Pc sehr langsam

385ideal · 11.08.2018, 00:19

Hey

seit neustem ist mein Pc langsam geworden und mein Windows Defender lässt sich auch nicht mehr einschalten. Ich würde mich freuen wenn jemand mir helfen könnte.
https://gyazo.com/4530d9c959635020f3673c79773640d8
https://gyazo.com/4b9e2a3f02a7ad98bd3c9bfbb1705147

Mit freundlichen Grüßen

385ideal

cosinus · 11.08.2018, 11:46

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

385ideal · 11.08.2018, 12:49

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
durchgeführt von 385ideal (Administrator) auf DESKTOP-7HDHAQ (11-08-2018 13:42:53)
Gestartet von C:\Users\385ideal\Downloads
Geladene Profile: 385ideal (Verfügbare Profile: 385ideal)
Platform: Windows 10 Home Version 1709 16299.547 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Garena Online ) C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\gxxsvc.exe
(Microsoft Corporation) C:\Windows\System32\spaceman.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2018-03-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2018-03-12] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587800 2017-12-19] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384328 2018-07-19] (Nota Inc.)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [MyComGames] => C:\Users\385ideal\AppData\Local\MyComGames\MyComGames.exe [6134584 2018-03-29] (MY.COM B.V.)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3682968 2018-03-08] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334528 2018-06-10] (Echobit LLC)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [Gaijin.Net Agent] => C:\Users\385ideal\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-06-14] (Gaijin Entertainment)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-08-02] (Epic Games, Inc.)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
Startup: C:\Users\385ideal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2018-04-05] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2018-06-12]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{49463244-426d-473c-9509-99695b71c90d}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{74aaa42e-4795-49ea-aaa3-948a31d719d7}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{7B11C102-90A5-4C47-968B-30EC155D2B2A}: [DhcpNameServer] 74.120.221.129 74.120.221.131
Tcpip\..\Interfaces\{b75dad78-37fc-4f39-853a-2dafd86da187}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{fc0dafb8-9385-4fbc-a7b6-0b58147e45cb}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_162\bin\ssv.dll [2018-03-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_162\bin\jp2ssv.dll [2018-03-12] (Oracle Corporation)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.162.2 -> C:\Program Files (x86)\Java\jre1.8.0_162\bin\dtplugin\npDeployJava1.dll [2018-03-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.162.2 -> C:\Program Files (x86)\Java\jre1.8.0_162\bin\plugin2\npjp2.dll [2018-03-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default [2018-04-02]
CHR Extension: (Präsentationen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-15]
CHR Extension: (Docs) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-15]
CHR Extension: (Google Drive) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-15]
CHR Extension: (YouTube) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-15]
CHR Extension: (Adblock Plus) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-26]
CHR Extension: (Tabellen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-15]
CHR Extension: (Google Docs Offline) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-15]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-03-19]
CHR Extension: (Netflix Party) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2018-03-24]
CHR Extension: (Google Mail) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-15]
CHR Extension: (Chrome Media Router) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-22]
CHR Profile: C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default [2018-08-11]
CHR Extension: (Präsentationen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-02]
CHR Extension: (Docs) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-02]
CHR Extension: (Google Drive) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-02]
CHR Extension: (YouTube) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-02]
CHR Extension: (uBlock Origin) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-08-06]
CHR Extension: (Tabellen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-04-02]
CHR Extension: (AdBlock) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-08-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-08-09]
CHR Extension: (Google Mail) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-03]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2018-06-12] (Adobe Systems) [Datei ist nicht signiert]
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-08] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-07-11] (EasyAntiCheat Ltd)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2018-06-10] (Echobit LLC)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-02-06] (Futuremark)
R2 GarenaPlatform; C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\gxxsvc.exe [319296 2018-04-04] (Garena Online )
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-05-30] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [135840 2017-11-03] (eVenture Limited)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365032 2016-06-17] (Intel Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206112 2017-06-14] (IObit)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [9960560 2018-04-01] (LLC Mail.Ru)
S3 NGS; C:\Windows\NGService.exe [2994248 2018-01-27] (NEXON Korea Corporation)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [332848 2017-10-30] (Locktime Software)
S3 npggsvc; C:\Windows\system32\GameMon.des [7677008 2017-10-16] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37504 2016-12-07] (The OpenVPN Project)
R2 osrss; C:\Windows\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)
R2 RtkBtManServ; C:\Windows\RtkBtManServ.exe [280032 2017-11-29] (Realtek Semiconductor Corp.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [328344 2018-03-09] (Sandboxie Holdings, LLC)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [294912 2018-08-03] (Microsoft Corporation)
S3 Survarium-Steam Update Service; C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [97416 2018-05-13] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
S4 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [113024 2018-02-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [442472 2017-11-13] (Windscribe Limited)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196648 2018-03-28] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-28] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-28] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-28] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-28] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [215320 2018-03-28] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-03-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146656 2018-03-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110328 2018-03-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-03-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-03-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-03-28] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-03-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-03-28] (AVAST Software)
R3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2018-06-10] (Echobit, LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-15] (REALiX(tm))
S3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [24056 2017-07-19] (IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [39792 2017-09-28] (IObit.com)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [9188520 2018-04-01] (LLC Mail.Ru)
R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [178544 2017-10-30] (Locktime Software)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_485c1c3102021986\nvlddmkm.sys [17200392 2018-06-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31200 2018-05-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-03-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [68112 2018-04-28] (NVIDIA Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [757216 2017-11-29] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [7959408 2017-11-21] (Realtek Semiconductor Corporation )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [228208 2018-03-09] (Sandboxie Holdings, LLC)
S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [46040 2017-08-24] (The OpenVPN Project)
R3 tapwindscribe0901; C:\Windows\System32\drivers\tapwindscribe0901.sys [54896 2017-09-13] (The OpenVPN Project)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [1143400 2018-04-12] (TENCENT)
R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [213080 2018-07-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [222864 2018-07-16] (Oracle Corporation)
R0 vsock; C:\Windows\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2018-03-25] (BigNox Corporation)
S3 11338; \??\C:\Users\385ideal\AppData\Local\Temp\11338TNiNbaZ.sys [X] <==== ACHTUNG
S3 18385; \??\C:\Users\385ideal\AppData\Local\Temp\18385TNiNbaZ.sys [X] <==== ACHTUNG
S3 21994; \??\C:\Users\385ideal\AppData\Local\Temp\21994TNiNbaZ.sys [X] <==== ACHTUNG
S3 22603; \??\C:\Users\385ideal\AppData\Local\Temp\22603TNiNbaZ.sys [X] <==== ACHTUNG
S3 29181; \??\C:\Users\385ideal\AppData\Local\Temp\29181TNiNbaZ.sys [X] <==== ACHTUNG
S3 54853; \??\C:\Users\385ideal\AppData\Local\Temp\54853TNiNbaZ.sys [X] <==== ACHTUNG
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
S3 lYPSOZm; \??\C:\Users\385ideal\AppData\Local\Temp\TNiNbaZ.sys [X] <==== ACHTUNG
U4 UxSms; kein ImagePath
S4 WinRing0_1_2_0; \??\C:\Program Files (x86)\EVGA\Precision XOC\WinRing0\WinRing0x64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-08-11 13:42 - 2018-08-11 13:43 - 000024614 _____ C:\Users\385ideal\Downloads\FRST.txt
2018-08-11 13:42 - 2018-08-11 13:42 - 002412544 _____ (Farbar) C:\Users\385ideal\Downloads\FRST64.exe
2018-08-11 13:42 - 2018-08-11 13:42 - 000000000 ____D C:\FRST
2018-08-11 13:41 - 2018-08-11 13:41 - 000003048 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (385ideal)
2018-08-11 13:36 - 2018-08-11 13:36 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-11 01:38 - 2018-08-11 03:12 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-08-11 01:38 - 2018-08-11 01:38 - 000001247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2018-08-11 01:38 - 2018-08-11 01:38 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2018-08-11 01:38 - 2018-08-11 01:38 - 000001220 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2018-08-11 01:38 - 2018-08-11 01:38 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-08-11 01:37 - 2018-08-11 01:37 - 001540104 _____ (CHIP Digital GmbH) C:\Users\385ideal\Downloads\Security Task Manager - CHIP-Installer.exe
2018-08-10 19:21 - 2018-08-10 19:25 - 052976329 _____ C:\Users\385ideal\Documents\Ohne Titel.mp4
2018-08-10 19:05 - 2018-08-10 19:05 - 000212944 _____ C:\Users\385ideal\Downloads\🌴AFRO TRAP DANCEHALL SUMMER BEAT _Afro Summer Part 2_ _ THUNDER BEATS.mp3.sfk
2018-08-10 19:03 - 2018-08-10 19:03 - 000020304 _____ C:\Users\385ideal\Downloads\Sprache 001.m4a.sfk
2018-08-10 19:03 - 2018-08-10 19:03 - 000011136 _____ C:\Users\385ideal\Downloads\hook.m4a.sfk
2018-08-10 18:54 - 2018-08-10 18:54 - 000510589 _____ C:\Users\385ideal\Downloads\Sprache 001.m4a
2018-08-10 18:54 - 2018-08-10 18:54 - 000293924 _____ C:\Users\385ideal\Downloads\hook.m4a
2018-08-10 17:52 - 2018-08-10 17:52 - 000000000 ____D C:\Program Files (x86)\21jmkiiokxpp
2018-08-08 23:25 - 2018-08-08 23:25 - 000000000 ____D C:\Users\385ideal\AppData\Local\Tempzxpsignd280b03754eb9d63
2018-08-08 23:25 - 2018-08-08 23:25 - 000000000 ____D C:\Users\385ideal\AppData\Local\Tempzxpsign5d1703bcb6cb494f
2018-08-08 16:08 - 2018-08-11 03:12 - 000000000 ____D C:\Users\385ideal\Desktop\Kenji2
2018-08-08 16:07 - 2018-08-08 16:07 - 000005280 _____ C:\Users\385ideal\Downloads\dpzh7goB.zip
2018-08-08 16:05 - 2018-08-08 16:05 - 2138157163 _____ C:\Users\385ideal\Downloads\Kenji2Client_06082018_2315.rar
2018-08-08 15:40 - 2018-08-08 15:40 - 005450341 _____ C:\Users\385ideal\Downloads\PBDownForce_0_3_3_1.zip
2018-08-08 15:36 - 2018-08-08 15:37 - 010396588 _____ C:\Users\385ideal\Downloads\PB DownForce_0_3_3_1.rar
2018-08-08 15:18 - 2018-08-08 15:18 - 001070232 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2018-08-08 15:18 - 2018-08-08 15:18 - 001010720 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\MSCHRT20.OCX
2018-08-08 15:18 - 2018-08-08 15:18 - 000224016 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\TABCTL32.OCX
2018-08-08 15:18 - 2018-08-08 15:18 - 000140488 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2018-08-08 15:18 - 2018-08-08 15:18 - 000000000 ____D C:\Program Files (x86)\Technitium
2018-08-08 15:16 - 2018-08-08 15:16 - 002482047 _____ ( ) C:\Users\385ideal\Downloads\technitium-mac-address-changer_6.0.7_0892031343.exe
2018-08-08 15:14 - 2018-08-08 15:14 - 000199197 _____ C:\Users\385ideal\Downloads\VolumeId (2).zip
2018-08-08 15:12 - 2018-08-08 15:12 - 000651776 _____ C:\Users\385ideal\Downloads\HardDiskSerialNumberChanger.exe
2018-08-08 15:07 - 2018-08-08 15:07 - 000199197 _____ C:\Users\385ideal\Downloads\VolumeId (1).zip
2018-08-08 14:56 - 2018-08-08 14:56 - 000102435 _____ C:\Users\385ideal\Downloads\HWIDChanger.rar
2018-08-08 14:55 - 2018-08-08 14:55 - 001571279 _____ (Radul ) C:\Users\385ideal\Downloads\HWIDChanger.rar_2327457809.exe
2018-08-08 14:43 - 2018-08-08 14:43 - 000199197 _____ C:\Users\385ideal\Downloads\VolumeId.zip
2018-08-08 01:27 - 2018-08-08 01:27 - 000054049 _____ C:\Users\385ideal\Downloads\HWID Changer (2018) (1).rar
2018-08-08 01:18 - 2018-08-08 01:18 - 000054049 _____ C:\Users\385ideal\Downloads\HWID Changer (2018).rar
2018-08-06 21:32 - 2018-08-06 21:32 - 000005258 _____ C:\Users\385ideal\Downloads\UkhKHqhG.zip
2018-08-06 19:34 - 2018-08-06 20:57 - 000000000 ____D C:\Users\385ideal\VirtualBox VMs
2018-08-06 18:57 - 2018-08-06 18:57 - 000000000 ____D C:\Users\385ideal\AppData\LocalLow\Temp
2018-08-06 14:52 - 2018-08-06 14:52 - 000005243 _____ C:\Users\385ideal\Downloads\sxfIZaBp.zip
2018-08-06 14:44 - 2018-08-06 14:44 - 000000000 ____D C:\ProgramData\Gyazo
2018-08-06 14:42 - 2018-08-10 17:11 - 000000000 ____D C:\Users\385ideal\.VirtualBox
2018-08-05 17:43 - 2018-08-05 17:43 - 000005301 _____ C:\Users\385ideal\Downloads\3X3W2NL1.zip
2018-08-05 16:05 - 2018-08-05 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2018-08-05 16:05 - 2018-07-16 12:35 - 000168896 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2018-08-05 16:04 - 2018-08-05 16:04 - 000000000 ____D C:\Program Files\Oracle
2018-08-05 16:04 - 2018-07-16 12:35 - 000984376 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2018-08-05 15:33 - 2018-08-05 15:34 - 113740800 _____ (Oracle Corporation) C:\Users\385ideal\Downloads\VirtualBox-5.2.16-123759-Win.exe
2018-08-04 01:00 - 2018-08-04 01:00 - 000000000 ____D C:\Users\385ideal\AppData\Local\Tempzxpsignea66fe0c8f43c191
2018-08-04 01:00 - 2018-08-04 01:00 - 000000000 ____D C:\Users\385ideal\AppData\Local\Tempzxpsign53e03d21335607d7
2018-08-04 00:15 - 2018-08-04 00:15 - 000005304 _____ C:\Users\385ideal\Downloads\dy9KP0gF.zip
2018-08-02 19:25 - 2018-08-09 14:52 - 000000000 ____D C:\Users\385ideal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-08-02 19:25 - 2018-08-02 19:38 - 000000253 _____ C:\Users\385ideal\AppData\LocalLow\rbxcsettings.rbx
2018-08-02 19:25 - 2018-08-02 19:29 - 000000000 ____D C:\Users\385ideal\AppData\Local\Roblox
2018-08-02 19:25 - 2018-08-02 19:25 - 000740408 _____ (Roblox Corporation) C:\Users\385ideal\Downloads\RobloxPlayerLauncher.exe
2018-08-02 12:28 - 2018-08-10 17:53 - 000000000 ____D C:\Users\385ideal\Desktop\M2bob
2018-08-02 10:53 - 2018-08-02 10:59 - 018093381 _____ C:\Users\385ideal\Downloads\M2Bob-9.8.5.zip
2018-08-02 10:35 - 2018-08-02 10:36 - 2173890749 _____ C:\Users\385ideal\Downloads\Kenji2ClientRELEASE2.7z
2018-08-01 21:42 - 2018-08-01 21:42 - 000003384 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3460944108-2816622866-3298408181-1001
2018-08-01 21:42 - 2018-08-01 21:42 - 000002396 _____ C:\Users\385ideal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-17 20:47 - 2018-07-17 22:02 - 000000000 ____D C:\Users\385ideal\Desktop\Mysaru2
2018-07-17 20:15 - 2018-07-17 20:16 - 3675913457 _____ C:\Users\385ideal\Downloads\Mysaru2.rar
2018-07-17 20:02 - 2018-07-17 20:02 - 020005766 _____ C:\Users\385ideal\Downloads\pack.rar
2018-07-17 20:01 - 2018-07-17 20:01 - 001847375 _____ C:\Users\385ideal\Downloads\metin2client.rar
2018-07-17 17:48 - 2018-07-17 17:49 - 000285696 _____ C:\Users\385ideal\Downloads\AUDIO-2018-07-17-17-23-18 (online-audio-converter.com).m4a.sfk
2018-07-17 17:47 - 2018-07-17 17:48 - 004216027 _____ C:\Users\385ideal\Downloads\AUDIO-2018-07-17-17-23-18 (online-audio-converter.com).m4a
2018-07-17 17:45 - 2018-07-17 17:45 - 002550184 _____ C:\Users\385ideal\Downloads\AUDIO-2018-07-17-17-23-18.aac
2018-07-17 17:45 - 2018-07-17 17:45 - 000000030 _____ C:\Users\385ideal\Downloads\ATT00001.txt
2018-07-17 17:17 - 2018-07-17 17:18 - 000268160 _____ C:\Users\385ideal\Downloads\Eno Mercedes [www.sounddrain.net].mp3.sfk
2018-07-17 17:07 - 2018-07-17 17:08 - 024248320 _____ C:\Users\385ideal\Downloads\4kyoutubetomp3_3.3.7.msi
2018-07-16 12:35 - 2018-07-16 12:35 - 000222864 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2018-07-16 12:35 - 2018-07-16 12:35 - 000213080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2018-07-14 23:19 - 2018-06-29 02:46 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-14 23:19 - 2018-06-29 02:46 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-12 14:40 - 2018-07-12 14:40 - 000000000 ___HD C:\Users\Public\Shared Files

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-08-11 13:44 - 2018-01-15 16:38 - 000000000 ____D C:\Users\385ideal\AppData\Roaming\TS3Client
2018-08-11 13:41 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-11 13:41 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\AppReadiness
2018-08-11 13:40 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-08-11 13:39 - 2018-01-15 18:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-11 04:49 - 2018-02-03 11:40 - 000000000 ____D C:\Users\385ideal\AppData\Roaming\obs-studio
2018-08-11 02:00 - 2018-01-15 20:36 - 000000000 ____D C:\Users\385ideal\AppData\Local\Adobe
2018-08-11 01:58 - 2018-06-30 23:14 - 000000000 ____D C:\Windows\System32\Tasks\MEGA
2018-08-11 01:38 - 2018-01-15 16:41 - 000007590 _____ C:\Users\385ideal\AppData\Local\Resmon.ResmonCfg
2018-08-10 19:02 - 2018-01-15 19:22 - 000000000 ____D C:\Users\385ideal\AppData\Local\CrashDumps
2018-08-10 17:29 - 2018-04-11 20:02 - 000002688 _____ C:\Windows\Sandboxie.ini
2018-08-10 16:03 - 2018-01-15 16:08 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-08-10 15:45 - 2018-07-11 22:42 - 000000000 ____D C:\Program Files\rempl
2018-08-10 05:07 - 2018-01-15 16:38 - 000000000 ____D C:\Program Files (x86)\Steam
2018-08-10 01:50 - 2018-02-11 00:22 - 000000000 ____D C:\Users\385ideal\AppData\Local\Arma 3
2018-08-10 01:49 - 2018-02-11 00:20 - 000000000 ____D C:\Users\385ideal\AppData\Local\Arma 3 Launcher
2018-08-09 23:53 - 2018-02-18 17:00 - 000000000 ____D C:\Users\385ideal\Documents\Arma 3 - Other Profiles
2018-08-09 14:21 - 2018-01-15 17:19 - 000000000 ____D C:\ProgramData\ProductData
2018-08-09 14:19 - 2018-06-04 15:32 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-08-09 14:19 - 2018-03-31 03:41 - 000000000 ____D C:\ProgramData\VMware
2018-08-09 14:19 - 2018-01-15 16:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-08 20:30 - 2018-01-15 16:37 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-08 15:30 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\NDF
2018-08-08 15:25 - 2017-09-29 10:45 - 000524288 _____ C:\Windows\system32\config\BBI
2018-08-06 19:55 - 2018-01-15 16:31 - 000000000 ____D C:\Users\385ideal
2018-08-06 14:44 - 2018-01-15 17:57 - 000003556 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2018-08-06 14:44 - 2018-01-15 17:57 - 000003420 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2018-08-06 14:44 - 2018-01-15 17:57 - 000000000 ____D C:\Program Files (x86)\Gyazo
2018-08-05 23:53 - 2018-06-16 17:12 - 000000000 ____D C:\Users\385ideal\Desktop\Wichtig
2018-08-05 16:05 - 2017-09-29 15:44 - 000000000 ____D C:\Windows\INF
2018-08-05 15:20 - 2018-06-11 13:28 - 000000000 ____D C:\Users\385ideal\AppData\Roaming\EasyAntiCheat
2018-08-05 14:48 - 2018-06-15 20:37 - 000000000 ____D C:\Users\385ideal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cuisine Royale
2018-08-01 21:51 - 2018-06-20 13:26 - 000000000 ____D C:\ProgramData\Packages
2018-08-01 21:42 - 2018-01-15 16:34 - 000000000 ___RD C:\Users\385ideal\OneDrive
2018-07-17 20:21 - 2018-01-16 12:42 - 000000000 ____D C:\Users\385ideal\AppData\Local\ElevatedDiagnostics
2018-07-17 17:49 - 2018-01-15 18:22 - 000000000 ____D C:\Users\385ideal\AppData\Local\NVIDIA
2018-07-15 12:56 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\rescache
2018-07-14 23:23 - 2018-01-15 16:16 - 005699308 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-14 23:23 - 2017-09-30 16:35 - 002869662 _____ C:\Windows\system32\perfh007.dat
2018-07-14 23:23 - 2017-09-30 16:35 - 000758212 _____ C:\Windows\system32\perfc007.dat
2018-07-14 23:16 - 2018-01-15 16:08 - 000320248 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-14 23:14 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-14 23:14 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\ShellExperiences
2018-07-12 14:40 - 2018-01-20 01:29 - 000000000 ____D C:\Intel
2018-07-12 14:34 - 2018-01-15 19:35 - 000000000 ____D C:\Users\385ideal\AppData\Local\UnrealEngine

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2018-01-15 16:41 - 2018-08-11 01:38 - 000007590 _____ () C:\Users\385ideal\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-08-01 22:00

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.08.2018
durchgeführt von 385ideal (11-08-2018 13:44:23)
Gestartet von C:\Users\385ideal\Downloads
Windows 10 Home Version 1709 16299.547 (X64) (2018-01-15 14:12:35)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

385ideal (S-1-5-21-3460944108-2816622866-3298408181-1001 - Administrator - Enabled) => C:\Users\385ideal
Administrator (S-1-5-21-3460944108-2816622866-3298408181-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3460944108-2816622866-3298408181-503 - Limited - Disabled)
Gast (S-1-5-21-3460944108-2816622866-3298408181-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3460944108-2816622866-3298408181-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)


==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3DMark (HKLM\...\{62A3D06F-97B8-4CD0-9B7F-3B06C4DF377B}) (Version: 2.4.4264.0 - Futuremark) Hidden
3DMark (HKLM-x32\...\{0034a3c4-a299-491d-b683-791a538a7db4}) (Version: 2.4.4264.0 - Futuremark)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Advanced SystemCare 11 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 11.1.0 - IObit)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
ArmA3Sync 1.6.92 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.6.92 - The [S.o.E] team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version:  - Cheat Engine)
CPUID CPU-Z 1.82.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.82.1 - ) <==== ACHTUNG
CrystalDiskInfo 7.6.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
Cuisine Royale Launcher 1.0.0.28 (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\{eeededa4-29ff-8962-96e1-e2282d8a62c1}}_is1) (Version:  - Gaijin Entertainment)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Digibit VPN (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Digibit VPN) (Version:  - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.2.0 - IObit)
EisenschmiedeLauncherSetup (HKLM-x32\...\{04AE82A2-A2E9-419C-B899-4C336946CD30}) (Version: 1.00.0000 - Eisenschmiede-Gaming)
Epic Games Launcher (HKLM-x32\...\{4E2F8966-C007-4BF8-9575-487B4D61ED4A}) (Version: 1.1.137.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{8AD048D8-1975-47F5-800F-15028E84F2C5}) (Version: 5.5.646.0 - Futuremark)
Garena (remove only) (HKLM-x32\...\gxx) (Version: 2.0.1804.0420 - Garena)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gyazo 3.3.8 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
hide.me VPN 1.3.2 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.3.2 - eVenture Limited)
HideMy.name VPN (HKLM-x32\...\{D4C4FDDF-AB53-4E45-BB78-AFA80D034589}) (Version: 1.43 - inCloak Network Ltd.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.2.0.11 - IObit)
Ironsight Version 1 (HKLM-x32\...\Ironsight_is1) (Version: 1 - Aeria Games)
iTunes (HKLM\...\{69D24652-4A1D-49C6-AA0C-573A38083F6C}) (Version: 12.7.3.46 - Apple Inc.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 162 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180162F0}) (Version: 8.0.1620.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)
Magic Bullet Suite 64-bit (HKLM\...\{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Metin2 (HKLM-x32\...\Metin2_DE_is1) (Version:  - Gameforge 4D GmbH)
Microsoft Build Tools 2015 (HKLM-x32\...\{d21da0dd-4ba4-4838-ba58-64cf7a77131a}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
My.com Game Center (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\MyComGames) (Version: 3.225 - My.com B.V.)
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
NetLimiter 4 (HKLM\...\{CCEBB3FF-7941-42D6-875C-5321AA54963F}) (Version: 4.0.33.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.33.0) (Version: 4.0.33.0 - Locktime Software)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.0.6.1 - Duodian Technology Co. Ltd.)
NVIDIA 3D Vision Controller-Treiber 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.36 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA GeForce NOW 1.5.1.189 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 1.5.1.189 - NVIDIA Corporation)
NVIDIA Grafiktreiber 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.0 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.5 (HKLM-x32\...\{F0C909D7-D643-4628-8C6A-94073139F0CE}) (Version: 4.15.9789 - Apache Software Foundation)
OpenVPN 2.3.14-I601  (HKLM\...\OpenVPN) (Version: 2.3.14-I601 - )
Oracle VM VirtualBox 5.2.16 (HKLM\...\{38A260F3-FE34-4AB9-9D2F-7CCAD7308EC7}) (Version: 5.2.16 - Oracle Corporation)
osu! (HKLM-x32\...\{392e6608-9a9e-4306-94dd-94954d998f3b}) (Version: latest - ppy Pty Ltd)
Plays (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Plays) (Version: 0.2.1 - Plays.tv, Inc)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 9.0.0.440 - Bitsum)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8264 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Resanance (HKLM\...\{07BB6181-E1D0-4283-87D0-BE4819535A3C}) (Version: 2.1.3 - WasntAFairFight)
RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder)
Roblox Player for 385ideal (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
Rules of Survival version 1.147074.149250 (HKLM-x32\...\{F560482D-4378-4FB8-8EB7-4F017FDBCC90}_is1) (Version: 1.147074.149250 - Hong Kong Netease Interactive Entertainment Limited)
Sandboxie 5.24 (64-bit) (HKLM\...\Sandboxie) (Version: 5.24 - Sandboxie Holdings, LLC)
Security Task Manager 2.1k (HKLM-x32\...\Security Task Manager) (Version: 2.1k - Neuber Software)
Software Lag Switch (HKLM-x32\...\{6EC29D9E-F229-4B07-AF22-7018AD29DAF0}) (Version: 1.2 - softwarelagswitch.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suite Specific (HKLM-x32\...\{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}) (Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.52a - Vostok Games)
TAP-ProtonVPN 9.21.2 (HKLM\...\TAP-ProtonVPN) (Version: 9.21.2 - ProtonVPN AG)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team-ELAN Launcher (HKLM-x32\...\{02E71465-AFE4-4A68-B0A5-3C3691C879C0}) (Version: 1.00.0000 - Team ELAN)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.7 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
TunnelBear (HKLM-x32\...\{5dbd322e-98b2-41c8-a2d9-d9f21423afa9}) (Version: 3.2.0.6 - TunnelBear)
TunnelBear (HKLM-x32\...\{EAF52E02-CC78-47F4-A304-F91FDB6A55D1}) (Version: 3.2.0.6 - TunnelBear) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A951B9A0-13C0-4A4B-8E04-3CCF05701086}) (Version: 2.47.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 49.0 - Ubisoft)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
VEGAS Pro 15.0 (HKLM\...\{E1BB101E-7FC4-11E7-9796-95BE57594EAC}) (Version: 15.0.177 - VEGAS)
VMware Player (HKLM\...\{2068E4B9-5A6D-41E3-8B50-CC2ECD49309B}) (Version: 14.1.1 - VMware, Inc.)
Warface My.Com (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Warface My.Com) (Version: 1.62 - My.com B.V.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.80 Build 33 - Windscribe Limited)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2018-01-08] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2018-01-08] (VMware, Inc.)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-06-17] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0D5D40ED-0122-4741-AD0B-53BC7F5FFC18} - System32\Tasks\Opera scheduled Autoupdate 1529234937 => C:\Users\385ideal\AppData\Local\Programs\Opera\launcher.exe
Task: {1A882EF5-7421-4600-9F0B-AF083249705B} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3460944108-2816622866-3298408181-1001
Task: {24F6E210-3DC7-4A2E-96C1-2060F40367AF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {428B22ED-A6A9-49BC-89D3-9D805A313F5E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {463C55A9-C070-424C-A44F-70A2FC532BE2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {4EA6F5E8-6597-4141-B684-BFE16A67DB78} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {5660207A-0F8C-49C9-BA35-4366B31B0CC5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
Task: {63BBF631-7446-42D7-80EF-CF2A3323A267} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-15] (Google Inc.)
Task: {80D64AF3-E37F-4FA1-81B1-7F0CD344A353} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\385ideal\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe [2018-02-13] (NVIDIA Corporation)
Task: {8CD93FE2-0F5F-4DCE-85A0-1BF431A93EC0} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {B4FA268A-F8B4-4593-A1B0-5966AA0C712D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {BED12AD3-A16B-4862-9541-DB02F37D1879} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {C13FE958-7C29-46A3-B308-027882D75618} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {CAE53F52-FBE6-4EFA-B0B8-F765FB865CDC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {CC18348F-50CD-470E-A1AF-F7EF6A1D7257} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-5KHI8QG-385ideal => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {D461A0BF-F71E-423F-BF2B-57123AEFD2E3} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe [2017-12-11] (IObit)
Task: {D5E27439-3016-4B1D-BFF7-1B18993AA8D6} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-5KHI8QG-385ideal => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {D7998E32-24F1-4D9B-8B5B-8FD6256CC76E} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-07-19] (Nota Inc.)
Task: {DCE61E5E-5970-46F6-8F41-46F6BCD0BBAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-15] (Google Inc.)
Task: {DE99B65D-D07D-4C1B-BB82-A97DDB05FA1F} - System32\Tasks\Driver Booster SkipUAC (385ideal) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe [2018-01-11] (IObit)
Task: {E19410CF-FC60-4E59-912F-8AED21E10528} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-07-19] (Nota Inc.)
Task: {E519BECF-4F9D-41E1-9E01-591D9DAFB227} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-08-03] (Microsoft Corporation)
Task: {E542612D-77CA-4638-AAAC-3BF482EBC275} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {F6747B6D-5A1D-49E6-8207-0AF1FAA9ECB8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-01-05 01:14 - 2018-01-05 01:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 01:13 - 2018-01-05 01:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-07-08 22:50 - 2018-05-20 19:36 - 001315296 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-01-04 10:04 - 2018-01-04 10:04 - 000649672 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-07-11 14:24 - 2018-06-29 10:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-07-11 14:24 - 2018-06-29 09:57 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-13 13:24 - 2018-03-28 12:02 - 000174744 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2017-10-13 13:17 - 2017-10-13 13:17 - 000020632 _____ () C:\Program Files\TeamSpeak 3 Client\libEGL.DLL
2017-10-13 13:17 - 2017-10-13 13:17 - 001981592 _____ () C:\Program Files\TeamSpeak 3 Client\libGLESv2.dll
2017-12-13 13:24 - 2018-03-28 12:02 - 000125592 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2017-12-13 13:24 - 2018-03-28 12:02 - 000150680 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2018-01-15 17:34 - 2018-01-15 17:34 - 000479744 _____ () C:\Users\385ideal\AppData\Roaming\TS3Client\plugins\soundboard.dll
2018-01-15 16:38 - 2018-01-15 16:38 - 000157696 _____ () C:\Users\385ideal\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll
2018-01-15 16:38 - 2018-01-15 16:38 - 000345880 _____ () C:\Users\385ideal\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll
2018-08-08 20:30 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-08 20:30 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-07-08 22:50 - 2018-05-20 19:36 - 095437792 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-07-08 22:51 - 2018-05-20 19:36 - 003029472 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-07-08 22:51 - 2018-05-20 19:36 - 000149984 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2017-10-13 08:46 - 2017-10-13 08:46 - 000266424 _____ () C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\libprotobuf-lite.dll
2018-04-04 14:45 - 2018-04-04 14:45 - 001442624 _____ () C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\libs\gxx_pipe_engine.dll
2018-04-04 14:45 - 2018-04-04 14:45 - 002206528 _____ () C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\libs\FSFileSytem.dll
2018-01-23 21:03 - 2017-05-22 12:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-01-23 21:03 - 2017-05-22 12:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-01-23 21:03 - 2017-05-22 12:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2018-01-15 17:19 - 2017-10-16 11:14 - 000442144 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madExcept_.bpl
2018-01-15 17:19 - 2017-10-16 11:14 - 000210720 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madBasic_.bpl
2018-01-15 17:19 - 2017-10-16 11:14 - 000059680 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madDisAsm_.bpl
2018-07-08 22:50 - 2018-05-20 19:36 - 001033184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-01-15 17:19 - 2016-08-01 11:48 - 000899872 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\webres.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2018-02-08 21:57 - 2018-07-03 13:36 - 000000140 _____ C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 blacklist.teamspeak.com 
0.0.0.0 blacklist2.teamspeak.com 
0.0.0.0 blacklist.teamspeak.com 
0.0.0.0 blacklist2.teamspeak.com 

