windows\system32\drivers\SpatialGraphFilter.sys
15:50:36.0764 0x0aec  SpatialGraphFilter - ok
15:50:36.0768 0x0aec  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
15:50:36.0769 0x0aec  SpbCx - ok
15:50:36.0802 0x0aec  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\Windows\system32\spectrum.exe
15:50:36.0818 0x0aec  spectrum - ok
15:50:36.0852 0x0aec  [ 250B6272326FC54414231AC71176E6FA, DE531EEADD24F1866A5BD74411E91E0934B23DC508855D2B9AC88BC25EE7A4E0 ] Spooler         C:\Windows\System32\spoolsv.exe
15:50:36.0878 0x0aec  Spooler - ok
15:50:36.0980 0x0aec  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\Windows\system32\sppsvc.exe
15:50:37.0029 0x0aec  sppsvc - ok
15:50:37.0097 0x0aec  [ E8276BE984738AA44070CFDE6EFC9300, F0B09D3E08BDB1B8AEBA97A700271E97AB2506793B42D96415B23DB68DA99FA8 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:50:37.0100 0x0aec  SQLWriter - ok
15:50:37.0137 0x0aec  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:50:37.0148 0x0aec  srv - ok
15:50:37.0171 0x0aec  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:50:37.0180 0x0aec  srv2 - ok
15:50:37.0207 0x0aec  [ 62E6CF587C037E99F7450F5BAAF0CB87, 3EED46313FD5A9C942F447F531121395C31C1AE2DED0F7B2E4A974F6024E8330 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:50:37.0210 0x0aec  srvnet - ok
15:50:37.0232 0x0aec  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:50:37.0237 0x0aec  SSDPSRV - ok
15:50:37.0250 0x0aec  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:50:37.0253 0x0aec  SstpSvc - ok
15:50:37.0366 0x0aec  [ AE1918EED1E4925778B92061CC2B8D18, 21B3D1685906BC4BA3C8A54C40ABC631F2F312926111BCE48AFEA8B96942DF22 ] StateRepository C:\Windows\system32\windows.staterepository.dll
15:50:37.0424 0x0aec  StateRepository - ok
15:50:37.0505 0x0aec  [ 925116020437C74A2F535EBB05267968, 3180856E63A7E17807A6914A13C8BD4B01AE6A76E7E8D0A3FF45556536CC717E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:50:37.0528 0x0aec  Steam Client Service - ok
15:50:37.0531 0x0aec  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:50:37.0533 0x0aec  stexstor - ok
15:50:37.0557 0x0aec  [ 01726E4BD1D1A5AF1F23833C79528555, 736DDA82BF17880A2C596571CBCA4C8E3829526AACC3C50B9E2D3A0DA9744E41 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:50:37.0557 0x0aec  StillCam - ok
15:50:37.0609 0x0aec  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\Windows\System32\wiaservc.dll
15:50:37.0626 0x0aec  stisvc - ok
15:50:37.0653 0x0aec  [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci        C:\Windows\system32\drivers\storahci.sys
15:50:37.0655 0x0aec  storahci - ok
15:50:37.0664 0x0aec  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:50:37.0665 0x0aec  storflt - ok
15:50:37.0674 0x0aec  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
15:50:37.0680 0x0aec  stornvme - ok
15:50:37.0699 0x0aec  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
15:50:37.0702 0x0aec  storqosflt - ok
15:50:37.0743 0x0aec  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\Windows\system32\storsvc.dll
15:50:37.0761 0x0aec  StorSvc - ok
15:50:37.0765 0x0aec  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\Windows\system32\drivers\storufs.sys
15:50:37.0765 0x0aec  storufs - ok
15:50:37.0775 0x0aec  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:50:37.0776 0x0aec  storvsc - ok
15:50:37.0789 0x0aec  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\Windows\system32\svsvc.dll
15:50:37.0791 0x0aec  svsvc - ok
15:50:37.0803 0x0aec  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\Windows\System32\drivers\swenum.sys
15:50:37.0803 0x0aec  swenum - ok
15:50:37.0830 0x0aec  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\Windows\System32\swprv.dll
15:50:37.0853 0x0aec  swprv - ok
15:50:37.0871 0x0aec  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
15:50:37.0872 0x0aec  Synth3dVsc - ok
15:50:37.0921 0x0aec  [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain         C:\Windows\system32\sysmain.dll
15:50:37.0940 0x0aec  SysMain - ok
15:50:37.0947 0x0aec  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
15:50:37.0952 0x0aec  SystemEventsBroker - ok
15:50:37.0973 0x0aec  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:50:37.0977 0x0aec  TabletInputService - ok
15:50:37.0988 0x0aec  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:50:37.0994 0x0aec  TapiSrv - ok
15:50:38.0099 0x0aec  [ FD4E819C0017074B33BAE343F9559162, EED3F611AD841DBC420D4DE60E527389C7D68C136D8E7074A0F6852F037B33F0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:50:38.0127 0x0aec  Tcpip - ok
15:50:38.0183 0x0aec  [ FD4E819C0017074B33BAE343F9559162, EED3F611AD841DBC420D4DE60E527389C7D68C136D8E7074A0F6852F037B33F0 ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
15:50:38.0212 0x0aec  Tcpip6 - ok
15:50:38.0227 0x0aec  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:50:38.0228 0x0aec  tcpipreg - ok
15:50:38.0256 0x0aec  [ D74756DD1518D28A09CDA99696273FA4, F01DDF8CDBBC70BB086970C324E60CF7A1828CA6DE5A4F5B1BA4686BC31C4058 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:50:38.0257 0x0aec  tdx - ok
15:50:38.0312 0x0aec  [ 29046F0A1DC787180A4375EB9304230A, 3E0A54B9137346F6F6F3370B9ABDA69624B9C4D4C5BC6098D21B88E908EC024C ] Te.Service      C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
15:50:38.0314 0x0aec  Te.Service - ok
15:50:38.0555 0x0aec  [ 9C0B950F93833EC22A5D971AB77F263D, 5A0529791D1432DB33424D846C0A26B62899BAE7A2823EB3CB6EB0CDEF340557 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
15:50:38.0669 0x0aec  TeamViewer - ok
15:50:38.0690 0x0aec  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\Windows\System32\drivers\terminpt.sys
15:50:38.0691 0x0aec  terminpt - ok
15:50:38.0714 0x0aec  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\Windows\System32\termsrv.dll
15:50:38.0726 0x0aec  TermService - ok
15:50:38.0738 0x0aec  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\Windows\system32\themeservice.dll
15:50:38.0742 0x0aec  Themes - ok
15:50:38.0770 0x0aec  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
15:50:38.0776 0x0aec  TieringEngineService - ok
15:50:38.0820 0x0aec  [ 4F9A5CE9F3C75AF1EE4B00D5E69F7CF7, 5FEE41C10629E89BD372E5D6C05A78FC0F2C394F4DE7C70AACC8720C6C6590DA ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
15:50:38.0838 0x0aec  tiledatamodelsvc - ok
15:50:38.0846 0x0aec  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\Windows\System32\TimeBrokerServer.dll
15:50:38.0851 0x0aec  TimeBrokerSvc - ok
15:50:38.0896 0x0aec  [ 5379471B971D29EFCECBA87200C9FBFC, 7621258DA5EF0F4B2FFC344BCE0B6442E0AEE6BA795B65EBB5786D7A7C208A1F ] TokenBroker     C:\Windows\System32\TokenBroker.dll
15:50:38.0937 0x0aec  TokenBroker - ok
15:50:38.0974 0x0aec  [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM             C:\Windows\System32\drivers\tpm.sys
15:50:38.0978 0x0aec  TPM - ok
15:50:38.0997 0x0aec  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\Windows\System32\trkwks.dll
15:50:39.0002 0x0aec  TrkWks - ok
15:50:39.0030 0x0aec  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:50:39.0031 0x0aec  TrustedInstaller - ok
15:50:39.0036 0x0aec  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:50:39.0037 0x0aec  TsUsbFlt - ok
15:50:39.0042 0x0aec  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
15:50:39.0043 0x0aec  TsUsbGD - ok
15:50:39.0056 0x0aec  [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
15:50:39.0057 0x0aec  tsusbhub - ok
15:50:39.0070 0x0aec  [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel          C:\Windows\System32\drivers\tunnel.sys
15:50:39.0073 0x0aec  tunnel - ok
15:50:39.0090 0x0aec  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
15:50:39.0093 0x0aec  tzautoupdate - ok
15:50:39.0118 0x0aec  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
15:50:39.0120 0x0aec  UASPStor - ok
15:50:39.0142 0x0aec  [ 7B2B767C4DB23F87C698C139BEBEA400, 8E58AA7C05C183EC88423FA2CB72E082D0177120DAFE798EA04C5BB91ED52D89 ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
15:50:39.0143 0x0aec  UcmCx0101 - ok
15:50:39.0148 0x0aec  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\Windows\system32\Drivers\UcmTcpciCx.sys
15:50:39.0151 0x0aec  UcmTcpciCx0101 - ok
15:50:39.0160 0x0aec  [ F083A400FB9CB8ADD1783848CB1C76F0, 7E543E5F81C04AF486ACC08B94F785B9702B743C96079241925C385BF8411EB9 ] UcmUcsi         C:\Windows\System32\drivers\UcmUcsi.sys
15:50:39.0161 0x0aec  UcmUcsi - ok
15:50:39.0178 0x0aec  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
15:50:39.0181 0x0aec  Ucx01000 - ok
15:50:39.0185 0x0aec  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\Windows\system32\drivers\udecx.sys
15:50:39.0185 0x0aec  UdeCx - ok
15:50:39.0198 0x0aec  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:50:39.0201 0x0aec  udfs - ok
15:50:39.0205 0x0aec  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\Windows\System32\drivers\UEFI.sys
15:50:39.0205 0x0aec  UEFI - ok
15:50:39.0210 0x0aec  [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver  C:\Windows\system32\drivers\UevAgentDriver.sys
15:50:39.0210 0x0aec  UevAgentDriver - ok
15:50:39.0243 0x0aec  [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\Windows\system32\AgentService.exe
15:50:39.0258 0x0aec  UevAgentService - ok
15:50:39.0264 0x0aec  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
15:50:39.0267 0x0aec  Ufx01000 - ok
15:50:39.0271 0x0aec  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\Windows\System32\drivers\UfxChipidea.sys
15:50:39.0272 0x0aec  UfxChipidea - ok
15:50:39.0276 0x0aec  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
15:50:39.0278 0x0aec  ufxsynopsys - ok
15:50:39.0284 0x0aec  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:50:39.0288 0x0aec  UI0Detect - ok
15:50:39.0300 0x0aec  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\Windows\System32\drivers\umbus.sys
15:50:39.0301 0x0aec  umbus - ok
15:50:39.0306 0x0aec  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\Windows\System32\drivers\umpass.sys
15:50:39.0306 0x0aec  UmPass - ok
15:50:39.0315 0x0aec  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\Windows\System32\umrdp.dll
15:50:39.0321 0x0aec  UmRdpService - ok
15:50:39.0347 0x0aec  [ 5B17D5E9FBF65ED93078DEB687357BAF, 00BC68F16E36681254E72D8D39006F695D38246EAB6ABC6F40E5305D5ACE26A1 ] UnistoreSvc     C:\Windows\System32\unistore.dll
15:50:39.0362 0x0aec  UnistoreSvc - ok
15:50:39.0388 0x0aec  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\Windows\System32\upnphost.dll
15:50:39.0395 0x0aec  upnphost - ok
15:50:39.0400 0x0aec  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\Windows\System32\drivers\urschipidea.sys
15:50:39.0401 0x0aec  UrsChipidea - ok
15:50:39.0404 0x0aec  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
15:50:39.0405 0x0aec  UrsCx01000 - ok
15:50:39.0407 0x0aec  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\Windows\System32\drivers\urssynopsys.sys
15:50:39.0408 0x0aec  UrsSynopsys - ok
15:50:39.0412 0x0aec  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
15:50:39.0415 0x0aec  usbccgp - ok
15:50:39.0425 0x0aec  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\Windows\System32\drivers\usbcir.sys
15:50:39.0426 0x0aec  usbcir - ok
15:50:39.0431 0x0aec  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
15:50:39.0432 0x0aec  usbehci - ok
15:50:39.0441 0x0aec  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
15:50:39.0447 0x0aec  usbhub - ok
15:50:39.0465 0x0aec  [ 0939AD44244AA9D348187015083E17DF, D48C8032333D30019BC5FD4BAF97A2AB1A80488D4881F3437C3D5341DE5294CA ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
15:50:39.0471 0x0aec  USBHUB3 - ok
