Sorry, es ist Startupchecklibrary.dll nicht startuplibrary

Huhu,

vor einigen Wochen hat Avast bei mir angeschlagen und gemeldet, dass StartUpLibrary.dll ein IDP.Generic ist und es in die Quarantäne verschoben. Alles gut und so aber immer wenn ich den Laptop an den Strom anschliesse oder ihn hochfahre, kommt die Meldung "StartUpLibrary.dll konnte nicht gefunden werden". Sonst keine Probleme, also hab ich die Schultern gezuckt und damit gelebt.

Nun habe ich Probleme mit dem Windows Update. Fehlercode (0x80070424), Windows meldet mir, mir fehlen wichtige Updates, aber es kann nix geupdated werden.

Dachte mir vllt liegt es an der DLL die jetzt in Quarantäne ist? also hab ich die wiederhergestellt. Bringt auch nix.

Habe nach der Wiederherstellung Malwarebytes laufen lassen. Der hat nix gefunden also wohl kein Problem mit der DLL. Sehr verwirrend.

Habe irgendwann dazwischen die DLL bei Avast als Ausnahmen hinzugefügt weswegen ich sie jetzt nicht wieder in die Quarantäne verschieben kann, bis ich herausfinde wie ich sie als Ausnahme entferne. Wäre super wenn mir jemand sagen könnte, wie.

Ich weiß also gar nicht, ob ich Malware hab. Hatte die Logs also bereits gemacht, bin daher hierher statt in den anderen Bereich gegangen. Sonst verschiebt mich, wenn ich hier falsch bin.

Logs spalte ich auf mehrere Beiträge auf, sonst häng ich sie im nächsten Beitrag an.

Code: Alles auswählenAufklappen

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
durchgeführt von staub (Administrator) auf DESKTOP-UKTCUI2 (09-09-2018 23:54:22)
Gestartet von D:\Downloads
Geladene Profile: staub (Verfügbare Profile: staub & enogh & shima)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
() D:\NadekoBot\redis\redis-server.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files (x86)\PHotkey\Dolbyosd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(ShareX Team) C:\Program Files\ShareX\ShareX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2018-06-19] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3352808 2015-11-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1429248 2016-05-06] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-30] (AVAST Software)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] ()
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [54332920 2017-08-14] (Discord Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3750208 2018-08-28] (Dropbox, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1226240 2017-09-20] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation)
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Spotify] => C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe [24453008 2018-08-23] (Spotify Ltd)
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1398352 2018-06-11] (CyberGhost S.A.)
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Discord] => C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd)
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Windows Shutdown Assistant] => C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe /autoStart
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\MountPoints2: {985ca1c1-6f35-11e8-bfdf-b881983425c3} - "G:\Setup.exe" 
Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-08-05]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome.lnk [2017-09-09]
ShortcutTarget: chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-06-26]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{6de58bda-e014-4104-bd91-a8315218f1f1}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{8e27d8c5-8315-4adf-8c15-08fd74f18d9f}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{cf97e8a1-698d-47eb-9b5f-ca89d553a6b7}: [DhcpNameServer] 185.156.172.178 185.93.180.131 83.143.245.42