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: WindscribeService => 2
HKLM\...\StartupApproved\StartupFolder: => "Adobe Gamma.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "Advanced SystemCare 11"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "MyComGames"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "EvolveClient"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{0B57F027-56A7-4CF8-9569-B5E087E87320}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{C42EF30A-899F-4C53-9A41-8DDEA221A687}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{FA228F35-4A14-4847-AB4F-EAC1C39166F3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{547C47DB-792B-4CBB-A7A0-199900C00D5D}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{C731B41B-B70E-4694-BE41-349AA9ABBE8C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{433017F3-80EF-45CF-8AA2-0BC15993FC5D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{BF53358F-074F-498B-8298-5B62C11B1346}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C6531A10-1757-49DF-AA86-16AED556108B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{73AD1169-9A89-4276-A588-0ABAF2620192}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CC6ACA08-948F-4BCD-B95D-DBEC34154569}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8AEDCBFC-C76A-4D79-AA59-7839A024CD5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{A86F23AF-0C0E-40ED-AF43-4C1295E59AF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{4A6FC4AB-1309-46AA-93CD-21EC2F9AE492}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{B3B10D21-369A-462B-B760-75D65C0C75F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{6F6133D4-583D-42B4-B9B4-D7439CD8C3F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{65BA13F2-DAC9-4CDC-AEAF-5838AECADAAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [TCP Query User{4B9867AF-6DC4-464C-A514-40AF3E15E79E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{77701210-6DBE-43B5-9F0E-0053752A5B0D}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{7A750145-144D-4239-90DA-0C7489BEC733}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [UDP Query User{FF984211-7906-4091-A783-AB72DF949CFC}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [{DAE37D57-97C9-4173-9851-F17BAD6970B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{7573EC47-8D83-4BEA-818B-50F8461C4587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{15965181-2CBB-47C5-8304-B44D685D14A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{2794224D-D93E-4C17-A24D-2452247A8AA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{CC8E69AF-6AD4-4862-BE04-5A046B50444A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{2930939B-A57D-4EFE-9E8C-95820126334A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{6A342DDB-AFBB-44BA-A432-794D5D60C871}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe
FirewallRules: [{F10B2001-1C73-4F2A-BED2-253C765ABF6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe
FirewallRules: [{34806F02-E512-4CC7-A5C8-D0226D96964A}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{54D7F66A-BA98-4508-9D27-EA4F9D0F18D1}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{0038FDC4-72C3-4424-90A1-C8F60F89A92B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{E7E1FA1A-134A-43C0-92F9-09C1FF546AAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{5B1C7A82-9446-4E8D-9516-B1FD06A3C322}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Ground\BrokenGround.exe
FirewallRules: [{A384C55C-552C-409D-AEA6-E4A5E26CE174}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Ground\BrokenGround.exe
FirewallRules: [{5E3F2D9D-3B37-48F8-B3D0-BA6F7CF2D22A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\slauncher.exe
FirewallRules: [{2E6CB928-1B94-4164-A966-E3F341F626F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\slauncher.exe
FirewallRules: [{4A5D7EDA-49E9-40B2-8925-2DF6EF55AE74}] => (Allow) C:\Users\385ideal\AppData\Local\Programs\Opera\53.0.2907.99\opera.exe
FirewallRules: [{7B794AC1-AE3B-4E77-8D9C-658B2D1F6211}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8C8463D9-DE6A-4F5E-9FFC-760E33B88F51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9048B8EB-7869-4AE6-8B4C-2D7D7FD607BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{306F1D56-A47D-428F-89B5-C95CE7C7A9DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{D51C70FB-E912-4E2D-98B1-0BC87903CBE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B981D70E-AA39-406D-A37C-9B696D106285}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{47714EA7-B2D9-4C0A-9192-DD8D993EB672}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8D46802A-D8A0-49C6-8FDA-CD65661628C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D418BB94-15FB-4FA1-9D81-24B1663475F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C57812F3-BF13-4281-B94F-9977B5A63682}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BE6AA0FC-12F5-4EE2-A7DB-DA1E35C6042F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{E6C29364-161E-4DBE-82C0-B519B94C1F0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{48B2D107-C74B-4EF3-9EB9-74A5C927B142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Squad\squad_launcher.exe
FirewallRules: [{3462EBB5-AF90-433C-B4B4-0C08EF250D1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Squad\squad_launcher.exe
FirewallRules: [{5DAF89C7-F314-4455-8B92-A0DE161041C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\bpreport.exe
FirewallRules: [{40BAA1CD-A677-481F-B4B1-564BCC27D508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\bpreport.exe
FirewallRules: [{4846C80A-D2E5-47BE-8276-A0CC9E863FC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\bpreport.exe
FirewallRules: [{F0C3ABAB-4E1A-4B89-8634-A10E7A52BBBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\bpreport.exe
FirewallRules: [{585C391A-5072-450B-9327-0EE493F6AD56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\gaijin_downloader.exe
FirewallRules: [{8893AF3D-E7A7-4FD0-91C5-753AEE69EB49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\gaijin_downloader.exe
FirewallRules: [{9282E650-96FC-4607-860B-00B5D72603BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlist.exe
FirewallRules: [{34967C59-1F4E-4166-B52C-28118D729A8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlist.exe
FirewallRules: [{6276B38A-D700-458F-B67E-16E3EBE808F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlisted.exe
FirewallRules: [{60699366-E925-4BEF-A8F8-CD358F32032F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlisted.exe
FirewallRules: [{7732A8CE-0ACF-48B4-8554-321CEF669E47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E29A9662-C540-4195-B5D3-9961F05863EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B3ED6D28-F809-4A27-ADC4-DDE7AD4EB3D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C13A551A-5CDC-4023-B4EB-557126BEBBB9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CBD5FE6A-CEB0-4A38-8258-85942D886787}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B01B588E-A752-4677-8A42-E8F083637E5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A216A82B-426B-4869-824B-009CD5BEAAB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{69BFA8CE-1418-4A01-9140-F984C42D14D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E86DD4C1-6A36-4638-9397-FCC569ABADDF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{A3A17877-D448-45C8-97B3-805CCF3D99DB}C:\users\385ideal\downloads\anydesk.exe] => (Allow) C:\users\385ideal\downloads\anydesk.exe
FirewallRules: [UDP Query User{CA1DD6D4-E008-4A5E-BA67-1DD2AABAB504}C:\users\385ideal\downloads\anydesk.exe] => (Allow) C:\users\385ideal\downloads\anydesk.exe

==================== Wiederherstellungspunkte =========================

09-07-2018 22:23:00 Installed HideMy.name VPN.
02-08-2018 09:56:32 Geplanter Prüfpunkt
05-08-2018 16:04:12 Installed Oracle VM VirtualBox 5.2.16
10-08-2018 15:44:40 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: TunnelBear Adapter V9
Description: TunnelBear Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TunnelBear Provider V9
Service: tap-tb-0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/11/2018 03:11:56 AM) (Source: ESENT) (EventID: 489) (User: )
Description: TaskMan (5320,D,50) {83782D7D-5A63-4BA7-86DF-85B32673FF8C}: Der Versuch, die Datei "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (08/10/2018 07:02:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vegas150.exe, Version: 15.0.0.177, Zeitstempel: 0x598f9d16
Name des fehlerhaften Moduls: igdrcl64.dll, Version: 20.19.15.4474, Zeitstempel: 0x575eea96
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000007a74a
ID des fehlerhaften Prozesses: 0x15e8
Startzeit der fehlerhaften Anwendung: 0x01d430cbcf84336a
Pfad der fehlerhaften Anwendung: C:\Program Files\VEGAS\VEGAS Pro 15.0\vegas150.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\igdrcl64.dll
Berichtskennung: 60bf18f1-5cfe-47b8-ab59-fef970a1f5c4
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/10/2018 01:50:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3launcher.exe, Version: 1.5.144.923, Zeitstempel: 0x5b574c20
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x80131623
Fehleroffset: 0x1b421e40
ID des fehlerhaften Prozesses: 0x1db8
Startzeit der fehlerhaften Anwendung: 0x01d4303b9b803200
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: d2c14316-c9ea-4100-9069-9eb34bc57049
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/10/2018 01:50:23 AM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Anwendung: arma3launcher.exe
Frameworkversion: v4.0.30319
Beschreibung: Die Anwendung forderte die Beendigung des Prozesses durch System.Environment.FailFast(Zeichenfolgenmeldung) an.
Meldung: Shutdown fail-safe: Launcher forcefully terminated itself to prevent being stuck.
Stapel:
   bei System.Environment.FailFast(System.String)
   bei Launcher.ViewModels.LauncherViewModel+<<Shutdown>b__75>d__79.MoveNext()
   bei System.Runtime.CompilerServices.AsyncMethodBuilderCore+MoveNextRunner.InvokeMoveNext(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Runtime.CompilerServices.AsyncMethodBuilderCore+MoveNextRunner.Run()
   bei System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(System.Action, Boolean, System.Threading.Tasks.Task ByRef)
   bei System.Threading.Tasks.Task.FinishContinuations()
   bei System.Threading.Tasks.Task.FinishStageThree()
   bei System.Threading.Tasks.Task`1[[System.Threading.Tasks.VoidTaskResult, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].TrySetResult(System.Threading.Tasks.VoidTaskResult)
   bei System.Threading.Tasks.Task+DelayPromise.Complete()
   bei System.Threading.Tasks.Task+<>c.<Delay>b__274_1(System.Object)
   bei System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.TimerQueueTimer.CallCallback()
   bei System.Threading.TimerQueueTimer.Fire()
   bei System.Threading.TimerQueue.FireNextTimers()
   bei System.Threading.TimerQueue.AppDomainTimerCallback()

Error: (08/09/2018 11:37:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3launcher.exe, Version: 1.5.144.923, Zeitstempel: 0x5b574c20
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x80131623
Fehleroffset: 0x1a4f2fe0
ID des fehlerhaften Prozesses: 0x2e50
Startzeit der fehlerhaften Anwendung: 0x01d4302917f9ff59
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 21ac7e9d-bb7d-4c3b-9fc0-0f3ec442b1b6
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/09/2018 11:37:31 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Anwendung: arma3launcher.exe
Frameworkversion: v4.0.30319
Beschreibung: Die Anwendung forderte die Beendigung des Prozesses durch System.Environment.FailFast(Zeichenfolgenmeldung) an.
Meldung: Shutdown fail-safe: Launcher forcefully terminated itself to prevent being stuck.
Stapel:
   bei System.Environment.FailFast(System.String)
   bei Launcher.ViewModels.LauncherViewModel+<<Shutdown>b__75>d__79.MoveNext()
   bei System.Runtime.CompilerServices.AsyncMethodBuilderCore+MoveNextRunner.InvokeMoveNext(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Runtime.CompilerServices.AsyncMethodBuilderCore+MoveNextRunner.Run()
   bei System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(System.Action, Boolean, System.Threading.Tasks.Task ByRef)
   bei System.Threading.Tasks.Task.FinishContinuations()
   bei System.Threading.Tasks.Task.FinishStageThree()
   bei System.Threading.Tasks.Task`1[[System.Threading.Tasks.VoidTaskResult, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].TrySetResult(System.Threading.Tasks.VoidTaskResult)
   bei System.Threading.Tasks.Task+DelayPromise.Complete()
   bei System.Threading.Tasks.Task+<>c.<Delay>b__274_1(System.Object)
   bei System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.TimerQueueTimer.CallCallback()
   bei System.Threading.TimerQueueTimer.Fire()
   bei System.Threading.TimerQueue.FireNextTimers()
   bei System.Threading.TimerQueue.AppDomainTimerCallback()

Error: (08/09/2018 11:30:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3launcher.exe, Version: 1.5.144.923, Zeitstempel: 0x5b574c20
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x80131623
Fehleroffset: 0x1d2265f0
ID des fehlerhaften Prozesses: 0x2064
Startzeit der fehlerhaften Anwendung: 0x01d4302810a419a7
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 6f292ace-1e8d-4da9-a440-1ab46869104f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/09/2018 11:29:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3launcher.exe, Version: 1.5.144.923, Zeitstempel: 0x5b574c20
Name des fehlerhaften Moduls: SteamLayer.dll, Version: 1.5.0.0, Zeitstempel: 0x5b574bb3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00021450
ID des fehlerhaften Prozesses: 0x2064
Startzeit der fehlerhaften Anwendung: 0x01d4302810a419a7
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\steamapps\common\Arma 3\Launcher\SteamLayer.dll
Berichtskennung: 2dab772e-dee0-415d-a80f-e23075e5eca6
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (08/11/2018 01:37:57 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7HDHAQ)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-7HDHAQ\385ideal" (SID: S-1-5-21-3460944108-2816622866-3298408181-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/11/2018 01:36:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/11/2018 01:36:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/11/2018 01:36:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/11/2018 01:36:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/11/2018 01:36:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/11/2018 01:36:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/11/2018 01:35:41 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden.


CodeIntegrity:
===================================

Date: 2018-08-11 13:41:42.223
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 13:41:42.222
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 13:41:31.887
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 13:41:31.886
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 13:39:32.545
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 13:39:32.544
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 13:39:30.647
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 13:39:30.646
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 8135.17 MB
Verfügbarer physikalischer RAM: 4449.88 MB
Summe virtueller Speicher: 16135.17 MB
Verfügbarer virtueller Speicher: 11317.18 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:150 GB) NTFS
Drive d: () (Fixed) (Total:199.87 GB) (Free:191.76 GB) NTFS

\\?\Volume{c7b7bf99-8ac7-4acb-888b-df8380047d1b}\ (Wiederherstellung) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS
\\?\Volume{f2a69e9a-b894-4f43-b266-925aca441b16}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 29.8 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

==================== Ende von Addition.txt ============================

cosinus · 11.08.2018, 13:19

Da muss einiges an Müll runter und auch an veraltetem Krempel. Ich rate auch unebdingt dazu, Google Chrome in die Wüste zu schicken und nur noch Mozilla Firefox zu verwenden.

Lesestoff:
Google Chrome

Offensichtlich nutzt du den Browser Chrome von Google. Von der Verwendung dieses Browsers muss man aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs

Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren.

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Advanced SystemCare 11

Driver Booster 5

IObit Uninstaller

Java 8 Update 161

Java 8 Update 162

OpenOffice 4.1.5
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

385ideal · 11.08.2018, 14:15

Nach dem ich die Anwendungen gelöscht habe ist alles erledigt?

cosinus · 11.08.2018, 15:23

Schädlinge suchen mit Kaspersky TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

385ideal · 11.08.2018, 15:45

Code:

ATTFilter

16:41:50.0335 0x3cac  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
16:41:50.0335 0x3cac  UEFI system
16:41:53.0401 0x3cac  ============================================================
16:41:53.0401 0x3cac  Current date / time: 2018/08/11 16:41:53.0401
16:41:53.0401 0x3cac  SystemInfo:
16:41:53.0401 0x3cac  
16:41:53.0401 0x3cac  OS Version: 10.0.16299 ServicePack: 0.0
16:41:53.0401 0x3cac  Product type: Workstation
16:41:53.0401 0x3cac  ComputerName: DESKTOP-7HDHAQ
16:41:53.0402 0x3cac  UserName: 385ideal
16:41:53.0402 0x3cac  Windows directory: C:\Windows
16:41:53.0402 0x3cac  System windows directory: C:\Windows
16:41:53.0402 0x3cac  Running under WOW64
16:41:53.0402 0x3cac  Processor architecture: Intel x64
16:41:53.0402 0x3cac  Number of processors: 8
16:41:53.0402 0x3cac  Page size: 0x1000
16:41:53.0402 0x3cac  Boot type: Normal boot
16:41:53.0402 0x3cac  CodeIntegrityOptions = 0x0000C001
16:41:53.0402 0x3cac  ============================================================
16:41:53.0922 0x3cac  KLMD registered as C:\Windows\system32\drivers\91856107.sys
16:41:53.0922 0x3cac  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 16299.431, osProperties = 0x19
16:41:54.0042 0x3cac  System UUID: {16F2CFF0-DABC-3244-0469-FEB905F6344D}
16:41:54.0227 0x3cac  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:54.0227 0x3cac  Drive \Device\Harddisk1\DR1 - Size: 0x7745D6000 ( 29.82 Gb ), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:54.0248 0x3cac  ============================================================
16:41:54.0248 0x3cac  \Device\Harddisk0\DR0:
16:41:54.0248 0x3cac  GPT partitions:
16:41:54.0283 0x3cac  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C7B7BF99-8AC7-4ACB-888B-DF8380047D1B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
16:41:54.0283 0x3cac  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F2A69E9A-B894-4F43-B266-925ACA441B16}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x31800
16:41:54.0283 0x3cac  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4D108106-094E-48C5-8714-AB3B0679240B}, Name: Microsoft reserved partition, StartLBA 0x12B800, BlocksNum 0x8000
16:41:54.0283 0x3cac  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {899FF927-E2ED-4D86-99B0-F89D366DE654}, Name: Basic data partition, StartLBA 0x133800, BlocksNum 0x745D3000
16:41:54.0283 0x3cac  MBR partitions:
16:41:54.0283 0x3cac  \Device\Harddisk1\DR1:
16:41:54.0283 0x3cac  GPT partitions:
16:41:54.0283 0x3cac  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A2A134BC-5500-11E7-B585-40E2307AFD98}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
16:41:54.0283 0x3cac  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E75CAF8F-F680-4CEE-AFA3-B001E56EFC2D}, UniqueGUID: {A2A134BD-5500-11E7-B585-40E2307AFD98}, Name: Speicherpool, StartLBA 0x40800, BlocksNum 0x3B62000
16:41:54.0283 0x3cac  MBR partitions:
16:41:54.0283 0x3cac  ============================================================
16:41:54.0311 0x3cac  C: <-> \Device\Harddisk0\DR0\Partition4
16:41:54.0311 0x3cac  ============================================================
16:41:54.0311 0x3cac  Initialize success
16:41:54.0311 0x3cac  ============================================================
16:42:24.0444 0x2334  ============================================================
16:42:24.0444 0x2334  Scan started
16:42:24.0444 0x2334  Mode: Manual; SigCheck; TDLFS; 
16:42:24.0444 0x2334  ============================================================
16:42:24.0444 0x2334  KSN ping started
16:42:24.0590 0x2334  KSN ping finished: true
16:42:26.0917 0x2334  ================ Scan system memory ========================
16:42:26.0918 0x2334  System memory - ok
16:42:26.0918 0x2334  ================ Scan services =============================
16:42:27.0129 0x2334  11338 - ok
16:42:27.0278 0x2334  [ 08312DEEF0D3F8647AA53AD90A69094E, E32620323E7EDD3CAB5B04B9E37DDE7CA87B45C2CB17520D69D03C17E1D5F65A ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
16:42:27.0321 0x2334  1394ohci - ok
16:42:27.0338 0x2334  18385 - ok
16:42:27.0340 0x2334  21994 - ok
16:42:27.0342 0x2334  22603 - ok
16:42:27.0344 0x2334  29181 - ok
16:42:27.0349 0x2334  [ 645009E711BBF117CCEE917A03FB0CDD, B531951443D961C08428CB0F77F57D9F33C37C0637F919A9DA9DB5DA18479F70 ] 3ware           C:\Windows\system32\drivers\3ware.sys
16:42:27.0358 0x2334  3ware - ok
16:42:27.0360 0x2334  54853 - ok
16:42:27.0395 0x2334  [ 334BAC25FE297342B119730E699B826C, 7ADC9240BFC835C48609BFCED422C4653BC2CA23F4474CD57A25D15EE44736B0 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:42:27.0415 0x2334  ACPI - ok
16:42:27.0431 0x2334  [ 44EA35A4B397898A83BF1B9B4B8DAE35, 023E3BC5CE47518269A812F156EFF1BD4CB14F1F5DD3FCC317DE046A519E20CE ] AcpiDev         C:\Windows\System32\drivers\AcpiDev.sys
16:42:27.0448 0x2334  AcpiDev - ok
16:42:27.0459 0x2334  [ 91D113A1532B8AB1E25B7DE5AB3C2F83, 43134DB92D522FCF537FFA8E829021F43BDD90006D7F096BA483DA1DAD3D1CC3 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
16:42:27.0468 0x2334  acpiex - ok
16:42:27.0483 0x2334  [ 620BB2682BA625DF037072D89F44F6EE, A1A72F663C75DC65B1BA278CD7F43FAE6D1BDAE2F3F1D8269F508DECB555FFF9 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
16:42:27.0503 0x2334  acpipagr - ok
16:42:27.0518 0x2334  [ B9805A3C479390CEAEA5AEF5E4A90A2E, D9256734BC46EA43133873BDDE56B9A3597F74CFE82500FFB374A8EE6293ADD3 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
16:42:27.0542 0x2334  AcpiPmi - ok
16:42:27.0554 0x2334  [ ABD4EB55C661143B015BD0B9B47B235C, 5F109BA04010E634D547E86AF67659EA06BD05FCF78A493DB190790C4D7E13EA ] acpitime        C:\Windows\System32\drivers\acpitime.sys
16:42:27.0564 0x2334  acpitime - ok
16:42:27.0635 0x2334  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
16:42:27.0644 0x2334  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
16:42:27.0743 0x2334  Detect skipped due to KSN trusted
16:42:27.0743 0x2334  Adobe LM Service - ok
16:42:27.0828 0x2334  [ BA4D7EFDEA4603C52851F2FD872C3AF5, E579B6629C060EF29CD65FFD424CC73EE12746483575654C3C533CC4E7619006 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
16:42:27.0857 0x2334  AdobeUpdateService - ok
16:42:27.0878 0x2334  [ 8C58BD711FAD5F11E8CFDBC5CED973A5, 340FCD2C492009D5D7732FBF94198C4767125A77E0C71BB20E5CB2BDA5AB57CF ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
16:42:27.0904 0x2334  ADP80XX - ok
16:42:27.0957 0x2334  [ 9619C0D7DB55CC3A636A24A7D82B0C8E, 12FA6F3CCABDC707F1ED1D48F9C53B84773D8E68719256192C64DE40D5DB909E ] AFD             C:\Windows\system32\drivers\afd.sys
16:42:27.0975 0x2334  AFD - ok
16:42:28.0185 0x2334  [ 3D1BB871A893182B0058A4898D5AFE29, 77AAD5ADD3C0F6AE2056CD4891644CE7F12946B05A4BDBCC711A1BD3B2C650C2 ] AGMService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
16:42:28.0281 0x2334  AGMService - ok
16:42:28.0426 0x2334  [ C20CA26CDE768CA950C622B866292FC2, 007B142A02B3676F320F9BBB92AAAE1589938FD19D20701655114CE84588526B ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
16:42:28.0478 0x2334  AGSService - ok
16:42:28.0510 0x2334  [ DCE606F0E15E0FB75ECC02EBB3DEFA9C, CC851775136EC09CD41BF7EE1582BC6BE41086A807F5EBF3F97C60B57D5ADBC5 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
16:42:28.0539 0x2334  ahcache - ok
16:42:28.0567 0x2334  [ 84FFB4AC2BA923364DF13F73751E05D1, EBD054282D93F290408A2343C0CBF98CEF7619A8252DC04E15322E51505D45AF ] AJRouter        C:\Windows\System32\AJRouter.dll
16:42:28.0594 0x2334  AJRouter - ok
16:42:28.0615 0x2334  [ 084101AB03969D8ED00D5FFBE5F4C3DF, 6425FA16F0CBF5F3008780095364830EBF1F073BD5109764FE9E88245AFB9367 ] ALG             C:\Windows\System32\alg.exe
16:42:28.0629 0x2334  ALG - ok
16:42:28.0647 0x2334  [ 654824DF0CE32C9D274C1943DEB19AEA, 298D21026D503CBCE7A5385E8466905C62EDC89EE7AAD824127A213A9662ED73 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
16:42:28.0675 0x2334  AmdK8 - ok
16:42:28.0693 0x2334  [ 12C4246CE1B769B720BE0848F75AB4C1, EDB6C085FB1291FE5436360FFE227E9885C5698B2076C6C326316A4E672AE8AE ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
16:42:28.0707 0x2334  AmdPPM - ok
16:42:28.0729 0x2334  [ F1C16AABA27E9E153AEC7BD2AB853F30, 7CFDBD218E6C161747A21BBACC78BF1061F2427ED1247F1AE0879BE155C504E7 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:42:28.0737 0x2334  amdsata - ok
16:42:28.0748 0x2334  [ C834D0F1ECB8473E9E6D18EE1BCEECB2, C9B7B9279F96DE4DA1EE096B6463591B3A718F87CD75E544C5A07C3639D1F188 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:42:28.0759 0x2334  amdsbs - ok
16:42:28.0776 0x2334  [ 49203D2FFE30CBB36BE66A0E70F3D954, E5B5A3B3B4A8FF03B5C902642C776CECD554CA1DB25419111EDA83602986CCCE ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:42:28.0783 0x2334  amdxata - ok
16:42:28.0823 0x2334  [ 38DC4D8B1BD5DA43179EEA726BD05249, 4BCACD6A6EDCBC76F3132142E70E9BE828BAA2C2D91F634A322FADD330C7ACC0 ] AppID           C:\Windows\system32\drivers\appid.sys
16:42:28.0833 0x2334  AppID - ok
16:42:28.0868 0x2334  [ BBB70415033710D6D7D58DDF2B0A06FA, 4CBB449D6A7970CF6BBFFAA96C3101EECD063A37DEBCB8D3C694BA1F4CCB8901 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:42:28.0901 0x2334  AppIDSvc - ok
16:42:28.0932 0x2334  [ 9D01D0608E39FCDE57969B0AA0191A56, E9D7F44A87D87F56CD3AA9D22C5466C04F2B9515124872BFA7FDE3FD81659DD4 ] Appinfo         C:\Windows\System32\appinfo.dll
16:42:28.0952 0x2334  Appinfo - ok
16:42:29.0027 0x2334  [ 7EB4548BA1B9ECD1D77A7512E4C3777F, CCCF4B4BC5526A3256C6E3D7FE4592B623FD2C05DD90CEBC0300A1245A9C68B0 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:42:29.0034 0x2334  Apple Mobile Device Service - ok
16:42:29.0062 0x2334  [ 1E085E2302D568F0CE041732B3E887B0, 0D2A3675FDD04C800B302C84A43F233F0217EB4B1AD44B11AADDB0D5D8FA0DB2 ] applockerfltr   C:\Windows\system32\drivers\applockerfltr.sys
16:42:29.0084 0x2334  applockerfltr - ok
16:42:29.0112 0x2334  [ 1D123729F547EEDFBE3F510346848C38, B170860348FBAC054203A7B858866A12944D7046C01BA3A14AC0860D8C288770 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
16:42:29.0148 0x2334  AppReadiness - ok
16:42:29.0226 0x2334  [ 9D2DA0B34F947F7C943404FF17419A19, FC2672BD6AB95E1DC2E4F5AB7E38125BE0A8C213F45F9F2E0051EEE1CFC56FF1 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
16:42:29.0307 0x2334  AppXSvc - ok
16:42:29.0329 0x2334  [ B42C83DE28776B80DBA1310C56DD4F74, 8E017B73D5AD644EC1D46BC1DC2CAF465A6793E2AD6DC35A2E3AB907E7719C40 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:42:29.0338 0x2334  arcsas - ok
16:42:29.0372 0x2334  [ DCD966874B4C8C952662D2D16DDB4D7C, AAA3459BCAC25423F78ED72DBAE4D7EF19E7C5C65770CBE5210B14E33CD1816C ] aswArPot        C:\Windows\system32\drivers\aswArPot.sys
16:42:29.0405 0x2334  aswArPot - ok
16:42:29.0437 0x2334  [ A2F689B3E2BEAF05DD6DBE6ED862F781, 0F988A630A0D5DB79A2A5B15EB088230381C2ABAD33FE1B82DD16AE3F3A58975 ] aswbidsdriver   C:\Windows\system32\drivers\aswbidsdrivera.sys
16:42:29.0446 0x2334  aswbidsdriver - ok
16:42:29.0466 0x2334  [ 9CAF76B70650DBF39AD85E6CE885F5B7, 9C1874C555EBCE839D43A55782BA0405FC8B7772B903E2260D2E1361A3FDFA7A ] aswbidsh        C:\Windows\system32\drivers\aswbidsha.sys
16:42:29.0475 0x2334  aswbidsh - ok
16:42:29.0497 0x2334  [ A846D0306A72F8AF5515009D811F344B, B10E8C6822D24012DFD779497953DAD8B2998DE35E5E3BD1C75158F924D60B7B ] aswblog         C:\Windows\system32\drivers\aswbloga.sys
16:42:29.0509 0x2334  aswblog - ok
16:42:29.0526 0x2334  [ 6A4C9AEBDBB30D9DF0A6F03BC3B4007B, 903C6A5005448F49E053F28BB0979A7BF559EC504265275ED3D231A66695B217 ] aswbuniv        C:\Windows\system32\drivers\aswbuniva.sys
16:42:29.0532 0x2334  aswbuniv - ok
16:42:29.0559 0x2334  [ 385F63137F179F0ED040E3D7899AF149, 238284674242FF0F931120836118B6C83FFD720C31BA58551EE18868330710C5 ] aswHdsKe        C:\Windows\system32\drivers\aswHdsKe.sys
16:42:29.0569 0x2334  aswHdsKe - ok
16:42:29.0588 0x2334  [ 92F25DFDF0C1051B311A7BD980A0E9AE, 5CBAB5094F6DB64B0CDE8506E26E285E4999534C623ECC30339A36C5090A9B2A ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
16:42:29.0596 0x2334  aswHwid - ok
16:42:29.0608 0x2334  [ 6B24EFD741C02480A7AFDD68A334EA4F, 94C73885662E9CCFB800FFA1D5B5EF2A6C95708DE67E0819672FBDB569667964 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
16:42:29.0617 0x2334  aswMonFlt - ok
16:42:29.0630 0x2334  [ B9C7752B3D482D8CAEE9848F414164A9, 8E827265C3AE3D7D6324E57AEA4FAF8407AFB28A19056183D4C3DBDB8273EC9B ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
16:42:29.0638 0x2334  aswRdr - ok
16:42:29.0662 0x2334  [ 841177ED7A3F4A899E50736FBA7E9AB2, 2D5E0080579F07953E0CC5529A7701891AD1E352F38BB5F99914927255590A49 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
16:42:29.0669 0x2334  aswRvrt - ok
16:42:29.0715 0x2334  [ CC12B6E35CCC5282DEFE3E74A9C7D33D, 03D7C049D14F03BA5272C110C9EF8FD85F78FEEBB2EBAE1AF05C859B5C726141 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
16:42:29.0746 0x2334  aswSnx - ok
16:42:29.0767 0x2334  [ CD8387672DA9F706481EF9D3F7C32BB2, 9B115E32DAEF888BFDE2DAD06C51B6A6D247B78AF92535710C3E432693023448 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
16:42:29.0782 0x2334  aswSP - ok
16:42:29.0807 0x2334  [ 95B840B4BEDA5DBCC60D7A5FEF0DAE54, 2EB8C9CD576335A936FAF37D4E2FF72FCE7A16C978A42847F937F3F6647BC6B0 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
16:42:29.0816 0x2334  aswStm - ok
16:42:29.0833 0x2334  [ CA1FC21F1A2D55AE0BB5F6E8FBEA8ECF, A7EE9FECC50C70C541E441810E7750B0065F4A1A009BA0E68AB8D2D12AD2B584 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
16:42:29.0846 0x2334  aswVmm - ok
16:42:29.0866 0x2334  [ C2151380227CD1F7DDA2401C1F151367, 0E76DCD69CAB960DC65942269081436A9DDA255E908E71A29E72DFCFC5CDCC7C ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
16:42:29.0879 0x2334  AsyncMac - ok
16:42:29.0920 0x2334  [ 6191B9B2EE0E8CB957C683B9B341CC86, E60ACC6E9C6E90F2E1DA0DE220C890B50887FD97E7884F8F4301FF2C9A2F408A ] atapi           C:\Windows\system32\drivers\atapi.sys
16:42:29.0927 0x2334  atapi - ok
16:42:29.0963 0x2334  [ 0A414BE36FFA16E9F20F94008E366AD6, FE254DDDEB22FFFBBFCC87FE035AE5C6F44F08C6FF0EDFBC0C584C0C47E6FF55 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
16:42:29.0989 0x2334  AudioEndpointBuilder - ok
16:42:30.0026 0x2334  [ 57D7504862058467BA8FB8D988E6D372, B0993D1040C91FFB9B5EDBFCBF9885887C90A01E9A7DD4218FA0D09A05C42097 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:42:30.0086 0x2334  Audiosrv - ok
16:42:30.0111 0x2334  [ 947FF5992E26AFD4CAA34506678B70BC, 0B125EDBD6E740375E45AAA465DC83740F5CD43A55CDA404F7A81F37EE3BC57C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:42:30.0126 0x2334  AxInstSV - ok
16:42:30.0149 0x2334  [ A921805C1ED3253DF48FCA4D724173EB, 7DB6A13228812550F066C76273ECA6B3FC12E7CC98C245D16B5A13FBCF6A509D ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:42:30.0168 0x2334  b06bdrv - ok
16:42:30.0211 0x2334  [ 3CC12A09AE7293F4CD1688117B46B9BB, 377B7FB7704BEA894801956756EF0EF2E8C938ABAA047F4729CDE91B44357CFB ] bam             C:\Windows\system32\drivers\bam.sys
16:42:30.0220 0x2334  bam - ok
16:42:30.0236 0x2334  [ 2A7267AA15E508F6D05A5B562F1FD1CE, 7070123619A3F08864844FF89C9DEA1D4ED48D05D2B93E305774BE715583DD51 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
16:42:30.0259 0x2334  BasicDisplay - ok
16:42:30.0285 0x2334  [ FAFAEDFC7CAFD8B8FADA6A81BAF92E3A, 11EA3C361DFE5CC177E7D8FD002DC6542E05D1C74977A4716BC1B3DA5CAE963F ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
16:42:30.0320 0x2334  BasicRender - ok
16:42:30.0346 0x2334  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
16:42:30.0356 0x2334  bcmfn2 - ok
16:42:30.0378 0x2334  [ 72963E0676003016B431306A6F4951BF, 3442A7C1AC1EE8E68F15C78CEBAC237D7535F834AA13F8BB602645DD183A73D3 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:42:30.0397 0x2334  BDESVC - ok
16:42:30.0439 0x2334  [ 355D162E52819C19396FB01A8E005A1F, F7911703B51832806F9A88ECD7912A66A02A7798931F27757046D62895FCA0BD ] Beep            C:\Windows\system32\drivers\Beep.sys
16:42:30.0464 0x2334  Beep - ok
16:42:30.0691 0x2334  [ C30C47170DDEE783A99D6AC773B8E3A4, 61C685DCB546EB3F7AD661A40C095E97207686F8C7225BA3BAE895B6312DD8C0 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
16:42:30.0879 0x2334  BEService - ok
16:42:30.0930 0x2334  [ F6262869E673CC957C5D820C67F34D2F, F4E94E60DA70CC0C2474D2BD8BA6D8F77A38FFCCDD841B8C1D29A12FC057194C ] BFE             C:\Windows\System32\bfe.dll
16:42:30.0967 0x2334  BFE - ok
16:42:31.0026 0x2334  [ A0D1BF71E828CEFD7F9DC726AEAD80CE, 742F245105412476A8713ADFBBA5E6498B3B1A03DCF3EE58C15F5AC06C686B44 ] BITS            C:\Windows\System32\qmgr.dll
16:42:31.0097 0x2334  BITS - ok
16:42:31.0138 0x2334  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:42:31.0151 0x2334  Bonjour Service - ok
16:42:31.0191 0x2334  [ 8843185CC8F60801C06812799584F6EB, 35D893B9C53215548C95143377F8DDC98A45F2269839BA498F2FA22B409F13C0 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:42:31.0212 0x2334  bowser - ok
16:42:31.0261 0x2334  [ FA2702519B710C40E6E55F85F7F87BBC, 95EE006E89FDC78F17BD68DE9977030A0FD47343FDF8308A68742F9E3D13CDF2 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
16:42:31.0297 0x2334  BrokerInfrastructure - ok
16:42:31.0329 0x2334  [ A4863B7B1F0DB513D6E34547BACC211A, 41E74A60721CCBE0A4D487B3EE01BAC3108D9BA819BF58A64E963478C43828E9 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
16:42:31.0342 0x2334  BthAvrcpTg - ok
16:42:31.0420 0x2334  [ 82BD96D56574231AD0E9BBF293EA2E7F, EFC7121D6EC425F89BF10078F3716A63753303B6DAB6CC3EF90730E6CBED4630 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
16:42:31.0433 0x2334  BthEnum - ok
16:42:31.0438 0x2334  [ 9C9EE272C11252C651C5DE6A1AC1EDAA, DED378E894FA07B75F2E93490075879A50879CACACCF09F3F9EF37EDFA159233 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
16:42:31.0453 0x2334  BthHFEnum - ok
16:42:31.0457 0x2334  [ 69734E386826ED857C889330F35B4D9C, F0804D41D4BA6C9022B70D5092C4F14128D33F66C5D85DE10115A37C36927B70 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
16:42:31.0470 0x2334  bthhfhid - ok
16:42:31.0499 0x2334  [ BC58294295CBAD6637A526470305B5EA, FAA1A1C85D418B063D8A6E93558BA74D766081268354D63E28D372BD55D523DD ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
16:42:31.0521 0x2334  BthHFSrv - ok
16:42:31.0535 0x2334  [ 338B8D45C7DFB03DB7957188E16C9661, C634A32E6C945760BD85E3862B88BDA3E63A33DAD69523FD14523C3D301E675C ] bthl2cap        C:\Windows\system32\DRIVERS\bthl2cap.sys
16:42:31.0550 0x2334  bthl2cap - ok
16:42:31.0614 0x2334  [ 47BF82E2A6D11279C8501E08518AB835, 2B8D770AC694F31844A39BAC3B49C36523C9586D4B22C390009B057D4DA9D0F0 ] BthLEEnum       C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
16:42:31.0628 0x2334  BthLEEnum - ok
16:42:31.0632 0x2334  [ A94AFAEA86F5F792BB4ECA095B231464, 588256D53CD50B8299FCABF624E8EF29761B16DE1999896DC647FBF8E2BAEA68 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
16:42:31.0655 0x2334  BTHMODEM - ok
16:42:31.0708 0x2334  [ 8E1D70E7778202D82A82E0E6710B827A, F10588CB1C5106BEE9009ACE798D349C7F786EFF9C4A0A312DF9D30BC1AAF9B3 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
16:42:31.0721 0x2334  BthPan - ok
16:42:31.0769 0x2334  [ 9FE6899D354BE916E1B37FA6121DDF7B, A9B47A154ACCEE3D193ABA5ECC1E69F0985AB85A0B6041E7B459826571B326C8 ] BTHPORT         C:\Windows\System32\drivers\BTHport.sys
16:42:31.0812 0x2334  BTHPORT - ok
16:42:31.0826 0x2334  [ 572BCA61B7E026E057AF7DF456AC7E0B, CA35DCC02BFE2D34C40449E47F0C8BA4AD709F01A952B9354332560CE72A1E4F ] bthserv         C:\Windows\system32\bthserv.dll
16:42:31.0884 0x2334  bthserv - ok
16:42:31.0990 0x2334  [ 55C836530A9602255BFB4F5D9DA2B737, DB82CB1FB657955AE80A144CC30D5112CF90FBEFCE9E89CF7CEF2929EBE56B28 ] BTHUSB          C:\Windows\System32\drivers\BTHUSB.sys
16:42:32.0003 0x2334  BTHUSB - ok
16:42:32.0048 0x2334  [ 39E7437FC59CDD7A303ABD514E462E8B, 9DCACFC12090BA03E3DD8E0EFE02382E3D42B528BDF6DD77318CAFACBA9EBA09 ] bttflt          C:\Windows\system32\drivers\bttflt.sys
16:42:32.0057 0x2334  bttflt - ok
16:42:32.0068 0x2334  [ 522888590B0C19BC8128119060AE7901, 9C979FD442E7B189FD156BD5E5E4A3D10FDABB3C38094B9C67A702103D39B00F ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
16:42:32.0081 0x2334  buttonconverter - ok
16:42:32.0085 0x2334  [ 2AB01CE5E233A6FBA3E91BD57772AA4B, DC241810B774BCE651B525885480F05D15AE0E623D53E4CB02562A8424C067E2 ] CAD             C:\Windows\System32\drivers\CAD.sys
16:42:32.0094 0x2334  CAD - ok
16:42:32.0126 0x2334  [ E2C8EE32C053892E685A989071AAE333, 842228C315BBD5FA802A81833BB0158774969FED4C5A706F9B904F7C70DB80A3 ] camsvc          C:\Windows\system32\CapabilityAccessManager.dll
16:42:32.0141 0x2334  camsvc - ok
16:42:32.0169 0x2334  [ F6F97879F53AD57194C6BC8272FD73EA, C11CB040CC64ABC0A6EAD6D6985659896FBB5911D2E10B6584E0F90FE6813C57 ] CapImg          C:\Windows\System32\drivers\capimg.sys
16:42:32.0193 0x2334  CapImg - ok
16:42:32.0203 0x2334  [ 9E82A95D77AC78C84BA75FF896B060BF, 87905E55724ADE5149D3BBC2DB76A7275580DE204BB561B8E1FCD631DEF3D9F9 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:42:32.0221 0x2334  cdfs - ok
16:42:32.0266 0x2334  [ 147CEBE0C5F7A80135C54715521AD9E1, 99ACF25165C0C17822B0FC06F662848CA0DFAD51B3E3B440005C2E033BFE4840 ] CDPSvc          C:\Windows\System32\CDPSvc.dll
16:42:32.0296 0x2334  CDPSvc - ok
16:42:32.0349 0x2334  [ 6F9F9FA8976D9A45D3C75E7A49AC9995, 7350C4A0A1FEF73203F4AFF2689D59A34728F4F71849110235B1CA5FE0F5AF3D ] CDPUserSvc      C:\Windows\System32\CDPUserSvc.dll
16:42:32.0370 0x2334  CDPUserSvc - ok
16:42:32.0441 0x2334  [ 6D83565C1652E80447EDEA6947FA89D7, A84A3EA45304A9E3F53DA9F4CB9F2D9FF8A2AD69A36AEA366D35A2F5C9FDF851 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
16:42:32.0454 0x2334  cdrom - ok
16:42:32.0475 0x2334  [ 6286CBE87B64AB7D1F59E3375A2FF3F4, 92C276A18F99D2A423BC3A99EBDA1239F3B335C1EB6EBAF2F2800A23188B26F2 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:42:32.0490 0x2334  CertPropSvc - ok
16:42:32.0519 0x2334  [ D81954CE5E016FD716EDDB2B2FD9BA58, C47FF6D6527605238EF46E9BDF4544E2B2F4F9C5BCE13881F569F996541D7FF7 ] cht4iscsi       C:\Windows\system32\drivers\cht4sx64.sys
16:42:32.0533 0x2334  cht4iscsi - ok
16:42:32.0576 0x2334  [ F9A8570805807FFD66488F0A858E1308, 5D8363C5EEB7B92CFA219C466D04D8C625CACAFBDEA5857C5C9FA0C391AC2FEB ] cht4vbd         C:\Windows\System32\drivers\cht4vx64.sys
16:42:32.0627 0x2334  cht4vbd - ok
16:42:32.0632 0x2334  [ 9798D58461706930190F1F2F6BF21D80, BD7552297A636E19F5D544BDBF3490DA544E76002F62B227FA5BDA7A11760040 ] circlass        C:\Windows\System32\drivers\circlass.sys
16:42:32.0643 0x2334  circlass - ok
16:42:32.0685 0x2334  [ CE46F05E36B2C0A667FEB7CC30022E99, 105FB00AE2C115F085392AAEDAC593EF5A0CF45B3143BD76095C6EC4DD1CAE0B ] CldFlt          C:\Windows\system32\drivers\cldflt.sys
16:42:32.0704 0x2334  CldFlt - ok
16:42:32.0724 0x2334  [ F2B55209327431954BA0700B87148C86, 6ABB30D98FF15CBFB2EA79DCA9AD24A041973BF0F73FC58D405E2952E0EFF645 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
16:42:32.0738 0x2334  CLFS - ok
16:42:32.0779 0x2334  [ 29F84DD1674AE3BC501974D14C095E3C, AF1C384EB7EBE5A584DEDD7A938ADD604F90D542BB36E0D42225290D05CFD24A ] ClipSVC         C:\Windows\System32\ClipSVC.dll
16:42:32.0810 0x2334  ClipSVC - ok
16:42:32.0831 0x2334  [ 2BA3BA38B5A6A667B0EAEC477276707B, 80AD05C5C7E0398EB7320A82878700C6588B7411F3DEA02E5784CA599CB548C2 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
16:42:32.0842 0x2334  CmBatt - ok
16:42:32.0894 0x2334  [ 6809766178CF49545E32683C2AD395E3, 59A190C053EDA17E5848C4B115FB6454F0CC5DD59DFBC1DEBAEEA70664B68672 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:42:32.0915 0x2334  CNG - ok
16:42:32.0932 0x2334  [ C65AF00EF12A1755E7CA370B0C71935D, C03315A5B999EB9AA5B5F1F000BD8A1C68DFC151B23AA2F29F69F7129407AA11 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
16:42:32.0941 0x2334  cnghwassist - ok
16:42:32.0982 0x2334  [ A50300498D56B2448F3593D25478D508, 841D66D4AB9749EE64802611157A9AAED1117B6B2C411B3DA272CE439E69AE45 ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys
16:42:32.0993 0x2334  CompositeBus - ok
16:42:32.0997 0x2334  COMSysApp - ok
16:42:33.0004 0x2334  [ 65602B0DB49199647FECB2D1212147BE, DC25D2DED7C31B4691B61FC69BB12E50CA5EDA9705339CCC82BE145EFD6D47C5 ] condrv          C:\Windows\system32\drivers\condrv.sys
16:42:33.0013 0x2334  condrv - ok
16:42:33.0061 0x2334  [ AB638EA8ECDBDC692C64F4FF4F940D1D, FE873A86E951C8886CF546E193814807DD356C20308655D4128B3DFCE16BF0BC ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
16:42:33.0084 0x2334  CoreMessagingRegistrar - ok
16:42:33.0153 0x2334  [ 92FEC54137A5FD8DD87BF70C19C4CAE4, D32D46B92698D41392DA3F16A0356C879C1B589F6C5FFAFFDB1FC09B9BBAAEC9 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:42:33.0166 0x2334  cphs - ok
16:42:33.0176 0x2334  cpuz143 - ok
16:42:33.0199 0x2334  [ D64EF74FC6DA47EC2E460076F299E77D, 1F77E9F777FA6996222DE45B3AB2C01CD94C80A4A7F5CA092DDF1F18D74F93AA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:42:33.0216 0x2334  CryptSvc - ok
16:42:33.0224 0x2334  [ 72BE43ABD786E86AAE7EA2193201E100, A013CF10AA4158082B5D0D7F885969C5C92710A6084E57E9DDBDA84420D97367 ] dam             C:\Windows\system32\drivers\dam.sys
16:42:33.0232 0x2334  dam - ok
16:42:33.0270 0x2334  [ 6145D5B0781C11EF2142D3FA3763D26A, 99A7279828D0DE5021A05E861308115FDD96B0D88B44C5447D3C5C46B3C3C913 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:42:33.0308 0x2334  DcomLaunch - ok
16:42:33.0334 0x2334  [ F7FB921F438C3566CEC55657EA4E7D9C, 17FA956E3B89F9B6C154975E7E1AAFB204F5EDEACC14A8424827DE13440A9299 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:42:33.0358 0x2334  defragsvc - ok
16:42:33.0379 0x2334  [ B5F9123D6537856EA698386ABA27A232, C60DD499254B4A3741ECE71AF1685763BD6A6F828F879D54E175A6198C89ABF0 ] DeviceAssociationService C:\Windows\system32\das.dll
16:42:33.0403 0x2334  DeviceAssociationService - ok
16:42:33.0419 0x2334  [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
16:42:33.0435 0x2334  DeviceInstall - ok
16:42:33.0463 0x2334  [ A19F51A044B62C994144ED87A7A5A887, 91ECE0E067E138817CD46A876B2D28CB47A2CCBE9C924EA91A1966FDF69AF7DF ] DevicesFlowUserSvc C:\Windows\System32\DevicesFlowBroker.dll
16:42:33.0492 0x2334  DevicesFlowUserSvc - ok
16:42:33.0547 0x2334  [ 0D2A4CA81D1F7B5E5FBFE1E4F60246B8, EF425C2FB1191720F9B53EB26EC904F53851D296B222E20B0733615575D4B7E5 ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
16:42:33.0561 0x2334  DevQueryBroker - ok
16:42:33.0588 0x2334  [ D7E6591F3D2B9FB5C4F0D05D5CF3A9F8, 94A79E05B9F8D1EDD7963C3B2B7457B71408E8BECC078F163E49A02159A75F98 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
16:42:33.0615 0x2334  Dfsc - ok
16:42:33.0672 0x2334  [ FDB38FF469568190277A694D1BF599F5, 5512DB70C942FBFD78DBAE3DF379A2DDB9249B45BF5CE2CB305605C14CD1F25F ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:42:33.0692 0x2334  Dhcp - ok
16:42:33.0768 0x2334  [ 291147C456844E438FE2DB43D86B0D7E, 8E2AFDEA856811EB3800DC2C977A1059B73176ED644966BEC25A42095A8F745A ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
16:42:33.0852 0x2334  diagnosticshub.standardcollector.service - ok
16:42:33.0881 0x2334  [ E2BF09B816393AF73EDCB8ECF9BBDB2D, DBDFFC2450E4EC684DD59383799ACF1D207B0882C301B8D562FB76307AFCC553 ] diagsvc         C:\Windows\system32\DiagSvc.dll
16:42:33.0899 0x2334  diagsvc - ok
16:42:34.0008 0x2334  [ C5DC485093B1F3B33E8CCBB4EB2CA231, ACC548F98313632B090305887F7E5F09ED9812277587ECBB638BA4DD84CA62BE ] DiagTrack       C:\Windows\system32\diagtrack.dll
16:42:34.0146 0x2334  DiagTrack - ok
16:42:34.0187 0x2334  [ 8C7FF86607E367E6319F7F637115D665, D49EAA69A880A566558ED58F60B378AB9E2F950DC951741908DD0914121D6099 ] Disk            C:\Windows\system32\drivers\disk.sys
16:42:34.0198 0x2334  Disk - ok
16:42:34.0227 0x2334  [ 5BC34122A1974DD18880C3EBE955BC20, B3950F17E76312E7BEDE7678507B432B99E568BA3651C0E59960D4F1B2627B77 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
16:42:34.0265 0x2334  DmEnrollmentSvc - ok
16:42:34.0290 0x2334  [ 64009621AAF4BC6626BC1A623A26FAD1, C94E63FB12AC58022C0C7F7721C7A38E9411DE94BFB12416091DC1A1F8C90414 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
16:42:34.0311 0x2334  dmvsc - ok
16:42:34.0330 0x2334  [ 10E72E3315305461D3F0C7560AE98CA5, 702B5C056DB6B4E337231BBEA48E106FA95F26B48CDE91857305E4C6E4EE6A12 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
16:42:34.0345 0x2334  dmwappushservice - ok
16:42:34.0366 0x2334  [ 1FB9A9A07395E096500EBA2417E4ECA2, 0D9B27D0C57D4A7F49CCE0967C935B6FD52905331917891598DE2A77EC21AC5D ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:42:34.0397 0x2334  Dnscache - ok
16:42:34.0422 0x2334  [ E1C233826ECA1E52672052C49BD42485, 20B573BD6C5C760C21863F7E8B5AA544661C38E240C41ABA1C69B61C68A8FDD0 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:42:34.0440 0x2334  dot3svc - ok
16:42:34.0465 0x2334  [ 6D8971C942FEE43A0AB6B3192534AFB4, 44D437DD32E1FDD7922B352CA6C19C83C1ADD825FB704B8E07BEF01E866E2B99 ] DPS             C:\Windows\system32\dps.dll
16:42:34.0480 0x2334  DPS - ok
16:42:34.0503 0x2334  [ F4800922F4ABA619585CE320A72E6389, CA83BCAA8B37F303E89598F8C93B201A3F000A09F4A9963E370D7E59BD79D448 ] drmkaud         C:\Windows\System32\drivers\drmkaud.sys
16:42:34.0511 0x2334  drmkaud - ok
16:42:34.0530 0x2334  [ BB73FD1329739982C2915AB827A01362, 70E69942AE14D5012D9A8B1C799B5B4B4FCC2E456D8940CB4C104D6AB7C4997B ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
16:42:34.0563 0x2334  DsmSvc - ok
16:42:34.0575 0x2334  [ 76CF3EA2EAA8ABA00C4683E9A59B4AC8, 8E8614D70D28BE334A7BC177DB3ABC4A2EA7CDD51B8586B29FF16E3AFB72A12C ] DsSvc           C:\Windows\System32\DsSvc.dll
16:42:34.0605 0x2334  DsSvc - ok
16:42:34.0660 0x2334  [ A05724426389EBC1351E3D6F95CF3EAC, E638F97043274515F9A8A46B55C9478E886683580F33A0E90A3BDFBA6A4F6C26 ] DusmSvc         C:\Windows\System32\dusmsvc.dll
16:42:34.0679 0x2334  DusmSvc - ok
16:42:34.0750 0x2334  [ BF249873F737EA00E23A726672878444, E81BB1C0717E4AC4C47F11065C88A0B4D15AD358A07B9C8BCE4B4664BE7C3809 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:42:34.0826 0x2334  DXGKrnl - ok
16:42:34.0869 0x2334  [ 318BB1C69B6FCDD36736C671AEA61159, 110B37EEC304A61E873B6F970FE6F1A88A153FC09EAEC1A27744D71D91BD2EC8 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d65x64.sys
16:42:34.0909 0x2334  e1dexpress - ok
16:42:34.0942 0x2334  [ 83E4A14F851341C933C3235BFB882ECA, 152EDEF6B566D010FE519FE4B046050A5281069B48AFF8A2395D7D2BD0519701 ] e1iexpress      C:\Windows\System32\drivers\e1i63x64.sys
16:42:34.0972 0x2334  e1iexpress - ok
16:42:35.0005 0x2334  [ FA94398748930D840FE35A44F1D225A7, E2D48460413904AAFB50E18A24471157D2A235F5CCDF89EE49BB139D1CA3B9F6 ] Eaphost         C:\Windows\System32\eapsvc.dll
16:42:35.0019 0x2334  Eaphost - ok
16:42:35.0093 0x2334  [ 2A13237A7F5A9C934C578B73739CD576, 656C54BFFF39EFE7415AABF35D958803A75EF970C2095673B8A9BF7F1DF7ABCC ] EasyAntiCheat   C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
16:42:35.0122 0x2334  EasyAntiCheat - ok
16:42:35.0210 0x2334  [ C99D40C97841E0A7F0F90B8629593A97, 2DE7FB6E3CD7B06079C2B05D8C10AD0EDF187684ED1DE5BEE98FAB9A4B331824 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:42:35.0310 0x2334  ebdrv - ok
16:42:35.0331 0x2334  [ 1E77B06AAC63D59B4F0EE5109026B837, CE2EAB49B9D4B26A6AEA4987DC0DE1774893BCD1278E6316F1359F095E2D1A53 ] EFS             C:\Windows\System32\lsass.exe
16:42:35.0341 0x2334  EFS - ok
16:42:35.0351 0x2334  [ 260BBD6B1ED06298E509B452354EDB91, CF794D5AC62C6DBF356BC717910FD2B106A8BD90C3C03BA43859FD876F8820BC ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
16:42:35.0360 0x2334  EhStorClass - ok
16:42:35.0371 0x2334  [ F3BEBDC1B9DBA32F183079EAE6244837, 5DE0DA8D2A13BFA852355619C6DE5AC2FDFAB314A619A4F209842581E4D82DE1 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
16:42:35.0380 0x2334  EhStorTcgDrv - ok
16:42:35.0409 0x2334  [ A75880A9192B9DA69F46867B06276746, 53856262A5BD4BE93CB45D1F43B87F45CB01C02B7D94231CF05346B9BDF1F18D ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
16:42:35.0427 0x2334  embeddedmode - ok
16:42:35.0460 0x2334  [ 3BC17ABD52295C64A8BEE3CF4B244B12, 9153DF82C10B314983DB78AB88B468C39E213AE3C504AD865C54213F76F120D6 ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
16:42:35.0482 0x2334  EntAppSvc - ok
16:42:35.0497 0x2334  [ 1B63CA857FD03FD0A5A1379F2996784F, 9EE5205DCFADAFC62D36528087FA4E023F7E48FF0D2A8333D8A6111AE09D21B8 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
16:42:35.0519 0x2334  ErrDev - ok
16:42:35.0567 0x2334  [ 6A5FA501A2D96001391FF3CBA32935AB, 018DB01ADE957A1A1FF5B168A2EC0EFEF8BFBE036079791FDF0C6AA6C12295BA ] EventSystem     C:\Windows\system32\es.dll
16:42:35.0590 0x2334  EventSystem - ok
16:42:35.0625 0x2334  [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\System32\drivers\evolve.sys
16:42:35.0632 0x2334  EvolveVirtualAdapter - ok
16:42:35.0776 0x2334  [ 57816AB61ECAAA604E7FB476BDF48365, EEFAE0CBDDF0230FF78A7B13BBC5EDA8D94ED4B7F54D62674121E6DDF19D129F ] EvoSvc          C:\Program Files\Echobit\Evolve\EvoSvc.exe
16:42:35.0820 0x2334  EvoSvc - ok
16:42:35.0845 0x2334  [ F1ACA42D448E3986565EA54275EEEA65, C85101D6E7A2204FD73AAACD972F610B6A4BCF7EB7512412FD34660DCB5E8C5C ] exfat           C:\Windows\system32\drivers\exfat.sys
16:42:35.0870 0x2334  exfat - ok
16:42:35.0887 0x2334  [ 0AF4B36754A6EAE794EE4398E219A9E1, A818763D7AE6E7F4BC57294BB4D80FE9E04387BB3EBE8A6088D2AF746FF548A6 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:42:35.0901 0x2334  fastfat - ok
16:42:35.0934 0x2334  [ B1A38C0D977D8738779CA3EFEBDFCA8C, EDD852EF89AFBDDBBBE002E6675EAFCC46742B6136EB22428C84D737C6229FEA ] Fax             C:\Windows\system32\fxssvc.exe
16:42:35.0962 0x2334  Fax - ok
16:42:35.0978 0x2334  [ 7CD8426A33F06EB72BFEC51F7C264AF8, 4FDD5F6A8BDF25D965CE52132DD0EA77D335C1C5F77A7758F3F6E22DFC12BDF5 ] fdc             C:\Windows\System32\drivers\fdc.sys
16:42:35.0989 0x2334  fdc - ok
16:42:36.0021 0x2334  [ 21EB16C5DDFBC19DEBE9EEC10EA423FB, 514327DA987793AFE1DFB4F2C0F033C349432E6F1F6AACBAE23E24E63EFA51B9 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:42:36.0047 0x2334  fdPHost - ok
16:42:36.0061 0x2334  [ 57F98EFE6CB82AE5400BA99C705AF45C, 7AB83C7AF4CA49BFC2976FB707B251C181279B7E16EBDD43AD0E1A4AB8C4DFC9 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:42:36.0074 0x2334  FDResPub - ok
16:42:36.0083 0x2334  [ 02F93E4B9EC2821B6670208044FF5332, 2D947C8AE51E749029B3180751E4486E27A19471A7A98087076103D307B5CE64 ] fhsvc           C:\Windows\system32\fhsvc.dll
16:42:36.0098 0x2334  fhsvc - ok
16:42:36.0122 0x2334  [ DE51BBBCF358188F9736F031546F9908, E2B80DF63C039663085FA9D63F3F30736EC20C49BC678CBD7D7C7231107C3635 ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
16:42:36.0138 0x2334  FileCrypt - ok
16:42:36.0152 0x2334  [ 822F664952B0F8D11BB6BD2F11779602, B7E9908A305942194E64E834819186CBBF9DD4469B300DCC8D31E1E5674D6600 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:42:36.0161 0x2334  FileInfo - ok
16:42:36.0172 0x2334  [ 5A4935682A0D47A4EAC4BE3C2ACF74D6, 0DCF2E7928D11F49EBF906233894E81CFFE938ADFCA802CE0207CA58B4A02AAD ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:42:36.0184 0x2334  Filetrace - ok
16:42:36.0201 0x2334  [ 60641F22D1D38EAD197C25F0339C9712, 110ACEADAE92C384C80356C9DE88E3A94141881E8544DB65736875FFA2716F68 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
16:42:36.0212 0x2334  flpydisk - ok
16:42:36.0278 0x2334  [ ECD2030E78AF8D696A2E59796CA0B798, 370D7829E9077109525E375A3860D96372936C60A1FD7D02D1C7AD381F6E0275 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:42:36.0343 0x2334  FltMgr - ok
16:42:36.0432 0x2334  [ D9E18DDDC08B77E634F2AFEF0CC551FF, 701BFDFAD6E86C48E02612E54F3F8819632FC13526893AD2BBAA51348F5E24FF ] FontCache       C:\Windows\system32\FntCache.dll
16:42:36.0551 0x2334  FontCache - ok
16:42:36.0646 0x2334  [ A7C6894FFF261C0FEFDCB41BE83CF430, C3DB55140E4848873BC0004030933402CD396112C14F432258D875DB1608700E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:42:36.0654 0x2334  FontCache3.0.0.0 - ok
16:42:36.0674 0x2334  [ 95F8BF9B335A0BE8920BE160F95B2503, 596B02CFF111C2610E73FA2EBDBB7E6C5C190A9DD9E2FE4CAC6ED475691B7A43 ] FrameServer     C:\Windows\system32\FrameServer.dll
16:42:36.0702 0x2334  FrameServer - ok
16:42:36.0741 0x2334  [ 0425D9D2A679060CC9755449779FBA54, F0BFEE92081BDF82AAD58AD1B21659F465DCE6F9F9F16ABBE9A84C17978AA3A0 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:42:36.0750 0x2334  FsDepends - ok
16:42:36.0783 0x2334  [ B962036CAADC05E466FEB165E0974587, EAA88EBBAAFF31A5E35B3B23B12E94EE3C659399CDDAADBF4B6146AE091CA5AA ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:42:36.0790 0x2334  Fs_Rec - ok
16:42:36.0843 0x2334  [ 4FA982DA6A7359DC6DE81543613BA8A1, A0C3F7AE92281B2CB5BCFEF28A548B193B93C21D0389BC7EC37EA05D2B97DD3F ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
16:42:36.0855 0x2334  Futuremark SystemInfo Service - ok
16:42:36.0880 0x2334  [ 2C8891C306C8F43A273BDB7C490E1C92, DD8D905956652D276796F5638980E3219EF2D8C2B65A8DE537D549BF5C306BE4 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:42:36.0901 0x2334  fvevol - ok
16:42:36.0997 0x2334  [ 25D0FF80C893DA3CA9E7F8B3AA74C00D, 12D5725EC65BCEF3CEF9E409C237EAA60464F62FD7AA6F07D73F2F0DE6CB2A56 ] GarenaPlatform  C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\gxxsvc.exe
16:42:37.0008 0x2334  GarenaPlatform - ok
16:42:37.0037 0x2334  [ DFAB4D8FE39C64EAD3A4DCBA25AAFEE0, BABCAE227CD2E87E37C708539C2232251B37F35EFFE2B927914D72517F161E44 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
16:42:37.0060 0x2334  gencounter - ok
16:42:37.0078 0x2334  [ 8B34E3F794F652082D7E8AF112F71681, C6CFA239BDF46827BFC89DC9A9BF45B0EBCE3EF1BB7DCA33980A632E549B37F5 ] genericusbfn    C:\Windows\System32\drivers\genericusbfn.sys
16:42:37.0091 0x2334  genericusbfn - ok
16:42:37.0111 0x2334  [ 127C23F4720C8902A3AB0FEE12205317, E3BF55D81B04572D11B41CDA2DB4509FD252561EB29ED22CC6F616E856E3D86E ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
16:42:37.0121 0x2334  GPIOClx0101 - ok
16:42:37.0188 0x2334  [ 846347C05DBC7C49143D9723EC3714E9, DCC888F1262CA50DA3109D132A9C04F83A961720647E9882D3EFCBF8E3D703B5 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:42:37.0252 0x2334  gpsvc - ok
16:42:37.0285 0x2334  [ 582578F031109BE65C15E1D8A45BA547, 4BB1E20A2BDF8F504FF787EF338B6180DD537F53A0DC843B96AEFD8BBE970653 ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
16:42:37.0296 0x2334  GpuEnergyDrv - ok
16:42:37.0323 0x2334  [ 141904F0581468B39B579EA33CA57549, 1D947A6079CED7840B0FF4720C36D873F5A69EA6C94E4C15ADF1A7C0CD0CD0EA ] GraphicsPerfSvc C:\Windows\System32\GraphicsPerfSvc.dll
16:42:37.0338 0x2334  GraphicsPerfSvc - ok
16:42:37.0401 0x2334  [ 605CCC9CE1839BC5583017DF7CAE27A6, F1F67830FC3531DFBDAF5315F59422438AB9F243D89491AC75D1818E7ED98B5D ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:37.0409 0x2334  gupdate - ok
16:42:37.0414 0x2334  [ 605CCC9CE1839BC5583017DF7CAE27A6, F1F67830FC3531DFBDAF5315F59422438AB9F243D89491AC75D1818E7ED98B5D ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:37.0421 0x2334  gupdatem - ok
16:42:37.0467 0x2334  [ C7F714F4666F33F8815F519484E342C2, C0DD11996C5D00458D6FF85B289AB8DAA5C34BDCEF86F77679D038717C4F6F95 ] hcmon           C:\Windows\system32\DRIVERS\hcmon.sys
16:42:37.0475 0x2334  hcmon - ok
16:42:37.0513 0x2334  [ 0D4E1DE424440F1FC83E27EB30870B2E, 0BF0C2F14FDE5013C8169CE1AC623A920A2BAAA8C7CB92DAFECEB537D28D1574 ] HdAudAddService C:\Windows\System32\drivers\HdAudio.sys
16:42:37.0548 0x2334  HdAudAddService - ok
16:42:37.0565 0x2334  [ 99A34FD1F6431A10D8C3BB50E170D0F2, 14BFF99BBF9ED53D3A157B096CDE0394824260021BA96E1F2C7B1CFB598DD850 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
16:42:37.0577 0x2334  HDAudBus - ok
16:42:37.0581 0x2334  [ 2443FC6EEB9CF092B62127D867901B02, ABD5E907FF066B95C5697C4E470B4EA19976DEC90C8159B963A82EDA218AB114 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
16:42:37.0588 0x2334  HidBatt - ok