15:50:39.0475 0x0aec  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\Windows\System32\drivers\usbohci.sys
15:50:39.0476 0x0aec  usbohci - ok
15:50:39.0479 0x0aec  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
15:50:39.0479 0x0aec  usbprint - ok
15:50:39.0508 0x0aec  [ 8E6AE06A1CA4055340A49D73C9E0C21B, 82DC9F8A70FB1EB1F4A7B5697C72926C352FBA2DF06F539BDCDF0AE574D67CB9 ] usbser          C:\Windows\System32\drivers\usbser.sys
15:50:39.0509 0x0aec  usbser - ok
15:50:39.0525 0x0aec  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
15:50:39.0527 0x0aec  USBSTOR - ok
15:50:39.0530 0x0aec  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
15:50:39.0530 0x0aec  usbuhci - ok
15:50:39.0550 0x0aec  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
15:50:39.0555 0x0aec  USBXHCI - ok
15:50:39.0601 0x0aec  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\Windows\System32\userdataservice.dll
15:50:39.0638 0x0aec  UserDataSvc - ok
15:50:39.0677 0x0aec  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\Windows\System32\usermgr.dll
15:50:39.0691 0x0aec  UserManager - ok
15:50:39.0726 0x0aec  [ 65D70A530105E0576641493D6292C9EA, 1059285060E700449C6BB99DB0E5E4FF4A32215323F45C11DA7617785F073276 ] UsoSvc          C:\Windows\system32\usocore.dll
15:50:39.0736 0x0aec  UsoSvc - ok
15:50:39.0749 0x0aec  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] VaultSvc        C:\Windows\system32\lsass.exe
15:50:39.0751 0x0aec  VaultSvc - ok
15:50:39.0760 0x0aec  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:50:39.0761 0x0aec  vdrvroot - ok
15:50:39.0778 0x0aec  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\Windows\System32\vds.exe
15:50:39.0788 0x0aec  vds - ok
15:50:39.0794 0x0aec  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
15:50:39.0796 0x0aec  VerifierExt - ok
15:50:39.0836 0x0aec  [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
15:50:39.0844 0x0aec  vhdmp - ok
15:50:39.0855 0x0aec  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\Windows\System32\drivers\vhf.sys
15:50:39.0856 0x0aec  vhf - ok
15:50:39.0917 0x0aec  [ 3293CBF91703951AAFFA8E67BA7BA66D, 6204051AA9A8F4A129499136AD2028EE8B9240256BD60374BDC847B6CF3BEC19 ] VMAuthdService  D:\VMware Player\vmware-authd.exe
15:50:39.0919 0x0aec  VMAuthdService - ok
15:50:39.0926 0x0aec  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:50:39.0929 0x0aec  vmbus - ok
15:50:39.0933 0x0aec  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
15:50:39.0934 0x0aec  VMBusHID - ok
15:50:39.0968 0x0aec  [ 9C3FD3B0B9376537181067A28F2A5290, CFD39EBCA8B07C876BBB8469B145AAE95838C4445F946DFF19EB226581DACCEA ] vmci            C:\Windows\system32\drivers\vmci.sys
15:50:39.0970 0x0aec  vmci - ok
15:50:39.0973 0x0aec  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\Windows\System32\drivers\vmgid.sys
15:50:39.0974 0x0aec  vmgid - ok
15:50:39.0999 0x0aec  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\Windows\System32\icsvc.dll
15:50:40.0004 0x0aec  vmicguestinterface - ok
15:50:40.0015 0x0aec  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\Windows\System32\icsvc.dll
15:50:40.0021 0x0aec  vmicheartbeat - ok
15:50:40.0032 0x0aec  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\Windows\System32\icsvc.dll
15:50:40.0037 0x0aec  vmickvpexchange - ok
15:50:40.0053 0x0aec  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\Windows\System32\icsvcext.dll
15:50:40.0058 0x0aec  vmicrdv - ok
15:50:40.0066 0x0aec  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\Windows\System32\icsvc.dll
15:50:40.0070 0x0aec  vmicshutdown - ok
15:50:40.0076 0x0aec  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\Windows\System32\icsvc.dll
15:50:40.0080 0x0aec  vmictimesync - ok
15:50:40.0086 0x0aec  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\Windows\System32\icsvc.dll
15:50:40.0089 0x0aec  vmicvmsession - ok
15:50:40.0102 0x0aec  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\Windows\System32\icsvcext.dll
15:50:40.0106 0x0aec  vmicvss - ok
15:50:40.0118 0x0aec  [ 3675885428C51FAF45FC698ED4FD98A8, 8E4803D5F8AA25B6DEBB3A914C3C543F4BDFBAEDD9F4E9ADD9247F677DB8A381 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
15:50:40.0119 0x0aec  VMnetAdapter - ok
15:50:40.0132 0x0aec  [ 5A28768B4067C21C1259A6305803FEF3, 069AEB60BBF371EC318F91BC4DE57108333339312017C3CF76B1133DED804C62 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
15:50:40.0133 0x0aec  VMnetBridge - ok
15:50:40.0179 0x0aec  [ 3A10ED0BA429BFB56C88D4C028E78563, 45AD9E22D47C15FABE5AD1DA2B41EF4DC3E7F10F10E21BA56BC32C58D43CEB07 ] VMnetDHCP       C:\Windows\SysWOW64\vmnetdhcp.exe
15:50:40.0185 0x0aec  VMnetDHCP - ok
15:50:40.0193 0x0aec  [ 2DD9DBB836A9F42656FD49E218E6AF2E, 4C3AAF35E01D0571E003CB0B34F6D6EA9038AF6258C5450E47F19F6215F42FED ] VMnetUserif     C:\Windows\system32\DRIVERS\vmnetuserif.sys
15:50:40.0194 0x0aec  VMnetUserif - ok
15:50:40.0197 0x0aec  [ C773AA4151D4B15B68B1D6507526E809, 2DCBA0433DEACB1F3A1B52DB2BC4389290B1494B011A60E54E6DF819FDE1744B ] vmparport       C:\Windows\system32\DRIVERS\vmparport.sys
15:50:40.0198 0x0aec  vmparport - ok
15:50:40.0235 0x0aec  [ 0A3393F99FF0453617169467B1A9E6C5, E4D80B3B4BB1D53F0688CCD4A0C7EC20910E9413FBD8E84E0F8BC63ABFDAB2FA ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
15:50:40.0248 0x0aec  VMUSBArbService - ok
15:50:40.0266 0x0aec  [ 7B428F3BD03CD4571D573D2441AEF591, B844D379DB73801D1079C55B5CB1FB923D7DF441B9414876F38C6FC3CFA3EF64 ] VMware NAT Service C:\Windows\SysWOW64\vmnat.exe
15:50:40.0272 0x0aec  VMware NAT Service - ok
15:50:40.0281 0x0aec  [ 8668E39EE14E4B7C234F4ADB711A1187, 7F272D320B3674A733DE6252FBE3BA45CFA586427B742E9570045B04303AB87D ] vmx86           C:\Windows\system32\DRIVERS\vmx86.sys
15:50:40.0285 0x0aec  vmx86 - ok
15:50:40.0296 0x0aec  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:50:40.0300 0x0aec  volmgr - ok
15:50:40.0323 0x0aec  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:50:40.0330 0x0aec  volmgrx - ok
15:50:40.0340 0x0aec  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:50:40.0345 0x0aec  volsnap - ok
15:50:40.0352 0x0aec  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\Windows\system32\drivers\volume.sys
15:50:40.0352 0x0aec  volume - ok
15:50:40.0376 0x0aec  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\Windows\System32\drivers\vpci.sys
15:50:40.0378 0x0aec  vpci - ok
15:50:40.0383 0x0aec  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:50:40.0385 0x0aec  vsmraid - ok
15:50:40.0398 0x0aec  [ F067FA5D1BEC4B5CE70DA61237A9B2AB, 789AE512EFB503FFE2A17A33FAC9F977FF1079002C36961830FD6322B32F7D5C ] vsock           C:\Windows\system32\DRIVERS\vsock.sys
15:50:40.0399 0x0aec  vsock - ok
15:50:40.0431 0x0aec  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\Windows\system32\vssvc.exe
15:50:40.0450 0x0aec  VSS - ok
15:50:40.0500 0x0aec  [ FE3E26EC19F7F85DD35C2894ADDCDF19, 544B29BAFA55AF8B44E2ACFDA89CC43FCBEAA160303A26578DB342C91BD0D957 ] VSStandardCollectorService150 C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe
15:50:40.0501 0x0aec  VSStandardCollectorService150 - ok
15:50:40.0508 0x0aec  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
15:50:40.0512 0x0aec  VSTXRAID - ok
15:50:40.0523 0x0aec  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:50:40.0524 0x0aec  vwifibus - ok
15:50:40.0537 0x0aec  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
15:50:40.0538 0x0aec  vwififlt - ok
15:50:40.0551 0x0aec  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\Windows\system32\w32time.dll
15:50:40.0560 0x0aec  W32Time - ok
15:50:40.0563 0x0aec  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
15:50:40.0564 0x0aec  WacomPen - ok
15:50:40.0587 0x0aec  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\Windows\system32\WalletService.dll
15:50:40.0594 0x0aec  WalletService - ok
15:50:40.0607 0x0aec  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:50:40.0608 0x0aec  wanarp - ok
15:50:40.0611 0x0aec  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:50:40.0612 0x0aec  wanarpv6 - ok
15:50:40.0641 0x0aec  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\Windows\system32\wbengine.exe
15:50:40.0660 0x0aec  wbengine - ok
15:50:40.0716 0x0aec  [ 39A0B8DD517E3CBF0A6EED5A12BB182F, A25E7D3DC4DF9D0439627CFA0C4AD2292FDF29F4EFC832AEA5A2F774766F76D7 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:50:40.0734 0x0aec  WbioSrvc - ok
15:50:40.0765 0x0aec  [ 923200B78F5284D674A3712204D0FEFA, 4B00785D2E9D12052C2C8E80C568606E0148AA230285D4018A0A603E16224CEE ] wcifs           C:\Windows\system32\drivers\wcifs.sys
15:50:40.0767 0x0aec  wcifs - ok
15:50:40.0827 0x0aec  [ 4CC7119E1527B0A34C50870002E6B7AC, 2C93CF62E01A208453A291A74E0392BA1CA1407CD76E506D7DD638386FE1DE99 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
15:50:40.0850 0x0aec  Wcmsvc - ok
15:50:40.0869 0x0aec  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:50:40.0876 0x0aec  wcncsvc - ok
15:50:40.0884 0x0aec  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\Windows\system32\drivers\wcnfs.sys
15:50:40.0887 0x0aec  wcnfs - ok
15:50:40.0901 0x0aec  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
15:50:40.0902 0x0aec  WdBoot - ok
15:50:40.0922 0x0aec  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:50:40.0935 0x0aec  Wdf01000 - ok
15:50:40.0950 0x0aec  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
15:50:40.0953 0x0aec  WdFilter - ok
15:50:40.0963 0x0aec  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:50:40.0968 0x0aec  WdiServiceHost - ok
15:50:40.0971 0x0aec  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:50:40.0975 0x0aec  WdiSystemHost - ok
15:50:41.0008 0x0aec  [ BF45B43BA47D0FA769CE5AFBF7104F01, CBEEC0E915162BEBFCD2CA9EF72C02E82AFAB2A016F1750A7982975A94599CF6 ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
15:50:41.0017 0x0aec  wdiwifi - ok
15:50:41.0030 0x0aec  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
15:50:41.0032 0x0aec  WdNisDrv - ok
15:50:41.0051 0x0aec  WdNisSvc - ok
15:50:41.0067 0x0aec  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\Windows\System32\webclnt.dll
15:50:41.0072 0x0aec  WebClient - ok
15:50:41.0086 0x0aec  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:50:41.0091 0x0aec  Wecsvc - ok
15:50:41.0094 0x0aec  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
15:50:41.0097 0x0aec  WEPHOSTSVC - ok
15:50:41.0105 0x0aec  [ A92AE9A042298E00BCC9BE877654DCA6, ACB2BE9F96CEF870043CFE69B98625779842518DB4F079F1E5C17E135A2EFAE3 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:50:41.0109 0x0aec  wercplsupport - ok
15:50:41.0126 0x0aec  [ EB3E11EC54371D840C9861EEFDAE1832, 568E3C63BE9A721001704967F57359A9243F50B620B77EC09BA4AB7F6AE324B0 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:50:41.0130 0x0aec  WerSvc - ok
15:50:41.0151 0x0aec  [ 4D64719B4819CA22A046EC32809BBD98, 0ABD6C7D039E57F5637E843388FA8D52072237061EB75C7CDEBC9E13A6C8F06E ] WFDSConMgrSvc   C:\Windows\System32\wfdsconmgrsvc.dll
15:50:41.0159 0x0aec  WFDSConMgrSvc - ok
15:50:41.0175 0x0aec  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
15:50:41.0177 0x0aec  WFPLWFS - ok
15:50:41.0189 0x0aec  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\Windows\System32\wiarpc.dll
15:50:41.0192 0x0aec  WiaRpc - ok
15:50:41.0195 0x0aec  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:50:41.0196 0x0aec  WIMMount - ok
15:50:41.0197 0x0aec  WinDefend - ok
15:50:41.0209 0x0aec  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
15:50:41.0210 0x0aec  WindowsTrustedRT - ok
15:50:41.0223 0x0aec  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
15:50:41.0224 0x0aec  WindowsTrustedRTProxy - ok