Internet Explorer:
==================
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-23] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-21] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 0w2ntjwv.default-1518458315710
FF ProfilePath: C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710 [2018-08-31]
FF Extension: (Avast SafePrice) - C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710\Extensions\sp@avast.com.xpi [2018-06-20]
FF Extension: (uBlock Origin) - C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710\Extensions\uBlock0@raymondhill.net.xpi [2018-02-12]
FF Extension: (Avast Online Security) - C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710\Extensions\wrc@avast.com.xpi [2018-06-20]
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-23] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-06-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-06-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: BYOND -> D:\BYOND\bin\npbyond.dll [2008-07-08] (BYOND)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://calendar.google.com/calendar/render#main_7
CHR StartupUrls: Default -> "hxxps://calendar.google.com/calendar/render#main_7","hxxps://keep.google.com/","hxxps://docs.google.com/spreadsheets/d/1ruUreFE1R4ZzGHA86bTj83pJTyTPeQboafg75hVvfFA/edit#gid=485674309"
CHR NewTab: Default ->  Active:"chrome-extension://mefhakmgclhhfbdadeojlkbllmecialg/public/index.html"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default [2018-09-09]
CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-10]
CHR Extension: (ColorZilla) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2018-05-09]
CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-10]
CHR Extension: (uBlock Origin) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-08-28]
CHR Extension: (Share on Rabbit) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplabnbcafdgpcjmibgkekpaejlfhnkl [2018-07-07]
CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2018-06-20]
CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (News Feed Eradicator for Facebook) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg [2017-11-17]
CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-06-21]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-09-07]
CHR Extension: (Voice to Text) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcdafhjjjfnkoeilnjmnadadaoehgdc [2018-03-21]
CHR Extension: (StayFocusd) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2018-03-15]
CHR Extension: (Tabby Cat) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mefhakmgclhhfbdadeojlkbllmecialg [2018-09-05]
CHR Extension: (Milky Way Stars over Pine Valley, Utah) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\memcphligehabnghadofahejdodcfnnb [2017-08-11]
CHR Extension: (Save to Pocket) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2018-08-05]
CHR Extension: (Hotspot Shield VPN Free Proxy – Unblock Sites) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2018-07-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-10]
CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-08-26]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-08-24]
CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28]
CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28]
CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28]
CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-24]
CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28]
CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28]
CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-24]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-08-07]
CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28]
CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28]
CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28]
CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28]
CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28]
CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-04]
CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28]
CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28]
CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-08-05]
CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28]
CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28]
CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28]
CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28]
CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28]
CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-04]
CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28]
CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28]
CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-07-29]
CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28]
CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28]
CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28]
CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28]
CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28]
CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-28]
CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28]
CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28]
CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-29]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-30] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-30] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-08-30] (AVAST Software)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-05] (BlueStack Systems, Inc.)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost S.A.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation)