16:42:37.0613 0x2334  [ 205043CDC16ADE85E252DD54AE925161, F377F046EFEE53C7786AF15C0BB5BADE36511427575A712B0098A883F3715DB3 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
16:42:37.0629 0x2334  HidBth - ok
16:42:37.0658 0x2334  [ B521DDDC9038C066B1B957BF063A531A, C5FE68FB22C28C4D06A0792FD5AC9A1F0EC01EF26E1D37B9DF05F22D8B7DFF8C ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
16:42:37.0671 0x2334  hidi2c - ok
16:42:37.0686 0x2334  [ 5AC0EBFA76E93273A806176D3178E986, 679BFEFF9F4172EBB14A6C2E8381F54FBDC9E8705E8B0F306723DDF48B6E5143 ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
16:42:37.0696 0x2334  hidinterrupt - ok
16:42:37.0701 0x2334  [ 366AC0E05EBF5D5C375F65CD8BC7F0DF, A6B751864E33EBB5DE2E09403A8C26E72DD5510F3A380FA502393FC11A14A433 ] HidIr           C:\Windows\System32\drivers\hidir.sys
16:42:37.0712 0x2334  HidIr - ok
16:42:37.0737 0x2334  [ 75F4CCB7FF03603E91DD0C7FF83DAABF, 10508A6C36163C9D40C16A47AB4CA8C03C89BB7795690818E5C562E3FF828D5B ] hidserv         C:\Windows\system32\hidserv.dll
16:42:37.0751 0x2334  hidserv - ok
16:42:37.0818 0x2334  [ 7CB54D02746024648FCE184FC3F941FF, 6C7B8E6AD3C05D66868D0268C9C8183021AB241E576184FAD0BD50ED4E18E9ED ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
16:42:37.0845 0x2334  HidUsb - ok
16:42:37.0901 0x2334  [ C1800FDBEF635B5058DE9828A73CC10C, 81348FB3AB9353A856AE88976929F557EE6C0C8780B979ED866E0F7BBD12B027 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
16:42:37.0908 0x2334  HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
16:42:38.0036 0x2334  HiPatchService ( UnsignedFile.Multi.Generic ) - warning
16:42:38.0036 0x2334  Force sending object to P2P due to detect: HiPatchService
16:42:38.0229 0x2334  Object send P2P result: true
16:42:38.0396 0x2334  [ 676F662CB9ACED1336F31BCF1D6D2DB3, BA4A20BA8EEA343057DC3851B66F788FF7916FA54FEB6311490E3B3470D2C3F2 ] hmevpnsvc       C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
16:42:38.0404 0x2334  hmevpnsvc - ok
16:42:38.0439 0x2334  [ 459EC4290CF0D8269DB28FBFD6284C58, F1C34F11E18F6D48C8378F77DE167AD208E9E7C3022DCA714FF0403AEFF80857 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:42:38.0475 0x2334  HomeGroupListener - ok
16:42:38.0515 0x2334  [ 24C900B7296AA9867FB761A5801AFBD1, 4A765E905D0F7C4B450A28FB85F413F4EAD2B53240E804FA531626ABB0518381 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:42:38.0553 0x2334  HomeGroupProvider - ok
16:42:38.0569 0x2334  [ 835FB95D85D362057A72D21A48C2C7F8, 06A57F9E459E52DAA7B27F232DBC1E0ED0E04759D34AF3E15A645D11DFDD6A58 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:42:38.0580 0x2334  HpSAMD - ok
16:42:38.0620 0x2334  [ BF45CC47E03026E7406D403D671AB79D, D16B9FDECCC7EAEBF4D0280B3E2C0952470DCD5C8B173575BB41446A0C9ADC2E ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:42:38.0656 0x2334  HTTP - ok
16:42:38.0690 0x2334  [ 8B8395999252DE3BA4EBC1A5F28827F3, 95B9B330C43438C6203FD08A441C3CC269CFBA812FC804805786F0243BA1949C ] HvHost          C:\Windows\System32\hvhostsvc.dll
16:42:38.0699 0x2334  HvHost - ok
16:42:38.0734 0x2334  [ 9F2CFC90306532866C62BDCDFD2532AA, F27B1087B1E3E06FB49092BBF2DD8CF5B6ADD4CE061FE10C3ED44C58B92BE007 ] hvservice       C:\Windows\system32\drivers\hvservice.sys
16:42:38.0742 0x2334  hvservice - ok
16:42:38.0794 0x2334  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
16:42:38.0800 0x2334  HWiNFO32 - ok
16:42:38.0813 0x2334  [ 3737FE486929AFC48F1D10677B698E52, 9E8792F3A494AE3E7CDA65E93B561B6FFFB9C781606F5863D524DDD24CFEB9C3 ] HwNClx0101      C:\Windows\system32\Drivers\mshwnclx.sys
16:42:38.0825 0x2334  HwNClx0101 - ok
16:42:38.0837 0x2334  [ 3C65EBF7F1BFD98426C355D66876ECEE, CA1DC462C4D96176C81EF3448238B76B4CDA3C521533973B281359D7F436B8A5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:42:38.0846 0x2334  hwpolicy - ok
16:42:38.0873 0x2334  [ E3BDE6C567ED5CD7B15B2E522C120D02, 954EC837636D0F08A3596E4270F37E03C99F8D1A7E80D0D323E0CB793324D776 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
16:42:38.0899 0x2334  hyperkbd - ok
16:42:38.0934 0x2334  [ 1D7BBC4C6F33A4A6189AEA1509615DF9, 66D6E64353CE80949082E594061BCA077849840B175F18F0743285B389F57250 ] HyperVideo      C:\Windows\System32\drivers\HyperVideo.sys
16:42:38.0944 0x2334  HyperVideo - ok
16:42:38.0971 0x2334  [ 56FF074E50F9042FD2856AB3418F4B18, 239C9BF23DE2E36FD7112C425CDF18F29B751D75EF3551AEFB048FAD2B0A55E2 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
16:42:38.0986 0x2334  i8042prt - ok
16:42:39.0040 0x2334  [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio          C:\Windows\System32\drivers\iagpio.sys
16:42:39.0060 0x2334  iagpio - ok
16:42:39.0075 0x2334  [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c           C:\Windows\System32\drivers\iai2c.sys
16:42:39.0087 0x2334  iai2c - ok
16:42:39.0103 0x2334  [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2  C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
16:42:39.0115 0x2334  iaLPSS2i_GPIO2 - ok
16:42:39.0133 0x2334  [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
16:42:39.0145 0x2334  iaLPSS2i_GPIO2_BXT_P - ok
16:42:39.0153 0x2334  [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
16:42:39.0167 0x2334  iaLPSS2i_I2C - ok
16:42:39.0174 0x2334  [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
16:42:39.0187 0x2334  iaLPSS2i_I2C_BXT_P - ok
16:42:39.0218 0x2334  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
16:42:39.0225 0x2334  iaLPSSi_GPIO - ok
16:42:39.0229 0x2334  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
16:42:39.0243 0x2334  iaLPSSi_I2C - ok
16:42:39.0288 0x2334  [ 435883A27A376B125BD4DF888417C85F, 091F9285FCF1D5605D03CB68C062A2DE6FF2D705FF43E983A8A7B5DFA0872A96 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
16:42:39.0307 0x2334  iaStorAV - ok
16:42:39.0351 0x2334  [ 7118E4390C4ACDE61E280CE52BCAF44E, 11123C1555344A191283187BF1F4A8D731E29EE27C7A7A7916873E8D2E95D978 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:42:39.0382 0x2334  iaStorV - ok
16:42:39.0548 0x2334  [ 9DBE8C359ABACE1BE1BBAB687D114506, D2E5CB2BFC42627C1BB38A68F925DD534AEFFF9354AFD184005EC338E8E6B232 ] ibbus           C:\Windows\System32\drivers\ibbus.sys
16:42:39.0565 0x2334  ibbus - ok
16:42:39.0605 0x2334  [ 0CF99D60588AF7F198C135BABCA287F2, C72235865426659957909E8465B7D208EB5CAA21B529F07BB055D33028326D9C ] icssvc          C:\Windows\System32\tetheringservice.dll
16:42:39.0623 0x2334  icssvc - ok
16:42:39.0793 0x2334  [ 689439310C3215C6CB990BFF24322759, C0ECA9C2D7B7A66D99CD8D34044DFD76268CC1EB7E75F4CB84AE0DFB74F9BA90 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:42:39.0972 0x2334  igfx - ok
16:42:40.0011 0x2334  [ F8C3F67DA1611550AF19FFD321683EC7, 8AF5AB5826F2D058AB747B9D16B08BC54159411925223950838E1ACDA8C07035 ] igfxCUIService2.0.0.0 C:\Windows\system32\igfxCUIService.exe
16:42:40.0025 0x2334  igfxCUIService2.0.0.0 - ok
16:42:40.0085 0x2334  [ 4D8123F7262C87B3CAE5A62AF74F7939, 8F003562F50218307ECC48A7BF43BE1DA88352D2749902A029081804B71C85DB ] IKEEXT          C:\Windows\System32\ikeext.dll
16:42:40.0127 0x2334  IKEEXT - ok
16:42:40.0154 0x2334  [ 42CAF6216A6E516DC56BA319ACC7EEC5, DF60FF41F06D1101E4A81F7416DB5A34D7BA885CBA874BC15AD43FB4080F2958 ] IndirectKmd     C:\Windows\System32\drivers\IndirectKmd.sys
16:42:40.0167 0x2334  IndirectKmd - ok
16:42:40.0223 0x2334  [ 4269BF5A7C39DE7BED6F30604CCC4F52, BFE6D3B270F4FA619A82916B2B61C952415D295F2A48A47309D2FE9423F97121 ] InstallService  C:\Windows\system32\InstallService.dll
16:42:40.0280 0x2334  InstallService - ok
16:42:40.0437 0x2334  [ 3481B5AE505F374A91F241ACE953B24C, 76E6AA2BFA5747DF540196C38D0827E43A4D04B181A0F94C91342083A24AB257 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:42:40.0586 0x2334  IntcAzAudAddService - ok
16:42:40.0636 0x2334  [ 6DD0B99DA9B7E6B958B44296A486D0AB, 6E01DE2F58754B970196C64D42BA35B91BCF4A9A9EB5E771C6E645F3008DF618 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:42:40.0651 0x2334  IntcDAud - ok
16:42:40.0683 0x2334  [ 40943C1CD031ACE06A8374AD56B9E5EA, 05E5AD4330F272C421A8726E9E6555115D8717DC5AFDE3CC1DB53A3D7518BF62 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:42:40.0691 0x2334  intelide - ok
16:42:40.0731 0x2334  [ E05247CDC6F9E6C5C1F92CA4BF59D649, 204038DD970E3C807AAD88B68C2E41385BEFFD0B4490364D6C61F4B12B8F6DA4 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
16:42:40.0741 0x2334  intelpep - ok
16:42:40.0784 0x2334  [ 7344528DFD4484CF86F36E24E7CB59B1, 821947C152E7A2B4782199E033EAEE8D3F43A5EC4CC369334A6C0793C62DA069 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
16:42:40.0798 0x2334  intelppm - ok
16:42:40.0824 0x2334  [ 8387E90B551B9B7F32EDC69909591E9E, 7086B6F2B728D7C46F0A1E7E4F81B3D33C25BD5F8A2A4ECEBA55F8C68F164500 ] invdimm         C:\Windows\System32\drivers\invdimm.sys
16:42:40.0835 0x2334  invdimm - ok
16:42:40.0853 0x2334  iobit_monitor_server - ok
16:42:40.0862 0x2334  [ E207078E0E1BB3524277DB9077E4148E, 309320950095AF83DCBE08BFDD4BFE4EBADBF48CA255871A6B37BAAA7B4A5B38 ] iorate          C:\Windows\system32\drivers\iorate.sys
16:42:40.0870 0x2334  iorate - ok
16:42:40.0876 0x2334  [ FD8F64B7B345E539F2EA7F72846F83B4, 95F232BC2454D68F1A154C9BD8FCCF60D36F5424B798661D6F1DD8E052ED0D04 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:42:40.0889 0x2334  IpFilterDriver - ok
16:42:40.0944 0x2334  [ 1C5867DC4091C2E23329AB984BF95604, 56FA9888A7A969539833644AD50730BBA5E770AC6097AFB490E34196596C55E0 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:42:40.0995 0x2334  iphlpsvc - ok
16:42:41.0017 0x2334  [ 8AAB863E72A4F9C578FED2EE3541545B, B3278B790DF9F77F8FDDBECAD22E0D2E080D74B8E61EFF112055478B3B0B2329 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
16:42:41.0025 0x2334  IPMIDRV - ok
16:42:41.0031 0x2334  [ 7BEC2AF23F586EFF0DB4DBF4331B0C70, D02506CAB19AD1D3ABBB35FCC569ED613EB9D6828E9BC0389EC8A8DFC548334B ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:42:41.0049 0x2334  IPNAT - ok
16:42:41.0126 0x2334  [ 8A640C05C43A9EB5DCAD2259578A39AF, 10FB01E5DEBAA1502C818EF3758EB3FB5836FB4AE25DDBE959619BCBE20E52C4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:42:41.0143 0x2334  iPod Service - ok
16:42:41.0147 0x2334  [ 35A54F19E703D4FE5919F812F6CC5D0A, B0AC1C97D115F57390BD2B4F9114429CF1729EB8D658B3EAEC8ECF28A24369F7 ] IPT             C:\Windows\System32\drivers\ipt.sys
16:42:41.0187 0x2334  IPT - ok
16:42:41.0214 0x2334  [ F6C47021C41F721B628161B64D7DECB9, 625227F18518098C00AF2C6F4EE5D96711D26080459AD2C9F7CF2A5778DEF191 ] IpxlatCfgSvc    C:\Windows\System32\IpxlatCfg.dll
16:42:41.0228 0x2334  IpxlatCfgSvc - ok
16:42:41.0262 0x2334  [ BF933330256DEDAFA939BEBC46D060C7, F9B47A83945DF2A043384626A2EB47AE9F915048636334D9768A0B4901C84E08 ] irda            C:\Windows\system32\drivers\irda.sys
16:42:41.0275 0x2334  irda - ok
16:42:41.0279 0x2334  [ F88664A2A82DDA456180FFF95A771765, 004BBC715FE6EC0D4D2CAE978EA64C6CEA130EE10C356B7FACF0C98B51E8AECB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:42:41.0290 0x2334  IRENUM - ok
16:42:41.0308 0x2334  [ 4F500A0171606B0E37964694140FCA16, 6E29A7348395EE3EB85E2BA97E581FBF605CE1BA4651F5848976AD293CC797E3 ] irmon           C:\Windows\System32\irmon.dll
16:42:41.0321 0x2334  irmon - ok
16:42:41.0344 0x2334  [ A3B7A93F32E110949CA01DDE7C6B991B, 5F38B882DBAB4BDFCAB289721D6D5A0D85675BA580AC96FB74ED826A4800C998 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:42:41.0351 0x2334  isapnp - ok
16:42:41.0388 0x2334  [ 13BAA9B1970343AE7B7028B611E52133, 3B8A5993CCF3CBF38AAE6F8813283DFA3DF2DC4B2DDA7C3421263D0D891946DC ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
16:42:41.0400 0x2334  iScsiPrt - ok
16:42:41.0440 0x2334  IUFileFilter - ok
16:42:41.0448 0x2334  [ E320F986BBE0CD9324EA0A193EBF29B1, 9B4C7F1493377CE532361F88A0C88798F24E7EFB093DA2F0A6CB1575B9E3535C ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
16:42:41.0457 0x2334  kbdclass - ok
16:42:41.0468 0x2334  [ AFF5DDCC1A79217C9526FF5E01A69E89, 2BCD49DD8DD977B97521465B981332CA8FA8D16AB45B45993C87647FA3E9DAF0 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
16:42:41.0481 0x2334  kbdhid - ok
16:42:41.0490 0x2334  [ 916E62AF3386F7A74603E5C545F6FF2D, C5CA784F60B8CA3DE0672A816DCE14F1AD6B6783A5E6B556ED7C91337F65144F ] kdnic           C:\Windows\System32\drivers\kdnic.sys
16:42:41.0503 0x2334  kdnic - ok
16:42:41.0507 0x2334  [ 1E77B06AAC63D59B4F0EE5109026B837, CE2EAB49B9D4B26A6AEA4987DC0DE1774893BCD1278E6316F1359F095E2D1A53 ] KeyIso          C:\Windows\system32\lsass.exe
16:42:41.0517 0x2334  KeyIso - ok
16:42:41.0557 0x2334  [ 20ED00047FD6D3B8FE70226642AE7566, 419907E72DC817864B1DED5937260F55FC766C1A8E81716576C813EBA982C9F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:42:41.0566 0x2334  KSecDD - ok
16:42:41.0601 0x2334  [ 5F0A90AC0AA8C772B20AD71B87422838, 176F7C6E322098DF5033CFF0BAA267BA9D7AF7E635F3D28BC0E5F11DFECD8015 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:42:41.0612 0x2334  KSecPkg - ok
16:42:41.0641 0x2334  [ DD8C4726127CFE313233372D70787C37, 2420616FEEFC08A3F47420193A3A592D4AC5D2C817D27E5B7E4FD64153751AFB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:42:41.0653 0x2334  ksthunk - ok
16:42:41.0679 0x2334  [ 6EAF246BC12DB548AC65A4CEFB14B547, F1487051FE459DB5A751DA2A6FF1E552F92226933AF8C037FA7D660B049896A3 ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:42:41.0701 0x2334  KtmRm - ok
16:42:41.0743 0x2334  [ 2EC02DFC530560D0C01C7428E4CC9D27, 74EABA6EEEE771F19D75D9B64972B94C5308EEA5D51C0C2DB360570F1CB36F69 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:42:41.0776 0x2334  LanmanServer - ok
16:42:41.0817 0x2334  [ F8097F90811E9BB10F5B96262399F3C7, 1BDFB850ACE73E8882BBC3B18A5A7BCEE68696917D8462A159CE2763133DC516 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:42:41.0848 0x2334  LanmanWorkstation - ok
16:42:41.0891 0x2334  [ D81931EF9914A135F9ECF409DC826266, 8BA15C12B374DE555CB7D3CDFDDC42FE583625A9C29BCCDDEB432223E4DEEB2D ] lfsvc           C:\Windows\System32\lfsvc.dll
16:42:41.0906 0x2334  lfsvc - ok
16:42:41.0951 0x2334  [ 6A361ED0DE59D58CC633F7BB40AB950D, AF5315AFAAE41AAB55BB7243FD9EA2949C7F114C0ED24073751733B5A11142BA ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
16:42:41.0964 0x2334  LicenseManager - ok
16:42:41.0982 0x2334  [ 56B6326B15A14043C82ED9EA3B817E2C, F3F99397B12529FAF4B77E11A3279B882F9BF986D0DDB3F1847B8EE96C6E40FF ] lltdio          C:\Windows\system32\drivers\lltdio.sys
16:42:42.0000 0x2334  lltdio - ok
16:42:42.0026 0x2334  [ 48199253D7F6119F88294F8845F0808D, 85C014250C14425BEFF2D8B2CCF6A29D9A5DA329ECD00F1E6D4F8DB809194FAC ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:42:42.0046 0x2334  lltdsvc - ok
16:42:42.0104 0x2334  [ DCF6F1AA7A51CC08FED089363F83316E, C80FB26A6172510F3AD5E4D636AA49AD5D931FB47BECD9E8507F781D88917710 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:42:42.0127 0x2334  lmhosts - ok
16:42:42.0160 0x2334  [ 20048BEE892138A745B1C23EBB0E069F, B526035CE839BADA6ABC0A0CBFFDFA5267F4EB668AE201871E61E0011518843E ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:42:42.0170 0x2334  LSI_SAS - ok
16:42:42.0175 0x2334  [ 9EAB16572B576979D585DDEDB12417CD, 97C37DFEA309E27E4AC50D1F4C7C3D1FB9661E0DEBB442D620D8E460F9FC9966 ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
16:42:42.0184 0x2334  LSI_SAS2i - ok
16:42:42.0188 0x2334  [ 3B7B359C0870317106DF3438D4FF491D, 5EDF767D79EF49210DD3BCC00D7629600DD522B29A2B9A9D7805076ECDCBFD1D ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
16:42:42.0197 0x2334  LSI_SAS3i - ok
16:42:42.0201 0x2334  [ 2DE03BA338A4B0ACDB416A30F1C7D56F, CF2218EA8C67CC13893B286B0904F28FBFE5AA818CC3AD1C77120B7B6E80031F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
16:42:42.0210 0x2334  LSI_SSS - ok
16:42:42.0256 0x2334  [ A4ADC59A58724CDA67A7AB93457EEE43, C5CEFD57A31A7C377ACF3F5A071646DA358079F9BEB602B96C14392FC2D57539 ] LSM             C:\Windows\System32\lsm.dll
16:42:42.0303 0x2334  LSM - ok
16:42:42.0336 0x2334  [ 9A497169E145FCE2D8AA7DBC67377F64, 3FA4CE7455ACBB32DECA8BC7EAD0EC1A0E123CBCBF8781FBB16453455AB9F0FE ] luafv           C:\Windows\system32\drivers\luafv.sys
16:42:42.0356 0x2334  luafv - ok
16:42:42.0517 0x2334  lYPSOZm - ok
16:42:42.0537 0x2334  [ 3520DE00ABC5EFF0DBAFD41129AD970F, 821F9D9AAA6D8B08BEBFB76DAE5A8CCFB598789510A93D3DD4F149A39EE5D6B5 ] MapsBroker      C:\Windows\System32\moshost.dll
16:42:42.0552 0x2334  MapsBroker - ok
16:42:42.0570 0x2334  [ BF56CB9D02DEE8CA9CBA50220BE16F15, C6380ED59AD7B9CC9451A24808E193454CF15D90A2C1DAF22FBD3380B150F96F ] mausbhost       C:\Windows\System32\drivers\mausbhost.sys
16:42:42.0586 0x2334  mausbhost - ok
16:42:42.0605 0x2334  [ 01BDEE1FFF6D2216797DFEE4ABD937D9, ED247E6F87ECA39A7D479CA7E386D85CE8B2978164E4E9876196176F393E1235 ] mausbip         C:\Windows\System32\drivers\mausbip.sys
16:42:42.0613 0x2334  mausbip - ok
16:42:42.0622 0x2334  [ C7B8B5053D646CBD30BE1BA6B487D396, E3864D4CE619D67E284C64A4EAA8843FB49BC2B8CC8659F4C4B89DB6701468CB ] megasas         C:\Windows\system32\drivers\megasas.sys
16:42:42.0631 0x2334  megasas - ok
16:42:42.0635 0x2334  [ EB8ED3204499DDB2D3BA094A4563EE3E, A5D0095D575B241CA66CAD86280170803E7042F51D3654FCB03D7EA2347E261B ] megasas2i       C:\Windows\system32\drivers\MegaSas2i.sys
16:42:42.0643 0x2334  megasas2i - ok
16:42:42.0666 0x2334  [ F1C1D4E752DE1D58295040E5BE8813AF, 4DE17C5FCE63AFD545B16FA16A38F7395F29155FE165E7B21BC028CCD2A4B18E ] megasr          C:\Windows\system32\drivers\megasr.sys
16:42:42.0684 0x2334  megasr - ok
16:42:42.0707 0x2334  [ F1E754DEEB3369BCCE2228D5C10DE101, ECC894FCF4C3F2364883BA55242C432E9E416D93E71B67985DF24ECB39F9BAC4 ] MEIx64          C:\Windows\System32\drivers\TeeDriverW8x64.sys
16:42:42.0720 0x2334  MEIx64 - ok
16:42:42.0730 0x2334  [ 4965456A1B4B3039E4B9AB233F5E9B1E, 3C303FE2BF9B38D73D005EA673C9500731125D793F4C77130F9BA8D745579591 ] MessagingService C:\Windows\System32\MessagingService.dll
16:42:42.0744 0x2334  MessagingService - ok
16:42:42.0850 0x2334  [ 16B078D1089FEA98710C9D07C152DCEE, A42C28E12F1BB21E907C1308447AD63DDF8FA5B2734A199A6EBE3824F3D1235C ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
16:42:42.0881 0x2334  mlx4_bus - ok
16:42:42.0899 0x2334  [ 20C57CE47B1A877C48A4B68E9A4E21FA, 35F98286F0665C5E06914F04F174476FBB41823564EDC55E351FCE211E2C765F ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
16:42:42.0911 0x2334  MMCSS - ok
16:42:42.0933 0x2334  [ A4467A5C080318F0CCCF5ED463821F8B, C8ECD63245B19807BAA92C3F3F87643A2F6B178395ABB15BD54D9DE68CC1A09B ] Modem           C:\Windows\system32\drivers\modem.sys
16:42:42.0945 0x2334  Modem - ok
16:42:42.0990 0x2334  [ 78BE85C1F1C7F3AF6C87BCE127007D5A, 5D5229FBCDC855BFF9BA3247BF4EF8E22764CFC1EC974FD5AB2D9E6293EF15A1 ] monitor         C:\Windows\System32\drivers\monitor.sys
16:42:43.0010 0x2334  monitor - ok
16:42:43.0019 0x2334  [ 8E262B34A8BD184B4B3025AA8C396B00, B48AB637A92894318DC0A33CE55519D8FBD7B31177FA3C4CA33D8609D4FC0058 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
16:42:43.0027 0x2334  mouclass - ok
16:42:43.0040 0x2334  [ C094A555F148495EA130D3BBC5232D5E, 32E823C20FED94DB23F72F67DF1A2C043CA6179A543F3BD24FCB5500BA00A37C ] mouhid          C:\Windows\System32\drivers\mouhid.sys
16:42:43.0053 0x2334  mouhid - ok
16:42:43.0093 0x2334  [ 8209AC7D3F8AF41E3A14D022CD1F2040, D5B325AB8E7B354BCA3550ACD03FF5AC27B5C04A1D10C9FA4686EEA34D7293FE ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:42:43.0106 0x2334  mountmgr - ok
16:42:43.0138 0x2334  [ C637103F1C054951ECDFD116A87522E1, D7F2E1AD667B701936B58D03B3926D287590FA9C0B3B2590A21EC9D670558EE3 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:42:43.0157 0x2334  mpsdrv - ok
16:42:43.0209 0x2334  [ 4ABF7D7C44354807174EC36965B49C76, 3F57C8794F2CBFFE098B614418BBA8FC051E8DD798313228B4E03E101FCD9791 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:42:43.0264 0x2334  MpsSvc - ok
16:42:43.0487 0x2334  [ 3524D58AF248AB902F5BA152DFF6D617, E74E4A104F6C710B681982D173ABD88D774FCCBD7522269D29E5BA293270728B ] mracdrv         C:\Windows\System32\drivers\mracdrv.sys
16:42:43.0721 0x2334  mracdrv - ok
16:42:43.0949 0x2334  [ 8B9816C948BDA92C0AEAABDB02821F02, E730734649552BDDFD9A018D6011DDEFF45FA8BA2C2A5DE4355C23A3FD70F40A ] mracsvc         C:\Windows\System32\mracsvc.exe
16:42:44.0173 0x2334  mracsvc - ok
16:42:44.0210 0x2334  [ DAFBC585B0EE92CE047219778C033A17, 5DF3C94D71D9A29F2AFB4A291B8C0A88FFED5AABE9D4297C96E194EC18C59CEF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:42:44.0224 0x2334  MRxDAV - ok
16:42:44.0259 0x2334  [ 71729B1EE949E1B092CB5CB75CC63715, BEA57BD3C2BEF261021DE706E67FF2836F52A7B21B2B3B2F0F5D76D20685614F ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:42:44.0276 0x2334  mrxsmb - ok
16:42:44.0296 0x2334  [ EC70CED325D4DF908F265A9526016254, 257F73C62460B7CED87E8090977B77986FF55FC6E6EFBACCD7D0A33E366767D6 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:42:44.0307 0x2334  mrxsmb20 - ok
16:42:44.0327 0x2334  [ 167408B38458ECAE545C57527BC99024, CB699B6C6F5B6DCDE85F8F0E40DD31B8066600A0833E5CD99ADE31DEC516B34F ] MsBridge        C:\Windows\system32\drivers\bridge.sys
16:42:44.0342 0x2334  MsBridge - ok
16:42:44.0366 0x2334  [ D5778559A0F34EE0BF0457293C6B5F4F, 73C0829F641F62CBFC0523ED54D94121E3A694ECCF148DBF4A5743631BADB714 ] MSDTC           C:\Windows\System32\msdtc.exe
16:42:44.0383 0x2334  MSDTC - ok
16:42:44.0426 0x2334  [ DC23D3D24C64BF3A314E34887AD86732, 5CF60E096CF13976759CBBBAEA1DBBE189A77843C6B32828C77F7BFB6506CCAD ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:42:44.0562 0x2334  Msfs - ok
16:42:44.0566 0x2334  [ 6DDDFCAB646BBBCFC583135C4430E10F, 5EFD3F4F84EBEEC58914D5CC89622D69F2DBDFB7EB9AD8D9A0868127187FD673 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
16:42:44.0574 0x2334  msgpiowin32 - ok
16:42:44.0607 0x2334  [ 01C6A86BEA8279E557A5056148F068BF, 42983A61654F51515AC6DD64A68D319883FD02B3EC575F7EA7A907576866F0AF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:42:44.0619 0x2334  mshidkmdf - ok
16:42:44.0622 0x2334  [ F65ABC7DE945047147F17330F79732CB, 050C64D7284D767C951E94EFBA579D0E066C36CA1899A2C64CEA41A34B8E9EF2 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
16:42:44.0634 0x2334  mshidumdf - ok
16:42:44.0655 0x2334  [ 05B23012427801E710BDD12720B9020B, 48FB22CFDF61AAE4221B3B23E539C08083289FB0CB5ABF249700DDF968C7250A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:42:44.0663 0x2334  msisadrv - ok
16:42:44.0692 0x2334  [ 21B88DF67507BD4DFF8A5487074BB31F, 5F2E1FB6227873DCA97D1BE6271E900AFA6BCE54D765C9BDBA07B74FC87B147B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:42:44.0709 0x2334  MSiSCSI - ok
16:42:44.0713 0x2334  msiserver - ok
16:42:44.0733 0x2334  [ 021C34C1968B78ACFBF30553EE78A1D3, 035C8D6F06A3697F0A902FB14F10091D026DB0A7492FAECD12D5A7F683C48A20 ] MSKSSRV         C:\Windows\System32\drivers\MSKSSRV.sys
16:42:44.0762 0x2334  MSKSSRV - ok
16:42:44.0766 0x2334  [ C3F5EA6B9041A30B4F11BE2E7863E487, 07324A9D81D30A173D3F369AA1A304AD7713C7CCF9909C6427718F0F90CE49C9 ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
16:42:44.0782 0x2334  MsLldp - ok
16:42:44.0786 0x2334  [ 601D666820F0408B896791D19BE6D258, DD6BA3962A6D387D9F06B6D7006DBB2BF46D84A8FA91C628DA9D96117F14F4F0 ] MSPCLOCK        C:\Windows\System32\drivers\MSPCLOCK.sys
16:42:44.0798 0x2334  MSPCLOCK - ok
16:42:44.0800 0x2334  [ 46E61FBA0097E48E5628C74A3F72233A, 21BD64041781085A7873ADA34C3648FBBBED386A071C69F21D98F2A0C3120DC6 ] MSPQM           C:\Windows\System32\drivers\MSPQM.sys
16:42:44.0812 0x2334  MSPQM - ok
16:42:44.0846 0x2334  [ 1A749D2727A63191F850E37385B182B6, 5D0078BFA9866A879B8CBCA6C7C49542615627B96086C73F02C0498AE84A7CEB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:42:44.0860 0x2334  MsRPC - ok
16:42:44.0881 0x2334  [ CBD56E0B55FB3672BA80382EC2F8835C, 1956E9B20A363B715C2111138D2085AA28FEDA7A82228CB4D8CE7ACC578E4DDB ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
16:42:44.0890 0x2334  mssmbios - ok
16:42:44.0903 0x2334  [ 5734B2A36D3BB13A638E5305EEEC582D, 613D559ED892EC4ABDF80F2435892895677F97902E699BE30283C150ABA49877 ] MSTEE           C:\Windows\System32\drivers\MSTEE.sys
16:42:44.0916 0x2334  MSTEE - ok
16:42:44.0927 0x2334  [ 85270E0DC6907C6B99F72A36F17AED34, 58C0BBF9CC9E42266C8AF9AB9FEC77442F96C7C6D0DFCFAAB763DAD30B1B7939 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
16:42:44.0938 0x2334  MTConfig - ok
16:42:44.0964 0x2334  [ DD673D9422457EFCCDEE45C73C0DF241, 7FDE57422416F4339344F765A1A4A9D1D59D66D74121F6082ECA562F91E71445 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:42:44.0973 0x2334  Mup - ok
16:42:44.0998 0x2334  [ 3C57FF3BCF496D24C39C2198158864BB, 8671DF39AE5DD83033EC70BF8A502ED027B33B90FFC28AC2C79EC8F2F9128C14 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
16:42:45.0012 0x2334  mvumis - ok
16:42:45.0067 0x2334  [ FD916B66910494DFF70C944FC38A2623, 134E9309DA253E5512F8EFE525ECB701E82CB64003DD8DC20E8395A29BDC9324 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:42:45.0091 0x2334  NativeWifiP - ok
16:42:45.0133 0x2334  [ 870B3D0E1A8F6F01356BD75F2E47E0C1, 88EC0AA1144F1523B7DDD6BCAF8771CB246153B14E950AA6F4859FB8287D6634 ] NaturalAuthentication C:\Windows\System32\NaturalAuth.dll
16:42:45.0171 0x2334  NaturalAuthentication - ok
16:42:45.0195 0x2334  [ FBA9F5B9F59A665F248F70B905EDCE14, D2C1795192809F6413E080A9ADC949A4D99D0FC6BE668870127161474FF40596 ] NcaSvc          C:\Windows\System32\ncasvc.dll
16:42:45.0222 0x2334  NcaSvc - ok
16:42:45.0272 0x2334  [ 2A265F3FE5F77F22CEA9D2785E0399C1, 24FF1D06A2A05DC7A2D7552E0B45CF6F689A4FC9A135474B587FA7649BCFED3D ] NcbService      C:\Windows\System32\ncbservice.dll
16:42:45.0294 0x2334  NcbService - ok
16:42:45.0299 0x2334  [ 3C7E074AE41D8DFB41A9E65904D8BF43, 34890591FDCEC035D3BB021DB035A4728C415A70F55D88F21E39073040C912AB ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
16:42:45.0315 0x2334  NcdAutoSetup - ok
16:42:45.0337 0x2334  [ 77B047B109CE758A017F58FAE5038D0D, 8E9E4ED5128C506B696FD5F0E8AD0D11FF53B5DD2F88860FF8F60307A7E08DEA ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
16:42:45.0347 0x2334  ndfltr - ok
16:42:45.0384 0x2334  [ 25D126EFFEC0B117DA4C81F7AE6C99FC, 86B7472B4C4B7564FD921FD48125D3692249B269BEE0DEF55097123309EF2306 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:42:45.0431 0x2334  NDIS - ok
16:42:45.0446 0x2334  [ 067AE5BA349CC35AF8975D22DC483DDF, FEC185ECDA27041506DF74528AA65B32FEBB06E32A55C8F7BA161A755C6659CF ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
16:42:45.0458 0x2334  NdisCap - ok
16:42:45.0470 0x2334  [ 6FC4D7EB5D38CFB7966405036116F065, B3E9083ABE7AD797FA54FB1308AA57D49C9B7BA662B09607666B23777F6167C8 ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
16:42:45.0485 0x2334  NdisImPlatform - ok
16:42:45.0564 0x2334  [ ED7CC4E16B76B2603C9F827188EA63B4, A6E739D219F50866051A08867844BDA878D6FEA33E91DEAC1948A55CDC5BEB9F ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:42:45.0703 0x2334  NdisTapi - ok
16:42:45.0714 0x2334  [ E9676E94DEA144259344A15D68785B17, 8FFF34D44E4E7E2EBE9C9337BA8E713ACD6344551C709A5537900290C51B66B3 ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
16:42:45.0748 0x2334  Ndisuio - ok
16:42:45.0764 0x2334  [ DC1D26D62F40B7552BCF49D92774F0C5, 3DD7CE2AD578101EFF8C1448800A1317F01893AF6E559C4DCCD9F6ACE4B027E4 ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
16:42:45.0781 0x2334  NdisVirtualBus - ok
16:42:45.0804 0x2334  [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
16:42:45.0822 0x2334  NdisWan - ok
16:42:45.0848 0x2334  [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
16:42:45.0865 0x2334  ndiswanlegacy - ok
16:42:45.0876 0x2334  [ 8ABF5B8D5839F8DAE2E0D3165AE732F6, CD382FFF8A71FD85B92EEE76647481AC45BD2A5815C012520A89A18EEE6E01AC ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
16:42:45.0887 0x2334  ndproxy - ok
16:42:45.0905 0x2334  [ A791792DC412CCD83DA0AF6871682552, FE1A30A6D1501463CF8AAC3AD8CE114ACFEDD38CF9BD6B2247B84E41D74A9E6B ] Ndu             C:\Windows\system32\drivers\Ndu.sys
16:42:45.0920 0x2334  Ndu - ok
16:42:45.0932 0x2334  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\System32\drivers\netaapl64.sys
16:42:45.0995 0x2334  Netaapl - ok
16:42:46.0020 0x2334  [ BE79982A50AC88BC0765F3AFECFCB596, 1E7CACB1095C3F1D10766E15B31DEE195C1E6954D4E7ADA141CA4C15EE3DA445 ] NetAdapterCx    C:\Windows\system32\drivers\NetAdapterCx.sys
16:42:46.0037 0x2334  NetAdapterCx - ok
16:42:46.0070 0x2334  [ 80475A12D4AA90937CE69265BAFA993F, 8100BF2A621D43C5E79C58183F9F7E882076BEA2D524D3AED87C8D0790F0F154 ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
16:42:46.0079 0x2334  NetBIOS - ok
16:42:46.0113 0x2334  [ E258CE8B8053518AF47610BC0486E915, 9E694CABF14A2254DD93617A41842EFB8335A9CFA5D4BDD2FE91B5860F98CA59 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:42:46.0152 0x2334  NetBT - ok
16:42:46.0175 0x2334  [ 1E77B06AAC63D59B4F0EE5109026B837, CE2EAB49B9D4B26A6AEA4987DC0DE1774893BCD1278E6316F1359F095E2D1A53 ] Netlogon        C:\Windows\system32\lsass.exe
16:42:46.0185 0x2334  Netlogon - ok
16:42:46.0206 0x2334  [ 94BC40F88309B0B7DFE68B2C2BB15EB6, 7E485F6A3F0B1C34C59D1F36EDE05ED9724E23FF63EA273910A02D8177905D9B ] Netman          C:\Windows\System32\netman.dll
16:42:46.0226 0x2334  Netman - ok
16:42:46.0252 0x2334  [ 79ED54CA41486399361778D533E55A99, 17467C0C0D4D099DC7BF2BDE46086AF4AFC28895C62A35AA6A3906C19418AA32 ] netprofm        C:\Windows\System32\netprofmsvc.dll
16:42:46.0290 0x2334  netprofm - ok
16:42:46.0325 0x2334  [ B368E739AF3F577EA8D1B256F91036AD, 48BF739A0448F57B2BB0DA891D478D284A5C7F44C61D6E4F8131EED4DF7CFFDA ] NetSetupSvc     C:\Windows\System32\NetSetupSvc.dll
16:42:46.0370 0x2334  NetSetupSvc - ok
16:42:46.0460 0x2334  [ C986B84B68DDA3EECB65F4C330175522, 8F40D3F90BC61FC57BEA66280FF30DEFB1F37F53636992B1C61D01465684BB39 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:46.0470 0x2334  NetTcpPortSharing - ok
16:42:46.0493 0x2334  [ 8AED8AF4CBF661E82CF74CBF198B0C56, 7208216C9E6A938E2CCB2F510D4A6F00F35E1AAF3FE0E6D7272F5543B843EBFC ] netvsc          C:\Windows\System32\drivers\netvsc.sys
16:42:46.0521 0x2334  netvsc - ok
16:42:46.0560 0x2334  [ E27ACE78CA1BDF4FBBF3323D6E9AFCDB, 7930C172AD493E39712A0F4B1AF4ADFB4ABD499B00FEEA2E1D5C9E5A26105EFC ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
16:42:46.0587 0x2334  NgcCtnrSvc - ok
16:42:46.0627 0x2334  [ AD879D8DF91ADFE5A87DB9653D6DFB49, 9EC82BA2466CA118136A941A37D6E5B0EFFAA94D0980921E92788B576EEEAA30 ] NgcSvc          C:\Windows\system32\ngcsvc.dll
16:42:46.0671 0x2334  NgcSvc - ok
16:42:46.0674 0x2334  NGS - ok
16:42:46.0715 0x2334  [ 7F609310AC1EC8D66D912438AC792392, C61FAD8431F3E627E9D81DFF95A37C057ED4EB3F3F78A598D5BD236D194EB612 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:42:46.0741 0x2334  NlaSvc - ok
16:42:46.0776 0x2334  [ 8F5C7C21B1A7D8ED8ED5FB6C50C3A81C, ED7F7461D65785BC8D556D8815927B346ABB4552E260C8A698FF285DFFDC7CB1 ] nldrv           C:\Windows\system32\drivers\nldrv.sys
16:42:46.0788 0x2334  nldrv - ok
16:42:46.0830 0x2334  [ 45860C8FAF034B9B48CD4D1B03E52B17, 82CC4FA35BFE390B42BCE94B4FF3551F6E7BBFDA83665DDEC7160F3C9DFA95B0 ] nlsvc           C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
16:42:46.0843 0x2334  nlsvc - ok
16:42:46.0887 0x2334  [ EFF488F6DA45224965B30CE1AB464C08, AC1D0C3175958CD3F9E311C545044B9A847D6F8C89907CAB2CD3C73EC6E1836B ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:42:46.0898 0x2334  Npfs - ok
16:42:46.0901 0x2334  npggsvc - ok
16:42:46.0929 0x2334  [ 5CB8082E51DE7D19042F0FF8C517CB0D, C0C5389E097D520018C346ECBF8AF9928FB44D9AD7B0EFD2D44E910214580A1A ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
16:42:46.0942 0x2334  npsvctrig - ok
16:42:46.0971 0x2334  [ 54407F4E774AE8AD37885BBCC0FFDB3E, 7A22A15A5EC874682FF04B35A69867A476FE88A97E27AA3A9C3F32E4B31D160F ] nsi             C:\Windows\system32\nsisvc.dll
16:42:46.0996 0x2334  nsi - ok
16:42:47.0036 0x2334  [ 201F3764A379001168DFB2B90F7C1E57, BC5662D43B073B41E3810938FAE511E82AD3F69DDE8B73C23D7EDBB3E6364B5B ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:42:47.0048 0x2334  nsiproxy - ok
16:42:47.0126 0x2334  [ B1864645F8CBAA45269F8A0C9B946EF3, 295681CCED26BBE2017B5C25C084A4D76A7E781FCCDA7FFADAE72EC149E316AC ] NTFS            C:\Windows\system32\drivers\NTFS.sys
16:42:47.0201 0x2334  NTFS - ok
16:42:47.0233 0x2334  [ 6D8A287B88F76EB47ACC6BF8E318E1FD, 73A8A8AD677D9BC432159B0099C2BF3928C14D2E5C88E5BCC8B96FCDFA3ED691 ] Null            C:\Windows\system32\drivers\Null.sys
16:42:47.0243 0x2334  Null - ok
16:42:47.0276 0x2334  [ 532F27A2B62D70C327E763F035AED6C1, 9FB6C8040D48384BC72A2021EAD7D48B5E876731849FBA68338EC3562E7CB659 ] nvdimmn         C:\Windows\System32\drivers\nvdimmn.sys
16:42:47.0288 0x2334  nvdimmn - ok
16:42:47.0324 0x2334  [ 4FD4739B359C2923965FE99B03AFD090, 02D52056A7605B9413747B41CBA2A904FAB025250FE64DFCD435606EF898A73D ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:42:47.0334 0x2334  NVHDA - ok
16:42:47.0707 0x2334  [ EABD1586205A5F09D8EDF48D4D996561, 5D0F06BED2D4194994E00F86594964F631FFA883F24FB38673D0F51EA7BAB867 ] nvlddmkm        C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_485c1c3102021986\nvlddmkm.sys
16:42:48.0089 0x2334  nvlddmkm - ok
16:42:48.0125 0x2334  [ 7E04652EB1A476BC0A72ECDC613AF0C5, F356C5F7B1C30253F4F8A3E45AAA8C82940DBE1F208D81043D7D89EE54355890 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:42:48.0136 0x2334  nvraid - ok
16:42:48.0145 0x2334  [ 880B3E874914DAEF97119876543AE117, E41A633F5C2519438FCA0A85F134061224C39AB82EE61F3B80043E21985A80D7 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:42:48.0156 0x2334  nvstor - ok
16:42:48.0214 0x2334  [ F98291305A625C74F297D30F8234C2DD, 5C12B39B6B2BC1EC4A7E78EBABE2F5607788DCACE4F21EB9D0702F44FCB23C80 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:42:48.0220 0x2334  NvStreamKms - ok
16:42:48.0311 0x2334  [ 44460CB81DF0F5786AA5072CD94B3105, 91576F97A42D99F8BCFD98E61C40148284B5E5860532F47631E0EB5FD9D253CF ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
16:42:48.0327 0x2334  NvTelemetryContainer - ok
16:42:48.0354 0x2334  [ C8DA3CC1980C0B7695C3B87562C78BA4, 5DCFD78D3D8281040C0D7CDDD65F19778B388721A5F41852F51032F532E58F93 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:42:48.0360 0x2334  nvvad_WaveExtensible - ok
16:42:48.0380 0x2334  [ E880D79F0EF4C349D734274AD8A7DFC0, 0EF3C81E35A1DA82355FA1BD8BD4D57EF8FD687343A72066E32B30EBC6A49475 ] nvvhci          C:\Windows\System32\drivers\nvvhci.sys
16:42:48.0387 0x2334  nvvhci - ok
16:42:48.0412 0x2334  [ 54EFF5C0838ABFCBBF1F47B5B9B5031F, 0895649806196B2C75013585F9C93397AB3F64817CDC4CCD17ACDE6B01F3DC38 ] OneSyncSvc      C:\Windows\System32\APHostService.dll
16:42:48.0439 0x2334  OneSyncSvc - ok
16:42:48.0470 0x2334  [ 956A691F95A6438A0B7A7D2FEFDBE3CF, 73F971DEC7383ADB85FA10E65842D7C8338E724B27A020E11350E1FA330012DE ] OpenVPNService  C:\Program Files\OpenVPN\bin\openvpnserv.exe
16:42:48.0476 0x2334  OpenVPNService - ok
16:42:48.0503 0x2334  [ E0406C2951A24073AB920705A9CC9D59, D4865B7B9812CEAB1D18F7FFE3C6AAA90538C91E4A6B61199F84B9A5BE5A6D3D ] osrss           C:\Windows\system32\osrss.dll
16:42:48.0516 0x2334  osrss - ok
16:42:48.0555 0x2334  [ 3C899D21CE920195CA987756769B1820, B2FACDF82CF8E2EA263CB6B2FDB3CF66B41D01D014F2BE1A683513971D050C3C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:42:48.0581 0x2334  p2pimsvc - ok
16:42:48.0604 0x2334  [ 35E6495236E917BDFD9659F62EFE2E33, 4B4AE686C7D2A9B7D496E62162E984CCCE79D6E42223F5B3D2EBBC7E526EA85C ] p2psvc          C:\Windows\system32\p2psvc.dll
16:42:48.0638 0x2334  p2psvc - ok
16:42:48.0643 0x2334  [ 2E07EC2C1622F5E7B535D62DCD61F3AB, 5FECA3CD9AF531E59B1A0FE04AE8BA22F3C929EB6AA5B2171C88A788AFAA8115 ] Parport         C:\Windows\System32\drivers\parport.sys
16:42:48.0654 0x2334  Parport - ok
16:42:48.0686 0x2334  [ 681E8A68C13253D23B93953FDE569120, 77B06B881999600DA85C6EB28BAE707D06B1D2BA0CFF2957689FDEBFD4BEEE10 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:42:48.0696 0x2334  partmgr - ok
16:42:48.0749 0x2334  [ F1B8C449D0323C6E47A8356F335F1151, 2BC06D7586EEB676D885AEAABD20D92D728283D4178F4E4F57FA7AE77C2B8E6D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:42:48.0769 0x2334  PcaSvc - ok
16:42:48.0815 0x2334  [ 7C90A0581701F00D83C3E1D6CE98CC43, 5B85E25C07666B3B30E74A98B53D34E43E7DBD7B89744C86E4F3915C6C5AA7B1 ] pci             C:\Windows\system32\drivers\pci.sys
16:42:48.0830 0x2334  pci - ok
16:42:48.0875 0x2334  [ E5AF806815ED797086629741F29E4156, 1AD39A8DD564807EE11775C1C69129184A28B7AC4ED66E47CBE657C9215986C4 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:42:48.0882 0x2334  pciide - ok
16:42:48.0899 0x2334  [ 2A631D447B988AFBE847CBAA8E5CC298, 65D52E0E7F16EFFF8926E4FF97B42ABB2C5F1125FB13F521143712E3F9028FE7 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:42:48.0909 0x2334  pcmcia - ok
16:42:48.0945 0x2334  [ 6F55F5AD830F8EA1D37ED23A0CBD7112, 40E7BE7CA194F5742BE24E1E391A5B833B0E7243DDDF05B332C5D26FB3086D13 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:42:48.0953 0x2334  pcw - ok
16:42:48.0977 0x2334  [ 1796112EB89559910BC18865A29C8894, 3EDACF3FDFB4164C1F07BAE7ABCA4E8DC5DBADE11C73F18546E5FE2A10CCDEA8 ] pdc             C:\Windows\system32\drivers\pdc.sys
16:42:48.0986 0x2334  pdc - ok
16:42:49.0043 0x2334  [ 7D9F4EB1450CFB32D708BF943C170475, D94EA6B775414031273D0C55BBAAEC07D780B7226859F22A26772B104BA302BD ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:42:49.0070 0x2334  PEAUTH - ok
16:42:49.0096 0x2334  [ 35FD028E4323018202C0B7D115FD3AEF, CA0CA9EF7A6496EBD35C775D0BD9CC814B07391B69C83938C90926D316A336FD ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
16:42:49.0105 0x2334  percsas2i - ok
16:42:49.0116 0x2334  [ F9F3D8BE9BC9241CC726197261362AC4, 0AF0EBD551B3C079C7A5EA568A171B43F822C4AD0177A8135FBF315813108535 ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
16:42:49.0125 0x2334  percsas3i - ok
16:42:49.0183 0x2334  [ 8C0C30BDD3CE3FC34A59B4B101162ED3, 9A89007DBBD936F985D562B3C686ADE49ED947289500A2D776BFCF9B4DF478BF ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:42:49.0213 0x2334  PerfHost - ok
16:42:49.0269 0x2334  [ C811E13F01FB77570B727337BBCF64B8, B37FA2DF1607F1B4443BDB94C5AC95A66A498A0FF51C2C9C2F4E1D5C7400B949 ] PhoneSvc        C:\Windows\System32\PhoneService.dll
16:42:49.0300 0x2334  PhoneSvc - ok
16:42:49.0354 0x2334  [ D59CD92CE3784678C09B8DF518A8E1A6, 7D5B05D50EA66BAB6B8436A5989F5CA17DC35DB02E445CDEFDADEE0BEB3DE2C8 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
16:42:49.0370 0x2334  PimIndexMaintenanceSvc - ok
16:42:49.0448 0x2334  [ 73B5A132EBF3A8075A7C68DFBB4DE719, 847FC2A2B4C1C65BFEFBBF90C2EB99378E2FDE469425F141BC75D1874F94658C ] pla             C:\Windows\system32\pla.dll
16:42:49.0530 0x2334  pla - ok
16:42:49.0573 0x2334  [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:42:49.0590 0x2334  PlugPlay - ok
16:42:49.0594 0x2334  [ 36D43EA5517F3F4AAAC8EE061C957EF1, 970CBE8F689C26C384B8F4E6D0C68BB07434C4776B497E310A603A896AED05E0 ] pmem            C:\Windows\System32\drivers\pmem.sys
16:42:49.0606 0x2334  pmem - ok
16:42:49.0618 0x2334  [ 59048555B59FD69287CFAB6022B5CC86, 733D3F1DBF75D6A5A015E6F849216E1954813F86E5D3B05B4AF0E9FD523FC646 ] PNPMEM          C:\Windows\System32\drivers\pnpmem.sys
16:42:49.0628 0x2334  PNPMEM - ok
16:42:49.0639 0x2334  [ 7815D5EEE3624640150B1365EB2E98C5, 2E45B211F40510554E5BDA876E53497FA4A8465A152F77CF38CAD38CC6F47C8A ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:42:49.0651 0x2334  PNRPAutoReg - ok
16:42:49.0659 0x2334  [ 3C899D21CE920195CA987756769B1820, B2FACDF82CF8E2EA263CB6B2FDB3CF66B41D01D014F2BE1A683513971D050C3C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:42:49.0677 0x2334  PNRPsvc - ok
16:42:49.0704 0x2334  [ E1BCA08929D806A087D90BC11C6020E8, F9FE2E761F0F00C4A0C221D25069348185C75CA350DDD1407A6401220227A9F6 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:42:49.0726 0x2334  PolicyAgent - ok
16:42:49.0752 0x2334  [ A3CCFB8A5BD48F56EF2ACB4A427A1AC7, 03A6F53C44A90D2FAE1F0C212606C484AE0DFBFDF6675497FF0FBAB46D17B268 ] Power           C:\Windows\system32\umpo.dll
16:42:49.0769 0x2334  Power - ok