15:50:41.0262 0x0aec  [ F99F66FD660B1CD01EE410F6B4BB3C25, 4B6993791DF31DBB84722BD0BA01AF7952375D2E01F7B8D92AAB53C50AFB59A8 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
15:50:41.0274 0x0aec  WinHttpAutoProxySvc - ok
15:50:41.0285 0x0aec  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\Windows\System32\drivers\winmad.sys
15:50:41.0286 0x0aec  WinMad - ok
15:50:41.0338 0x0aec  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:50:41.0346 0x0aec  Winmgmt - ok
15:50:41.0374 0x0aec  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\Windows\system32\drivers\winnat.sys
15:50:41.0379 0x0aec  WinNat - ok
15:50:41.0465 0x0aec  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:50:41.0501 0x0aec  WinRM - ok
15:50:41.0514 0x0aec  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\Windows\System32\drivers\WinUsb.sys
15:50:41.0516 0x0aec  WINUSB - ok
15:50:41.0525 0x0aec  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
15:50:41.0526 0x0aec  WinVerbs - ok
15:50:41.0560 0x0aec  [ 2E15586B76465941D1DEE75625B9484E, 609E6BEAFF340A403F50A20D1609D3A8A2C990234064DD154A08C737DE3E0907 ] wisvc           C:\Windows\system32\flightsettings.dll
15:50:41.0572 0x0aec  wisvc - ok
15:50:41.0668 0x0aec  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\Windows\System32\wlansvc.dll
15:50:41.0700 0x0aec  WlanSvc - ok
15:50:41.0749 0x0aec  [ FFC5E4855C3EA1F3E65F0DC93A48D0EF, 82FADBDD8061764282FD31339B47B61CC0FB112ABE400C721535A66A39D0CD37 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
15:50:41.0775 0x0aec  wlidsvc - ok
15:50:41.0807 0x0aec  [ 24A624FC6DED20C3B7980BD71D6540D7, A1564B903E2B54106E6665B212E4F8E1A90B2B6CB966F5E965BA5602A801B7D3 ] wlpasvc         C:\Windows\System32\lpasvc.dll
15:50:41.0841 0x0aec  wlpasvc - ok
15:50:41.0844 0x0aec  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
15:50:41.0845 0x0aec  WmiAcpi - ok
15:50:41.0861 0x0aec  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:50:41.0863 0x0aec  wmiApSrv - ok
15:50:41.0873 0x0aec  WMPNetworkSvc - ok
15:50:41.0889 0x0aec  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\Windows\system32\drivers\Wof.sys
15:50:41.0891 0x0aec  Wof - ok
15:50:41.0963 0x0aec  [ 5D9A8A2BB555B743334A096C5B1774E2, 660136C1E8D6CA1F7BD1AE0EC4E28B65527BFE69339589A8E3017EFE2BBDC41C ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
15:50:41.0988 0x0aec  workfolderssvc - ok
15:50:42.0007 0x0aec  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:50:42.0011 0x0aec  WPDBusEnum - ok
15:50:42.0021 0x0aec  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
15:50:42.0022 0x0aec  WpdUpFltr - ok
15:50:42.0038 0x0aec  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\Windows\system32\WpnService.dll
15:50:42.0044 0x0aec  WpnService - ok
15:50:42.0056 0x0aec  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\Windows\System32\WpnUserService.dll
15:50:42.0061 0x0aec  WpnUserService - ok
15:50:42.0070 0x0aec  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:50:42.0071 0x0aec  ws2ifsl - ok
15:50:42.0083 0x0aec  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:50:42.0088 0x0aec  wscsvc - ok
15:50:42.0101 0x0aec  [ F6E37A2C168A58F0172DA50018959228, C97305641F63BC84F5207A739F442ACB0A5FD9262331BB61C4B00CF2C6D94121 ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
15:50:42.0102 0x0aec  WSDPrintDevice - ok
15:50:42.0108 0x0aec  [ F454BF3F0D3F19057B8612CA523D22D5, 869EC91E7D709C15ADF9D53C82A87F2D5220ED3CA44CEBF34F4D601E78DA0481 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
15:50:42.0109 0x0aec  WSDScan - ok
15:50:42.0111 0x0aec  WSearch - ok
15:50:42.0174 0x0aec  [ B5CE28EA62B4DB7884FE3295A444C086, 125B63841B31526612A538364EB022461151E23C6091B590F8D254D489996B4B ] wuauserv        C:\Windows\system32\wuaueng.dll
15:50:42.0204 0x0aec  wuauserv - ok
15:50:42.0214 0x0aec  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:50:42.0215 0x0aec  WudfPf - ok
15:50:42.0230 0x0aec  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
15:50:42.0232 0x0aec  WUDFRd - ok
15:50:42.0247 0x0aec  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:50:42.0251 0x0aec  wudfsvc - ok
15:50:42.0266 0x0aec  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
15:50:42.0273 0x0aec  WUDFWpdFs - ok
15:50:42.0283 0x0aec  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
15:50:42.0289 0x0aec  WUDFWpdMtp - ok
15:50:42.0344 0x0aec  [ 45F6E61F95C41A0D5800875866EDA2D1, 59BFB3AFB029F245A6B4D3768EC9698A4038368B4B274CDA30E7F374A6128484 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:50:42.0362 0x0aec  WwanSvc - ok
15:50:42.0377 0x0aec  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\Windows\System32\xbgmsvc.dll
15:50:42.0382 0x0aec  xbgm - ok
15:50:42.0445 0x0aec  [ 7FE60B52DD841ED374285B7ED9210222, 0F7743A5A9289E47EE07477313083CE07B46F1C9C5CF83130303A7BAB2F3842B ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
15:50:42.0468 0x0aec  XblAuthManager - ok
15:50:42.0500 0x0aec  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\Windows\System32\XblGameSave.dll
15:50:42.0516 0x0aec  XblGameSave - ok
15:50:42.0545 0x0aec  [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
15:50:42.0548 0x0aec  xboxgip - ok
15:50:42.0561 0x0aec  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\Windows\System32\XboxGipSvc.dll
15:50:42.0569 0x0aec  XboxGipSvc - ok
15:50:42.0645 0x0aec  [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
15:50:42.0667 0x0aec  XboxNetApiSvc - ok
15:50:42.0690 0x0aec  [ 17609D812BFEE28B7F532AB4622FE2D8, 06CC8CB5AC9F05DC85B9E14153C908E193D9ABF1032E51DDD50665DB068B68E4 ] xhunter1        C:\Windows\xhunter1.sys
15:50:42.0690 0x0aec  xhunter1 - ok
15:50:42.0700 0x0aec  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
15:50:42.0702 0x0aec  xinputhid - ok
15:50:42.0760 0x0aec  [ 839AE4CB415AE348604C68F324B8C2E0, DAA68A2335CA2C7198698CF40692E8CB45E9C00D09ED2CEAF479AE7F4E037EE8 ] xusb22          C:\Windows\System32\drivers\xusb22.sys
15:50:42.0762 0x0aec  xusb22 - ok
15:50:42.0763 0x0aec  ================ Scan global ===============================
15:50:42.0787 0x0aec  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\Windows\system32\basesrv.dll
15:50:42.0820 0x0aec  [ 0F873CD0851C8FCD195DAD6D560E9F1F, AE19561187908D2BD6B97B0F94920837CC1F2F6158F6F3AD81DDFDF2648724D1 ] C:\Windows\system32\winsrv.dll
15:50:42.0844 0x0aec  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\Windows\system32\sxssrv.dll
15:50:42.0884 0x0aec  [ C81F9707DEA008EED4071B5A39B7C76E, 47FFEF27A479ED6B325B22296B6853D7E57B53E8E712824F3881E510D5C93667 ] C:\Windows\system32\services.exe
15:50:42.0893 0x0aec  [ Global ] - ok
15:50:42.0893 0x0aec  ================ Scan MBR ==================================
15:50:42.0895 0x0aec  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:50:42.0901 0x0aec  \Device\Harddisk0\DR0 - ok
15:50:42.0929 0x0aec  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
15:50:42.0941 0x0aec  \Device\Harddisk1\DR1 - ok
15:50:42.0941 0x0aec  ================ Scan VBR ==================================
15:50:42.0942 0x0aec  [ 3FE41333CBF90D69757009D835ACFEEF ] \Device\Harddisk0\DR0\Partition1
15:50:42.0943 0x0aec  \Device\Harddisk0\DR0\Partition1 - ok
15:50:42.0945 0x0aec  [ EC497298802F66D22D05F05D8F1701D6 ] \Device\Harddisk1\DR1\Partition1
15:50:42.0946 0x0aec  \Device\Harddisk1\DR1\Partition1 - ok
15:50:42.0958 0x0aec  [ C2777E4D40DB91905306556C7C1DCCA6 ] \Device\Harddisk1\DR1\Partition2
15:50:42.0958 0x0aec  \Device\Harddisk1\DR1\Partition2 - ok
15:50:42.0962 0x0aec  [ CA4DF373FB899C9EC296312FA0DFF662 ] \Device\Harddisk1\DR1\Partition3
15:50:42.0963 0x0aec  \Device\Harddisk1\DR1\Partition3 - ok
15:50:42.0968 0x0aec  [ F0FE15718E20D3B6FDA502E253DB68B9 ] \Device\Harddisk1\DR1\Partition4
15:50:42.0969 0x0aec  \Device\Harddisk1\DR1\Partition4 - ok
15:50:42.0989 0x0aec  [ 93D7DF1402D6961FDA24453E1590C10D ] \Device\Harddisk1\DR1\Partition5
15:50:42.0990 0x0aec  \Device\Harddisk1\DR1\Partition5 - ok
15:50:42.0992 0x0aec  ================ Scan generic autorun ======================
15:50:43.0010 0x0aec  SecurityHealth - ok
15:50:43.0019 0x0aec  [ ECB702B8C5650381C0784F1EEABB97BC, 9CC4DDAD2E9AE05A8C5762BA88A13C2B1EE4E25AE98EF01DD041FE35D611DA87 ] C:\Windows\system32\rundll32.exe
15:50:43.0023 0x0aec  ShadowPlay - ok
15:50:43.0072 0x0aec  [ C0F72AF517E27CFE23D4E37EC7FF7E9E, 2CF4F78EC4BE99258BC91F5D94A9AF261F0DBDFD55D0100DCA2CA88813AAD4B4 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
15:50:43.0074 0x0aec  ControlCenter4 - ok
15:50:43.0176 0x0aec  [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
15:50:43.0223 0x0aec  BrStsMon00 - ok
15:50:43.0636 0x0aec  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:50:44.0001 0x0aec  OneDriveSetup - ok
15:50:44.0394 0x0aec  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:50:44.0609 0x0aec  OneDriveSetup - ok
15:50:44.0726 0x0aec  [ EE2826CAAF139688445D93C7C6613EE3, A343D94D748F8A2C06EA45566ECCCE1FCDC7660E0A2DBFF92E9741904FE0D559 ] C:\Users\jdhel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
15:50:44.0745 0x0aec  OneDrive - ok
15:50:44.0839 0x0aec  [ B26C8C57AE7FF40BAB458C5BE1C0FC66, 91CA61F019CCDAAF201A2B2A8113228DC1453C28E611C043DD13F22742C94FE5 ] C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
15:50:44.0855 0x0aec  Overwolf - ok
15:50:44.0968 0x0aec  [ 8E2651C8B953CE3DEDDFBF6034864A66, FC371CFA34D482B9ACBBE678D84BF982D777C00ECFEE20A54BD6C1EDBE4311EC ] F:\Steam\steam.exe
15:50:45.0000 0x0aec  Steam - ok
15:50:45.0170 0x0aec  [ 5F7BB68AC917C4808B98C09996FD35AD, 456FFE335294983B2EC139BAB8B510182A0AD2850849139C294AC07E64D08824 ] F:\GOG Galaxy\GalaxyClient.exe
15:50:45.0229 0x0aec  GalaxyClient - ok
15:50:45.0333 0x0aec  [ BDA7F960F5C9BF40AADFC21DD3BFBF1C, 711A522BAB07CA377A551FB9A4D1F080CD10D04F6FB0C79CA3B00CF469ED4B62 ] F:\Origin\Origin.exe
15:50:45.0366 0x0aec  EADM - ok
15:50:45.0411 0x0aec  [ A8D7FFA043EE38DA0CB696723549F15A, 424F5C8A0E8E1434F4E1D217C695162F7A22BB5FB6685F8A79130207E0198320 ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
15:50:45.0414 0x0aec  BlueStacks Agent - ok
15:50:45.0529 0x0aec  [ 7F3D0BC2FE61C249302E0515989C59E2, 18613B1D861D7289EF050EE1C0384FCF70F40FDF7E3CB586D36B5D19A7591F8F ] C:\Users\jdhel\AppData\Local\Akamai\netsession_win.exe
15:50:45.0608 0x0aec  Akamai NetSession Interface - ok
15:50:46.0045 0x0aec  [ C60118EE0B605CD3EF7AD29C02D9CB8E, 7F7F96F8EBC5C762702A8C086246EC245965AFC39042ACEFDF6DB29DF0978D99 ] C:\Users\jdhel\AppData\Roaming\Spotify\Spotify.exe
15:50:46.0264 0x0aec  Spotify - ok
15:50:46.0305 0x0aec  [ 03498C0BA3B6153C3A431B1A003B90C3, 6F45FBFFB8E6BF85263F7661520E18A104D22E17A5B9AE73B12111AEED7B711E ] C:\Users\jdhel\AppData\Roaming\Spotify\SpotifyWebHelper.exe
15:50:46.0313 0x0aec  Spotify Web Helper - ok
15:50:46.0396 0x0aec  [ 94912C1D73ADE68F2486ED4D8EA82DE6, 9F7EBB79DEF0BF8CCCB5A902DB11746375AF3FE618355FE5A69C69E4BCD50AC9 ] C:\Windows\system32\cmd.exe
15:50:46.0408 0x0aec  Uninstall 17.3.6966.0824\amd64 - ok
15:50:46.0443 0x0aec  [ 94912C1D73ADE68F2486ED4D8EA82DE6, 9F7EBB79DEF0BF8CCCB5A902DB11746375AF3FE618355FE5A69C69E4BCD50AC9 ] C:\Windows\system32\cmd.exe
15:50:46.0453 0x0aec  Uninstall 17.3.6966.0824 - ok
15:50:46.0454 0x0aec  Waiting for KSN requests completion. In queue: 272
15:50:47.0477 0x0aec  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
15:50:47.0485 0x0aec  Win FW state via NFP2: enabled ( trusted )
15:50:47.0573 0x0aec  ============================================================
15:50:47.0573 0x0aec  Scan finished
15:50:47.0573 0x0aec  ============================================================
15:50:47.0593 0x0898  Detected object count: 0
15:50:47.0593 0x0898  Actual detected object count: 0
15:51:08.0360 0x14f4  Deinitialize success