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [440304 2017-04-04] (Intel Corporation)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163328 2016-01-27] () [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-12] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-08-28] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-09-07] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-11-06] (ELAN Microelectronics Corp.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-11] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515256 2017-08-10] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-04-04] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-08-03] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2213696 2018-08-20] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3084104 2018-08-20] (Electronic Arts)
R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [135680 2014-08-07] () [Datei ist nicht signiert]
R2 Redis; D:\NadekoBot\redis\redis-server.exe [1553408 2016-07-01] () [Datei ist nicht signiert]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3756200 2017-08-03] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-30] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-30] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-30] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-30] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-30] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-20] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249016 2018-08-30] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163272 2018-08-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87904 2018-08-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467320 2018-09-04] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215728 2018-09-06] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-30] (AVAST Software)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
R1 cgnetfilter1521; C:\WINDOWS\System32\drivers\cgnetfilter1521.sys [84768 2017-03-22] (Windows (R) Win 7 DDK provider)
S3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [30808 2015-11-06] (ELAN Microelectronic Corp.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [245768 2017-08-10] (Intel Corporation)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [259360 2018-09-03] (Malwarebytes)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7644672 2017-09-05] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys [34096 2015-11-18] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-07-17] (Realsil Semiconductor Corporation)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-06-19] (The OpenVPN Project)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2017-09-20] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2018-09-06] (BigNox Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-09-09 23:22 - 2018-09-09 23:54 - 000000000 ____D C:\FRST
2018-09-09 23:11 - 2018-09-09 23:11 - 000000000 ___HD C:\OneDriveTemp
2018-09-08 10:54 - 2018-09-08 10:54 - 000001453 _____ C:\Users\staub\AppData\Local\recently-used.xbel
2018-09-06 19:51 - 2018-09-06 19:51 - 000000000 ____D C:\Users\staub\AppData\Local\MultiPlayerManager
2018-09-06 11:47 - 2018-09-06 11:47 - 000000066 _____ C:\Users\staub\inittk.ini
2018-09-06 11:46 - 2018-09-06 11:46 - 000000045 _____ C:\Users\staub\nuuid.ini
2018-09-06 11:46 - 2018-09-06 11:46 - 000000041 _____ C:\Users\staub\inst.ini
2018-09-06 11:46 - 2018-09-06 11:46 - 000000000 ____D C:\Users\staub\Nox_share
2018-09-06 11:38 - 2018-09-09 23:10 - 000000000 ____D C:\Users\staub\AppData\Local\Nox
2018-09-06 11:38 - 2018-09-09 10:27 - 000000000 ____D C:\Users\staub\vmlogs
2018-09-06 11:38 - 2018-09-09 10:27 - 000000000 ____D C:\Users\staub\.BigNox
2018-09-06 11:38 - 2018-09-06 11:38 - 000000715 _____ C:\Users\staub\Desktop\Nox.lnk
2018-09-06 11:38 - 2018-09-06 11:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2018-09-06 11:38 - 2018-09-06 11:38 - 000000000 ____D C:\Program Files (x86)\Bignox
2018-09-06 11:13 - 2018-09-06 11:13 - 000000000 ____D C:\Users\staub\Downloads\MEmu Download
2018-09-04 18:03 - 2018-09-04 18:03 - 000000000 ____D C:\Users\staub\Documents\MeinSpore-Kreationen
2018-09-04 18:00 - 2018-09-04 18:00 - 000000000 ____D C:\ProgramData\Electronic Arts
2018-09-04 17:44 - 2018-09-04 17:44 - 000000000 ____D C:\Users\staub\Documents\My Spore Creations
2018-09-04 17:44 - 2018-09-04 17:44 - 000000000 ____D C:\Users\staub\AppData\Roaming\Spore
2018-09-03 21:09 - 2018-09-03 21:09 - 000000000 ____D C:\Users\staub\Desktop\Entspannung
2018-09-03 19:52 - 2018-09-03 19:52 - 000000000 ____D C:\Users\staub\.cache
2018-09-03 19:50 - 2018-09-09 23:30 - 000000000 ____D C:\Users\staub\AppData\Roaming\AllToMP3
2018-09-03 19:46 - 2018-09-03 19:46 - 000000000 ____D C:\Users\staub\AppData\Local\mbam
2018-09-03 14:05 - 2018-09-03 19:09 - 000259360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-08-30 22:20 - 2018-08-30 22:20 - 000379608 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-08-30 19:55 - 2018-08-30 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-08-28 13:53 - 2018-08-28 13:53 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-08-28 13:53 - 2018-08-28 13:53 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-08-28 13:53 - 2018-08-28 13:53 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-08-28 13:53 - 2018-08-28 13:53 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-08-19 13:56 - 2018-08-19 13:56 - 000000000 ____D C:\Users\staub\.m2
2018-08-16 22:11 - 2018-08-16 22:11 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-08-16 22:11 - 2018-08-16 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-08-13 19:36 - 2018-08-13 19:36 - 000253801 _____ C:\Users\staub\Desktop\SBOnlineSemesterbescheinigung (1).pdf
2018-08-10 13:45 - 2018-08-10 13:45 - 000000063 _____ C:\Users\staub\Ondesoft
2018-08-10 13:38 - 2018-08-10 13:45 - 000000000 ____D C:\Users\staub\Ondesoft Spotify Converter
2018-08-10 13:38 - 2018-08-10 13:38 - 000001480 _____ C:\Users\staub\Desktop\Ondesoft Spotify Converter.lnk
2018-08-10 13:38 - 2018-08-10 13:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ondesoft
2018-08-10 13:38 - 2018-08-10 13:38 - 000000000 ____D C:\Users\staub\AppData\Local\Ondesoft