385ideal · 11.08.2018, 15:48

Code:

ATTFilter

16:42:49.0798 0x2334  [ AACA74DEF7BE3DED322411787494878B, 86BAF7E855077A03F4B8C0778304CFDB9D0CF245F82B87CD60CAB666D1D17D9D ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
16:42:49.0821 0x2334  PptpMiniport - ok
16:42:50.0233 0x2334  [ FAA5FBD37C00DE72573F9BF6B6E64BAD, AEF599C9D47ED197FAC54326E99114AD7EAA107A0248C77997D353A7B5C06FBB ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
16:42:50.0374 0x2334  PrintNotify - ok
16:42:50.0396 0x2334  [ 8803D4F36F1CB2E2203F5EB59571E89C, 0C83A8706CDB7400CCAB145211793B8C6153D30CA50843A5E3980536F2A38C11 ] PrintWorkflowUserSvc C:\Windows\System32\PrintWorkflowService.dll
16:42:50.0413 0x2334  PrintWorkflowUserSvc - ok
16:42:50.0459 0x2334  [ C009BE61D95CAD5F999D0F4785AEFB7B, E834AEB963E4FA8DBE9A9E69BD2212C001EF9F5461719EFB80C55C87450AFD73 ] Processor       C:\Windows\System32\drivers\processr.sys
16:42:50.0473 0x2334  Processor - ok
16:42:50.0515 0x2334  [ 5660B827F4D484E3329E3714CAED957D, 2A7A810429463BB204C92DBCDD5445FF11174FD45C30C617B9F939AD6DBDFFB5 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:42:50.0537 0x2334  ProfSvc - ok
16:42:50.0550 0x2334  [ 5818FE76C3C6AE0CA723EBE483BF447F, 613E1FE02FA52A6EF4B1E5C56F0108D493B1E97F799CF409A6697A5D5112C8B3 ] Psched          C:\Windows\system32\drivers\pacer.sys
16:42:50.0561 0x2334  Psched - ok
16:42:50.0598 0x2334  [ 15DA6327829E1E0440DB2465194CFCE2, 1FEECB8F4852EA4A5C58331D6971B6B941087C100F488260F15FCCC6038795F3 ] PushToInstall   C:\Windows\system32\PushToInstall.dll
16:42:50.0617 0x2334  PushToInstall - ok
16:42:50.0639 0x2334  [ 034BA34ADFA10F9D7E4989273DDABA33, 8763D28817A64F0D82B61EBA1FA54D7E0C97E66FA3F359C1A681740E1AF680C2 ] QWAVE           C:\Windows\system32\qwave.dll
16:42:50.0659 0x2334  QWAVE - ok
16:42:50.0666 0x2334  [ 16F9A6B593B52EB18F7ECB9D251BDF7A, 5DD26B91DF51A07097A893F3537F94FE2CD1F9D132B0994451E922CE1359516B ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:42:50.0678 0x2334  QWAVEdrv - ok
16:42:50.0699 0x2334  [ 13600C467512147E99052806F2C1307A, 705257F42FA3502113958A295E0E0FED9C6A35DB6214099360606E792F69B1C6 ] Ramdisk         C:\Windows\system32\DRIVERS\ramdisk.sys
16:42:50.0707 0x2334  Ramdisk - ok
16:42:50.0745 0x2334  [ BD6EF1748DC3DBACEC97B87B6252AAC7, D5D8FF60403BC0B1B315B3413D15E47FE64C63D8F1AC28225DDC21E41BD8A7E5 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:42:50.0766 0x2334  RasAcd - ok
16:42:50.0793 0x2334  [ ED0EE10911C16AD8B21B9003C90E968F, CFB280D14F629E87BBBDA83841E4B3DD8866FB8382FF17D3E807BBFBBC3BAC1A ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
16:42:50.0805 0x2334  RasAgileVpn - ok
16:42:50.0834 0x2334  [ 54D8A771A5C32C293288E64ABE07FE50, 073F65F1F910C4887C7F60992F5C50629EEA5F4AA8182206D73F2FECE56AB6BC ] RasAuto         C:\Windows\System32\rasauto.dll
16:42:50.0849 0x2334  RasAuto - ok
16:42:50.0870 0x2334  [ E0220BB6580D34001D4D1D133052DAA4, F350A34E7592673B7B77F907E7D7ACFC50C6099A4874C1D870BD0E089D8EF668 ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
16:42:50.0885 0x2334  Rasl2tp - ok
16:42:50.0934 0x2334  [ 2F888A3D0CAC06AB11D14DE8299B6BCE, 73451569AC6F5BEAD1A11BA6FA51A66FE93D5413B03B6BD85329EE567FC35191 ] RasMan          C:\Windows\System32\rasmans.dll
16:42:50.0975 0x2334  RasMan - ok
16:42:50.0998 0x2334  [ 12EE1D92F4E5FAE4B6F65195A2016CE5, C62E9EBD4FE642248C36BB2C9BD7B1C1C09E8A33D4B4AA39DD32F9FD1FE86081 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:42:51.0013 0x2334  RasPppoe - ok
16:42:51.0021 0x2334  [ 91CE469015979E5B3C3DBC2C41A476E8, 45D7EA66311126E370B4E082F7E8507399AC594AB6F7CD5A45C9F09658FD7E19 ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
16:42:51.0034 0x2334  RasSstp - ok
16:42:51.0067 0x2334  [ 36BBCCF6124EDA8A05D024B150C09E21, 18BA7C5056D913DA5CDFB35AE5D069CF53E9E3414B4FDBE607321C554F897DE3 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:42:51.0083 0x2334  rdbss - ok
16:42:51.0101 0x2334  [ 9D7E65A15478944836C353B556F9CB87, F2D2D73EBF3A866B0511135D60C5C6CE397F41366A2D33D0B045A4A08066CF72 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
16:42:51.0127 0x2334  rdpbus - ok
16:42:51.0148 0x2334  [ 39886C19FB466BBF8AEC31E3E77C034C, 58817B7941377DD5C972131EAF8FD472992F912ED48E6CB770410D359675D3B9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:42:51.0176 0x2334  RDPDR - ok
16:42:51.0193 0x2334  [ 4D1A63ACEC42A88E52AFC4E84A8CE9EE, 37789428D78273EB09F3613BC72DF5D5E9210D4650CC4D9F9DD413DB4A20B6F2 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:42:51.0201 0x2334  RdpVideoMiniport - ok
16:42:51.0243 0x2334  [ A4C3DC6530752AF3C78DAAC8B2B23EA7, 8CE953800256FD75FA608530B9570E42A838DCE7E82DE5F396432BC320590C00 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:42:51.0257 0x2334  rdyboost - ok
16:42:51.0327 0x2334  [ 918F47977F504612D8BC534C37A1BB33, F14DE0B0EB29755888F4845E925FF182D30A8FE016234EB6383510F68C7F20FD ] ReFS            C:\Windows\system32\drivers\ReFS.sys
16:42:51.0388 0x2334  ReFS - ok
16:42:51.0435 0x2334  [ 0CE894AE8D1DDA78D611915E171692F1, E755AD0A2D25E25351AA7F9B844778DA9C0D3EF3F5ECD4394FB08709AE8A5988 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys
16:42:51.0469 0x2334  ReFSv1 - ok
16:42:51.0500 0x2334  [ 16884710EB4898CB49B18609EEE34C6C, CEC4850825D81969BE269A4DC23DF54F6E2346AADE40D95E91B512412D4BD358 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:42:51.0535 0x2334  RemoteAccess - ok
16:42:51.0575 0x2334  [ 9D82CD53B622A85A10B4DA8F4724A8E4, 0D4DDDF7C8D90CB19A86EA531205BAF19BA2335DBD10CD9F006C969CE9735223 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:42:51.0592 0x2334  RemoteRegistry - ok
16:42:51.0630 0x2334  [ 24C716C6A5AA3BEC3180BB15050C75C5, 15BC70E932C4AB0609231098F8C3EC56840BB20099C74C008EF23DBFC556A43E ] RetailDemo      C:\Windows\system32\RDXService.dll
16:42:51.0666 0x2334  RetailDemo - ok
16:42:51.0673 0x2334  [ 5BF7698021DB13B55753FD921BEBE318, E8FA328F4070765EE0BFE0D55E8E9CF7AF2D4F3233A1578FF58A7B2782AD9174 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
16:42:51.0689 0x2334  RFCOMM - ok
16:42:51.0694 0x2334  [ BBC228CA2F96B784B01FE7F1C5E3CFBB, AF24D0B4093F9CCE88C5BCB94944BCD6D36B890AD8544AF0CD7814B8D4F73A7A ] rhproxy         C:\Windows\System32\drivers\rhproxy.sys
16:42:51.0708 0x2334  rhproxy - ok
16:42:51.0721 0x2334  [ 665A51DE515A2E8B0BDB3D6917D47DD9, F5BF28900F55CB17016E64775B9A5B64D16E2A5898F4D5A7ABE26639932B2C63 ] RmSvc           C:\Windows\System32\RMapi.dll
16:42:51.0739 0x2334  RmSvc - ok
16:42:51.0754 0x2334  [ D0F6698E56F0157EA72F2D754C6FD555, A93DEECB1D84E5AC2C1E2D3D54BA118774E6F77996BEC7BCB6C758B6D04D1920 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:42:51.0772 0x2334  RpcEptMapper - ok
16:42:51.0789 0x2334  [ EB65907BD63871669C54D5E5BAE4DD34, 9A429C4B416913D65728A40890FC3C69465C4C77C2D313007BDF24EA5F4E1400 ] RpcLocator      C:\Windows\system32\locator.exe
16:42:51.0802 0x2334  RpcLocator - ok
16:42:51.0847 0x2334  [ 6145D5B0781C11EF2142D3FA3763D26A, 99A7279828D0DE5021A05E861308115FDD96B0D88B44C5447D3C5C46B3C3C913 ] RpcSs           C:\Windows\system32\rpcss.dll
16:42:51.0885 0x2334  RpcSs - ok
16:42:51.0898 0x2334  [ 27B80E5766B114621980F82FB78E912A, D7986FB32AFA2F376FBAA5EFAC18F5E699BAF97AD0C92A0B787E1CAF77465CFD ] rspndr          C:\Windows\system32\drivers\rspndr.sys
16:42:51.0928 0x2334  rspndr - ok
16:42:51.0957 0x2334  [ CBF9E49EAA55C4E5C5CA1BE7A90D3389, BD0BA3FD86BC9C822B0B8E9683CBF8758E7390262D5446D7C72D2B9AFED3260B ] RtkBtFilter     C:\Windows\system32\DRIVERS\RtkBtfilter.sys
16:42:51.0975 0x2334  RtkBtFilter - ok
16:42:51.0986 0x2334  [ FDA82B0465252A84CDCB27F7E22DAF03, 9296FB17851C64933E3C9C63ACB48F9A52FD6E74C635ECA019ADB459FFC925C6 ] RtkBtManServ    C:\Windows\RtkBtManServ.exe
16:42:51.0997 0x2334  RtkBtManServ - ok
16:42:52.0159 0x2334  [ A04D9405BCA9F13360234B4EAF1AB1B9, 977629AD825EAE7F14BC20AC6BD85A5A68056B8587EB94D44796259762F417ED ] RTWlanE         C:\Windows\System32\drivers\rtwlane.sys
16:42:52.0348 0x2334  RTWlanE - ok
16:42:52.0388 0x2334  [ 96C14A080CE15E4D8A9C7AE526F7B804, F8753CB05393EDDAC5FF99C5DAAFCF955C4CE8D14E065E9A7B4ED156BF9503D3 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
16:42:52.0398 0x2334  s3cap - ok
16:42:52.0441 0x2334  [ 1E77B06AAC63D59B4F0EE5109026B837, CE2EAB49B9D4B26A6AEA4987DC0DE1774893BCD1278E6316F1359F095E2D1A53 ] SamSs           C:\Windows\system32\lsass.exe
16:42:52.0451 0x2334  SamSs - ok
16:42:52.0573 0x2334  [ 06223E155B363A9D51AD26B2ECA92576, 016BB196FF3A2AB12B5039983C68CDB7B71A19E2517F97C4333350E7C170E2DF ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
16:42:52.0583 0x2334  SbieDrv - ok
16:42:52.0687 0x2334  [ 538E59BB39E6303412A6973DD58F4B73, F41FBFCFD2B912C3052DECA53CCA98045CF161326D786F52C6C8D59586245BE5 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
16:42:52.0698 0x2334  SbieSvc - ok
16:42:52.0747 0x2334  [ 324FA3C337EB54B43448F7B08444DC8D, 6AC6E84EBE169400D5CE140C7DC7F527D1A8F5B642593870AD7D1B193C21C7A3 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:42:52.0756 0x2334  sbp2port - ok
16:42:52.0796 0x2334  [ 93B12AC7CEAF6BA742DC13AEA349217A, BFDFF3779827B1FF39C5834D9248FFF162B9362F2F7FD8EF8750FD83F35E23D3 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:42:52.0815 0x2334  SCardSvr - ok
16:42:52.0857 0x2334  [ 3396A6A892987E8B81289583FC416360, E002C70A34C01B0F5EEA3D53A150DFB3693D1ABA63D61E7EEF3C5B6D5AC86215 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
16:42:52.0874 0x2334  ScDeviceEnum - ok
16:42:52.0894 0x2334  [ 62A33CE69DB508BCEC63F4D3BFF400CE, 914FF18959025C71923558898F95B8113EE49930144A0B19FC06C5C043A171B4 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:42:52.0905 0x2334  scfilter - ok
16:42:52.0963 0x2334  [ B6F0D0C90C052BDB4E3EA7DAC982D72F, B34DFEC3565B8F33D919A6A6BBEC9315466E525E1B2F069968CBC9969EB9E05B ] Schedule        C:\Windows\system32\schedsvc.dll
16:42:53.0015 0x2334  Schedule - ok
16:42:53.0020 0x2334  [ 7B057373146CC4E5A1F1DA665EA55DC7, 48F1C276F99D4E135A261DDEFE2D813430DEFF6BA30FCBFFB102EA40EAD9434A ] scmbus          C:\Windows\system32\drivers\scmbus.sys
16:42:53.0029 0x2334  scmbus - ok
16:42:53.0062 0x2334  [ 6286CBE87B64AB7D1F59E3375A2FF3F4, 92C276A18F99D2A423BC3A99EBDA1239F3B335C1EB6EBAF2F2800A23188B26F2 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:42:53.0076 0x2334  SCPolicySvc - ok
16:42:53.0114 0x2334  [ 1F58E6D5C1F211DE8BF5131BF12077D1, 76816B302DB4D0B91FC8DEE6643C9839A48812DF1EE7D34100134550184AA2CB ] sdbus           C:\Windows\System32\drivers\sdbus.sys
16:42:53.0127 0x2334  sdbus - ok
16:42:53.0130 0x2334  [ 6D3853838864886B4F10B074282772E0, 50855299C5D7FBE0E45EE6288EA1B824215D3E3693F24F1AD2BB2F2E27F6150D ] SDFRd           C:\Windows\System32\drivers\SDFRd.sys
16:42:53.0138 0x2334  SDFRd - ok
16:42:53.0154 0x2334  [ 368180051766E4289E3D47AF21F2668C, AD1E675A990684F131F09E61988525102CDEDA0817A20F188FE9D2A428216BC2 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:42:53.0177 0x2334  SDRSVC - ok
16:42:53.0212 0x2334  [ 80E9563F0B75E98482ECB7D5CBA56BBA, D1121951117253CBA45DF3D4A9A50374F2FCF750CA6661299B8EBF78904245EA ] sdstor          C:\Windows\System32\drivers\sdstor.sys
16:42:53.0221 0x2334  sdstor - ok
16:42:53.0234 0x2334  [ 0356C85312D78F4C7F33C74B6000BB93, 378018A0ABDF65506B471F091DEF6A8E1D2E719BEBA843595C550E3151C9E6D6 ] seclogon        C:\Windows\system32\seclogon.dll
16:42:53.0248 0x2334  seclogon - ok
16:42:53.0288 0x2334  [ 2BBC2F0C8DF38DD72AF7EC97298101C0, 58A5226321CCB28FBC259C1D0DA1D3469DDA2C81BBE516F3ECC6C10BA2DD166B ] SecurityHealthService C:\Windows\system32\SecurityHealthService.exe
16:42:53.0308 0x2334  SecurityHealthService - ok
16:42:53.0345 0x2334  [ F59851121148C0B198D4093F5B140A33, 22CE8E5CAA89966B4BB4A36712D7B7D5452DC459738838EBFA3A578B3B9A6329 ] sedsvc          C:\Program Files\rempl\sedsvc.exe
16:42:53.0358 0x2334  sedsvc - ok
16:42:53.0403 0x2334  [ A8A23102301BCB047B269C59167D4B8F, 9851F4E693FE6BAC39ABF14A1469300D718019ABCAC39049A07E7809F7C253C0 ] SEMgrSvc        C:\Windows\system32\SEMgrSvc.dll
16:42:53.0463 0x2334  SEMgrSvc - ok
16:42:53.0483 0x2334  [ 62EDAD383010E037C4D3846C7C021A00, CF2C5D97B4B8C472242A1DCC1CB97A081BFDA41F5708CA78DC9B5041C9B747D9 ] SENS            C:\Windows\System32\sens.dll
16:42:53.0500 0x2334  SENS - ok
16:42:53.0535 0x2334  [ DDBBE9A08C79D3BB50D6053507F7777D, CA67D6FFCF63F38AAA320276F0AB96F87F6431907D2BC138E7EEE4530BE88AF1 ] SensorDataService C:\Windows\System32\SensorDataService.exe
16:42:53.0594 0x2334  SensorDataService - ok
16:42:53.0639 0x2334  [ 109A90EF5B1E771DA47C371BA9485960, 37BAECE685E79F37889CD0603F086341A5CA349E943D26CB991A7EFBD2998FAF ] SensorService   C:\Windows\system32\SensorService.dll
16:42:53.0681 0x2334  SensorService - ok
16:42:53.0723 0x2334  [ 3C7280B0BB401D6645128A9D5B076D35, 75EEAA870D027FAB9406AACE969D386DAA1C3A8933895424AB70350BD5F30227 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:42:53.0762 0x2334  SensrSvc - ok
16:42:53.0777 0x2334  [ 75A27472AFD009255DBDE52038E3BDB5, 95C31B86D77D73B340901D3BD9798A9E3171D4D3F3D4632FBE3F6AE2B49A17C7 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
16:42:53.0786 0x2334  SerCx - ok
16:42:53.0798 0x2334  [ 84005F54308109A022413D628E966412, 6828A10DF28053C159E93BDD7A62A5517E7037DC302D0EEED55BF07B48E0A202 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
16:42:53.0808 0x2334  SerCx2 - ok
16:42:53.0820 0x2334  [ 40384793F74CFFA45BCC38DF65E978EC, FA68F18573CA92703A3442BB4BC5135C42520BA7D2C3E4B872115C02EE0A719E ] Serenum         C:\Windows\System32\drivers\serenum.sys
16:42:53.0830 0x2334  Serenum - ok
16:42:53.0842 0x2334  [ 699470AD24D67908991A777716A352FD, 6155D9785DF9A9346B715798A2C4A0F9B90D2AF725E710F127E06155272B406E ] Serial          C:\Windows\System32\drivers\serial.sys
16:42:53.0853 0x2334  Serial - ok
16:42:53.0856 0x2334  [ 92453F065F52A8EF0328A926B2C9502F, 11CF98993B00B4850C30528F0922BF392B8DE085AD84D17721964D543A41D64D ] sermouse        C:\Windows\System32\drivers\sermouse.sys
16:42:53.0869 0x2334  sermouse - ok
16:42:53.0928 0x2334  [ 846F99625DB02B06E0581715D0C4D0C9, EC72C2C860921A4234079D29C29D6F80F73B1D87610C6A4F0B1ABC948E532756 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:42:53.0950 0x2334  SessionEnv - ok
16:42:53.0967 0x2334  [ 1D8920C40F19B5FBA5F4897779840AD1, 9B1DAFD92963118ACEA411224AA65C841D57D29F6F1EB69A58AB32BC5FEB1592 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
16:42:54.0014 0x2334  sfloppy - ok
16:42:54.0065 0x2334  [ F74C32575862D3F32B21A1A52E7763CA, A60DA54A99D489804575E271B57388F61A3C03A2B4F1798699E5385C12A85575 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:42:54.0091 0x2334  SharedAccess - ok
16:42:54.0150 0x2334  [ 5FD29217730A8A58CC9B200088E788B0, 688DE092E982726657E50F06165D50949B354377B8A95A1583BD123A7C0E5415 ] SharedRealitySvc C:\Windows\System32\SharedRealitySvc.dll
16:42:54.0174 0x2334  SharedRealitySvc - ok
16:42:54.0207 0x2334  [ 887458A234108B5B69038299BE7FAD88, B25780E36FCA373141EC129EC878AC0C2D560DFF62FEE3DFE332256C1FCDF579 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:42:54.0236 0x2334  ShellHWDetection - ok
16:42:54.0292 0x2334  [ 5ED18BE9FE76540A0596BB41C91719C6, 54B52E6EC059F48D2A4FEDC9D2B7B391A605F63CFC29C46A9FC5BA936EF3A72D ] shpamsvc        C:\Windows\system32\Windows.SharedPC.AccountManager.dll
16:42:54.0310 0x2334  shpamsvc - ok
16:42:54.0326 0x2334  [ A871F9CC9CF388DC7193D22EF8D8C8DF, D9E915F85E4FD993B04162B7D30BE6F230DD5464BBD75AE173255E59BA777067 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:42:54.0334 0x2334  SiSRaid2 - ok
16:42:54.0342 0x2334  [ D30FC341550CC364880950152AE8B1C5, BCCEB920C8DBCE061A62B0B7C91DA2981312DE9A8EC2D7398AE6009148603C77 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:42:54.0350 0x2334  SiSRaid4 - ok
16:42:54.0372 0x2334  [ 9CA6E573757C76A515EFD6DD795A3A1E, E7F87EF70545ABA33171A5783439E6E7874A2CAEE0C7ECF384023FBDCD967743 ] smphost         C:\Windows\System32\smphost.dll
16:42:54.0402 0x2334  smphost - ok
16:42:54.0441 0x2334  [ F4B4E405BCDE95D748F8429FCC30E668, 72E675166B3E90D3FC23FD1AF1A3B201416294C962E0800707DCBA71DB9D7736 ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
16:42:54.0468 0x2334  SmsRouter - ok
16:42:54.0501 0x2334  [ FDADDEC855034107E5FAD708B4E2424D, 1E3A07E0F67E23F32E046F516608D78299BA66BC647F6A6A240C77245FE3A7FF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:42:54.0515 0x2334  SNMPTRAP - ok
16:42:54.0561 0x2334  [ DA0AECA8222682F90C325E483E8115D4, 20CB647C132F20A3466C7C429057F01C4AC7A3D0E49B6C40206E61231EA05A54 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
16:42:54.0580 0x2334  spaceport - ok
16:42:54.0613 0x2334  [ CCECE7E96B4F7B0E9F0FC82F6DADA917, 4C20D74971C7A822C51429BE960F85016B03166E05D43B29F5D290F413006C18 ] SpatialGraphFilter C:\Windows\system32\drivers\SpatialGraphFilter.sys
16:42:54.0622 0x2334  SpatialGraphFilter - ok
16:42:54.0634 0x2334  [ 545507AF670BC88B89200A118513ED9A, 1450D29E678F26B317D55BBF41E603296C5FBA54F956801D3E796808FFDCC0AD ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
16:42:54.0642 0x2334  SpbCx - ok
16:42:54.0689 0x2334  [ 2E281495E43F5B2D8DB9C5D8F98359B8, 305249D3FF182706414F9516D4FC32CB25E07950DF1F4CC4E05031E28067FC41 ] spectrum        C:\Windows\system32\spectrum.exe
16:42:54.0731 0x2334  spectrum - ok
16:42:54.0777 0x2334  [ 153F12DE99760ACC89F53848DED45679, 6C55023782082B4E5CB5E653C530A6CF0AF86D5D38566AA4C3A332534BE0EA7B ] Spooler         C:\Windows\System32\spoolsv.exe
16:42:54.0837 0x2334  Spooler - ok
16:42:54.0950 0x2334  [ CED434DA6E043B450141932D974FF8C1, 48704C2461D1019522F2F0F931B663EEE2E5E200949F63DA41ADA965B3612669 ] sppsvc          C:\Windows\system32\sppsvc.exe
16:42:55.0074 0x2334  sppsvc - ok
16:42:55.0129 0x2334  [ 09FADE98D187D1886950109E8AF083DA, 3CF285BEA351AC8E13708B2BE96F57B0D72CF92D667ED69138E2D5CC8FDC2B11 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:42:55.0169 0x2334  srv2 - ok
16:42:55.0201 0x2334  [ 5584BF5A5F81647047B11F11C9A156BE, CB7C04AEC0CF011F7C3A35EE6FFD116C150822E284C310D59A0D0ADE6A696BAE ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:42:55.0216 0x2334  srvnet - ok
16:42:55.0255 0x2334  [ 7B5E955BB63726AB625F79AA7AF7FA11, A5ED49F465BCB26C61F390018520BE97392BA9D85CC6A7C040BAA2D0EFF983FF ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:42:55.0275 0x2334  SSDPSRV - ok
16:42:55.0305 0x2334  [ 3BEF5FAC7F3DA3E25B80CC41B5060616, CAAB3CAF150F564964471F494F583014E5EF842BC4761A64B708842C4425753B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:42:55.0326 0x2334  SstpSvc - ok
16:42:55.0435 0x2334  [ BE3C0C7D5DD0CC6D02299D3B9B812F18, 1D2735FE9C60A31D8D7F3A53E068405B78BCEAC1F0B89D6FF7B4F58BCDA07CDC ] StateRepository C:\Windows\system32\windows.staterepository.dll
16:42:55.0592 0x2334  StateRepository - ok
16:42:55.0710 0x2334  [ 95B08615120CE1353EA4ED2C174E5A9F, C18E665D385D327FC3CFBA41582C7763996143054280157EA840EAFA1F5F26CF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:42:55.0776 0x2334  Steam Client Service - ok
16:42:55.0796 0x2334  [ 162A805E13B3C0DD06AE8B6FC1900156, 43782D9136596365B87E7DF2046CC28C2AF9EC014308E1458E0315F7F6463B44 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:42:55.0806 0x2334  stexstor - ok
16:42:55.0834 0x2334  [ 3B3F5D6BB8A6A6F3630194A471989069, 0A5D586A1866113B94F5F11571506E133F64640DB38BEEDBE5489ED10314FA31 ] stisvc          C:\Windows\System32\wiaservc.dll
16:42:55.0864 0x2334  stisvc - ok
16:42:55.0879 0x2334  [ 7D975D562E5F8A9CBDBC55328F3D1200, 322242E59E28CDE229B1BCDBE1A439C5077462D2CF0DCE7DF716B6E3AC8B3455 ] storahci        C:\Windows\system32\drivers\storahci.sys
16:42:55.0889 0x2334  storahci - ok
16:42:55.0925 0x2334  [ 03B1F66AB47618A6123EB0631B57A31B, C06BD9D1648E56703067D5724B8AF898048A5D604B2560A69CF6B5CCF3651A66 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:42:55.0933 0x2334  storflt - ok
16:42:55.0955 0x2334  [ B5C44E8262AA6D3B20E45F8D2FAE54A3, 6B1D619F166C898E102FCC28AF24069F68C038B4BFA270051F6936F8D64CE437 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
16:42:55.0964 0x2334  stornvme - ok
16:42:55.0991 0x2334  [ 15599E47C28DC511F0CA3B664A257728, 2ED213F392D4C2B848187F0583C7AEE2A41A2AA1E4DE8AC85D45EFEB0A430593 ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
16:42:56.0017 0x2334  storqosflt - ok
16:42:56.0086 0x2334  [ BA9471C7B5B02F2EDF5055CC1A1476F3, D9BF3D2C5127E469BB037308114287686A9C3927396D64013007927C9A9716AB ] StorSvc         C:\Windows\system32\storsvc.dll
16:42:56.0150 0x2334  StorSvc - ok
16:42:56.0184 0x2334  [ 4D6FF8DDBF9CC61EC95A4BF4096D52FF, B78EDD3FB711412140C541EDF9468AB6DC1A82AEE207F22976E9C6B9722F7891 ] storufs         C:\Windows\system32\drivers\storufs.sys
16:42:56.0192 0x2334  storufs - ok
16:42:56.0229 0x2334  [ 6FD2D01E4AD9494874A3A8BA74A8FA64, AFEDB991465631F68F035B968345C4B700360F2F66543A48C75458D952E50B08 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:42:56.0237 0x2334  storvsc - ok
16:42:56.0433 0x2334  [ DB01011E9DD44BEDDB9F62E7CFFEB202, 996C8FFDD7BA6C1ABE81CACB60F679E73C1AEF0102B1990ACA4F8BBABE735E7C ] Survarium-Steam Update Service C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe
16:42:56.0439 0x2334  Survarium-Steam Update Service - ok
16:42:56.0454 0x2334  [ 587854AF01CABE83A62D81FFEEBCD6AA, 99103FCCFE18DA0EA0121A10BCB7DEB833DE2A5C4CB8BD70E4983C2274D469E6 ] svsvc           C:\Windows\system32\svsvc.dll
16:42:56.0481 0x2334  svsvc - ok
16:42:56.0494 0x2334  [ 027B27E4B9DB3931D64159B81BD915A0, B30BD828748205642529B6E528D12B16F86CA4F06F60C2C2E89AD7A97EB06B49 ] swenum          C:\Windows\System32\drivers\swenum.sys
16:42:56.0502 0x2334  swenum - ok
16:42:56.0518 0x2334  [ E0915F9B3C154FEF700C34A8E613B945, 172205D9DF0ABCC1F2B9484BA75A637BC0899CB42BFA5F0352B9C8E0CD6DDDA3 ] swprv           C:\Windows\System32\swprv.dll
16:42:56.0543 0x2334  swprv - ok
16:42:56.0590 0x2334  [ 3D63A58A9DD3F984A7E3C2F2CB357E06, F520333AFF9F8D37707A6B50A33B712B5AF114D12C8092D2DFB04F05F241B03E ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
16:42:56.0626 0x2334  Synth3dVsc - ok
16:42:56.0676 0x2334  [ EE6CEBDB3C9AAD1C80AE32878FCD17C4, F172BE926BBDD8B11F641687FC5F9C062F322C43D08A5E1F189BCCB44CE3C4E4 ] SysMain         C:\Windows\system32\sysmain.dll
16:42:56.0739 0x2334  SysMain - ok
16:42:56.0768 0x2334  [ 74FFACDE32B58CCB74B9EF990C7757C0, 69AF6FF98C5793441CC46136AD99B05392974E2C0189C76066EA0DDEE8B5CF31 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
16:42:56.0811 0x2334  SystemEventsBroker - ok
16:42:56.0837 0x2334  [ 73F6476EE9F5448838B2883E0B710CD7, 0C2362C92A5CF8EBE428FC7C0399A8B6812CA42DD11D8669CB23FB10AC7B52AA ] TabletInputService C:\Windows\System32\TabSvc.dll
16:42:56.0857 0x2334  TabletInputService - ok
16:42:56.0890 0x2334  [ 5B4A09AB34D0205C616C4D247AD29F57, B1DBDD5E2149114E1DCC56DAB00876AAE1FBFC5D4063D3F5A59D8C66918EF693 ] tap-tb-0901     C:\Windows\System32\drivers\tap-tb-0901.sys
16:42:56.0897 0x2334  tap-tb-0901 - ok
16:42:56.0925 0x2334  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\System32\drivers\tap0901.sys
16:42:56.0931 0x2334  tap0901 - ok
16:42:56.0944 0x2334  [ AC1AA61B04116E540C5AFD18F11F2697, D5ACC296853911E2C9A5E7B0B6F36AC4FA6B49417CB456D153427BCFD944C195 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:42:56.0966 0x2334  TapiSrv - ok
16:42:56.0993 0x2334  [ 2A5ED8283979FA860F1FA9AC756553CF, 67F17FE6FFB677C8174578CF8C3B1372ADF60D6FA5DA9C2EF87F3631B9BF23B2 ] tapprotonvpn    C:\Windows\System32\drivers\tapprotonvpn.sys
16:42:57.0002 0x2334  tapprotonvpn - ok
16:42:57.0027 0x2334  [ 039CFEDBC0D1A751A1308228A72C1CCD, C451FA71353CB2D31AE4AA3F2B03D098A2C6156B687EC33E0AD2DFC766646647 ] tapwindscribe0901 C:\Windows\System32\drivers\tapwindscribe0901.sys
16:42:57.0034 0x2334  tapwindscribe0901 - ok
16:42:57.0125 0x2334  [ 74966AF83F4952A0C80DCAEAC22B049B, C96703D934BB0A07015354DD9EFC50D8E83CDBE3CC4AA600B081FC8D163418A5 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:42:57.0215 0x2334  Tcpip - ok
16:42:57.0259 0x2334  [ 74966AF83F4952A0C80DCAEAC22B049B, C96703D934BB0A07015354DD9EFC50D8E83CDBE3CC4AA600B081FC8D163418A5 ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
16:42:57.0316 0x2334  Tcpip6 - ok
16:42:57.0358 0x2334  [ 74A1BF4093FA7B7D6C9366A39911A78E, E60694303A608EBFEAA5C581B312A212BC7081A4D67234F003917FA6E6A05F84 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:42:57.0370 0x2334  tcpipreg - ok
16:42:57.0410 0x2334  [ 09125A12CAB5F8D5EAE9C83C25792FDD, D3116D8F3CD5897F90126BF3847A2B301367D4698CA8AD30A313B39F804D3D4E ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:42:57.0420 0x2334  tdx - ok
16:42:57.0650 0x2334  [ 7139743C088045BA6BE0B7CCE6FA2D8F, 5FE20C650DB8E9BFB9A4F43C56CE981239437A52B7BE906398A61D11A6847478 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:42:57.0888 0x2334  TeamViewer - ok
16:42:57.0917 0x2334  [ B4B68E1DB59456419D9E49645729502A, A741EDEBCF5E8141BCC8867D5A62024425656432B6E6B0A0131B1B4AB878744E ] terminpt        C:\Windows\System32\drivers\terminpt.sys
16:42:57.0925 0x2334  terminpt - ok
16:42:57.0958 0x2334  [ 96037700AEE1B4D5A6FFC62861E4FF8C, E2E4D23525389C13126401215541F5625258DA18372CB5C98D0B95123A86ACFB ] TermService     C:\Windows\System32\termsrv.dll
16:42:58.0003 0x2334  TermService - ok
16:42:58.0061 0x2334  [ 276ADEC641DAFD0140B4C0D715E5B2E9, 836DB10FAC5C31FBB9CFA44A9A80A788FC229F4521641A247CF1E96099DB788F ] TesSafe         C:\Windows\system32\TesSafe.sys
16:42:58.0105 0x2334  TesSafe - ok
16:42:58.0110 0x2334  [ E0F78207F33D6C10CBFB23E873837C87, 55D4411A4070AFE81E576989D67DC411BAE39D9B90697E7646F07716EABE8EC1 ] Themes          C:\Windows\system32\themeservice.dll
16:42:58.0126 0x2334  Themes - ok
16:42:58.0161 0x2334  [ B52BA61AB8E4BAA83EA86BAB312EE6ED, D9A9D17FD222A67CA1906A422055718269929F0B33C7417F7D1F9447FD424683 ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
16:42:58.0182 0x2334  TieringEngineService - ok
16:42:58.0192 0x2334  [ BC834B233125DBB321B809972F2E270E, 7085FAF5BC5E37E81E30345E984887E2D3F7657F87A23C0C1C0A4DFCD558BA55 ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
16:42:58.0224 0x2334  tiledatamodelsvc - ok
16:42:58.0256 0x2334  [ EA80B2C811A7F6B1C9EED312F06F26FB, 7DC0A5C2F56C0FD0C4BE84EA09900DF20275A2FD63ADB9D8EE4CBF39E1E2A4F4 ] TimeBrokerSvc   C:\Windows\System32\TimeBrokerServer.dll
16:42:58.0275 0x2334  TimeBrokerSvc - ok
16:42:58.0320 0x2334  [ CB1F7C21C4A32594AFD217074B3E4650, 0EF0E5076F9C9B8111E1474CDE2A3BC1138546B842E68F89483E36DDA1C64354 ] TokenBroker     C:\Windows\System32\TokenBroker.dll
16:42:58.0396 0x2334  TokenBroker - ok
16:42:58.0428 0x2334  [ F54728E32D67537C5A13454E23449C7A, F2FF6A36693EFE86B441134DF43327D2768D00A867059646F6CA93E10A682019 ] TPM             C:\Windows\System32\drivers\tpm.sys
16:42:58.0440 0x2334  TPM - ok
16:42:58.0457 0x2334  [ 39187852984778424A0EFD6B01FAB272, 2E7F7AEE8BAB1C6D8B880C28222EFFB721CFDA3B39215BB065088E396581ADA9 ] TrkWks          C:\Windows\System32\trkwks.dll
16:42:58.0474 0x2334  TrkWks - ok
16:42:58.0525 0x2334  [ 51480571DF1B3AAC2B7F6F2DFFBBF15E, 11D39AF99D37D23AD87151998A46A4F0A8C95834A0D51BBD8EF8B11EAA02CF85 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:42:58.0543 0x2334  TrustedInstaller - ok
16:42:58.0549 0x2334  [ 8D811209E34358EAD3FD8E40F657E59C, 1A40ED03C03C4FD87EBD166C0D87356F5036F04FBC1F9A600E92E2125B117DFE ] tsusbflt        C:\Windows\system32\drivers\TsUsbFlt.sys
16:42:58.0571 0x2334  tsusbflt - ok
16:42:58.0575 0x2334  [ 68DE1735FB020AE8948BD7B60F2EBD3B, 198EFA09C3FB57CD7C11F1AB91491E8FB8093F12DACE1B1AF1BDE50EBCD8EB43 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
16:42:58.0585 0x2334  TsUsbGD - ok
16:42:58.0597 0x2334  [ ACD39B0E5CFDA7B1AB7DF33FC5CC0E46, 89FE50DE5037770D568BA025A7EB06B5FAEA39A1EB97910319B942B02EFD14E5 ] tunnel          C:\Windows\System32\drivers\tunnel.sys
16:42:58.0611 0x2334  tunnel - ok
16:42:58.0711 0x2334  [ 18950545A427CB1A1D677A6A6F8CA0AA, 45E7B4DC2D7932CB07A4E6A324358125392762CD1B5C3D75207F96DC18FF38DF ] TunnelBearMaintenance C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
16:42:58.0718 0x2334  TunnelBearMaintenance - ok
16:42:58.0728 0x2334  [ D5E68FCEDE15214BDB5D986D5B50E0BF, D2FA040B4BF4424928ABFB0B8CCA768C8DC9BE3DA86A3C61B1CEE1A2C543FADC ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
16:42:58.0745 0x2334  tzautoupdate - ok
16:42:58.0770 0x2334  [ 04FC2C7F73AE58BF0DD674164E28A6DF, 513E98D6838008B6F97E895BCD639679276AD6A7F7E789A6F3D4E9F9781CA78A ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
16:42:58.0779 0x2334  UASPStor - ok
16:42:58.0809 0x2334  [ E437FC4B1833F6B745184F78C4921FB8, 171605C7BF95FE1F342B314A969ECBE0B0D04E67D1306F470B3424AB6DE1478D ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
16:42:58.0821 0x2334  UcmCx0101 - ok
16:42:58.0828 0x2334  [ 950A3E42167904CAB9AA64863C31CEB5, FC31C3177EDA9FFD2CE51EB2B1E696E50FFB378973C3C001EE29265FED249353 ] UcmTcpciCx0101  C:\Windows\system32\Drivers\UcmTcpciCx.sys
16:42:58.0843 0x2334  UcmTcpciCx0101 - ok
16:42:58.0877 0x2334  [ 248DEE24AB2EC426ACB12425AD222262, FC00B1D591326DF6966C63D0E9125B3C94B669CEFA656DFC0C57C4AABE144103 ] UcmUcsi         C:\Windows\System32\drivers\UcmUcsi.sys
16:42:58.0888 0x2334  UcmUcsi - ok
16:42:58.0913 0x2334  [ 1A0D1F1FFDBFFECE8DA47DC0096A7C2A, E4610B80978D40CB7EDB394CE424BB10450E558FE00D698231A0B4FA152509F0 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
16:42:58.0924 0x2334  Ucx01000 - ok
16:42:58.0941 0x2334  [ DACA289DFFA7658C04FEF6DCFA2AA9CE, 7BD32B5F395A8675D4B2BDCA75530F2FFA64ED87B2B67FDA08EF709A4EA15553 ] UdeCx           C:\Windows\system32\drivers\udecx.sys
16:42:58.0985 0x2334  UdeCx - ok
16:42:59.0009 0x2334  [ 12383D410AEF99AD6979A8EFD3D61888, 376929794A2A8B05DDB2EE93E58A3C3DA19855F5CBC8B29E208E28BF95970355 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:42:59.0027 0x2334  udfs - ok
16:42:59.0052 0x2334  [ A97114134A672616A807F2EC1439F566, 575E563D7791E64A5B4C9E1639CA33D3D6FA9AD9D752E15D9A735816BF2E73FB ] UEFI            C:\Windows\System32\drivers\UEFI.sys
16:42:59.0061 0x2334  UEFI - ok
16:42:59.0068 0x2334  [ 58447F28E697A93521DD20530A8D50ED, BC166B829BA28DAEB8B113D5575D6A11BF81716B38797396496F4D2C2E537F23 ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
16:42:59.0079 0x2334  Ufx01000 - ok
16:42:59.0091 0x2334  [ 69ED2D00A7787D9D84E6C90CE0B02B2D, 55B137766D72BF5FFF645E8E76248FD15367DFDF7FFDABB9A9ECC27FD7555DD3 ] UfxChipidea     C:\Windows\System32\drivers\UfxChipidea.sys
16:42:59.0099 0x2334  UfxChipidea - ok
16:42:59.0104 0x2334  [ F061EC57330FBC597A4E7298BE667780, 0C32162782BAE9912373CA40A67567BAEF185173E033579C4833A91C11D83E2E ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
16:42:59.0114 0x2334  ufxsynopsys - ok
16:42:59.0130 0x2334  [ B26729B378282F72241859C13326E3E8, 859398D02E301B8C79078DB43E3BF9691EBA52DD0717868E27D2D6EF918098DD ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:42:59.0146 0x2334  UI0Detect - ok
16:42:59.0163 0x2334  [ D40BCED160D332005AF612E1228825E6, 72B7B89A3ED1D6846D004D9BDCAAF8F1D488C21A93A926FE158217B529B55157 ] umbus           C:\Windows\System32\drivers\umbus.sys
16:42:59.0175 0x2334  umbus - ok
16:42:59.0190 0x2334  [ 64CF24D7B1FA4975C52A31BF4C82EB73, 2F803884A417F2DD39A155D20EAA4D61D494E41B0F98760810EC5193B84DD425 ] UmPass          C:\Windows\System32\drivers\umpass.sys
16:42:59.0201 0x2334  UmPass - ok
16:42:59.0219 0x2334  [ E6B6BDA0412D3C56275E662A5A1937FD, CB971073A34CF3FA184B8E41308A14CFD5E22F48B01109E7531DF013EB5E05E7 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:42:59.0260 0x2334  UmRdpService - ok
16:42:59.0327 0x2334  [ F0A388AA51F0DE22AA38A4BA9B04AD9E, 1B325D1BF2B041C33BF0336D9651A744AC0A9529085F898A3D90158784F26DC2 ] UnistoreSvc     C:\Windows\System32\unistore.dll
16:42:59.0386 0x2334  UnistoreSvc - ok
16:42:59.0415 0x2334  [ D2931E3F67A990328DE5CE7E43F4467C, 06BA872FB07CFDD14813963A06E01F225EFDF58A63D6B0A5AEF7872C7126DF54 ] upnphost        C:\Windows\System32\upnphost.dll
16:42:59.0439 0x2334  upnphost - ok
16:42:59.0443 0x2334  [ ACE4C3B4C7D17B154FFC5BBE5F7A9835, C330123EE9BF90518CCB7DA923ED32C0CFA9319C886D9ECA65E3B84E743CB145 ] UrsChipidea     C:\Windows\System32\drivers\urschipidea.sys
16:42:59.0450 0x2334  UrsChipidea - ok
16:42:59.0476 0x2334  [ ECE40EB976A5ACB366808AECF6B235BA, FA00D0A8EF1BCA0349DCA961F4093DF790E5031F91586050372029AA9A7726C5 ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