M-K-D-B · 21.09.2017, 15:13

Servus,

bitte genau lesen... inbesondere bei Schritt 1...

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Image File Execution Options Schlüssel
- Tracing Schlüssel
- Prefetch Dateien
- Proxy
- Winsock
- Firewall
- IE Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die zwei neuen Logdateien von FRST.

Maliko · 21.09.2017, 15:52

AdwCleaner

Code:

ATTFilter

# AdwCleaner 7.0.2.1 - Logfile created on Thu Sep 21 14:19:48 2017
# Updated on 2017/29/08 by Malwarebytes 
# Database: 09-20-2017.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [2686 B] - [2017/8/2 17:29:42]
C:/AdwCleaner/AdwCleaner[C1].txt - [2412 B] - [2017/9/20 14:5:49]
C:/AdwCleaner/AdwCleaner[C2].txt - [1466 B] - [2017/9/21 7:41:59]
C:/AdwCleaner/AdwCleaner[S0].txt - [2512 B] - [2017/8/2 17:28:53]
C:/AdwCleaner/AdwCleaner[S1].txt - [1746 B] - [2017/9/20 14:5:27]
C:/AdwCleaner/AdwCleaner[S2].txt - [1463 B] - [2017/9/21 7:39:58]
C:/AdwCleaner/AdwCleaner[S3].txt - [1346 B] - [2017/9/21 8:26:58]


########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt ##########

MBAM

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 21.09.17
Scan-Zeit: 16:38
Protokolldatei: 84e7a78e-9eda-11e7-b0c3-74d43585973c.json
Administrator: Ja

-Softwaredaten-
Version: 3.2.2.2029
Komponentenversion: 1.0.188
Version des Aktualisierungspakets: 1.0.2855
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.608)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-3KI17HI\jdhel

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 399006
Erkannte Bedrohungen: 6
In die Quarantäne verschobene Bedrohungen: 6
Abgelaufene Zeit: 5 Min., 35 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 6
PUP.Optional.MindSpark, C:\USERS\JDHEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_easypdfcombine.dl.myway.com_0.localstorage, In Quarantäne, [259], [240305],1.0.2855
PUP.Optional.MindSpark, C:\USERS\JDHEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_easypdfcombine.dl.myway.com_0.localstorage-journal, In Quarantäne, [259], [240305],1.0.2855
PUP.Optional.MindSpark, C:\USERS\JDHEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_easypdfcombine.dl.tb.ask.com_0.localstorage, In Quarantäne, [259], [240306],1.0.2855
PUP.Optional.MindSpark, C:\USERS\JDHEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_easypdfcombine.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [259], [240306],1.0.2855
PUP.Optional.NewTabTV, C:\USERS\JDHEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_de.newtabtv.com_0.localstorage, In Quarantäne, [2414], [359416],1.0.2855
PUP.Optional.NewTabTV, C:\USERS\JDHEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_de.newtabtv.com_0.localstorage-journal, In Quarantäne, [2414], [359416],1.0.2855

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2017
durchgeführt von jdhel (Administrator) auf DESKTOP-3KI17HI (21-09-2017 16:50:41)
Gestartet von C:\Users\jdhel\Desktop\Reinigung
Geladene Profile: jdhel (Verfügbare Profile: jdhel)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) D:\VMware Player\vmware-authd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Valve Corporation) F:\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Electronic Arts) F:\Origin\Origin.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Akamai Technologies, Inc.) C:\Users\jdhel\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\jdhel\AppData\Roaming\Spotify\Spotify.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Spotify Ltd) C:\Users\jdhel\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\jdhel\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Spotify Ltd) C:\Users\jdhel\AppData\Roaming\Spotify\Spotify.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(GOG.com) F:\GOG Galaxy\GalaxyClient.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.107.36.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.107.36.0\OverwolfBrowser.exe
(Spotify Ltd) C:\Users\jdhel\AppData\Roaming\Spotify\Spotify.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.107.36.0\OverwolfHelper64.exe
(GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Spotify Ltd) C:\Users\jdhel\AppData\Roaming\Spotify\Spotify.exe
(AVAST Software) C:\Users\jdhel\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.107.36.0\OverwolfBrowser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(GOG.com) F:\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) F:\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG.com) F:\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) F:\GOG Galaxy\GalaxyClient Helper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
() F:\Origin\QtWebEngineProcess.exe
() F:\Origin\QtWebEngineProcess.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1052488 2017-09-10] ()
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [Steam] => F:\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [GalaxyClient] => F:\GOG Galaxy\GalaxyClient.exe [5161536 2017-09-18] (GOG.com)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [EADM] => F:\Origin\Origin.exe [3098944 2017-09-12] (Electronic Arts)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [160824 2017-07-10] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [Akamai NetSession Interface] => C:\Users\jdhel\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [Spotify] => C:\Users\jdhel\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-19] (Spotify Ltd)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Run: [Spotify Web Helper] => C:\Users\jdhel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-19] (Spotify Ltd)
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\MountPoints2: {3d897df4-8967-11e7-a390-74d43585973c} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\MountPoints2: {f2b9ab42-6e49-11e7-a382-74d43585973c} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\MountPoints2: {f2b9ab83-6e49-11e7-a382-74d43585973c} - "G:\HiSuiteDownLoader.exe" 
Startup: C:\Users\jdhel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-07-30]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\jdhel\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{147a30da-ca3c-4552-a96c-40f557afb5b8}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2980919159-2059370-3087206838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10341__170730__yaie
SearchScopes: HKU\S-1-5-21-2980919159-2059370-3087206838-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10341__170730__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-19] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-19] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-19] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-2980919159-2059370-3087206838-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-07-30] ()

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.initialpage123.com/?z=a154a92eb90c58c41835252g6z5t0q9e3tdmfz8z6c&from=cmefy&uid=ST3500418AS_9VMNJKQMXXXX9VMNJKQM&type=hp","hxxps://encrypted.google.com"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSuggestURL: Default -> hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default [2017-09-21]
CHR Extension: (Google Präsentationen) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-30]
CHR Extension: (BetterTTV) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-05-30]
CHR Extension: (From Dust) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2017-05-30]
CHR Extension: (Google Docs) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-30]
CHR Extension: (Google Drive) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-30]
CHR Extension: (Web Developer) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-08-02]
CHR Extension: (YouTube) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-30]
CHR Extension: (Tampermonkey) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-05-30]
CHR Extension: (Xdebug helper) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eadndfjplgieldjbigjakmdgkmoaaaoc [2017-05-30]
CHR Extension: (FrankerFaceZ) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2017-05-30]
CHR Extension: (ZenMate VPN - Top Internet Security & Unblock) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-08-02]
CHR Extension: (Google Tabellen) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-30]
CHR Extension: (Stylish- Benutzerdef. Motive f. jede Webseite) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-08-18]
CHR Extension: (EditThisCookie) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-08-25]
CHR Extension: (Google Docs Offline) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-30]
CHR Extension: (AdBlock) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-12]
CHR Extension: (Looper for YouTube) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2017-08-16]
CHR Extension: (Command & Conquer Tiberium Alliances) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe [2017-05-30]
CHR Extension: (Xdebug) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhodjblplijafdpjjfhhanfmchplpfgl [2017-05-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Google Mail) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-30]
CHR Extension: (Chrome Media Router) - C:\Users\jdhel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-11]
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [401456 2017-03-19] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-07-10] (BlueStack Systems, Inc.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2017-05-30] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
S3 GalaxyClientService; F:\GOG Galaxy\GalaxyClientService.exe [532544 2017-09-18] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-08-25] (GOG.com)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365040 2017-03-17] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-30] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S3 Origin Client Service; F:\Origin\OriginClientService.exe [2120032 2017-09-12] (Electronic Arts)
S2 Origin Web Helper Service; F:\Origin\OriginWebHelperService.exe [3000160 2017-09-12] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1450824 2017-09-10] (Overwolf LTD)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-07-26] (TeamViewer GmbH)
R2 VMAuthdService; D:\VMware Player\vmware-authd.exe [99816 2017-06-19] (VMware, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-21] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [101824 2017-09-21] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-21] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-21] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [94144 2017-09-21] (Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7209bde3180ef5f7\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-06-21] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R2 vmparport; C:\Windows\system32\DRIVERS\vmparport.sys [49216 2017-06-19] (VMware, Inc.)
R0 vsock; C:\Windows\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [38368 2017-06-25] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-21 16:46 - 2017-09-21 16:46 - 000000000 ___HD C:\OneDriveTemp
2017-09-21 16:37 - 2017-09-21 16:45 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-21 16:37 - 2017-09-21 16:45 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-21 16:37 - 2017-09-21 16:45 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-21 16:37 - 2017-09-21 16:45 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-21 16:37 - 2017-09-21 16:37 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-21 16:37 - 2017-09-21 16:37 - 000001918 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-21 16:37 - 2017-09-21 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-21 16:37 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-21 16:36 - 2017-09-21 16:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-21 16:36 - 2017-09-21 16:36 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-21 15:49 - 2017-09-21 15:51 - 000281352 _____ C:\TDSSKiller.3.1.0.15_21.09.2017_15.49.39_log.txt
2017-09-21 15:24 - 2017-09-21 16:50 - 000000000 ____D C:\FRST
2017-09-21 15:23 - 2017-09-21 16:49 - 000000000 ____D C:\Users\jdhel\Desktop\Reinigung
2017-09-21 09:38 - 2017-09-21 09:38 - 000004410 _____ C:\Windows\System32\Tasks\avast! BCU UpdateS-1-5-21-2980919159-2059370-3087206838-1001
2017-09-21 09:38 - 2017-09-21 09:38 - 000003516 _____ C:\Windows\System32\Tasks\avastBCLS-1-5-21-2980919159-2059370-3087206838-1001
2017-09-21 09:38 - 2017-09-21 09:38 - 000001158 _____ C:\Users\jdhel\Desktop\Avast Browser Cleanup.lnk
2017-09-21 09:38 - 2017-09-21 09:38 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Browser Cleanup
2017-09-21 09:38 - 2017-09-21 09:38 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\AVAST Software
2017-09-20 16:04 - 2017-09-20 16:04 - 009826968 _____ (Piriform Ltd) C:\Users\jdhel\Desktop\ccsetup534.exe
2017-09-20 15:43 - 2017-09-20 15:43 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Hex-Rays
2017-09-20 14:06 - 2017-09-20 14:06 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Eipix
2017-09-20 12:34 - 2017-09-20 12:34 - 000002240 _____ C:\Users\Public\Desktop\Spiel Myths of the World - Schwarze Rose.lnk
2017-09-20 12:33 - 2017-09-20 12:34 - 000000000 ____D C:\Program Files (x86)\Myths of the World - Schwarze Rose
2017-09-20 12:33 - 2017-09-20 12:33 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Myths of the World - Schwarze Rose
2017-09-20 12:33 - 2017-09-20 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Myths of the World - Schwarze Rose
2017-09-20 12:23 - 2017-09-20 16:02 - 000000000 ____D C:\ProgramData\TEMP
2017-09-20 12:23 - 2017-09-20 12:23 - 000001998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2017-09-20 12:23 - 2017-09-20 12:23 - 000001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weitere fantastische Spiele.lnk
2017-09-20 12:23 - 2017-09-20 12:23 - 000001030 _____ C:\Users\Public\Desktop\Spiele.lnk
2017-09-20 12:23 - 2017-09-20 12:23 - 000000000 ____D C:\ProgramData\Big Fish
2017-09-20 12:23 - 2017-09-20 12:23 - 000000000 ____D C:\Program Files (x86)\bfgclient
2017-09-20 12:21 - 2017-09-20 14:05 - 000000000 ____D C:\BigFishCache
2017-09-20 12:21 - 2017-09-20 12:23 - 000000000 ____D C:\Users\jdhel\AppData\Local\Big Fish
2017-09-20 11:53 - 2017-09-20 11:53 - 000001569 _____ C:\Users\jdhel\Desktop\Vermillion.lnk
2017-09-20 11:51 - 2017-09-20 11:51 - 000001565 _____ C:\Users\jdhel\Desktop\Maskerade.lnk
2017-09-19 22:36 - 2017-09-19 22:37 - 000000000 ____D C:\Users\jdhel\Desktop\WinSCP-5.11.1-Portable
2017-09-19 21:19 - 2017-09-19 21:19 - 000000000 ____D C:\Users\jdhel\AppData\Local\Echo
2017-09-19 20:50 - 2017-09-20 22:40 - 000000000 ____D C:\Users\jdhel\Downloads\GrabIt Downloads
2017-09-19 10:37 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-09-19 10:37 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-09-19 10:37 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-19 10:37 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-09-19 10:37 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-09-19 10:37 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-09-19 10:37 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-09-19 10:37 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-19 10:37 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-09-19 10:37 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialUIBroker.exe
2017-09-19 10:37 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-09-19 10:37 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-19 10:37 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-19 10:37 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-09-19 10:37 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-09-19 10:37 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-09-19 10:37 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-09-19 10:37 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-19 10:37 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-09-19 10:37 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-09-19 10:37 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-09-19 10:37 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-09-19 10:37 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2017-09-19 10:37 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-09-19 10:37 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-19 10:37 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-09-19 10:37 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-09-19 10:37 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-09-19 10:37 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-09-19 10:37 - 2017-09-05 06:14 - 004544000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsDesktopEngine.exe
2017-09-19 10:37 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2017-09-19 10:37 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-09-19 10:37 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-09-19 10:37 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-09-19 10:37 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-09-19 10:37 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-09-19 10:37 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-09-19 10:37 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-09-19 10:37 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-09-19 10:37 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-09-19 10:37 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-19 10:37 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-09-19 10:37 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RstrtMgr.dll
2017-09-19 10:37 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2017-09-19 10:36 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-09-19 10:36 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-09-19 10:36 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-09-19 10:36 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-09-19 10:36 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-09-19 10:36 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-09-19 10:36 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-09-19 10:36 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-09-19 10:36 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-09-19 10:36 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2017-09-19 10:36 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-09-19 10:36 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2017-09-19 10:36 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2017-09-19 10:36 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-19 10:36 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2017-09-19 10:36 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2017-09-19 10:36 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-19 10:36 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-09-19 10:36 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-09-19 10:36 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-09-19 10:36 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2017-09-19 10:36 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2017-09-19 10:36 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2017-09-19 10:36 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2017-09-19 10:36 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-19 10:36 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2017-09-19 10:36 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2017-09-19 10:36 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2017-09-19 10:36 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-09-19 10:36 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmCx.sys
2017-09-19 10:36 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2017-09-19 10:36 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2017-09-19 10:36 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-19 10:36 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-09-19 10:36 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2017-09-19 10:36 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2017-09-19 10:36 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2017-09-19 10:36 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\ngcrecovery.dll
2017-09-19 10:36 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-19 10:36 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-09-19 10:36 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-09-19 10:36 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-19 10:36 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\Phoneutil.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-19 10:36 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-19 10:36 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-09-19 10:36 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-09-19 10:36 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-19 10:36 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-19 10:36 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2017-09-19 10:36 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2017-09-19 10:36 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-09-19 10:36 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2017-09-19 10:36 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2017-09-19 10:36 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2017-09-19 10:36 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2017-09-19 10:36 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-09-19 10:36 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-09-19 10:36 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Phoneutil.dll
2017-09-19 10:36 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-19 10:36 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-19 10:36 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-09-19 10:36 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-19 10:36 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-09-19 10:36 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-09-19 10:36 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-09-19 10:36 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-19 10:36 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-19 10:36 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-19 10:36 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-09-19 10:36 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\BthHFSrv.dll
2017-09-19 10:36 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2017-09-19 10:35 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-09-19 10:35 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-09-19 10:35 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2017-09-19 10:35 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-09-19 10:35 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-19 10:35 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-19 10:35 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-19 10:35 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-19 10:35 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-09-19 10:35 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2017-09-19 10:35 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-09-19 10:35 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-09-19 10:35 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-09-19 10:35 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-09-19 10:35 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-09-19 10:35 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-09-19 10:35 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-09-19 10:35 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-19 10:35 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-09-19 10:35 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2017-09-19 10:35 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-09-19 10:35 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-19 10:35 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2017-09-19 10:35 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2017-09-19 10:35 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-19 10:35 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-19 10:35 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-09-19 10:35 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-09-19 10:35 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2017-09-19 10:35 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-19 10:35 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-09-19 10:35 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-09-19 10:35 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2017-09-19 10:35 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-09-19 10:35 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-09-19 10:35 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-09-19 10:35 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-19 10:35 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-09-19 10:35 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-09-19 10:35 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2017-09-19 10:35 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2017-09-19 10:35 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2017-09-19 10:35 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2017-09-19 10:35 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\winsrvext.dll
2017-09-19 10:35 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2017-09-19 10:35 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrPS.dll
2017-09-19 10:35 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-09-19 10:35 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-09-19 10:35 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-09-19 10:35 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-09-19 10:35 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\datamarketsvc.dll
2017-09-19 10:35 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-09-19 10:35 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2017-09-19 10:35 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-19 10:35 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-19 10:35 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-09-19 10:35 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-19 10:35 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-19 10:35 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2017-09-19 10:35 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2017-09-19 10:35 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-19 10:35 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-09-19 10:35 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2017-09-19 10:35 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-19 10:35 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-19 10:35 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-19 10:35 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2017-09-19 10:35 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2017-09-19 10:35 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-09-19 10:35 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-09-19 10:35 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-09-19 10:35 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2017-09-19 10:35 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-09-19 10:35 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2017-09-19 10:35 - 2017-09-05 06:19 - 005776384 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsDesktopEngine.exe
2017-09-19 10:35 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-19 10:35 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2017-09-19 10:35 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-19 10:35 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2017-09-19 10:35 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2017-09-19 10:35 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-09-19 10:35 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-19 10:35 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-09-19 10:35 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-09-19 10:35 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2017-09-19 10:35 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-09-19 10:35 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-09-19 10:35 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-19 10:35 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-09-19 10:35 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-09-19 10:35 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-19 10:35 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-19 10:35 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-09-19 10:35 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\RstrtMgr.dll
2017-09-19 10:35 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-09-19 10:35 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2017-09-19 10:35 - 2017-09-01 07:55 - 000031932 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2017-09-19 10:34 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-09-19 10:34 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-09-19 10:34 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2017-09-19 10:34 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2017-09-19 10:34 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2017-09-19 10:34 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2017-09-19 10:34 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2017-09-19 10:34 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-09-19 10:34 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-09-19 10:34 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2017-09-19 10:34 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-09-19 10:34 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\Windows\system32\SyncAppvPublishingServer.exe
2017-09-19 10:34 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2017-09-19 10:34 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2017-09-19 10:34 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe
2017-09-19 10:34 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamingUX.dll
2017-09-19 10:34 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-09-19 10:34 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-09-19 10:34 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-19 10:34 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\CfgSPCellular.dll
2017-09-19 10:34 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAPNCsp.dll
2017-09-19 10:34 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-09-19 10:34 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2017-09-19 10:34 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\csplte.dll
2017-09-19 10:34 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2017-09-19 10:34 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2017-09-19 10:34 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-09-19 10:34 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-09-19 10:34 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-19 10:34 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2017-09-19 10:34 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2017-09-19 10:34 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll
2017-09-19 10:34 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2017-09-19 10:34 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2017-09-19 10:34 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-09-19 10:34 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-09-19 10:34 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2017-09-19 10:34 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-09-19 10:34 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2017-09-19 10:34 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2017-09-19 10:34 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2017-09-19 10:34 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2017-09-19 10:34 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-09-19 10:34 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-09-19 10:34 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-09-19 10:34 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2017-09-19 10:34 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-09-19 10:34 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-19 10:34 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2017-09-19 10:34 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2017-09-19 10:34 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2017-09-19 10:34 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2017-09-19 10:34 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2017-09-19 10:34 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-19 10:34 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-09-19 10:34 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-09-19 10:34 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-19 10:34 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2017-09-18 17:05 - 2017-09-18 17:05 - 000000992 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2017-09-18 17:05 - 2017-09-18 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2017-09-18 17:05 - 2017-09-18 17:05 - 000000000 ____D C:\Program Files\Guild Wars 2
2017-09-18 17:04 - 2017-09-18 17:05 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Guild Wars 2
2017-09-18 14:46 - 2017-09-18 14:48 - 000000000 ____D C:\Users\jdhel\Desktop\Ausgaben
2017-09-18 14:46 - 2017-09-18 14:46 - 000047616 _____ C:\Users\jdhel\Desktop\2017-Arbeitsplan.xls
2017-09-18 14:44 - 2017-09-18 14:44 - 000008391 _____ C:\Users\jdhel\Desktop\blubb.sql
2017-09-18 14:35 - 2017-09-18 14:35 - 007897776 _____ (Tim Kosse) C:\Users\jdhel\Downloads\FileZilla_3.27.1_win64-setup.exe
2017-09-15 13:27 - 2017-09-15 13:27 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\Grafiken
2017-09-13 19:42 - 2017-09-13 19:42 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Microsoft Corporation
2017-08-25 12:44 - 2017-09-21 15:41 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\Facepalm Games
2017-08-24 22:34 - 2017-09-20 22:38 - 000000600 _____ C:\Users\jdhel\AppData\Roaming\winscp.rnd
2017-08-23 22:41 - 2017-08-23 22:41 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\Network Monitor 3
2017-08-23 22:40 - 2017-08-23 22:40 - 000001091 _____ C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
2017-08-23 22:40 - 2017-08-23 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Network Monitor 3.4
2017-08-23 22:40 - 2017-08-23 22:40 - 000000000 ____D C:\Program Files\Microsoft Network Monitor 3
2017-08-23 20:41 - 2017-08-23 20:41 - 000000000 ____D C:\Users\jdhel\AppData\LocalLow\Alawar
2017-08-23 20:28 - 2017-08-23 20:28 - 000000000 ____D C:\Users\jdhel\Desktop\ClamWinPortable
2017-08-23 10:35 - 2017-08-23 10:35 - 000000000 ____D C:\Users\jdhel\AppData\LocalLow\League of Geeks