16:42:59.0484 0x2334  UrsCx01000 - ok
16:42:59.0488 0x2334  [ EB738F830D3E7EA62A218F101EF91FD4, 35B05845497448C0721377F0EDD7624A4043D0C6E91C5C1CB96853F2D3B16457 ] UrsSynopsys     C:\Windows\System32\drivers\urssynopsys.sys
16:42:59.0495 0x2334  UrsSynopsys - ok
16:42:59.0536 0x2334  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
16:42:59.0572 0x2334  USBAAPL64 - ok
16:42:59.0590 0x2334  [ B43E28E5CF868517EEC0923AB2BC366B, 01817474AFBC2199387F30F708DDD9458FB156EA4AECC8C3E2EBBCBF7A2BA857 ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
16:42:59.0601 0x2334  usbccgp - ok
16:42:59.0605 0x2334  [ 1080D80B5F6D249F23BAE1C0C36233A4, 8EB810282DACCE101D4B5F70FEB450204359537098215DED1DBFF9E14B6F86D0 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
16:42:59.0617 0x2334  usbcir - ok
16:42:59.0656 0x2334  [ EE162DA2C92026A5B96ED89737975AA8, A26E58C7BEE9B6F0F692A2649F258384E55523A64889E3B7D8EFD6D77753E243 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
16:42:59.0665 0x2334  usbehci - ok
16:42:59.0700 0x2334  [ C27FEE9758E3BEDE4D48B5EDBE1122CF, 64F7215ADCA3DC1E2D8EF3E6C3579529605DF8F7A2161FB04B19182C828E54D6 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
16:42:59.0717 0x2334  usbhub - ok
16:42:59.0742 0x2334  [ FD96B5C2479728B1ECB395440CE562A5, 5336932B9B0A14E87B530DD75F2D8DA773F0157F63EC1CACA6BDE38144700009 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
16:42:59.0761 0x2334  USBHUB3 - ok
16:42:59.0783 0x2334  [ 44B954306BB2B311E070EDA276FECAB1, 8F3C1FC07E2B8059E41AF3BD1CC03C67770B4FB403D79171CA075874721BBCAB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
16:42:59.0802 0x2334  usbohci - ok
16:42:59.0806 0x2334  [ EEF26F9034F0608B93D4D239534BB0BA, 6B047603D4F86C12CF0B22F4260E8BC6A6FF0BEEC50C74E31CA3A4E86567F90D ] usbprint        C:\Windows\System32\drivers\usbprint.sys
16:42:59.0817 0x2334  usbprint - ok
16:42:59.0821 0x2334  [ E55C9AF5EE8905879048118824B06816, F431ABF555E09BE64AF7EA0B2573C7F5E5634408E03DC3FAC4A5CC7D48CAF0EC ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:42:59.0831 0x2334  usbscan - ok
16:42:59.0875 0x2334  [ 446F2908C891A583BEA930226E37036E, 830A0E9170B1BD58447EB12AAF7FA8B97B15F3D35DE53553CFC4A67620DA4619 ] usbser          C:\Windows\System32\drivers\usbser.sys
16:42:59.0899 0x2334  usbser - ok
16:42:59.0918 0x2334  [ 441CAE778B6A1FF6E618E37814A7A52A, 61DF48D662421F2149FA63187B2C8556A991BDA47EA75798BA86C572C432C1EB ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
16:42:59.0928 0x2334  USBSTOR - ok
16:42:59.0937 0x2334  [ 2D6BB2157B37B2D9DABF8C218F2A805B, 5FCA03DCAE81F6B7A6EB63F13A361ED915D82635697DAA085A31D447C21C1B65 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
16:42:59.0947 0x2334  usbuhci - ok
16:42:59.0981 0x2334  [ F12FD012F562BF51B9720936918F926E, 5C0F781EAFFF2B2B3D5E693489C7E1B39AD293B49969E0AB0E5337FCABC4F96C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
16:42:59.0996 0x2334  USBXHCI - ok
16:43:00.0052 0x2334  [ DBB8DA23D912E799683A34BFBAE3EF70, FE7EAB44503C72EC3CD722617D04C0BF01EDFD2F5834C3D501538800E43C6B74 ] UserDataSvc     C:\Windows\System32\userdataservice.dll
16:43:00.0133 0x2334  UserDataSvc - ok
16:43:00.0263 0x2334  [ 29D52BDF7605DBD39C2D6D089E72C6F4, 500CBB6AD5B097525CD5DD70F127ED66BDE8E5608DAAC5067FA0F04DC1F00D06 ] UserManager     C:\Windows\System32\usermgr.dll
16:43:00.0324 0x2334  UserManager - ok
16:43:00.0387 0x2334  [ BC20E0985EA0257B31145F313B6950EA, FD011029E8E028C49B4ECFC6018BEEAD871C76D7B9EF811623D396355DEE90C3 ] UsoSvc          C:\Windows\system32\usocore.dll
16:43:00.0463 0x2334  UsoSvc - ok
16:43:00.0485 0x2334  [ 1E77B06AAC63D59B4F0EE5109026B837, CE2EAB49B9D4B26A6AEA4987DC0DE1774893BCD1278E6316F1359F095E2D1A53 ] VaultSvc        C:\Windows\system32\lsass.exe
16:43:00.0494 0x2334  VaultSvc - ok
16:43:00.0519 0x2334  [ E7204D7FD7362F0EFAA502A4CB91CA1E, C7F3BE383C81AB9AA642479F95872E40E19A4CFD72D4C8D7DE80ABC11B713E21 ] VBAudioVACMME   C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys
16:43:00.0526 0x2334  VBAudioVACMME - ok
16:43:00.0582 0x2334  [ 157406548DD44E9391B384C3EFAE9299, 9BCBE3515529B8B995665486F3F15D5223E494DE58147CC0627AB4EE506CA40A ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
16:43:00.0602 0x2334  VBoxDrv - ok
16:43:00.0622 0x2334  [ 900F62B0166ABB910710FB840DE19ED9, 2E6CA0308D1747F6FB3EAFBB865EC39F4CAB982CDF4067069A1AC2CEE2CDD2E3 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
16:43:00.0631 0x2334  VBoxNetAdp - ok
16:43:00.0655 0x2334  [ 399FCA1DA85E592171261EB9F343EBFC, 85CC4AA9EB62440142778A2E908756EF72B6782D9FC716DD8691D636CFC9A21B ] VBoxNetLwf      C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
16:43:00.0664 0x2334  VBoxNetLwf - ok
16:43:00.0682 0x2334  [ 63084E96C5FE3C37AA157990299049D6, 7EAF78C054786F102394FB5692D3A7D864DDD03B814B97CD469D1343AFBEDAE8 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
16:43:00.0690 0x2334  VBoxUSBMon - ok
16:43:00.0728 0x2334  [ BF13071600C1A0B090BEEC159A75B133, 78B239E5189B090D11A6C2CE19D8428CCCB03740CA22D00561E1BC9B5D609046 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:43:00.0735 0x2334  vdrvroot - ok
16:43:00.0782 0x2334  [ 07C192BEEA76B1BD9D0310ED20551D54, 0E8A90B2A228CEE94DBD193E7C6775A64C8BBEF70E318F2ECE935B6ED5B26638 ] vds             C:\Windows\System32\vds.exe
16:43:00.0820 0x2334  vds - ok
16:43:00.0827 0x2334  [ 9D4EEE333603F3675685F644053499D5, 545A21F86C8CD64B556DE688B31DDB157863766D53E52DE443B881D267223578 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
16:43:00.0839 0x2334  VerifierExt - ok
16:43:00.0893 0x2334  [ 274D49BBF0F3C7F193BFC13434F2F08C, B8F56DDBE61D1A6EC0967C5543A1772BEA6E7E9D4923F6DE5A09CD43AC7CDBE3 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
16:43:00.0913 0x2334  vhdmp - ok
16:43:00.0933 0x2334  [ E10FEBB566E1F0A3936AB304F338637E, 01B344061F2A8802EE88F584CF583DCECA478823A0D37C41D90340E4E2FBC43F ] vhf             C:\Windows\System32\drivers\vhf.sys
16:43:00.0944 0x2334  vhf - ok
16:43:01.0024 0x2334  [ D87D7B4531C87229DA776AE8D5FD5D97, 2765F9B15A517367721995F34DF5F1464CC635049110B6EC1DDB2147B5E448E4 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
16:43:01.0031 0x2334  VMAuthdService - ok
16:43:01.0063 0x2334  [ 3093314480D83FB733A6069AB12D3DA1, 9056C57A56D151E3AF456FDD843F9BD7727E12B59EB09C423196F23609EA7F42 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:43:01.0072 0x2334  vmbus - ok
16:43:01.0119 0x2334  [ 12723C0F54432B4A98702110B344B030, DFAA6FC88F6EC7A540B5AAE930A591DD59E844630A6B03DEEA31126EAAEA256E ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
16:43:01.0130 0x2334  VMBusHID - ok
16:43:01.0165 0x2334  [ 9C3FD3B0B9376537181067A28F2A5290, CFD39EBCA8B07C876BBB8469B145AAE95838C4445F946DFF19EB226581DACCEA ] vmci            C:\Windows\system32\drivers\vmci.sys
16:43:01.0172 0x2334  vmci - ok
16:43:01.0197 0x2334  [ BCD144BFA4E13E0F74D852ADF283626E, 7423E69CECC2791DF814ECA6464C522BB914F7F6B0178C1A9881CBF56A1F8E1C ] vmgid           C:\Windows\System32\drivers\vmgid.sys
16:43:01.0221 0x2334  vmgid - ok
16:43:01.0246 0x2334  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicguestinterface C:\Windows\System32\icsvc.dll
16:43:01.0288 0x2334  vmicguestinterface - ok
16:43:01.0294 0x2334  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicheartbeat   C:\Windows\System32\icsvc.dll
16:43:01.0311 0x2334  vmicheartbeat - ok
16:43:01.0318 0x2334  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmickvpexchange C:\Windows\System32\icsvc.dll
16:43:01.0335 0x2334  vmickvpexchange - ok
16:43:01.0357 0x2334  [ F03A5454EAE669167639CA3F2EDF73B1, 03D9A033B694BF95AC04355EB54B72030372880E0EF63C4A6D6A2A10F571AFEA ] vmicrdv         C:\Windows\System32\icsvcext.dll
16:43:01.0391 0x2334  vmicrdv - ok
16:43:01.0398 0x2334  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicshutdown    C:\Windows\System32\icsvc.dll
16:43:01.0415 0x2334  vmicshutdown - ok
16:43:01.0421 0x2334  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmictimesync    C:\Windows\System32\icsvc.dll
16:43:01.0438 0x2334  vmictimesync - ok
16:43:01.0444 0x2334  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicvmsession   C:\Windows\System32\icsvc.dll
16:43:01.0460 0x2334  vmicvmsession - ok
16:43:01.0482 0x2334  [ F03A5454EAE669167639CA3F2EDF73B1, 03D9A033B694BF95AC04355EB54B72030372880E0EF63C4A6D6A2A10F571AFEA ] vmicvss         C:\Windows\System32\icsvcext.dll
16:43:01.0499 0x2334  vmicvss - ok
16:43:01.0527 0x2334  [ B3C2E4DE5B1A39B16D43310085E2DEAA, F67D02E8F6FD6C49336B696409DFDF89B0229120D529709DB512F67348E8FE9A ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
16:43:01.0534 0x2334  VMnetAdapter - ok
16:43:01.0572 0x2334  [ 713180B789DFAFCF3336FF6FA49DE43A, 62EFA26D267434FC467E5AA01002E313B93CA0141AADD6C166A937C2D83A1FBE ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
16:43:01.0579 0x2334  VMnetBridge - ok
16:43:01.0648 0x2334  [ 388C394F201EA253F5CF287961502A15, 4D310114822417CB7EBEB60134E6B8638F8F806A85A9E6F1E7A373F8333DA504 ] VMnetDHCP       C:\Windows\SysWOW64\vmnetdhcp.exe
16:43:01.0662 0x2334  VMnetDHCP - ok
16:43:01.0682 0x2334  [ 75CACACDA46FD9CB802E9FFB7B5C44DC, 4FD2D97DD70FFD2AEAD76E09DBCF00B06CD309EA6C36427AF392A9D0D45DE925 ] VMnetUserif     C:\Windows\system32\DRIVERS\vmnetuserif.sys
16:43:01.0687 0x2334  VMnetUserif - ok
16:43:01.0762 0x2334  [ 4B3D346CE694C43D19789FB56C970971, A192E2EC312E4307B9E3B681AA8DAE9F8C42EBC54368CD46D4007584C8B9353F ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
16:43:01.0791 0x2334  VMUSBArbService - ok
16:43:01.0829 0x2334  [ 28CEA490E814C54061E2C5CC5691F670, 4A110DD95E66A6662CD96CD2E1F6DDF376F7856A76675DDCF147A3C99CDFA3AC ] VMware NAT Service C:\Windows\SysWOW64\vmnat.exe
16:43:01.0843 0x2334  VMware NAT Service - ok
16:43:01.0850 0x2334  [ BF4D05753501C3FD4FE44D5429AAE084, E8AA318F22F6204567623C29CBD9938726CFDDAEFB36F92EE3AB24FE9E608693 ] vmx86           C:\Windows\system32\DRIVERS\vmx86.sys
16:43:01.0857 0x2334  vmx86 - ok
16:43:01.0885 0x2334  [ D81F6B790519A60F3D1788B45D04B749, 7607DBA77412127C4968D3B6C4FD25F8C286A22DDDD9C78BDC54DF3A4C98AA8E ] vnvdimm         C:\Windows\System32\drivers\vnvdimm.sys
16:43:01.0897 0x2334  vnvdimm - ok
16:43:01.0936 0x2334  [ E4FF0D44DE5AA492DEA3902D0349024E, 0D3D846C0F1C276747E079F41054C630D0A05914FEE6BE9165886376B2857D49 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:43:01.0945 0x2334  volmgr - ok
16:43:01.0978 0x2334  [ 6D6CACED512C1EF1FEAC215E37E3A9BC, 11B26DA5AB0C3736E2B8ADF3E06BFF3FD7853F9D6A948EA15ADC8B7D230062D4 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:43:01.0992 0x2334  volmgrx - ok
16:43:02.0026 0x2334  [ 5B27846CF4B1C21AFB3A35A8336BA02F, 0481F605776B638CCE855525DF605288AB4ECA87FCB4B6E668B60E3DFD120EF2 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:43:02.0041 0x2334  volsnap - ok
16:43:02.0052 0x2334  [ 72A95A844D6BAF2924A4C15BEDFD6BCA, AB9F8C77A077C9E95061D562F516793E547BC276926E1895A186A39317F21BA1 ] volume          C:\Windows\system32\drivers\volume.sys
16:43:02.0060 0x2334  volume - ok
16:43:02.0091 0x2334  [ 9198C53EE69D942217E2ACC29A01D605, 4F4742EC69DEF6485FECD60F0EB3C7DBBCB78E706C85319CAC8FFC40D3C27780 ] vpci            C:\Windows\System32\drivers\vpci.sys
16:43:02.0100 0x2334  vpci - ok
16:43:02.0130 0x2334  [ 075CE3C9E77D2666AFA888951E5F07A9, 264EDD6301851A41FB2233DC9BFC357EE5B60BEC1A04578FD7A576BA145E2A31 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:43:02.0141 0x2334  vsmraid - ok
16:43:02.0146 0x2334  [ F067FA5D1BEC4B5CE70DA61237A9B2AB, 789AE512EFB503FFE2A17A33FAC9F977FF1079002C36961830FD6322B32F7D5C ] vsock           C:\Windows\system32\DRIVERS\vsock.sys
16:43:02.0153 0x2334  vsock - ok
16:43:02.0222 0x2334  [ 53B56525785DDBBF34956948A08F6491, 799759ACDF514F195A6C9DACBA966866E9012AA862B45D2E27D345D5901B7924 ] VSS             C:\Windows\system32\vssvc.exe
16:43:02.0294 0x2334  VSS - ok
16:43:02.0324 0x2334  [ 26D00E85BE4726B114335250FCDEDA89, BA1E3EC92786A17B99BF6544FD76F0458DAC2810D2A3B0785AC2B066079D5B09 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
16:43:02.0337 0x2334  VSTXRAID - ok
16:43:02.0369 0x2334  [ 3DFDB573E4D49EA8F416B573525B7A86, 9951D34FF0B98CA562EC0D81E23DA81BF5E5E6B4F5C274BC8E258BAE5E69DF8D ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:43:02.0380 0x2334  vwifibus - ok
16:43:02.0386 0x2334  [ A40FA64655AB5B8773A96A821616C5FC, 221063771A70CD6238D5DD816EC99BFFE31418EDA08E2270D864554234271087 ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
16:43:02.0397 0x2334  vwififlt - ok
16:43:02.0428 0x2334  [ 0D34F98DBDF09D239533AC345C360F03, 503F6826443560C65FC281E41E91C5EBBEFFC937C975FA4CBBF5F5FC34EC3E4B ] vwifimp         C:\Windows\System32\drivers\vwifimp.sys
16:43:02.0439 0x2334  vwifimp - ok
16:43:02.0470 0x2334  [ A17A4F2823C5424C9B8B990644817DC0, D8CE6FC8B6B5BB89968D83AC3DC054C35BD16880D0B321B64799DA1830C2B626 ] W32Time         C:\Windows\system32\w32time.dll
16:43:02.0541 0x2334  W32Time - ok
16:43:02.0555 0x2334  [ 5B5430522E0BDF2A753D758710BE7C5E, 1476C664EFCE7A2FEE738BB767D3E2EABBEF19F1037D383140BC01F92E154039 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
16:43:02.0566 0x2334  WacomPen - ok
16:43:02.0601 0x2334  [ 451D40C28E7D1CF51A980B83FDEFF498, E6CEEB222A1C0D97E53DCFC2E22084FD4547A8CE3C16A54DD49622F524BF48CE ] WalletService   C:\Windows\system32\WalletService.dll
16:43:02.0626 0x2334  WalletService - ok
16:43:02.0660 0x2334  [ E77B19FF6C2FFA5B19CDF62DA4953BC9, 2D93403BCB2A44F9CF110C1EF99C1C79D2BBB8068CCCA7C30B6606C1190F6C98 ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
16:43:02.0671 0x2334  wanarp - ok
16:43:02.0675 0x2334  [ E77B19FF6C2FFA5B19CDF62DA4953BC9, 2D93403BCB2A44F9CF110C1EF99C1C79D2BBB8068CCCA7C30B6606C1190F6C98 ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:43:02.0686 0x2334  wanarpv6 - ok
16:43:02.0701 0x2334  [ E3B4C37F1F3D8078AA2AFBEE7F5468CF, E620DC9F5AAAE9652E3B742BBF4D671F04D623F657959C98F2230CEF26086CDE ] WarpJITSvc      C:\Windows\System32\Windows.WARP.JITService.dll
16:43:02.0717 0x2334  WarpJITSvc - ok
16:43:02.0760 0x2334  [ 1C1EB9C4DAF428B3BFDD58572768182C, 99F429EB8C2DEC185124B8811AF96D30E963E2F71CC7184AF8650805818B52E4 ] wbengine        C:\Windows\system32\wbengine.exe
16:43:02.0828 0x2334  wbengine - ok
16:43:02.0879 0x2334  [ A0B4836C489C2535795C4E71E378AD07, 39A511EE1FFFD956496768A1D1453E503C911DE512EBCAECFCDFC0B8E3A8544D ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:43:02.0935 0x2334  WbioSrvc - ok
16:43:02.0964 0x2334  [ 0610F02EC87DBF6BA319CB1D6B8771AE, CCD9E8A028F091907BC30619ACA126F9FBA448A69124E53EF905978E3B5734F8 ] wcifs           C:\Windows\system32\drivers\wcifs.sys
16:43:02.0974 0x2334  wcifs - ok
16:43:03.0016 0x2334  [ 61A49F7EB2423E06366329C60E437B87, 1CCA74CDCB7785EE77315243A4773D1A3E0A14512E8480F3C8F100217F3B9AD4 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
16:43:03.0070 0x2334  Wcmsvc - ok
16:43:03.0102 0x2334  [ 505E50A4819CF28DCE8176DB15952D49, 6003C93FB0997A9FFD5CBE9BD18C86B08594AD56D70AD93F72FB67C5F6D7666A ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:43:03.0136 0x2334  wcncsvc - ok
16:43:03.0173 0x2334  [ 87F462C7D37F380187BE12F079F73216, 4025B95FAF4751633E9DD9BA9312274E99778EEBADC8EA37D5E179A41C1EE344 ] wcnfs           C:\Windows\system32\drivers\wcnfs.sys
16:43:03.0197 0x2334  wcnfs - ok
16:43:03.0210 0x2334  [ 6FD8F1FBED780A7F3DF329C834E52AC5, 3AD265AF0E955A78102BFF7048C08C3D250694EBB47B9E603090EC0FE5BD522E ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
16:43:03.0219 0x2334  WdBoot - ok
16:43:03.0251 0x2334  [ FCC960498E3CD899F0A429F7CF9E77AD, 91FB3B6AF1522754E6ECF5D0CD146B1D06F657D06E6D9D917F55A3789A92D8EB ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:43:03.0280 0x2334  Wdf01000 - ok
16:43:03.0289 0x2334  [ 7D182F0F227FC141C5D2085175BE05F6, 58F3F00521DBD7D33E5383FBFE264777B8403C16F52C887FA4C5F391CB1E0250 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
16:43:03.0302 0x2334  WdFilter - ok
16:43:03.0319 0x2334  [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:43:03.0337 0x2334  WdiServiceHost - ok
16:43:03.0341 0x2334  [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:43:03.0358 0x2334  WdiSystemHost - ok
16:43:03.0411 0x2334  [ 394CCCA2A8C04BA14327636F20AB9DAD, E14C82C255517CCA4DECEF1A1DA3B1115D5E7AA98838D2B9848E150ADCDCEC34 ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
16:43:03.0439 0x2334  wdiwifi - ok
16:43:03.0463 0x2334  [ 0D38C257A7B34A818726BA2F323B196E, B136076CFDD0FB9B78E0BFF2873F4F3477808E12EB897ED0D883481EB92A24DE ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
16:43:03.0473 0x2334  WdNisDrv - ok
16:43:03.0489 0x2334  WdNisSvc - ok
16:43:03.0493 0x2334  [ DF58AA71FBA55E15F572C93447696DEC, F20C93140A44C1E61B5544FC8B3A1145E9ED57B2F09881719F4B2853B4900891 ] wdnsfltr        C:\Windows\system32\drivers\wdnsfltr.sys
16:43:03.0554 0x2334  wdnsfltr - ok
16:43:03.0608 0x2334  [ 36947722152A5C5CE9CAA33AD84ACCB5, 8B6E7D7BC091DDCA6AF90ED100AAEDACCE9110179BAD5E444D6788E52C68F461 ] WebClient       C:\Windows\System32\webclnt.dll
16:43:03.0630 0x2334  WebClient - ok
16:43:03.0664 0x2334  [ 7997BC2386A9976C0645A28FA8A6E7EA, ABE47A6132B7651EA2055F97E7BD9D596906086BCD726147449D4378C7E4F9B9 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:43:03.0683 0x2334  Wecsvc - ok
16:43:03.0687 0x2334  [ CEA146E0D096A491B265CD2340C2E31D, 285BA0D58E6E93FEB0D8F33738C6A223D7269378B3E77A7760D7131E43DEBE7C ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
16:43:03.0702 0x2334  WEPHOSTSVC - ok
16:43:03.0743 0x2334  [ 40610BA98D5830FB14C3695B3BCA647A, 6E047D04DDD9DCB142572CEAB5E73585062205BABE510C5B0D63800B2A9D251A ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:43:03.0761 0x2334  wercplsupport - ok
16:43:03.0820 0x2334  [ AA2B3154D12ABE34640C866AC3472E33, 32EBA0B999FDA77E6828274FE49A7619B97471BF828B18BF55BDAE19FB10DC6A ] WerSvc          C:\Windows\System32\WerSvc.dll
16:43:03.0840 0x2334  WerSvc - ok
16:43:03.0863 0x2334  [ 86B816E9D24625287BDE9784953A5E86, BCA73B320100D7C1052751D7FA42990579B6BA5908E31B2212BFE75681B32D3F ] WFDSConMgrSvc   C:\Windows\System32\wfdsconmgrsvc.dll
16:43:03.0913 0x2334  WFDSConMgrSvc - ok
16:43:03.0953 0x2334  [ C82198D3B33854D9578F9B09025E4293, E4CEEC078B2EE56186D75AE762D6511F3AF88C41C52039710D06CB2945C1B397 ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
16:43:03.0963 0x2334  WFPLWFS - ok
16:43:03.0986 0x2334  [ F78A2731EC972312C4C998174A9BB325, 72CCA57EB6383F65683C276337F53AB38BC398CEA69E53D6E2867D5EE8B4B007 ] WiaRpc          C:\Windows\System32\wiarpc.dll
16:43:04.0003 0x2334  WiaRpc - ok
16:43:04.0022 0x2334  [ C8D3FC38426E990E2787771678B19C6D, FB6CA9A5BF3935793CD8B2F288FAC0C675B333D4F7393FA02244E3BCC2E25625 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:43:04.0030 0x2334  WIMMount - ok
16:43:04.0032 0x2334  WinDefend - ok
16:43:04.0070 0x2334  [ 4499AB24236526E5CFCE817CD02EC034, 5D8666B2EEBAD0CDD70E43F83540C738333CFC5124C74432E7AB677504A48688 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
16:43:04.0079 0x2334  WindowsTrustedRT - ok
16:43:04.0107 0x2334  [ 813EE0F4D4B8D599DB1968682D080732, A3EF1BBB866F5A7C1B5303BBF6E805B35739602CA7F244C076A8BF90F1CB2952 ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
16:43:04.0115 0x2334  WindowsTrustedRTProxy - ok
16:43:04.0152 0x2334  [ 234EB8E9661C576BC5D8C290DDA9F34C, A68C1E2CE99E9B665858DFEC9AC0D08754FD85F5EFB5E5E84F2D6404036F9F4B ] WindscribeService C:/Program Files (x86)/Windscribe/WindscribeService.exe
16:43:04.0164 0x2334  WindscribeService - ok
16:43:04.0205 0x2334  [ A6779AAAFCCF789782A78622B1076DD2, DF8EE65AA04DB4CC500945B7C26BA8C2F063B4E3B46F8F5FA207C72D0C0EB505 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
16:43:04.0251 0x2334  WinHttpAutoProxySvc - ok
16:43:04.0273 0x2334  [ E23475E9150E6A50B12DB176EA5CDD56, 25699796948D4679D0C1633C726C3CDF052F877AAA18CD7D069F95A88701CB73 ] WinMad          C:\Windows\System32\drivers\winmad.sys
16:43:04.0281 0x2334  WinMad - ok
16:43:04.0321 0x2334  [ 0FBD5D358094E254A1508832D4042FF7, 4EC4DB3B03BE1518BB38D4F3BF79A77D1BCA5A2DE9BA5F9C9312606E4E2A14E9 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:43:04.0339 0x2334  Winmgmt - ok
16:43:04.0373 0x2334  [ 90DBE4DB3A8266C6E078EF6682E26B91, 432AAEDE3628EAD3F844D3CBBA0AAA6AFDD04CAB04EA7871689D7FD394F25EC1 ] WinNat          C:\Windows\system32\drivers\winnat.sys
16:43:04.0413 0x2334  WinNat - ok
16:43:04.0434 0x2334  WinRing0_1_2_0 - ok
16:43:04.0490 0x2334  [ C2A88E382CD48E4772A5570D66BF1A90, F1BFB1873FB1E37DAADE923FC30265C72018CF2003B0A5E0E5896167D1680D01 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:43:04.0591 0x2334  WinRM - ok
16:43:04.0611 0x2334  [ E92F3539C4758F6A9F4B80CBAC75B3E6, 9CF9069B9A738E86181FB02904720B2A88353574F35BDC298A2EB697D22B7723 ] WINUSB          C:\Windows\System32\drivers\WinUSB.SYS
16:43:04.0626 0x2334  WINUSB - ok
16:43:04.0645 0x2334  [ 59126AFCC64270747B5CC9B44A4A48F4, C0C1E6B248E725FE02B58151838AAC8841FB70B673A2B6EFB49EEA96E7F1C1DA ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
16:43:04.0654 0x2334  WinVerbs - ok
16:43:04.0684 0x2334  [ 0A3ADAA0EFAFA26CA8570E24A13CE484, 2B7FA1ADD904962F296111F555F4BB45A3BA77B6961DABC502B6DDC4E9324CEB ] wisvc           C:\Windows\system32\flightsettings.dll
16:43:04.0724 0x2334  wisvc - ok
16:43:04.0798 0x2334  [ B8A9BAD14C937192545169DF02D812C2, 91AD683B7448D29FC7564BA7090E8A4692103B6522A8DA7C8E0AE3F5901E920D ] WlanSvc         C:\Windows\System32\wlansvc.dll
16:43:04.0889 0x2334  WlanSvc - ok
16:43:04.0945 0x2334  [ 717FE96AE0988B1F443EED06E6A703D4, 970B840576ACE0B34F5AF0B6E01F200A2DA51C250823676E1685B75610CB0508 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
16:43:05.0036 0x2334  wlidsvc - ok
16:43:05.0093 0x2334  [ 56E1A46DD1C5D28B10F02E21D077EBF6, CC9AADBBBA03E162948EE39CCAAFD0A43253C86F5B875765748B73A084DC4B25 ] wlpasvc         C:\Windows\System32\lpasvc.dll
16:43:05.0155 0x2334  wlpasvc - ok
16:43:05.0174 0x2334  [ E8C793ED028E132771988760819E3754, 7BC02774EEDF4B884181854BEADF2DCAC615BA3ED7F1551C0863B79E009E3043 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
16:43:05.0184 0x2334  WmiAcpi - ok
16:43:05.0252 0x2334  [ 4D69FE18CD4BE7DCE3BDE57B86426EA3, C1580315758FEC14D209F7C232E6D70BCCD375D68CB5967DA055ACC5A52A20F0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:43:05.0267 0x2334  wmiApSrv - ok
16:43:05.0302 0x2334  WMPNetworkSvc - ok
16:43:05.0312 0x2334  [ 8D6E6F6C233AF450C50FA615530B44D2, 1BF6CD93B97920500F5FD0E9D8395ACCAAA2D126FD9C256148797B292D5F9A6C ] Wof             C:\Windows\system32\drivers\Wof.sys
16:43:05.0324 0x2334  Wof - ok
16:43:05.0369 0x2334  [ 1431D184691F7FA9AAC2064EB0EC6C96, 6185E5AB281327563DC4E87526B37792A9B4B86C65D5BADDBB1DBA6A50FC9134 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
16:43:05.0456 0x2334  workfolderssvc - ok
16:43:05.0483 0x2334  [ DFA27421D9B3CFDEA3E89D9B86332C95, 1B67BBAD6B3191690C4FB1CCB548172C4CB9432EBDB940DB5FFB4EDDDBC2DCCB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:43:05.0510 0x2334  WPDBusEnum - ok
16:43:05.0533 0x2334  [ 9EAE1EF282864674355B4B81DF6AE935, 781CED5AE95D365BB59769517FA9462EFC6472ED4EB08C98EC66CE3E17C66D69 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
16:43:05.0541 0x2334  WpdUpFltr - ok
16:43:05.0558 0x2334  [ C75B59E441206A572CC64BBB60EE54B3, C43A3109EAB89B6A23E033C127F1B5586651A1A3A1C4D45ECFBF0ABE472FEBA1 ] WpnService      C:\Windows\system32\WpnService.dll
16:43:05.0579 0x2334  WpnService - ok
16:43:05.0586 0x2334  [ 07F4AF1730D55567EACE7ADDEA28FE48, 256671C52C350E42662DC590AE36BAFD06E9507551C39575BCD894D8FD040129 ] WpnUserService  C:\Windows\System32\WpnUserService.dll
16:43:05.0603 0x2334  WpnUserService - ok
16:43:05.0617 0x2334  [ 367B3ED0C688AFE28C376B0230814567, 1E7419254852A70AEAA30DF0F85C4E489591E5A0E90256C40676F712D45960CA ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:43:05.0630 0x2334  ws2ifsl - ok
16:43:05.0680 0x2334  [ 95E6DA58562C14947935B1C5D393A7F0, B9F0F8B2F50B48125B89BF61B3229317E918619B6A9D47FF0B368A87EE0CE734 ] wscsvc          C:\Windows\System32\wscsvc.dll
16:43:05.0710 0x2334  wscsvc - ok
16:43:05.0719 0x2334  WSearch - ok
16:43:05.0812 0x2334  [ 3997728D47D3CA4B59BF4D9DD555FC97, CABB844F18A69178D202094EF7D0C06C9A27B13C53546279836A5F018C1B0182 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:43:05.0954 0x2334  wuauserv - ok
16:43:05.0979 0x2334  [ BD5E68B369DF3453A0A87663C6C5476D, 17B766ADB299D247EF9D4554F86015B38A89AE5C0310A36E1FCB0AC28462CE96 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:43:06.0003 0x2334  WudfPf - ok
16:43:06.0024 0x2334  [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
16:43:06.0041 0x2334  WUDFRd - ok
16:43:06.0058 0x2334  [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
16:43:06.0074 0x2334  WUDFWpdFs - ok
16:43:06.0080 0x2334  [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
16:43:06.0096 0x2334  WUDFWpdMtp - ok
16:43:06.0162 0x2334  [ 02DCDAE63AB343418D7420D481FE839C, DBFD3C9EF34645EB3A11107760C8298590368A2E815695B857CCF653910265A7 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:43:06.0221 0x2334  WwanSvc - ok
16:43:06.0247 0x2334  [ 42C738ED1552FE168F6EE1BAE8ACFCAC, 01E9CD1FA7935DD442A2EBFC93E4BDDF204F995379FCAFFEADAF0BF6638AB925 ] xbgm            C:\Windows\system32\xbgmsvc.exe
16:43:06.0259 0x2334  xbgm - ok
16:43:06.0293 0x2334  [ A03C4D4D71304087820A0EF18FCF7582, F92737321A5082A72F20491810A09D249F0676F0F12478A2C81ADF9B2F79BAB0 ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
16:43:06.0351 0x2334  XblAuthManager - ok
16:43:06.0373 0x2334  [ 77ADC2F5DBE303EF8B8D2D08AEE3F3DB, 65128FB8561EF1BE4E3CAA3B0D873FEA3A218E3CF90527068C43F6E549ECB188 ] XblGameSave     C:\Windows\System32\XblGameSave.dll
16:43:06.0419 0x2334  XblGameSave - ok
16:43:06.0428 0x2334  [ 2244A4CEFE8F9C74091369ACE2E9EBC6, 48F59F36EBA0434BED00B53321107C0BDFF20131683D5E6BC7A9F5DA0B8B6929 ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
16:43:06.0446 0x2334  xboxgip - ok
16:43:06.0459 0x2334  [ 1A9550D746B8604D37A90436EF686777, 3DBF305C228D28A3C4FC48F65CC38BDBFEE6B7995CEE8319E680E073978CA58B ] XboxGipSvc      C:\Windows\System32\XboxGipSvc.dll
16:43:06.0476 0x2334  XboxGipSvc - ok
16:43:06.0506 0x2334  [ 4951DD543AA2710760D90A58261ED665, 37D08FA58147A6606E69DB39405898D82BC40420F8FFB0BD097694A53E60AD1D ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
16:43:06.0563 0x2334  XboxNetApiSvc - ok
16:43:06.0568 0x2334  [ 4A91B49C6B1E41151D47CB919ADF013A, 4DA1E3F50B2D63AFD2F7A014E3C0420C1E7DEDE96A48EEC33C53023D88F9AAFF ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
16:43:06.0581 0x2334  xinputhid - ok
16:43:06.0662 0x2334  [ 3C68ADDE2437FB45CFE71FD8C33C4919, 7F19F51F3664BE5FDD79BCF216DF8D1D1BC3015D522E989DD592BFA1AB3DFE8B ] YSDrv           C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
16:43:06.0671 0x2334  YSDrv - ok
16:43:06.0686 0x2334  ================ Scan global ===============================
16:43:06.0732 0x2334  [ EB45383BE9D7ECB36D55B262E0D8EB46, DC975066C426B5FBBFA3A4254D1D97DBF889B6BFD062D9FF1892F66C0CFF2DE3 ] C:\Windows\system32\basesrv.dll
16:43:06.0764 0x2334  [ B7147831151D5519E5A80CC71CA1F73D, 2862ACE7D2672399B4E0CD0D0275301BD63BFE16E4680A09F5DFDFCFBB7187BF ] C:\Windows\system32\winsrv.dll
16:43:06.0776 0x2334  [ 9451BA31B1DC19CED2608D82863C6486, 888F8676086DD8338445C35A64106E01122881FD08858D3996470EBF0DF30648 ] C:\Windows\system32\sxssrv.dll
16:43:06.0821 0x2334  [ 8207DB785C4A1A8C901154D12DF6E38E, A7DD058B1D2A11B19D72A3D549B611F4E282F86E5A7189E61E1DCE4C8D2E1514 ] C:\Windows\system32\services.exe
16:43:06.0840 0x2334  [ Global ] - ok
16:43:06.0840 0x2334  ================ Scan MBR ==================================
16:43:06.0878 0x2334  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:43:06.0968 0x2334  \Device\Harddisk0\DR0 - ok
16:43:06.0970 0x2334  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:43:06.0988 0x2334  \Device\Harddisk1\DR1 - ok
16:43:06.0989 0x2334  ================ Scan VBR ==================================
16:43:06.0990 0x2334  [ C1AB275A9B1F38DCEF8801518B62C809 ] \Device\Harddisk0\DR0\Partition1
16:43:06.0991 0x2334  \Device\Harddisk0\DR0\Partition1 - ok
16:43:07.0025 0x2334  [ E3646A0B6F3BB7140CE38EFAF12D4311 ] \Device\Harddisk0\DR0\Partition2
16:43:07.0026 0x2334  \Device\Harddisk0\DR0\Partition2 - ok
16:43:07.0031 0x2334  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
16:43:07.0031 0x2334  \Device\Harddisk0\DR0\Partition3 - ok
16:43:07.0035 0x2334  [ 524F1B27FAA702BAC044F76139C8DEFA ] \Device\Harddisk0\DR0\Partition4
16:43:07.0036 0x2334  \Device\Harddisk0\DR0\Partition4 - ok
16:43:07.0038 0x2334  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
16:43:07.0038 0x2334  \Device\Harddisk1\DR1\Partition1 - ok
16:43:07.0040 0x2334  [ 39193569719859980B6FDE2F21042962 ] \Device\Harddisk1\DR1\Partition2
16:43:07.0040 0x2334  \Device\Harddisk1\DR1\Partition2 - ok
16:43:07.0041 0x2334  ================ Scan generic autorun ======================
16:43:07.0272 0x2334  [ 2F3A21F6CBC9B4CBCCB73FC2DEAEC453, 418A10EC8AC8B5E28D2BF3EB882B3933E1B478B9D7F4D048E4852A891A05132E ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
16:43:07.0472 0x2334  RTHDVCPL - ok
16:43:07.0517 0x2334  [ 11D3206B0B4358C8219442EE521BBF4E, AA89BF2271C115988551CDE6D5F3550EAD30CA516B420962CDE3C720B35A722A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
16:43:07.0561 0x2334  RtHDVBg - ok
16:43:07.0639 0x2334  [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
16:43:07.0652 0x2334  AdobeAAMUpdater-1.0 - ok
16:43:07.0729 0x2334  [ 4B6E5E5810D06E94C552AEB76B4D954C, 1B40233357A2AB589C82AD99369411004C899DEBFFCB0A3F399FD5CF12F1CD6B ] C:\Program Files\iTunes\iTunesHelper.exe
16:43:07.0739 0x2334  iTunesHelper - ok
16:43:07.0825 0x2334  [ 7DC06D017872420EAFBD512225F8F4E2, FF47A89958AB9995DC8CAE1848528C326B9306E88E19ACC25ED23D64EFA0DF66 ] C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
16:43:07.0836 0x2334  AdobeGCInvoker-1.0 - ok
16:43:07.0911 0x2334  [ F5AF8520466AA191D58D03A01349883B, 957579115E0A497E315F2C22DB10F15E50F0CB02A56F7377FF822A6FAA6CB112 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
16:43:07.0973 0x2334  Adobe Creative Cloud - ok
16:43:08.0379 0x2334  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:43:08.0848 0x2334  OneDriveSetup - ok
16:43:09.0226 0x2334  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:43:09.0552 0x2334  OneDriveSetup - ok
16:43:09.0655 0x2334  [ 451AB3E90DE033EBA73C782A7E7A2C1B, 04C0EA54E3BAC43D554870D8E82D0D0AD007189C9349CFE67A3522ED9E7ECCE2 ] C:\Program Files (x86)\Gyazo\GyStation.exe
16:43:09.0698 0x2334  Gyazo - ok
16:43:09.0954 0x2334  [ 6502F1B23DCDD7560405F15B19E2B181, 05F2C5EE93138DDB69E44222C3927DBFB095C6C87B579B0303667E4D1D31E1ED ] C:\Users\385ideal\AppData\Local\MyComGames\MyComGames.exe
16:43:10.0100 0x2334  MyComGames - ok
16:43:10.0425 0x2334  [ 5F9961CB14740208EA8026E88FC5083B, 50CA9DA831B27D57618A1B08805741E8BD7FC3CF9D6B69276B4D86457BC6415D ] C:\Program Files\Sandboxie\SbieCtrl.exe
16:43:10.0497 0x2334  SandboxieControl - ok
16:43:10.0653 0x2334  [ 710D0376DD3D0BBE27FF165F7CE98837, 9322B95512178ECD392779D295FF0DECF9754E4BE10953367A811883646D359B ] C:\Program Files\Echobit\Evolve\EvolveClient.exe
16:43:10.0734 0x2334  EvolveClient - ok
16:43:10.0845 0x2334  [ 4E548DED4266551FCA6FEA6DE8517114, CABCA24223113F18A95FB862C7158BF0A299D7EBEDC71F4CFBFC4C7E7226C13E ] C:\Users\385ideal\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
16:43:10.0929 0x2334  Gaijin.Net Agent - ok
16:43:10.0976 0x2334  EpicGamesLauncher - ok
16:43:10.0977 0x2334  Waiting for KSN requests completion. In queue: 32
16:43:11.0996 0x2334  Win FW state via NFP2: enabled ( trusted )
16:43:12.0106 0x2334  ============================================================
16:43:12.0106 0x2334  Scan finished
16:43:12.0106 0x2334  ============================================================
16:43:12.0112 0x3a34  Detected object count: 1
16:43:12.0112 0x3a34  Actual detected object count: 1
16:43:21.0059 0x3a34  HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:21.0060 0x3a34  HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 11.08.2018, 15:52