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-21 16:51 - 2017-05-30 13:03 - 002995294 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-21 16:51 - 2017-03-20 06:41 - 001381670 _____ C:\Windows\system32\perfh007.dat
2017-09-21 16:51 - 2017-03-20 06:41 - 000340538 _____ C:\Windows\system32\perfc007.dat
2017-09-21 16:49 - 2017-05-30 14:16 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Origin
2017-09-21 16:49 - 2017-05-30 13:56 - 000000000 ____D C:\Users\jdhel\AppData\Local\CrashDumps
2017-09-21 16:49 - 2017-05-30 13:37 - 000000000 ____D C:\ProgramData\Origin
2017-09-21 16:48 - 2017-08-15 14:19 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Spotify
2017-09-21 16:47 - 2017-08-15 14:19 - 000000000 ____D C:\Users\jdhel\AppData\Local\Spotify
2017-09-21 16:47 - 2017-05-30 13:21 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-21 16:47 - 2017-05-30 13:15 - 000000000 ____D C:\Users\jdhel\AppData\Local\Overwolf
2017-09-21 16:46 - 2017-05-30 13:06 - 000000000 ___RD C:\Users\jdhel\OneDrive
2017-09-21 16:45 - 2017-07-23 22:39 - 000000000 ____D C:\ProgramData\VMware
2017-09-21 16:45 - 2017-05-31 11:36 - 000000000 __SHD C:\Users\jdhel\IntelGraphicsProfiles
2017-09-21 16:45 - 2017-05-30 13:07 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-21 16:45 - 2017-05-30 12:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-21 16:44 - 2017-03-18 13:40 - 001048576 _____ C:\Windows\system32\config\BBI
2017-09-21 16:29 - 2017-05-30 12:53 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-09-21 16:27 - 2017-05-30 15:05 - 000544424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-09-21 16:21 - 2017-05-30 13:03 - 000000000 ____D C:\Users\jdhel\AppData\Local\Packages
2017-09-21 16:20 - 2017-08-02 19:28 - 000000000 ____D C:\AdwCleaner
2017-09-21 16:20 - 2017-05-30 13:33 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-09-21 15:42 - 2017-06-14 15:34 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\My Games
2017-09-21 15:41 - 2017-06-15 23:29 - 000000000 ____D C:\Users\jdhel\AppData\LocalLow\DoMyBest
2017-09-21 15:33 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-21 15:33 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\AppReadiness
2017-09-21 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\rescache
2017-09-21 10:06 - 2017-07-27 08:17 - 000003372 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2980919159-2059370-3087206838-1001
2017-09-21 10:06 - 2017-05-30 13:06 - 000002385 _____ C:\Users\jdhel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-21 09:22 - 2017-03-18 23:01 - 000000000 ____D C:\Windows\INF
2017-09-20 15:40 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-09-20 12:33 - 2017-07-22 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-09-20 11:34 - 2017-06-15 11:53 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2017-09-20 10:04 - 2017-06-16 09:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-19 23:48 - 2017-05-30 13:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-19 23:18 - 2017-05-30 12:53 - 000393592 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-19 23:16 - 2017-03-20 06:41 - 000000000 ____D C:\Windows\system32\de
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ___SD C:\Windows\system32\F12
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\SysWOW64\setup
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\setup
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\ShellExperiences
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-19 23:16 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-19 23:14 - 2017-05-30 13:01 - 000000000 ____D C:\Users\jdhel
2017-09-19 21:16 - 2017-08-03 13:46 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\GrabIt
2017-09-19 10:43 - 2017-05-30 15:11 - 000000000 ____D C:\Windows\system32\MRT
2017-09-19 10:41 - 2017-05-30 15:11 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-19 10:41 - 2017-03-18 22:51 - 000000000 ____D C:\Windows\CbsTemp
2017-09-19 10:17 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-19 10:06 - 2017-05-30 13:16 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-09-18 16:45 - 2017-07-30 21:04 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\FileZilla
2017-09-18 15:09 - 2017-05-30 13:08 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-18 15:09 - 2017-05-30 13:08 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-18 13:38 - 2017-06-18 20:16 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\Might & Magic Heroes VI
2017-09-18 11:03 - 2017-06-18 20:16 - 000000000 ____D C:\Users\jdhel\AppData\Local\Ubisoft Game Launcher
2017-09-14 22:22 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\LiveKernelReports
2017-09-13 19:42 - 2017-05-30 20:02 - 000000000 ____D C:\Users\jdhel\AppData\Local\Xamarin
2017-09-13 19:42 - 2017-05-30 19:59 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\Visual Studio 2017
2017-09-08 08:48 - 2017-07-29 15:12 - 000000000 ____D C:\Users\jdhel\OneDrive\Dokumente\The Surge
2017-09-08 08:44 - 2017-07-22 19:39 - 000001188 _____ C:\Users\jdhel\Desktop\Neues Textdokument.txt
2017-09-08 08:41 - 2017-08-11 15:53 - 000001028 _____ C:\Users\jdhel\Desktop\Andersdenker.txt
2017-09-05 22:34 - 2017-05-30 20:03 - 000000000 ____D C:\Users\jdhel\AppData\Local\Deployment
2017-09-05 22:33 - 2017-07-23 22:40 - 000000000 ____D C:\Users\jdhel\AppData\Local\VMware
2017-09-05 22:32 - 2017-07-23 22:40 - 000000000 ____D C:\Users\jdhel\AppData\Roaming\VMware
2017-09-04 19:34 - 2017-07-21 23:28 - 000000000 ____D C:\Users\jdhel\AppData\Local\Hisuite
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-06-29 14:39 - 2017-06-29 21:34 - 000000113 _____ () C:\Users\jdhel\AppData\Roaming\D2Info0
2017-06-29 14:39 - 2017-06-29 21:39 - 000000008 _____ () C:\Users\jdhel\AppData\Roaming\DofusAppId0_1
2017-06-29 14:44 - 2017-06-29 16:35 - 000000008 _____ () C:\Users\jdhel\AppData\Roaming\DofusAppId0_2
2017-06-29 18:00 - 2017-06-29 20:01 - 000000008 _____ () C:\Users\jdhel\AppData\Roaming\DofusAppId0_3
2017-08-24 22:34 - 2017-09-20 22:38 - 000000600 _____ () C:\Users\jdhel\AppData\Roaming\winscp.rnd
2017-07-30 20:21 - 2017-07-30 20:21 - 000000894 _____ () C:\Users\jdhel\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
2017-06-24 23:01 - 2017-06-24 23:01 - 000000180 _____ () C:\Users\jdhel\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
2017-07-02 12:27 - 2017-06-29 14:23 - 006456928 _____ (Ankama Studio) C:\Users\jdhel\AppData\Local\Temp\AnkEB27.tmp.exe
2017-06-24 23:02 - 2017-06-25 09:46 - 000000064 _____ () C:\Users\jdhel\AppData\Local\Temp\ed16f0eeaeac05357b1db8bcf2eb1403.dll
2017-09-18 17:04 - 2017-09-18 17:04 - 032754344 _____ (ArenaNet) C:\Users\jdhel\AppData\Local\Temp\Gw2.exe
2017-07-17 11:29 - 2017-05-24 08:56 - 000785464 _____ (BlueStack Systems, Inc.) C:\Users\jdhel\AppData\Local\Temp\HD-Common.dll
2017-07-17 11:29 - 2017-05-24 08:57 - 000464952 _____ (BlueStack Systems, Inc.) C:\Users\jdhel\AppData\Local\Temp\HD-InstallerUtils.dll
2017-07-17 11:29 - 2017-05-24 08:54 - 000187416 _____ (BlueStack Systems) C:\Users\jdhel\AppData\Local\Temp\HD-LibraryHandler.dll
2017-07-17 11:29 - 2017-05-24 08:53 - 000246808 _____ (BlueStack Systems) C:\Users\jdhel\AppData\Local\Temp\HD-Logger-Native.dll
2017-07-17 11:29 - 2017-05-24 08:56 - 000385080 _____ (BlueStack Systems, Inc.) C:\Users\jdhel\AppData\Local\Temp\HD-Uninstaller.exe
2017-06-30 13:35 - 2017-06-30 13:35 - 000028097 _____ () C:\Users\jdhel\AppData\Local\Temp\i4jdel0.exe
2017-06-15 23:17 - 2017-06-15 23:17 - 036403960 _____ (AppWork GmbH) C:\Users\jdhel\AppData\Local\Temp\JDSetup131420350771637675.exe
2017-05-30 13:20 - 2017-02-23 10:17 - 000354176 _____ (NVIDIA Corporation) C:\Users\jdhel\AppData\Local\Temp\nvStInst.exe
2017-09-18 14:35 - 2017-09-18 14:35 - 000040448 ____N () C:\Users\jdhel\AppData\Local\Temp\proxy_vole2436449859471304029.dll
2017-07-22 19:16 - 2017-06-18 10:58 - 000064356 _____ () C:\Users\jdhel\AppData\Local\Temp\Uninstall.exe
2017-07-06 09:54 - 2017-07-06 09:54 - 013767776 _____ (Microsoft Corporation) C:\Users\jdhel\AppData\Local\Temp\vcredist_x86.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-20 16:22

==================== Ende von FRST.txt ============================

Maliko · 21.09.2017, 15:53

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2017
durchgeführt von jdhel (21-09-2017 16:51:39)
Gestartet von C:\Users\jdhel\Desktop\Reinigung
Windows 10 Pro Version 1703 (X64) (2017-05-30 10:57:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2980919159-2059370-3087206838-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2980919159-2059370-3087206838-503 - Limited - Disabled)
Gast (S-1-5-21-2980919159-2059370-3087206838-501 - Limited - Disabled)
jdhel (S-1-5-21-2980919159-2059370-3087206838-1001 - Administrator - Enabled) => C:\Users\jdhel