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

adwCleaner v7.x

Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Einstellungen, scrolle nach unten und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Tracing Schlüssel löschen
- Prefetch-Dateien löschen
- Proxy wiederherstellen
- IE-Policies wiederherstellen
- Chrome-Policies wiederherstellen
- Winsock wiederherstellen
Klicke nun auf Dashboard, dann auf Jetzt scannen und warte bis der Suchlauf abgeschlossen ist.
Klicke nun auf Bereinigen & Reparieren und bestätige mit Jetzt bereinigen.

WICHTIG:
Sollte AdwCleaner nichts finden, klicke auf Grundlegende Reparatur ausführen und anschließend auf Jetzt bereinigen.
Nach dem Neustart öffnet sich AdwCleaner automatisch. Klicke auf Log-Datei ansehen.
Poste mir deren Inhalt der Log-Datei mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt. (xx = fortlaufende Nummer).

385ideal · 11.08.2018, 17:41

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build:    07-17-2018
# Database: 2018-08-07.3
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-11-2018
# Duration: 00:00:13
# OS:       Windows 10 Home
# Cleaned:  25
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\IObit\Advanced SystemCare
Deleted       C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted       C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Users\385ideal\AppData\LocalLow\IObit\Advanced SystemCare
Deleted       C:\Users\385ideal\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Users\385ideal\AppData\Local\Temp\DMR
Deleted       C:\ProgramData\IObit\ASCDownloader
Deleted       C:\Users\385ideal\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Advanced SystemCare 11
Deleted       HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted       HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted       HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted       HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\Software\Wow6432Node\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted       HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted       HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted       HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted       HKCU\Software\csastats
Deleted       HKCU\Software\PRODUCTSETUP

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3554 octets] - [11/08/2018 17:13:45]
AdwCleaner[S01].txt - [3615 octets] - [11/08/2018 17:15:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

cosinus · 11.08.2018, 17:46

adwcleaner bitte zwecks Kontrolle wiederholen

385ideal · 11.08.2018, 18:17

es wurde nichts gefunden

cosinus · 11.08.2018, 18:37

Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

385ideal · 11.08.2018, 18:58

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
durchgeführt von 385ideal (Administrator) auf DESKTOP-7HDHAQ (11-08-2018 19:41:01)
Gestartet von C:\Users\385ideal\Downloads
Geladene Profile: 385ideal (Verfügbare Profile: 385ideal)
Platform: Windows 10 Home Version 1709 16299.547 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\spaceman.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Garena Online ) C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\gxxsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteLauncher.exe
(BattlEye Innovations) C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteClient-Win64-Shipping_BE.exe
() C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
(Epic Games, Inc.) C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteClient-Win64-Shipping.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2018-03-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2018-03-12] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384328 2018-07-19] (Nota Inc.)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [MyComGames] => C:\Users\385ideal\AppData\Local\MyComGames\MyComGames.exe [6134584 2018-03-29] (MY.COM B.V.)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3682968 2018-03-08] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334528 2018-06-10] (Echobit LLC)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [Gaijin.Net Agent] => C:\Users\385ideal\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-06-14] (Gaijin Entertainment)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-08-02] (Epic Games, Inc.)
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
Startup: C:\Users\385ideal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2018-04-05] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2018-06-12]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{49463244-426d-473c-9509-99695b71c90d}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{74aaa42e-4795-49ea-aaa3-948a31d719d7}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{7B11C102-90A5-4C47-968B-30EC155D2B2A}: [DhcpNameServer] 74.120.221.129 74.120.221.131
Tcpip\..\Interfaces\{b75dad78-37fc-4f39-853a-2dafd86da187}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{fc0dafb8-9385-4fbc-a7b6-0b58147e45cb}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default [2018-04-02]
CHR Extension: (Präsentationen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-15]
CHR Extension: (Docs) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-15]
CHR Extension: (Google Drive) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-15]
CHR Extension: (YouTube) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-15]
CHR Extension: (Adblock Plus) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-26]
CHR Extension: (Tabellen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-15]
CHR Extension: (Google Docs Offline) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-15]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-03-19]
CHR Extension: (Netflix Party) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2018-03-24]
CHR Extension: (Google Mail) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-15]
CHR Extension: (Chrome Media Router) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-22]
CHR Profile: C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default [2018-08-11]
CHR Extension: (Präsentationen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-02]
CHR Extension: (Docs) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-02]
CHR Extension: (Google Drive) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-02]
CHR Extension: (YouTube) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-02]
CHR Extension: (uBlock Origin) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-08-06]
CHR Extension: (Tabellen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-04-02]
CHR Extension: (AdBlock) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-08-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-08-09]
CHR Extension: (Google Mail) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\385ideal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-03]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2018-06-12] (Adobe Systems) [Datei ist nicht signiert]
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-08] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-07-11] (EasyAntiCheat Ltd)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2018-06-10] (Echobit LLC)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-02-06] (Futuremark)
R2 GarenaPlatform; C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\gxxsvc.exe [319296 2018-04-04] (Garena Online )
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-05-30] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [135840 2017-11-03] (eVenture Limited)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365032 2016-06-17] (Intel Corporation)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [9960560 2018-04-01] (LLC Mail.Ru)
S3 NGS; C:\Windows\NGService.exe [2994248 2018-01-27] (NEXON Korea Corporation)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [332848 2017-10-30] (Locktime Software)
S3 npggsvc; C:\Windows\system32\GameMon.des [7677008 2017-10-16] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37504 2016-12-07] (The OpenVPN Project)
R2 osrss; C:\Windows\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)
R2 RtkBtManServ; C:\Windows\RtkBtManServ.exe [280032 2017-11-29] (Realtek Semiconductor Corp.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [328344 2018-03-09] (Sandboxie Holdings, LLC)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [294912 2018-08-03] (Microsoft Corporation)
S3 Survarium-Steam Update Service; C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [97416 2018-05-13] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
S4 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [113024 2018-02-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [442472 2017-11-13] (Windscribe Limited)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196648 2018-03-28] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-28] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-28] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-28] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-28] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [215320 2018-03-28] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-03-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146656 2018-03-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110328 2018-03-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-03-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-03-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-03-28] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-03-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-03-28] (AVAST Software)
R3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [2420144 2018-08-11] ()
R3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2018-06-10] (Echobit, LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-15] (REALiX(tm))
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [9188520 2018-04-01] (LLC Mail.Ru)
R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [178544 2017-10-30] (Locktime Software)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_485c1c3102021986\nvlddmkm.sys [17200392 2018-06-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31200 2018-05-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-03-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [68112 2018-04-28] (NVIDIA Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [757216 2017-11-29] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [7959408 2017-11-21] (Realtek Semiconductor Corporation )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [228208 2018-03-09] (Sandboxie Holdings, LLC)
S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [46040 2017-08-24] (The OpenVPN Project)
R3 tapwindscribe0901; C:\Windows\System32\drivers\tapwindscribe0901.sys [54896 2017-09-13] (The OpenVPN Project)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [1143400 2018-04-12] (TENCENT)
R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [213080 2018-07-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [222864 2018-07-16] (Oracle Corporation)
R0 vsock; C:\Windows\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2018-03-25] (BigNox Corporation)
S3 11338; \??\C:\Users\385ideal\AppData\Local\Temp\11338TNiNbaZ.sys [X] <==== ACHTUNG
S3 18385; \??\C:\Users\385ideal\AppData\Local\Temp\18385TNiNbaZ.sys [X] <==== ACHTUNG
S3 21994; \??\C:\Users\385ideal\AppData\Local\Temp\21994TNiNbaZ.sys [X] <==== ACHTUNG
S3 22603; \??\C:\Users\385ideal\AppData\Local\Temp\22603TNiNbaZ.sys [X] <==== ACHTUNG
S3 29181; \??\C:\Users\385ideal\AppData\Local\Temp\29181TNiNbaZ.sys [X] <==== ACHTUNG
S3 54853; \??\C:\Users\385ideal\AppData\Local\Temp\54853TNiNbaZ.sys [X] <==== ACHTUNG
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
S3 lYPSOZm; \??\C:\Users\385ideal\AppData\Local\Temp\TNiNbaZ.sys [X] <==== ACHTUNG
U4 UxSms; kein ImagePath
S4 WinRing0_1_2_0; \??\C:\Program Files (x86)\EVGA\Precision XOC\WinRing0\WinRing0x64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-08-11 18:39 - 2018-08-11 18:39 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-11 17:34 - 2018-08-11 17:35 - 000000000 ____D C:\Users\385ideal\AppData\Local\Discord
2018-08-11 17:33 - 2018-08-11 17:34 - 060074328 _____ (Discord Inc.) C:\Users\385ideal\Downloads\DiscordSetup.exe
2018-08-11 16:58 - 2018-08-11 18:36 - 000000000 ____D C:\AdwCleaner
2018-08-11 16:55 - 2018-08-11 16:55 - 007417040 _____ (Malwarebytes) C:\Users\385ideal\Downloads\adwcleaner_7.2.2.exe
2018-08-11 16:41 - 2018-08-11 16:48 - 000301514 _____ C:\TDSSKiller.3.1.0.17_11.08.2018_16.41.50_log.txt
2018-08-11 16:41 - 2018-08-11 16:41 - 004949824 _____ (AO Kaspersky Lab) C:\Users\385ideal\Downloads\tdsskiller.exe
2018-08-11 14:46 - 2018-08-11 14:46 - 007197480 _____ (VS Revo Group ) C:\Users\385ideal\Downloads\revosetup205.exe
2018-08-11 14:46 - 2018-08-11 14:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-08-11 14:46 - 2018-08-11 14:46 - 000000000 ____D C:\Program Files\VS Revo Group
2018-08-11 14:15 - 2018-08-11 14:15 - 000000000 ____D C:\Program Files (x86)\21jmkiiokxpp
2018-08-11 13:44 - 2018-08-11 13:45 - 000065390 _____ C:\Users\385ideal\Downloads\Addition.txt
2018-08-11 13:42 - 2018-08-11 19:42 - 000023144 _____ C:\Users\385ideal\Downloads\FRST.txt
2018-08-11 13:42 - 2018-08-11 19:41 - 000000000 ____D C:\FRST
2018-08-11 13:42 - 2018-08-11 13:42 - 002412544 _____ (Farbar) C:\Users\385ideal\Downloads\FRST64.exe
2018-08-11 13:41 - 2018-08-11 13:41 - 000003048 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (385ideal)
2018-08-11 01:38 - 2018-08-11 03:12 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-08-11 01:38 - 2018-08-11 01:38 - 000001247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2018-08-11 01:38 - 2018-08-11 01:38 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2018-08-11 01:38 - 2018-08-11 01:38 - 000001220 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2018-08-11 01:38 - 2018-08-11 01:38 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-08-11 01:37 - 2018-08-11 01:37 - 001540104 _____ (CHIP Digital GmbH) C:\Users\385ideal\Downloads\Security Task Manager - CHIP-Installer.exe
2018-08-10 19:21 - 2018-08-10 19:25 - 052976329 _____ C:\Users\385ideal\Documents\Ohne Titel.mp4
2018-08-10 19:05 - 2018-08-10 19:05 - 000212944 _____ C:\Users\385ideal\Downloads\��AFRO TRAP DANCEHALL SUMMER BEAT _Afro Summer Part 2_ _ THUNDER BEATS.mp3.sfk
2018-08-10 19:03 - 2018-08-10 19:03 - 000020304 _____ C:\Users\385ideal\Downloads\Sprache 001.m4a.sfk
2018-08-10 19:03 - 2018-08-10 19:03 - 000011136 _____ C:\Users\385ideal\Downloads\hook.m4a.sfk
2018-08-10 18:54 - 2018-08-10 18:54 - 000510589 _____ C:\Users\385ideal\Downloads\Sprache 001.m4a
2018-08-10 18:54 - 2018-08-10 18:54 - 000293924 _____ C:\Users\385ideal\Downloads\hook.m4a
2018-08-08 23:25 - 2018-08-08 23:25 - 000000000 ____D C:\Users\385ideal\AppData\Local\Tempzxpsignd280b03754eb9d63
2018-08-08 23:25 - 2018-08-08 23:25 - 000000000 ____D C:\Users\385ideal\AppData\Local\Tempzxpsign5d1703bcb6cb494f
2018-08-08 16:08 - 2018-08-11 18:28 - 000000000 ____D C:\Users\385ideal\Desktop\Kenji2
2018-08-08 16:07 - 2018-08-08 16:07 - 000005280 _____ C:\Users\385ideal\Downloads\dpzh7goB.zip
2018-08-08 16:05 - 2018-08-08 16:05 - 2138157163 _____ C:\Users\385ideal\Downloads\Kenji2Client_06082018_2315.rar
2018-08-08 15:40 - 2018-08-08 15:40 - 005450341 _____ C:\Users\385ideal\Downloads\PBDownForce_0_3_3_1.zip
2018-08-08 15:36 - 2018-08-08 15:37 - 010396588 _____ C:\Users\385ideal\Downloads\PB DownForce_0_3_3_1.rar
2018-08-08 15:18 - 2018-08-08 15:18 - 001070232 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2018-08-08 15:18 - 2018-08-08 15:18 - 001010720 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\MSCHRT20.OCX
2018-08-08 15:18 - 2018-08-08 15:18 - 000224016 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\TABCTL32.OCX
2018-08-08 15:18 - 2018-08-08 15:18 - 000140488 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2018-08-08 15:18 - 2018-08-08 15:18 - 000000000 ____D C:\Program Files (x86)\Technitium
2018-08-08 15:16 - 2018-08-08 15:16 - 002482047 _____ ( ) C:\Users\385ideal\Downloads\technitium-mac-address-changer_6.0.7_0892031343.exe
2018-08-08 15:14 - 2018-08-08 15:14 - 000199197 _____ C:\Users\385ideal\Downloads\VolumeId (2).zip
2018-08-08 15:12 - 2018-08-08 15:12 - 000651776 _____ C:\Users\385ideal\Downloads\HardDiskSerialNumberChanger.exe
2018-08-08 15:07 - 2018-08-08 15:07 - 000199197 _____ C:\Users\385ideal\Downloads\VolumeId (1).zip
2018-08-08 14:56 - 2018-08-08 14:56 - 000102435 _____ C:\Users\385ideal\Downloads\HWIDChanger.rar
2018-08-08 14:55 - 2018-08-08 14:55 - 001571279 _____ (Radul ) C:\Users\385ideal\Downloads\HWIDChanger.rar_2327457809.exe
2018-08-08 14:43 - 2018-08-08 14:43 - 000199197 _____ C:\Users\385ideal\Downloads\VolumeId.zip
2018-08-08 01:27 - 2018-08-08 01:27 - 000054049 _____ C:\Users\385ideal\Downloads\HWID Changer (2018) (1).rar
2018-08-08 01:18 - 2018-08-08 01:18 - 000054049 _____ C:\Users\385ideal\Downloads\HWID Changer (2018).rar
2018-08-06 21:32 - 2018-08-06 21:32 - 000005258 _____ C:\Users\385ideal\Downloads\UkhKHqhG.zip
2018-08-06 19:34 - 2018-08-06 20:57 - 000000000 ____D C:\Users\385ideal\VirtualBox VMs
2018-08-06 18:57 - 2018-08-06 18:57 - 000000000 ____D C:\Users\385ideal\AppData\LocalLow\Temp
2018-08-06 14:52 - 2018-08-06 14:52 - 000005243 _____ C:\Users\385ideal\Downloads\sxfIZaBp.zip
2018-08-06 14:44 - 2018-08-06 14:44 - 000000000 ____D C:\ProgramData\Gyazo
2018-08-06 14:42 - 2018-08-10 17:11 - 000000000 ____D C:\Users\385ideal\.VirtualBox
2018-08-05 17:43 - 2018-08-05 17:43 - 000005301 _____ C:\Users\385ideal\Downloads\3X3W2NL1.zip
2018-08-05 16:05 - 2018-08-05 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2018-08-05 16:05 - 2018-07-16 12:35 - 000168896 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2018-08-05 16:04 - 2018-08-05 16:04 - 000000000 ____D C:\Program Files\Oracle
2018-08-05 16:04 - 2018-07-16 12:35 - 000984376 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2018-08-05 15:33 - 2018-08-05 15:34 - 113740800 _____ (Oracle Corporation) C:\Users\385ideal\Downloads\VirtualBox-5.2.16-123759-Win.exe
2018-08-04 01:00 - 2018-08-04 01:00 - 000000000 ____D C:\Users\385ideal\AppData\Local\Tempzxpsignea66fe0c8f43c191
2018-08-04 01:00 - 2018-08-04 01:00 - 000000000 ____D C:\Users\385ideal\AppData\Local\Tempzxpsign53e03d21335607d7
2018-08-04 00:15 - 2018-08-04 00:15 - 000005304 _____ C:\Users\385ideal\Downloads\dy9KP0gF.zip
2018-08-02 19:25 - 2018-08-09 14:52 - 000000000 ____D C:\Users\385ideal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-08-02 19:25 - 2018-08-02 19:38 - 000000253 _____ C:\Users\385ideal\AppData\LocalLow\rbxcsettings.rbx
2018-08-02 19:25 - 2018-08-02 19:29 - 000000000 ____D C:\Users\385ideal\AppData\Local\Roblox
2018-08-02 19:25 - 2018-08-02 19:25 - 000740408 _____ (Roblox Corporation) C:\Users\385ideal\Downloads\RobloxPlayerLauncher.exe
2018-08-02 12:28 - 2018-08-10 17:53 - 000000000 ____D C:\Users\385ideal\Desktop\M2bob
2018-08-02 10:53 - 2018-08-02 10:59 - 018093381 _____ C:\Users\385ideal\Downloads\M2Bob-9.8.5.zip
2018-08-02 10:35 - 2018-08-02 10:36 - 2173890749 _____ C:\Users\385ideal\Downloads\Kenji2ClientRELEASE2.7z
2018-08-01 21:42 - 2018-08-01 21:42 - 000003384 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3460944108-2816622866-3298408181-1001
2018-08-01 21:42 - 2018-08-01 21:42 - 000002396 _____ C:\Users\385ideal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-17 20:47 - 2018-07-17 22:02 - 000000000 ____D C:\Users\385ideal\Desktop\Mysaru2
2018-07-17 20:15 - 2018-07-17 20:16 - 3675913457 _____ C:\Users\385ideal\Downloads\Mysaru2.rar
2018-07-17 20:02 - 2018-07-17 20:02 - 020005766 _____ C:\Users\385ideal\Downloads\pack.rar
2018-07-17 20:01 - 2018-07-17 20:01 - 001847375 _____ C:\Users\385ideal\Downloads\metin2client.rar
2018-07-17 17:48 - 2018-07-17 17:49 - 000285696 _____ C:\Users\385ideal\Downloads\AUDIO-2018-07-17-17-23-18 (online-audio-converter.com).m4a.sfk
2018-07-17 17:47 - 2018-07-17 17:48 - 004216027 _____ C:\Users\385ideal\Downloads\AUDIO-2018-07-17-17-23-18 (online-audio-converter.com).m4a
2018-07-17 17:45 - 2018-07-17 17:45 - 002550184 _____ C:\Users\385ideal\Downloads\AUDIO-2018-07-17-17-23-18.aac
2018-07-17 17:45 - 2018-07-17 17:45 - 000000030 _____ C:\Users\385ideal\Downloads\ATT00001.txt
2018-07-17 17:17 - 2018-07-17 17:18 - 000268160 _____ C:\Users\385ideal\Downloads\Eno Mercedes [www.sounddrain.net].mp3.sfk
2018-07-17 17:07 - 2018-07-17 17:08 - 024248320 _____ C:\Users\385ideal\Downloads\4kyoutubetomp3_3.3.7.msi
2018-07-16 12:35 - 2018-07-16 12:35 - 000222864 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2018-07-16 12:35 - 2018-07-16 12:35 - 000213080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2018-07-14 23:19 - 2018-06-29 02:46 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-14 23:19 - 2018-06-29 02:46 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-12 14:40 - 2018-07-12 14:40 - 000000000 ___HD C:\Users\Public\Shared Files