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

.NET Core SDK 1.0.4 (x64) (HKLM\...\{11ACCE3C-C179-472C-A8CA-0F467702B2DA}) (Version: 4.1.5012 - Microsoft Corporation) Hidden
.NET Core SDK 1.0.4 (x64) (HKLM-x32\...\{c56e80af-58a4-490b-a1cd-5718290133b9}) (Version: 1.0.4 - Microsoft Corporation)
„Der Herr der Ringe Online™“ v1903.0058.2732.4095 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1903.0058.2732.4095 - Standing Stone Games, LLC)
Active Directory Authentication Library für SQL Server (HKLM\...\{DCF8CB30-F4CE-476A-AB02-E8D620FADC70}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.33 - NVIDIA Corporation) Hidden
Application Verifier x64 External Package (HKLM\...\{01C2C51F-B0CF-BB5E-A010-E927D44F7720}) (Version: 10.1.15063.137 - Microsoft) Hidden
Avast Browser Cleanup (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Avast Browser Cleanup) (Version: 12.1.2272.125 - AVAST Software)
Batman™: Arkham Origins (HKLM\...\Steam App 209000) (Version:  - WB Games Montreal)
Beholder (HKLM-x32\...\{05922599-8938-47C9-A534-0CDFB3360B5F}) (Version: 1.5.0.9747 - Alawar Entertainment)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BioShock Infinite (HKLM\...\Steam App 8870) (Version:  - Irrational Games)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.14.1559 - BlueStack Systems, Inc.)
Borderlands (HKLM\...\Steam App 8980) (Version:  - Gearbox Software)
Brother MFL-Pro Suite DCP-L2520DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{E598B692-764A-413C-8530-59163D6B4AE3}) (Version: 4.6.01590 - Microsoft Corporation) Hidden
Command & Conquer™ Renegade (HKLM-x32\...\{24DFBE4C-FD7F-48F2-A7D9-D1A0929B2113}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
CrossCode (HKLM\...\Steam App 368340) (Version:  - Radical Fish Games)
Darksiders II (HKLM\...\Steam App 50650) (Version:  - Vigil Games)
DC Universe Online (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\DGC-DC Universe Online) (Version: 1.0.3.195 - Daybreak Game Company)
DC Universe Online Live (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\DG0-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Dex (HKLM-x32\...\1929434313_is1) (Version: 5.4.0.0 - GOG.com)
DiagnosticsHub_CollectionService (HKLM\...\{90A561D7-0C29-464D-94E1-2A7E1C553230}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
Dirty Bomb (HKLM\...\Steam App 333930) (Version:  - Splash Damage®)
Entity Framework 6.1.3 Tools  for Visual Studio 15 (HKLM-x32\...\{F8C0447E-D45C-4E52-94E8-C6340AAC9DB8}) (Version: 6.1.60104.0 - Microsoft Corporation) Hidden
Epistory - Typing Chronicles (HKLM\...\Steam App 398850) (Version:  - Fishing Cactus)
Facebook Gameroom 1.7.6419.39279 (HKLM-x32\...\{D4BD422A-BE4A-4318-B617-34FA42544193}) (Version: 1.7.6419.39279 - Facebook)
FileZilla Client 3.27.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.0.1 - Tim Kosse)
FINAL FANTASY XIII-2 (HKLM\...\Steam App 292140) (Version:  - SQUARE ENIX)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Git version 2.10.2 (HKLM\...\Git_is1) (Version: 2.10.2 - The Git Development Community)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GrabIt 1.7.4 Beta 2 (build 1014) (HKLM-x32\...\GrabIt_is1) (Version:  - Ilan Shemes)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version:  - Ansgar Becker)
icecap_collection_neutral (HKLM-x32\...\{64F3E6FC-68E3-4062-9C2C-ABD93FDFF309}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{0AD162D1-4973-4315-97E9-5DE9A92B4049}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{FE002482-71A5-4B32-9D08-60ADFAF19E07}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{9FBD9D6F-A511-45F5-B672-63A5087F6F89}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{0148E8AA-4A50-4673-B532-DB9F30F804BE}) (Version: 10.0.1737 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - ) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{27276DC1-66AA-4B16-918D-5AB1EEDF09C6}) (Version: 6.0.5 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.15063.0 (HKLM-x32\...\{A0007ADE-F6F6-410F-822F-7522B4F0BFDE}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{51783942-DFB0-4452-97CC-BDF2D4AB3A48}) (Version: 15.0.24.0 - Microsoft Corporation) Hidden
Java SE Development Kit 8 Update 131 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180131}) (Version: 8.0.1310.11 - Oracle Corporation)
Java SE Development Kit 8 Update 131 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180131}) (Version: 8.0.1310.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBrains PhpStorm 2017.1.4 (HKLM-x32\...\PhpStorm 2017.1.4) (Version: 171.4694.2 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{EBC73D1A-BF2B-38E0-4E8E-77511F951ABC}) (Version: 10.1.10586.212 - Microsoft) Hidden
Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{91BF6CA6-F6AA-4639-944A-627B7D02567E}) (Version: 4.6.01604 - Microsoft Corporation) Hidden
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.10 - Electronic Arts)
Microsoft Azure Authoring Tools - v2.9.5.3 (HKLM\...\{086C537B-DE1A-4A11-8441-6AAF076174B8}) (Version: 2.9.8699.20 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.5.3 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.5.3) (Version: 2.9.8699.20 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure Mobile App SDK V2.0 (HKLM-x32\...\{829D812B-3F25-4E8B-B1DF-1AD09164684C}) (Version: 2.0.50130.0 - Microsoft Corporation)
Microsoft Azure PowerShell - September 2016 (HKLM-x32\...\{CB3F8A12-1570-4964-8206-17274AB9EF4D}) (Version: 2.1.0 - Microsoft Corporation)
Microsoft Azure Storage Emulator - v5.1 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.1) (Version: 5.1.1760.1722 - Microsoft Corporation)
Microsoft Identity Extensions (HKLM\...\{F99F24BF-0B90-463E-9658-3FD2EFC3C992}) (Version: 2.0.1459.0 - Microsoft Corporation)
Microsoft Network Monitor 3.4 (HKLM\...\{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Network Monitor: NetworkMonitor Parsers 3.4 (HKLM\...\{963E5FEB-1367-46B9-851D-A957F1A3747F}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{E9AD0F97-5DF2-4F5B-BC5B-F524D21BF165}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30642.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{65C71B09-C33D-4F60-93EA-DF3AD1D40600}) (Version: 10.0.1981 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Might & Magic: Heroes VI (HKLM\...\Steam App 48220) (Version:  - Blackhole)
MSI Development Tools (HKLM-x32\...\{074120DA-7DA8-E059-BD8E-5750E97C6046}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Myths of the World: Schwarze Rose (HKLM-x32\...\BFG-Myths of the World - Schwarze Rose) (Version:  - )
NC Launcher (HKLM-x32\...\NCLauncherS_plaync) (Version:  - NCSOFT)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Observer (HKLM-x32\...\1449856523_is1) (Version: 1.0 - GOG.com)
Oceanhorn: Monster of Uncharted Seas (HKLM\...\Steam App 339200) (Version:  - Cornfox &amp; Bros.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
One Click Root (HKLM-x32\...\{6EAD0BE5-D1CF-4BE8-A66F-53FE9B8D89CC}) (Version: 1.0.0.4 - One Click Root)
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.3.55762 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.107.36.0 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (HKLM-x32\...\{8989DBC1-E87B-448F-9147-57EEEC5A24A5}) (Version: 1.0.0 - Overwolf) Hidden
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Prey (HKLM\...\Steam App 480490) (Version:  - Arkane Studios)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Secret World Legends (HKLM-x32\...\Secret World Legends_is1) (Version: 1.0.0 - Funcom)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
sptools_Microsoft.VisualStudio.OfficeDeveloperTools.Msi (HKLM-x32\...\{9AF6A196-25EA-477B-9852-90E73A4438A4}) (Version: 15.0.26309 - Microsoft Corporation) Hidden
sptools_Microsoft.VisualStudio.Vsto.Msi (HKLM-x32\...\{6A005912-B16B-4D76-8F77-BA1A47501B6F}) (Version: 15.0.26309 - Microsoft Corporation) Hidden
sptools_Microsoft.VisualStudio.Vsto.Msi.Resources (HKLM-x32\...\{B8754C90-152E-494A-828C-E6022F899B1D}) (Version: 15.0.26309 - Microsoft Corporation) Hidden
sptools_Microsoft.VisualStudio.Vsto.Msi.x64 (HKLM-x32\...\{C126CCCF-0F4C-4671-99D3-32B130945018}) (Version: 15.0.26309 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tales from the Borderlands (HKLM\...\Steam App 330830) (Version:  - Telltale Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.81460 - TeamViewer)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Secret of Monkey Island: Special Edition (HKLM\...\Steam App 32360) (Version:  - LucasArts)
The Surge Demo (HKLM\...\Steam App 646690) (Version:  - Deck13)
The Witcher 3 - Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.30.0.0 - GOG.com)
Tom Clancy's The Division Trial (HKLM\...\Steam App 588220) (Version:  - Massive Entertainment)
Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)
Train Valley (HKLM\...\Steam App 353640) (Version:  - Alexey Davydov)
TypeScript Power Tool (HKLM-x32\...\{F0B4CA92-9642-4BE6-8449-A786AD4FA628}) (Version: 2.2.3.0 - Microsoft Corporation) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity (HKLM-x32\...\Unity) (Version: 2017.1.0f3 - Unity Technologies ApS)
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{315BBDA9-CE84-D465-59F8-B9C765D953AC}) (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{4E8F20FD-6BC7-B65C-D4F2-5D7CEDE3352E}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{ADD45F52-630A-4F45-8879-A8DB80DF921B}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{233B73D9-650E-9CEC-1002-767C916C1B61}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{919D63C5-565C-F1C3-67D9-353FE902EF11}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{F4E7226B-6A1C-F4D6-1109-6E1CD5B3E633}) (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0AAB833E-034D-430B-D3E4-39C5753B14AC}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{D29934EC-24B6-0F5D-C6BB-E9ECCF220C12}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{2410D879-0C8F-B254-C207-455E119075B6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{485209AE-37CE-2208-59CB-7BB59AA85BE7}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6AFD985C-21B7-8F2D-86B2-19A0563A1195}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{AF5B9C51-F99A-59CC-70F5-214E9B535EE3}) (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{F2EB74A7-148A-8DC9-82A5-B5A88093EEC4}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{F48A9651-9D00-4D94-810E-8738A41F16C2}) (Version: 14.10.25008 - Microsoft Corporation) Hidden
video2brain Desktop App (HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\bfe81a058ff573be) (Version: 1.3.2.87 - Lynda.com)
VMware Player (HKLM\...\{E5DF3245-80CF-48E8-AE2F-22D4D2DDD805}) (Version: 12.5.7 - VMware, Inc.)
VS Immersive Activate Helper (HKLM-x32\...\{D8A4EA2B-1A97-45A5-BF96-7493183F8524}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{2901E697-0E9C-404B-B7D0-6E2D43F64CE5}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{3B64C68E-14E0-4214-A53D-502E9FBD32E7}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS WCF Debugging (HKLM\...\{9E1EF6F7-ED70-4BD8-A1AE-83C5DEF0DA91}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{1070C8E8-4DFB-419F-984A-5C835828897E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{B9F4AA09-F4AC-4108-ADA0-27CDD45FCEC3}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{AEF5E0F2-31D1-454A-A992-C523C0007B4D}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{DE8B48BF-82B9-434A-B254-1EA2306E5FBA}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{B3988EC1-015B-4A61-A323-BCCCDD218E4F}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{F3217611-B414-4A3A-81BF-6A3A4DB7E743}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{D4DCEC6A-BC59-43D5-866A-AB057E64F73F}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{497A5ACE-DA03-4412-A110-910B2C450720}) (Version: 15.0.26424 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{37968509-8B79-4E9A-85D1-6AA39DA2211A}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{D396CF10-5F2B-417D-9571-0B669B99440E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{A32A9CF6-E7AA-48B8-A3D3-50C157E69F53}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Web Companion (HKLM-x32\...\{538ef96b-90a3-4657-9da0-d6b4857d141e}) (Version: 2.4.1558.3001 - Lavasoft)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
WinAppDeploy (HKLM-x32\...\{80859F5A-D13C-AB8E-4659-B630CFE2599D}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{C9966D24-DB2F-8514-EAA3-BEED85F3E166}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{30DCCFB4-068F-4C5C-BC10-5ECDCAEE55D4}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.795 (HKLM-x32\...\{5eb6fbea-73ee-4a8e-9042-110704768d7f}) (Version: 10.1.14393.795 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.15063.137 (HKLM-x32\...\{a07b4a01-ca27-4e28-9353-f325a308f128}) (Version: 10.1.15063.137 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{45B6202F-A716-C68A-199E-43B106B56A7E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{A249F631-CEBC-EDCB-4C49-700E551E66CA}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{357D0CD4-8B72-8D65-7015-81DFB2BF9150}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E71CB7F1-3E88-4450-1764-B3CC1E205C4A}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3E5375A1-0E4C-34E3-6294-C1C8BDA823E4}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{C49E6FDA-8196-0CAF-2CDD-CF1B0F4EA5AD}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{33D11371-82A5-852B-CDE2-5528CE406151}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E2F78B92-04DE-5350-14C0-7C281BF87D9E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{6CE744AE-7E0F-00AF-F1BD-077D9AFCBEC6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{FB431EE2-C835-6DE9-8DC3-C8FCDE028FE0}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{81A0EC8C-9462-BC98-0E5C-301DD7A46792}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FB82399D-9C48-9AF5-DCA1-CFE61BCA70A6}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{23909757-D6F0-7F7C-BD34-7E72BA9BD59C}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{FAD08838-3937-0F6C-8787-FDFDFBF63502}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D089A695-49F0-D3B2-0EBF-2BBC33A05CD6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D3A337CD-EA32-F4BA-03FA-825903190C92}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (HKLM-x32\...\{74B9E6F9-1793-4E90-22A1-A42254D04453}) (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (HKLM-x32\...\{1EE3550B-B5FB-B866-C153-1C609FBC1E89}) (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Workflow Manager Client 1.0 (HKLM\...\{47E0F408-748D-488D-8FA5-B8953E248A4C}) (Version: 2.1.10217.1 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{21A5C0D0-F524-4B52-99E6-C37FB90CC93D}) (Version: 2.1.10202.0 - Microsoft Corporation) Hidden
Xamarin PCL Profiles v1.0.9 (HKLM-x32\...\{5E6844AB-A867-419C-A376-B12B574AA5F7}) (Version: 1.0.9.0 - Xamarin) Hidden
Xamarin Workbooks and Inspector (HKLM-x32\...\{4C9771FB-6EB6-4E89-A2BE-BDE8B61C1BEC}) (Version: 1.2.2.9000 - Xamarin) Hidden
Xamarin.Bonjour v1.0.13 (HKLM-x32\...\{32B2DF61-DE93-4AF9-A7A6-79B03299A0AA}) (Version: 1.0.13.0 - Xamarin) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.30-1 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => D:\VMware Player\vmdkShellExt.dll [2017-06-19] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => D:\VMware Player\x64\vmdkShellExt64.dll [2017-06-19] (VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-03-17] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-05-18] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0705D555-9EEF-444E-A49E-5379C0505D04} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {2C6D43EE-D3C0-4CF1-8592-364D382A7295} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {3E8173B6-8945-49DE-A5D0-74D6F073D8E7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
Task: {3FAAD68A-30BB-4EC6-B141-B9A5F4E1D98B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-30] (Google Inc.)
Task: {400FF4D9-6428-40DB-B1E2-E7EEA9579141} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {509D6CF5-AF11-43DB-B041-369F30BA13F8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-19] ()
Task: {53B82A94-93C9-4E86-A369-010BEBB34C03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-30] (Google Inc.)
Task: {90F5977B-DBB0-48F5-95BF-A1D863347496} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {9BAC65C3-48E7-4881-AE5B-DBD1C66538BA} - System32\Tasks\avastBCLS-1-5-21-2980919159-2059370-3087206838-1001 => C:\Users\jdhel\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [2016-06-27] (AVAST Software)
Task: {BB1A1B0B-4159-42FA-962F-ED23E55706F8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-19] ()
Task: {D5ED925F-D8E2-40A4-9076-219A45CF5AB1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-09-19] (Microsoft Corporation)
Task: {D88009D0-D513-40C7-9EE9-053D5AE71458} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {DB0C295B-BA1E-48CC-9405-BBC18DC5C3D2} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-09-10] (Overwolf LTD)
Task: {E417DAE6-C8B3-4262-BE2F-2B7AA1BE939C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {E5FF1921-B082-4234-84BA-347DCF1876DB} - System32\Tasks\avast! BCU UpdateS-1-5-21-2980919159-2059370-3087206838-1001 => C:\Users\jdhel\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe [2015-03-18] (AVAST Software)
Task: {E9E5C8CF-EB01-47F5-B7F7-BDC58F7CE4AB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {F58C44D2-144E-4F3C-B495-B8BFCFEF3717} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {FD6C48DE-8088-4CB5-8946-C95526C94BB2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\jdhel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Xdebug.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=nhodjblplijafdpjjfhhanfmchplpfgl

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-06-26 11:44 - 2005-04-22 06:36 - 000143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-05-30 13:22 - 2017-06-21 09:07 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-21 16:37 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-23 10:08 - 2017-08-23 10:08 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-23 10:08 - 2017-08-23 10:08 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-09-18 15:09 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-09-18 15:09 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2017-09-19 10:09 - 2017-09-12 14:43 - 000021848 _____ () F:\Origin\QtWebEngineProcess.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 001899008 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2017-05-30 13:22 - 2017-06-21 09:07 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-18 14:25 - 2017-08-04 23:19 - 000678176 _____ () F:\Steam\SDL2.dll
2017-05-30 13:39 - 2016-09-01 03:02 - 004969248 _____ () F:\Steam\v8.dll
2017-09-18 14:25 - 2017-09-07 06:51 - 002505504 _____ () F:\Steam\video.dll
2017-05-30 13:39 - 2016-01-27 09:49 - 000491008 _____ () F:\Steam\libavformat-56.dll
2017-05-30 13:39 - 2016-01-27 09:49 - 002549760 _____ () F:\Steam\libavcodec-56.dll
2017-05-30 13:39 - 2016-09-01 03:02 - 001195296 _____ () F:\Steam\icuuc.dll
2017-05-30 13:39 - 2016-01-27 09:49 - 000442880 _____ () F:\Steam\libavutil-54.dll
2017-05-30 13:39 - 2016-01-27 09:49 - 000332800 _____ () F:\Steam\libavresample-2.dll
2017-05-30 13:39 - 2016-09-01 03:02 - 001563936 _____ () F:\Steam\icui18n.dll
2017-05-30 13:39 - 2016-01-27 09:49 - 000485888 _____ () F:\Steam\libswscale-3.dll
2017-09-18 14:25 - 2017-09-07 06:51 - 000885024 _____ () F:\Steam\bin\chromehtml.DLL
2017-05-30 13:39 - 2016-07-05 00:17 - 000266560 _____ () F:\Steam\openvr_api.dll
2017-09-10 10:34 - 2017-09-10 10:34 - 071940936 _____ () C:\Program Files (x86)\Overwolf\0.107.36.0\libcef.DLL
2017-09-19 10:09 - 2017-08-14 21:29 - 000015360 _____ () F:\Origin\libEGL.DLL
2017-09-19 10:09 - 2017-08-14 21:29 - 003090944 _____ () F:\Origin\libGLESv2.dll
2017-08-15 14:19 - 2017-09-19 10:06 - 071818864 _____ () C:\Users\jdhel\AppData\Roaming\Spotify\libcef.dll
2017-05-30 13:22 - 2017-06-21 09:06 - 066837112 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-06-26 11:44 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000507968 _____ () F:\GOG Galaxy\PocoUtil.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 001076800 _____ () F:\GOG Galaxy\PocoNet.dll
2017-05-30 13:39 - 2017-05-22 19:20 - 053018112 _____ () F:\GOG Galaxy\libcef.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 001854528 _____ () F:\GOG Galaxy\PocoData.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000393280 _____ () F:\GOG Galaxy\PocoDataSQLite.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000307776 _____ () F:\GOG Galaxy\PocoNetSSL.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000330816 _____ () F:\GOG Galaxy\PocoJSON.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 001589312 _____ () F:\GOG Galaxy\PocoFoundation.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000104000 _____ () F:\GOG Galaxy\zlib.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000130112 _____ () F:\GOG Galaxy\xdelta3.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000520768 _____ () F:\GOG Galaxy\PocoXML.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000157760 _____ () F:\GOG Galaxy\PocoCrypto.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000680000 _____ () F:\GOG Galaxy\sqlite.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000425536 _____ () F:\GOG Galaxy\pcre.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000152128 _____ () F:\GOG Galaxy\expat.dll
2017-09-19 10:08 - 2017-09-18 14:25 - 000272448 _____ () F:\GOG Galaxy\PocoZip.dll
2012-11-27 09:10 - 2012-11-27 09:10 - 000107212 _____ () C:\Program Files (x86)\GtkSharp\2.12\bin\ZLIB1.dll
2017-08-15 14:19 - 2017-09-19 10:06 - 002969200 _____ () C:\Users\jdhel\AppData\Roaming\Spotify\libglesv2.dll
2017-08-15 14:19 - 2017-09-19 10:06 - 000086640 _____ () C:\Users\jdhel\AppData\Roaming\Spotify\libegl.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000330816 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoJSON.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000104000 _____ () C:\ProgramData\GOG.com\Galaxy\redists\zlib.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 001589312 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoFoundation.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000425536 _____ () C:\ProgramData\GOG.com\Galaxy\redists\pcre.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000507968 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoUtil.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000520768 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoXML.dll
2017-05-30 13:39 - 2017-08-25 16:38 - 000152128 _____ () C:\ProgramData\GOG.com\Galaxy\redists\expat.dll
2017-09-10 10:34 - 2017-09-10 10:34 - 002945864 _____ () C:\Program Files (x86)\Overwolf\0.107.36.0\libglesv2.dll
2017-09-10 10:34 - 2017-09-10 10:34 - 000086344 _____ () C:\Program Files (x86)\Overwolf\0.107.36.0\libegl.dll
2017-09-18 14:25 - 2017-07-18 00:50 - 073115424 _____ () F:\Steam\bin\cef\cef.win7\libcef.dll
2017-06-14 15:20 - 2017-05-17 03:54 - 000678176 _____ () F:\Steam\bin\cef\cef.win7\SDL2.dll
2017-05-30 13:39 - 2015-09-25 01:52 - 000119208 _____ () F:\Steam\winh264.dll
2017-05-30 13:39 - 2017-05-22 19:20 - 001738752 _____ () F:\GOG Galaxy\libglesv2.dll
2017-05-30 13:39 - 2017-05-22 19:20 - 000078848 _____ () F:\GOG Galaxy\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:D442BE9A [137]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2980919159-2059370-3087206838-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2980919159-2059370-3087206838-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jdhel\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{E0A9FFE9-F84A-4785-8BE3-CEA5E441A35F}C:\users\jdhel\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jdhel\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E5A861DF-0FBD-40DC-A1B9-6C289FD63BBC}C:\users\jdhel\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jdhel\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{F3A0FFD7-827A-4F39-82A9-C2B5CE928E18}C:\users\jdhel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jdhel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{11EB0535-0993-40CE-95F5-3F7573B59A09}C:\users\jdhel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jdhel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0106EE8B-73D7-4BCD-97CD-66BB7CDF85FD}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{295EC921-ACE6-4545-A1C5-751C15A77604}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{5DD12097-7624-43E7-A690-074A4C6B73DC}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E0825BB4-419B-47B0-BF36-50E9FB3DD606}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{66B5ED82-E034-4B5E-B6EB-02FAD18E9BCF}] => (Allow) F:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{016526C8-0BF7-4EA9-9A89-F37418BDAEE6}] => (Allow) F:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [TCP Query User{D06E89BD-8742-4754-B16D-018684991880}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{8E92EEDB-4A4C-4087-B656-F4180069466F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Wiederherstellungspunkte =========================

19-09-2017 10:37:38 Windows Update
19-09-2017 10:37:57 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/21/2017 04:48:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FacebookGameroom.exe, Version: 1.7.6419.39279, Zeitstempel: 0x597d6550
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2883.1553.0, Zeitstempel: 0x588c0e1e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01afc195
ID des fehlerhaften Prozesses: 0x29c0
Startzeit der fehlerhaften Anwendung: 0x01d332e85c0bfb6b
Pfad der fehlerhaften Anwendung: C:\Users\jdhel\AppData\Local\Facebook\Games\FacebookGameroom.exe
Pfad des fehlerhaften Moduls: C:\Users\jdhel\AppData\Local\Facebook\Games\libcef.dll
Berichtskennung: ce2104aa-4300-4dfa-97da-c5a1104b5115
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 04:48:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: FacebookGameroom.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 119FC195
Stapel:

Error: (09/21/2017 04:46:49 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\Windows\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/21/2017 04:46:49 PM) (Source: Perflib) (EventID: 1018) (User: )
Description: Das Zusammenstellen der Leistungsindikatorendaten vom Dienst "VMware" wurde für diese Sitzung deaktiviert, da mindestens ein Fehler von der Leistungsindikatorenbibliothek für diesen Dienst verursacht wurde. Die Fehler, die diese Aktion erzwungen haben, wurden in das Ereignisprotokoll der Anwendung geschrieben.

Error: (09/21/2017 04:46:49 PM) (Source: Perflib) (EventID: 1022) (User: )
Description: Windows kann die 64-Bit-Version der DLL für erweiterbare Leistungsindikatoren "VMware" in einer 32-Bit-Umgebung nicht öffnen. Wenden Sie sich an den Hersteller der Datei, um eine 64-Bit-Version zu erhalten. Sie können aber auch die 64-Bit-Version der DLL für erweiterbare Leistungsindikatoren öffnen, indem Sie die 64-Bit-Version der Leistungsüberwachung verwenden. Öffnen Sie den Ordner "Windows", öffnen Sie den Ordner "Syswow64", und starten Sie "Perfmon.exe", um dieses Programm zu verwenden.

Error: (09/21/2017 04:46:46 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (09/21/2017 04:46:46 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (09/21/2017 04:46:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\Windows\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/21/2017 04:46:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/21/2017 04:46:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.


Systemfehler:
=============
Error: (09/21/2017 04:49:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet.

Error: (09/21/2017 04:47:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/21/2017 04:47:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (09/21/2017 04:46:32 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-3KI17HI)
Description: Ein DCOM-Server konnte nicht gestartet werden: {14286318-B6CF-49A1-81FC-D74AD94902F9}. Fehler:
"2"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding

Error: (09/21/2017 04:45:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/21/2017 04:45:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (09/21/2017 04:45:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "VMUSBArbService" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/21/2017 04:45:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (09/21/2017 04:25:22 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet.

Error: (09/21/2017 04:22:59 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-3KI17HI)
Description: Ein DCOM-Server konnte nicht gestartet werden: {14286318-B6CF-49A1-81FC-D74AD94902F9}. Fehler:
"2"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding


CodeIntegrity:
===================================
  Date: 2017-09-21 10:00:22.371
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:22.365
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:22.359
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:22.353
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:22.347
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:22.341
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:17.330
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:17.324
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:17.318
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-09-21 10:00:17.312
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 16262.78 MB
Verfügbarer physikalischer RAM: 11096.58 MB
Summe virtueller Speicher: 18694.78 MB
Verfügbarer virtueller Speicher: 12980.24 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:243.59 GB) (Free:107.54 GB) NTFS
Drive d: (Daten) (Fixed) (Total:465.76 GB) (Free:421.12 GB) NTFS
Drive f: (Games) (Fixed) (Total:687.37 GB) (Free:199.22 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 669F762F)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B · 21.09.2017, 20:37

Servus,

du hast die falsche Logatei gepostet...

Ich möchte gerne die Logdateien des Löschvorgangs von AdwCleaner sehen... siehe Anleitung.

Hast du die CHR-Erweiterung selbst gelöscht?

Maliko · 21.09.2017, 20:56

Ne neuere Datei existiert nicht. Und nein ich hab nix manuell gelöscht. Aber das Addon wird auch nicht mehr angezeigt. Malwarebytes hat es wohl gelöscht.

M-K-D-B · 21.09.2017, 21:08

Servus,

Zitat:

Zitat von Maliko

Ne neuere Datei existiert nicht.

Du hast die Logdatei des Suchlaufs gepostet. Ich habe aber nach der Logdatei des Löschvorgangs gefragt.

Zitat:

Zitat von Maliko

Und nein ich hab nix manuell gelöscht. Aber das Addon wird auch nicht mehr angezeigt. Malwarebytes hat es wohl gelöscht.

Nein, MB hat nichts davon gelöscht.

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
CHR StartupUrls: Default -> "hxxp://www.initialpage123.com/?z=a154a92eb90c58c41835252g6z5t0q9e3tdmfz8z6c&from=cmefy&uid=ST3500418AS_9VMNJKQMXXXX9VMNJKQM&type=hp","hxxps://encrypted.google.com"
CHR DefaultSuggestURL: Default -> hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:D442BE9A [137]
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

M-K-D-B · 25.09.2017, 19:37

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM inklusive Link zum Thema an mich falls du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

21.09.2017, 20:37	#10
M-K-D-B /// TB-Ausbilder	Chrome Addon History Cleaner will sich nicht entfernen lassen Servus, du hast die falsche Logatei gepostet... Ich möchte gerne die Logdateien des Löschvorgangs von AdwCleaner sehen... siehe Anleitung. Hast du die CHR-Erweiterung selbst gelöscht?

Chrome Addon History Cleaner will sich nicht entfernen lassen

Plagegeister aller Art und deren Bekämpfung: Chrome Addon History Cleaner will sich nicht entfernen lassen