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-08-11 19:14 - 2018-01-15 16:38 - 000000000 ____D C:\Users\385ideal\AppData\Roaming\TS3Client
2018-08-11 18:43 - 2018-01-15 18:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-11 18:38 - 2018-06-04 15:32 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-08-11 18:38 - 2018-03-31 03:41 - 000000000 ____D C:\ProgramData\VMware
2018-08-11 18:38 - 2018-01-15 16:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-11 18:37 - 2018-01-15 17:19 - 000000000 ____D C:\Program Files (x86)\IObit
2018-08-11 18:37 - 2017-09-29 10:45 - 000524288 _____ C:\Windows\system32\config\BBI
2018-08-11 18:36 - 2018-01-15 17:19 - 000000000 ____D C:\Users\385ideal\AppData\Roaming\IObit
2018-08-11 18:36 - 2018-01-15 17:19 - 000000000 ____D C:\Users\385ideal\AppData\LocalLow\IObit
2018-08-11 18:36 - 2018-01-15 17:19 - 000000000 ____D C:\ProgramData\IObit
2018-08-11 17:35 - 2018-03-14 20:24 - 000000000 ____D C:\Users\385ideal\AppData\Local\SquirrelTemp
2018-08-11 17:14 - 2018-01-15 19:22 - 000000000 ____D C:\Users\385ideal\AppData\Local\CrashDumps
2018-08-11 15:16 - 2018-01-15 17:19 - 000000000 ____D C:\ProgramData\ProductData
2018-08-11 13:41 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-11 13:41 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\AppReadiness
2018-08-11 13:40 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-08-11 04:49 - 2018-02-03 11:40 - 000000000 ____D C:\Users\385ideal\AppData\Roaming\obs-studio
2018-08-11 02:00 - 2018-01-15 20:36 - 000000000 ____D C:\Users\385ideal\AppData\Local\Adobe
2018-08-11 01:58 - 2018-06-30 23:14 - 000000000 ____D C:\Windows\System32\Tasks\MEGA
2018-08-11 01:38 - 2018-01-15 16:41 - 000007590 _____ C:\Users\385ideal\AppData\Local\Resmon.ResmonCfg
2018-08-10 17:29 - 2018-04-11 20:02 - 000002688 _____ C:\Windows\Sandboxie.ini
2018-08-10 16:03 - 2018-01-15 16:08 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-08-10 15:45 - 2018-07-11 22:42 - 000000000 ____D C:\Program Files\rempl
2018-08-10 05:07 - 2018-01-15 16:38 - 000000000 ____D C:\Program Files (x86)\Steam
2018-08-10 01:50 - 2018-02-11 00:22 - 000000000 ____D C:\Users\385ideal\AppData\Local\Arma 3
2018-08-10 01:49 - 2018-02-11 00:20 - 000000000 ____D C:\Users\385ideal\AppData\Local\Arma 3 Launcher
2018-08-09 23:53 - 2018-02-18 17:00 - 000000000 ____D C:\Users\385ideal\Documents\Arma 3 - Other Profiles
2018-08-08 20:30 - 2018-01-15 16:37 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-08 15:30 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\NDF
2018-08-06 19:55 - 2018-01-15 16:31 - 000000000 ____D C:\Users\385ideal
2018-08-06 14:44 - 2018-01-15 17:57 - 000003556 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2018-08-06 14:44 - 2018-01-15 17:57 - 000003420 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2018-08-06 14:44 - 2018-01-15 17:57 - 000000000 ____D C:\Program Files (x86)\Gyazo
2018-08-05 23:53 - 2018-06-16 17:12 - 000000000 ____D C:\Users\385ideal\Desktop\Wichtig
2018-08-05 16:05 - 2017-09-29 15:44 - 000000000 ____D C:\Windows\INF
2018-08-05 15:20 - 2018-06-11 13:28 - 000000000 ____D C:\Users\385ideal\AppData\Roaming\EasyAntiCheat
2018-08-05 14:48 - 2018-06-15 20:37 - 000000000 ____D C:\Users\385ideal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cuisine Royale
2018-08-01 21:51 - 2018-06-20 13:26 - 000000000 ____D C:\ProgramData\Packages
2018-08-01 21:42 - 2018-01-15 16:34 - 000000000 ___RD C:\Users\385ideal\OneDrive
2018-07-17 20:21 - 2018-01-16 12:42 - 000000000 ____D C:\Users\385ideal\AppData\Local\ElevatedDiagnostics
2018-07-17 17:49 - 2018-01-15 18:22 - 000000000 ____D C:\Users\385ideal\AppData\Local\NVIDIA
2018-07-15 12:56 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\rescache
2018-07-14 23:23 - 2018-01-15 16:16 - 005699308 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-14 23:23 - 2017-09-30 16:35 - 002869662 _____ C:\Windows\system32\perfh007.dat
2018-07-14 23:23 - 2017-09-30 16:35 - 000758212 _____ C:\Windows\system32\perfc007.dat
2018-07-14 23:16 - 2018-01-15 16:08 - 000320248 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-14 23:14 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-14 23:14 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\ShellExperiences
2018-07-12 14:40 - 2018-01-20 01:29 - 000000000 ____D C:\Intel
2018-07-12 14:34 - 2018-01-15 19:35 - 000000000 ____D C:\Users\385ideal\AppData\Local\UnrealEngine

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2018-01-15 16:41 - 2018-08-11 01:38 - 000007590 _____ () C:\Users\385ideal\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-08-01 22:00

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.08.2018
durchgeführt von 385ideal (11-08-2018 19:43:35)
Gestartet von C:\Users\385ideal\Downloads
Windows 10 Home Version 1709 16299.547 (X64) (2018-01-15 14:12:35)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

385ideal (S-1-5-21-3460944108-2816622866-3298408181-1001 - Administrator - Enabled) => C:\Users\385ideal
Administrator (S-1-5-21-3460944108-2816622866-3298408181-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3460944108-2816622866-3298408181-503 - Limited - Disabled)
Gast (S-1-5-21-3460944108-2816622866-3298408181-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3460944108-2816622866-3298408181-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)


==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3DMark (HKLM\...\{62A3D06F-97B8-4CD0-9B7F-3B06C4DF377B}) (Version: 2.4.4264.0 - Futuremark) Hidden
3DMark (HKLM-x32\...\{0034a3c4-a299-491d-b683-791a538a7db4}) (Version: 2.4.4264.0 - Futuremark)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
ArmA3Sync 1.6.92 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.6.92 - The [S.o.E] team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version:  - Cheat Engine)
CPUID CPU-Z 1.82.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.82.1 - ) <==== ACHTUNG
CrystalDiskInfo 7.6.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
Cuisine Royale Launcher 1.0.0.28 (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\{eeededa4-29ff-8962-96e1-e2282d8a62c1}}_is1) (Version:  - Gaijin Entertainment)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Digibit VPN (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Digibit VPN) (Version:  - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden
EisenschmiedeLauncherSetup (HKLM-x32\...\{04AE82A2-A2E9-419C-B899-4C336946CD30}) (Version: 1.00.0000 - Eisenschmiede-Gaming)
Epic Games Launcher (HKLM-x32\...\{4E2F8966-C007-4BF8-9575-487B4D61ED4A}) (Version: 1.1.137.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{8AD048D8-1975-47F5-800F-15028E84F2C5}) (Version: 5.5.646.0 - Futuremark)
Garena (remove only) (HKLM-x32\...\gxx) (Version: 2.0.1804.0420 - Garena)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gyazo 3.3.8 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
hide.me VPN 1.3.2 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.3.2 - eVenture Limited)
HideMy.name VPN (HKLM-x32\...\{D4C4FDDF-AB53-4E45-BB78-AFA80D034589}) (Version: 1.43 - inCloak Network Ltd.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Ironsight Version 1 (HKLM-x32\...\Ironsight_is1) (Version: 1 - Aeria Games)
iTunes (HKLM\...\{69D24652-4A1D-49C6-AA0C-573A38083F6C}) (Version: 12.7.3.46 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)
Magic Bullet Suite 64-bit (HKLM\...\{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Metin2 (HKLM-x32\...\Metin2_DE_is1) (Version:  - Gameforge 4D GmbH)
Microsoft Build Tools 2015 (HKLM-x32\...\{d21da0dd-4ba4-4838-ba58-64cf7a77131a}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
My.com Game Center (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\MyComGames) (Version: 3.225 - My.com B.V.)
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
NetLimiter 4 (HKLM\...\{CCEBB3FF-7941-42D6-875C-5321AA54963F}) (Version: 4.0.33.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.33.0) (Version: 4.0.33.0 - Locktime Software)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.0.6.1 - Duodian Technology Co. Ltd.)
NVIDIA 3D Vision Controller-Treiber 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.36 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA GeForce NOW 1.5.1.189 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 1.5.1.189 - NVIDIA Corporation)
NVIDIA Grafiktreiber 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.0 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.5 (HKLM-x32\...\{F0C909D7-D643-4628-8C6A-94073139F0CE}) (Version: 4.15.9789 - Apache Software Foundation)
OpenVPN 2.3.14-I601  (HKLM\...\OpenVPN) (Version: 2.3.14-I601 - )
Oracle VM VirtualBox 5.2.16 (HKLM\...\{38A260F3-FE34-4AB9-9D2F-7CCAD7308EC7}) (Version: 5.2.16 - Oracle Corporation)
osu! (HKLM-x32\...\{392e6608-9a9e-4306-94dd-94954d998f3b}) (Version: latest - ppy Pty Ltd)
Plays (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Plays) (Version: 0.2.1 - Plays.tv, Inc)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 9.0.0.440 - Bitsum)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8264 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Resanance (HKLM\...\{07BB6181-E1D0-4283-87D0-BE4819535A3C}) (Version: 2.1.3 - WasntAFairFight)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder)
Roblox Player for 385ideal (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
Rules of Survival version 1.147074.149250 (HKLM-x32\...\{F560482D-4378-4FB8-8EB7-4F017FDBCC90}_is1) (Version: 1.147074.149250 - Hong Kong Netease Interactive Entertainment Limited)
Sandboxie 5.24 (64-bit) (HKLM\...\Sandboxie) (Version: 5.24 - Sandboxie Holdings, LLC)
Security Task Manager 2.1k (HKLM-x32\...\Security Task Manager) (Version: 2.1k - Neuber Software)
Software Lag Switch (HKLM-x32\...\{6EC29D9E-F229-4B07-AF22-7018AD29DAF0}) (Version: 1.2 - softwarelagswitch.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suite Specific (HKLM-x32\...\{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}) (Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.52a - Vostok Games)
TAP-ProtonVPN 9.21.2 (HKLM\...\TAP-ProtonVPN) (Version: 9.21.2 - ProtonVPN AG)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team-ELAN Launcher (HKLM-x32\...\{02E71465-AFE4-4A68-B0A5-3C3691C879C0}) (Version: 1.00.0000 - Team ELAN)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.7 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
TunnelBear (HKLM-x32\...\{5dbd322e-98b2-41c8-a2d9-d9f21423afa9}) (Version: 3.2.0.6 - TunnelBear)
TunnelBear (HKLM-x32\...\{EAF52E02-CC78-47F4-A304-F91FDB6A55D1}) (Version: 3.2.0.6 - TunnelBear) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A951B9A0-13C0-4A4B-8E04-3CCF05701086}) (Version: 2.47.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 49.0 - Ubisoft)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
VEGAS Pro 15.0 (HKLM\...\{E1BB101E-7FC4-11E7-9796-95BE57594EAC}) (Version: 15.0.177 - VEGAS)
VMware Player (HKLM\...\{2068E4B9-5A6D-41E3-8B50-CC2ECD49309B}) (Version: 14.1.1 - VMware, Inc.)
Warface My.Com (HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\Warface My.Com) (Version: 1.62 - My.com B.V.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.80 Build 33 - Windscribe Limited)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3460944108-2816622866-3298408181-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2018-01-08] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2018-01-08] (VMware, Inc.)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\385ideal\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-06-17] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0D5D40ED-0122-4741-AD0B-53BC7F5FFC18} - System32\Tasks\Opera scheduled Autoupdate 1529234937 => C:\Users\385ideal\AppData\Local\Programs\Opera\launcher.exe
Task: {1A882EF5-7421-4600-9F0B-AF083249705B} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3460944108-2816622866-3298408181-1001
Task: {24F6E210-3DC7-4A2E-96C1-2060F40367AF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {428B22ED-A6A9-49BC-89D3-9D805A313F5E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {463C55A9-C070-424C-A44F-70A2FC532BE2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {4EA6F5E8-6597-4141-B684-BFE16A67DB78} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {5660207A-0F8C-49C9-BA35-4366B31B0CC5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
Task: {63BBF631-7446-42D7-80EF-CF2A3323A267} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-15] (Google Inc.)
Task: {80D64AF3-E37F-4FA1-81B1-7F0CD344A353} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\385ideal\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe [2018-02-13] (NVIDIA Corporation)
Task: {8CD93FE2-0F5F-4DCE-85A0-1BF431A93EC0} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {B4FA268A-F8B4-4593-A1B0-5966AA0C712D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {BED12AD3-A16B-4862-9541-DB02F37D1879} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {C13FE958-7C29-46A3-B308-027882D75618} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {CAE53F52-FBE6-4EFA-B0B8-F765FB865CDC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {CC18348F-50CD-470E-A1AF-F7EF6A1D7257} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-5KHI8QG-385ideal => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {D5E27439-3016-4B1D-BFF7-1B18993AA8D6} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-5KHI8QG-385ideal => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {D7998E32-24F1-4D9B-8B5B-8FD6256CC76E} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-07-19] (Nota Inc.)
Task: {DCE61E5E-5970-46F6-8F41-46F6BCD0BBAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-15] (Google Inc.)
Task: {DE99B65D-D07D-4C1B-BB82-A97DDB05FA1F} - System32\Tasks\Driver Booster SkipUAC (385ideal) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
Task: {E19410CF-FC60-4E59-912F-8AED21E10528} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-07-19] (Nota Inc.)
Task: {E519BECF-4F9D-41E1-9E01-591D9DAFB227} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-08-03] (Microsoft Corporation)
Task: {E542612D-77CA-4638-AAAC-3BF482EBC275} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {F6747B6D-5A1D-49E6-8207-0AF1FAA9ECB8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-01-15 18:33 - 2018-06-24 17:31 - 000138128 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 01:13 - 2018-01-05 01:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-07-08 22:50 - 2018-05-20 19:36 - 001315296 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-01-04 10:04 - 2018-01-04 10:04 - 000649672 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-07-11 14:24 - 2018-06-29 10:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-07-11 14:24 - 2018-06-29 09:57 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-13 13:24 - 2018-03-28 12:02 - 000174744 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2017-10-13 13:17 - 2017-10-13 13:17 - 000020632 _____ () C:\Program Files\TeamSpeak 3 Client\libEGL.DLL
2017-10-13 13:17 - 2017-10-13 13:17 - 001981592 _____ () C:\Program Files\TeamSpeak 3 Client\libGLESv2.dll
2017-12-13 13:24 - 2018-03-28 12:02 - 000125592 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2017-12-13 13:24 - 2018-03-28 12:02 - 000150680 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2018-01-15 16:38 - 2018-01-15 16:38 - 000157696 _____ () C:\Users\385ideal\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll
2018-01-15 16:38 - 2018-01-15 16:38 - 000345880 _____ () C:\Users\385ideal\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll
2018-01-15 17:34 - 2018-01-15 17:34 - 000479744 _____ () C:\Users\385ideal\AppData\Roaming\TS3Client\plugins\soundboard.dll
2018-01-16 14:19 - 2018-01-16 14:19 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-01-16 14:19 - 2018-01-16 14:19 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2018-01-16 14:19 - 2018-01-16 14:19 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-08-08 20:30 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-08 20:30 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-08-11 17:30 - 2018-08-11 17:30 - 000144272 _____ () C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteLauncher.exe
2018-07-08 22:50 - 2018-05-20 19:36 - 095437792 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-07-08 22:51 - 2018-05-20 19:36 - 003029472 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-07-08 22:51 - 2018-05-20 19:36 - 000149984 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2017-10-13 08:46 - 2017-10-13 08:46 - 000266424 _____ () C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\libprotobuf-lite.dll
2018-04-04 14:45 - 2018-04-04 14:45 - 001442624 _____ () C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\libs\gxx_pipe_engine.dll
2018-04-04 14:45 - 2018-04-04 14:45 - 002206528 _____ () C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\libs\FSFileSytem.dll
2018-01-08 02:05 - 2018-01-08 02:05 - 000087016 _____ () C:\Program Files (x86)\VMware\VMware Player\zlib1.dll
2018-07-08 22:50 - 2018-05-20 19:36 - 001033184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2018-02-08 21:57 - 2018-07-03 13:36 - 000000140 _____ C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 blacklist.teamspeak.com 
0.0.0.0 blacklist2.teamspeak.com 
0.0.0.0 blacklist.teamspeak.com 
0.0.0.0 blacklist2.teamspeak.com 

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: WindscribeService => 2
HKLM\...\StartupApproved\StartupFolder: => "Adobe Gamma.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "MyComGames"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "EvolveClient"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-3460944108-2816622866-3298408181-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{0B57F027-56A7-4CF8-9569-B5E087E87320}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{C42EF30A-899F-4C53-9A41-8DDEA221A687}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{FA228F35-4A14-4847-AB4F-EAC1C39166F3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{547C47DB-792B-4CBB-A7A0-199900C00D5D}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{C731B41B-B70E-4694-BE41-349AA9ABBE8C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{433017F3-80EF-45CF-8AA2-0BC15993FC5D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{BF53358F-074F-498B-8298-5B62C11B1346}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C6531A10-1757-49DF-AA86-16AED556108B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{73AD1169-9A89-4276-A588-0ABAF2620192}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CC6ACA08-948F-4BCD-B95D-DBEC34154569}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8AEDCBFC-C76A-4D79-AA59-7839A024CD5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{A86F23AF-0C0E-40ED-AF43-4C1295E59AF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{4A6FC4AB-1309-46AA-93CD-21EC2F9AE492}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{B3B10D21-369A-462B-B760-75D65C0C75F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{6F6133D4-583D-42B4-B9B4-D7439CD8C3F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{65BA13F2-DAC9-4CDC-AEAF-5838AECADAAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [TCP Query User{4B9867AF-6DC4-464C-A514-40AF3E15E79E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{77701210-6DBE-43B5-9F0E-0053752A5B0D}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{7A750145-144D-4239-90DA-0C7489BEC733}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [UDP Query User{FF984211-7906-4091-A783-AB72DF949CFC}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [{DAE37D57-97C9-4173-9851-F17BAD6970B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{7573EC47-8D83-4BEA-818B-50F8461C4587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{15965181-2CBB-47C5-8304-B44D685D14A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{2794224D-D93E-4C17-A24D-2452247A8AA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{CC8E69AF-6AD4-4862-BE04-5A046B50444A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{2930939B-A57D-4EFE-9E8C-95820126334A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{6A342DDB-AFBB-44BA-A432-794D5D60C871}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe
FirewallRules: [{F10B2001-1C73-4F2A-BED2-253C765ABF6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe

Code:

ATTFilter

FirewallRules: [{54D7F66A-BA98-4508-9D27-EA4F9D0F18D1}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{0038FDC4-72C3-4424-90A1-C8F60F89A92B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{E7E1FA1A-134A-43C0-92F9-09C1FF546AAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{5B1C7A82-9446-4E8D-9516-B1FD06A3C322}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Ground\BrokenGround.exe
FirewallRules: [{A384C55C-552C-409D-AEA6-E4A5E26CE174}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Ground\BrokenGround.exe
FirewallRules: [{5E3F2D9D-3B37-48F8-B3D0-BA6F7CF2D22A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\slauncher.exe
FirewallRules: [{2E6CB928-1B94-4164-A966-E3F341F626F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\slauncher.exe
FirewallRules: [{4A5D7EDA-49E9-40B2-8925-2DF6EF55AE74}] => (Allow) C:\Users\385ideal\AppData\Local\Programs\Opera\53.0.2907.99\opera.exe
FirewallRules: [{7B794AC1-AE3B-4E77-8D9C-658B2D1F6211}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8C8463D9-DE6A-4F5E-9FFC-760E33B88F51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9048B8EB-7869-4AE6-8B4C-2D7D7FD607BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{306F1D56-A47D-428F-89B5-C95CE7C7A9DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{D51C70FB-E912-4E2D-98B1-0BC87903CBE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B981D70E-AA39-406D-A37C-9B696D106285}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{47714EA7-B2D9-4C0A-9192-DD8D993EB672}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8D46802A-D8A0-49C6-8FDA-CD65661628C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D418BB94-15FB-4FA1-9D81-24B1663475F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C57812F3-BF13-4281-B94F-9977B5A63682}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BE6AA0FC-12F5-4EE2-A7DB-DA1E35C6042F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{E6C29364-161E-4DBE-82C0-B519B94C1F0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{48B2D107-C74B-4EF3-9EB9-74A5C927B142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Squad\squad_launcher.exe
FirewallRules: [{3462EBB5-AF90-433C-B4B4-0C08EF250D1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Squad\squad_launcher.exe
FirewallRules: [{5DAF89C7-F314-4455-8B92-A0DE161041C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\bpreport.exe
FirewallRules: [{40BAA1CD-A677-481F-B4B1-564BCC27D508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\bpreport.exe
FirewallRules: [{4846C80A-D2E5-47BE-8276-A0CC9E863FC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\bpreport.exe
FirewallRules: [{F0C3ABAB-4E1A-4B89-8634-A10E7A52BBBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\bpreport.exe
FirewallRules: [{585C391A-5072-450B-9327-0EE493F6AD56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\gaijin_downloader.exe
FirewallRules: [{8893AF3D-E7A7-4FD0-91C5-753AEE69EB49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\gaijin_downloader.exe
FirewallRules: [{9282E650-96FC-4607-860B-00B5D72603BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlist.exe
FirewallRules: [{34967C59-1F4E-4166-B52C-28118D729A8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlist.exe
FirewallRules: [{6276B38A-D700-458F-B67E-16E3EBE808F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlisted.exe
FirewallRules: [{60699366-E925-4BEF-A8F8-CD358F32032F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlisted.exe
FirewallRules: [{7732A8CE-0ACF-48B4-8554-321CEF669E47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E29A9662-C540-4195-B5D3-9961F05863EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B3ED6D28-F809-4A27-ADC4-DDE7AD4EB3D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C13A551A-5CDC-4023-B4EB-557126BEBBB9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CBD5FE6A-CEB0-4A38-8258-85942D886787}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B01B588E-A752-4677-8A42-E8F083637E5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A216A82B-426B-4869-824B-009CD5BEAAB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{69BFA8CE-1418-4A01-9140-F984C42D14D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E86DD4C1-6A36-4638-9397-FCC569ABADDF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{A3A17877-D448-45C8-97B3-805CCF3D99DB}C:\users\385ideal\downloads\anydesk.exe] => (Allow) C:\users\385ideal\downloads\anydesk.exe
FirewallRules: [UDP Query User{CA1DD6D4-E008-4A5E-BA67-1DD2AABAB504}C:\users\385ideal\downloads\anydesk.exe] => (Allow) C:\users\385ideal\downloads\anydesk.exe

==================== Wiederherstellungspunkte =========================

02-08-2018 09:56:32 Geplanter Prüfpunkt
05-08-2018 16:04:12 Installed Oracle VM VirtualBox 5.2.16
10-08-2018 15:44:40 Windows Update
11-08-2018 15:10:26 Removed Java 8 Update 162
11-08-2018 15:13:18 Removed Java 8 Update 161

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: TunnelBear Adapter V9
Description: TunnelBear Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TunnelBear Provider V9
Service: tap-tb-0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/11/2018 05:14:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: adwcleaner_7.2.2.exe, Version: 7.2.2.0, Zeitstempel: 0x5b4dec42
Name des fehlerhaften Moduls: adwcleaner_7.2.2.exe, Version: 7.2.2.0, Zeitstempel: 0x5b4dec42
Ausnahmecode: 0xc0000409
Fehleroffset: 0x008f3367
ID des fehlerhaften Prozesses: 0x698
Startzeit der fehlerhaften Anwendung: 0x01d43183c6a083d3
Pfad der fehlerhaften Anwendung: C:\Users\385ideal\Downloads\adwcleaner_7.2.2.exe
Pfad des fehlerhaften Moduls: C:\Users\385ideal\Downloads\adwcleaner_7.2.2.exe
Berichtskennung: 3bfc50e9-d6f2-42ca-aee7-b01e01e51ada
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/11/2018 03:20:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (08/11/2018 03:16:46 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (08/11/2018 03:13:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (08/11/2018 03:10:30 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (08/11/2018 03:06:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (08/11/2018 03:11:56 AM) (Source: ESENT) (EventID: 489) (User: )
Description: TaskMan (5320,D,50) {83782D7D-5A63-4BA7-86DF-85B32673FF8C}: Der Versuch, die Datei "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (08/10/2018 07:02:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vegas150.exe, Version: 15.0.0.177, Zeitstempel: 0x598f9d16
Name des fehlerhaften Moduls: igdrcl64.dll, Version: 20.19.15.4474, Zeitstempel: 0x575eea96
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000007a74a
ID des fehlerhaften Prozesses: 0x15e8
Startzeit der fehlerhaften Anwendung: 0x01d430cbcf84336a
Pfad der fehlerhaften Anwendung: C:\Program Files\VEGAS\VEGAS Pro 15.0\vegas150.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\igdrcl64.dll
Berichtskennung: 60bf18f1-5cfe-47b8-ab59-fef970a1f5c4
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (08/11/2018 06:41:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7HDHAQ)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-7HDHAQ\385ideal" (SID: S-1-5-21-3460944108-2816622866-3298408181-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/11/2018 06:39:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/11/2018 06:38:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FontCache3.0.0.0 erreicht.

Error: (08/11/2018 06:38:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "hmevpnsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/11/2018 06:38:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst hmevpnsvc erreicht.

Error: (08/11/2018 06:38:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/11/2018 06:38:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/11/2018 06:38:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================

Date: 2018-08-11 19:42:35.555
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 19:42:35.553
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 19:23:14.676
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 19:23:14.675
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 18:59:01.838
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 18:59:01.836
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 18:44:02.727
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 18:44:02.725
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 74%
Installierter physikalischer RAM: 8135.17 MB
Verfügbarer physikalischer RAM: 2048.93 MB
Summe virtueller Speicher: 16135.17 MB
Verfügbarer virtueller Speicher: 7237.64 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:153.27 GB) NTFS
Drive d: () (Fixed) (Total:199.87 GB) (Free:191.76 GB) NTFS

\\?\Volume{c7b7bf99-8ac7-4acb-888b-df8380047d1b}\ (Wiederherstellung) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS
\\?\Volume{f2a69e9a-b894-4f43-b266-925aca441b16}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 29.8 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

==================== Ende von Addition.txt ============================

cosinus · 13.08.2018, 07:15

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
S3 11338; \??\C:\Users\385ideal\AppData\Local\Temp\11338TNiNbaZ.sys [X] <==== ACHTUNG
S3 18385; \??\C:\Users\385ideal\AppData\Local\Temp\18385TNiNbaZ.sys [X] <==== ACHTUNG
S3 21994; \??\C:\Users\385ideal\AppData\Local\Temp\21994TNiNbaZ.sys [X] <==== ACHTUNG
S3 22603; \??\C:\Users\385ideal\AppData\Local\Temp\22603TNiNbaZ.sys [X] <==== ACHTUNG
S3 29181; \??\C:\Users\385ideal\AppData\Local\Temp\29181TNiNbaZ.sys [X] <==== ACHTUNG
S3 54853; \??\C:\Users\385ideal\AppData\Local\Temp\54853TNiNbaZ.sys [X] <==== ACHTUNG
S3 lYPSOZm; \??\C:\Users\385ideal\AppData\Local\Temp\TNiNbaZ.sys [X] <==== ACHTUNG
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
S3 lYPSOZm; \??\C:\Users\385ideal\AppData\Local\Temp\TNiNbaZ.sys [X] <==== ACHTUNG
S4 WinRing0_1_2_0; \??\C:\Program Files (x86)\EVGA\Precision XOC\WinRing0\WinRing0x64.sys [X]
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196648 2018-03-28] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-28] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-28] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-28] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-28] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [215320 2018-03-28] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-03-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146656 2018-03-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110328 2018-03-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-03-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-03-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-03-28] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-03-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-03-28] (AVAST Software)
C:\Users\385ideal\AppData\Local\Tempzxpsignd280b03754eb9d63
C:\Users\385ideal\AppData\Local\Tempzxpsign5d1703bcb6cb494f
C:\Users\385ideal\AppData\Local\Tempzxpsignea66fe0c8f43c191
C:\Users\385ideal\AppData\Local\Tempzxpsign53e03d21335607d7
C:\Users\385ideal\Downloads\dy9KP0gF.zip
C:\Program Files (x86)\IObit
C:\Users\385ideal\AppData\Roaming\IObit
C:\Users\385ideal\AppData\LocalLow\IObit
C:\ProgramData\IObit
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

11.08.2018, 17:46	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Pc sehr langsam adwcleaner bitte zwecks Kontrolle wiederholen __________________ Logfiles bitte immer in CODE-Tags posten

11.08.2018, 18:37	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Pc sehr langsam Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken. __________________ Logfiles bitte immer in CODE-Tags posten

Pc sehr langsam

Plagegeister aller Art und deren Bekämpfung: Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Pc sehr langsam

Ähnliche Themen: Pc sehr langsam

11.08.2018, 00:19	#1
385ideal	Pc sehr langsam Hey seit neustem ist mein Pc langsam geworden und mein Windows Defender lässt sich auch nicht mehr einschalten. Ich würde mich freuen wenn jemand mir helfen könnte. https://gyazo.com/4530d9c959635020f3673c79773640d8 https://gyazo.com/4b9e2a3f02a7ad98bd3c9bfbb1705147 Mit freundlichen Grüßen 385ideal Geändert von 385ideal (11.08.2018 um 00:24 Uhr)

11.08.2018, 14:15	#5
385ideal	Pc sehr langsam Nach dem ich die Anwendungen gelöscht habe ist alles erledigt?

11.08.2018, 18:17	#12
385ideal	Pc sehr langsam es wurde nichts gefunden