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-09-09 23:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-09 23:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-09 23:50 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-09 23:50 - 2017-12-01 01:06 - 000000000 ____D C:\Users\staub\AppData\Local\Packages
2018-09-09 23:48 - 2017-08-04 18:20 - 000000000 ____D C:\Users\staub\AppData\Local\Spotify
2018-09-09 23:43 - 2017-08-04 18:20 - 000000000 ____D C:\Users\staub\AppData\Roaming\Spotify
2018-09-09 23:18 - 2018-06-04 08:14 - 001722010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-09 23:18 - 2018-04-12 18:13 - 000744134 _____ C:\WINDOWS\system32\perfh007.dat
2018-09-09 23:18 - 2018-04-12 18:13 - 000150268 _____ C:\WINDOWS\system32\perfc007.dat
2018-09-09 23:18 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-09 23:11 - 2018-07-16 10:41 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2018-09-09 23:11 - 2017-08-04 18:19 - 000000000 ____D C:\Program Files (x86)\Steam
2018-09-09 23:11 - 2017-08-04 12:24 - 000000000 ___RD C:\Users\staub\OneDrive
2018-09-09 23:10 - 2018-06-04 08:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-09 23:10 - 2018-04-11 23:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-09-09 23:10 - 2017-09-26 16:03 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-09-09 23:10 - 2017-09-07 18:44 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-09-09 23:10 - 2017-08-04 12:22 - 000000000 __SHD C:\Users\staub\IntelGraphicsProfiles
2018-09-09 22:59 - 2018-06-04 08:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-09 22:26 - 2018-06-04 08:16 - 000003558 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-09-09 22:26 - 2018-06-04 08:16 - 000003334 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-09-09 22:26 - 2018-06-04 08:16 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-09-09 22:26 - 2018-06-04 08:16 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2089115426-2641811642-829515932-1002
2018-09-09 22:26 - 2018-06-04 08:16 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2089115426-2641811642-829515932-1001
2018-09-09 22:26 - 2018-06-04 08:16 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-09-09 22:26 - 2018-06-04 08:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-09-09 16:23 - 2017-08-14 17:28 - 000000000 ____D C:\Users\staub\AppData\Local\ElevatedDiagnostics
2018-09-09 16:12 - 2017-08-04 19:42 - 000000000 ____D C:\Users\staub\AppData\Local\CrashDumps
2018-09-09 14:44 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\WhatsApp
2018-09-09 10:28 - 2017-10-17 12:27 - 000000000 ____D C:\Users\staub\.android
2018-09-08 15:46 - 2017-08-28 12:56 - 000000000 ____D C:\Users\staub\.gimp-2.8
2018-09-07 12:08 - 2018-06-04 08:16 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-09-06 11:47 - 2018-06-04 08:09 - 000000000 ____D C:\Users\staub
2018-09-06 11:44 - 2018-06-20 22:42 - 000000000 ____D C:\Program Files (x86)\Origin
2018-09-06 11:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2018-09-06 11:10 - 2018-06-21 07:55 - 000000000 ____D C:\Users\staub\AppData\Local\AVAST Software
2018-09-06 11:09 - 2018-06-20 22:25 - 000215728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-09-04 23:54 - 2018-06-20 22:41 - 000000000 ____D C:\Users\staub\AppData\Roaming\Origin
2018-09-04 18:20 - 2018-06-04 01:00 - 000467320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-09-04 17:54 - 2018-06-20 22:45 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-09-04 17:53 - 2018-06-20 22:41 - 000000000 ____D C:\ProgramData\Origin
2018-09-03 14:22 - 2017-08-05 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\vlc
2018-09-03 14:05 - 2018-06-23 08:47 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-09-01 12:49 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-09-01 12:49 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Local\WhatsApp
2018-09-01 12:49 - 2017-08-04 14:08 - 000000000 ____D C:\Users\staub\AppData\Local\SquirrelTemp
2018-09-01 12:40 - 2018-06-04 08:09 - 000002387 _____ C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-30 22:20 - 2018-06-20 22:25 - 000111864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-08-30 22:20 - 2018-06-04 01:00 - 000381560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-08-30 22:20 - 2018-06-04 01:00 - 000199712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-08-30 22:20 - 2018-06-04 01:00 - 000163272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-08-30 22:20 - 2018-06-04 01:00 - 000087904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-30 22:20 - 2018-06-04 01:00 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-08-30 22:20 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-30 22:19 - 2018-06-04 01:00 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-08-30 22:19 - 2018-06-04 01:00 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-08-30 22:19 - 2018-06-04 01:00 - 000229384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-08-30 22:19 - 2018-06-04 01:00 - 000201320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-08-30 22:19 - 2018-06-04 01:00 - 000059568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-08-30 22:19 - 2017-10-04 20:12 - 000249016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-08-30 19:55 - 2017-08-12 10:02 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-08-29 15:08 - 2018-05-08 08:45 - 000000000 ____D C:\Users\staub\AppData\Local\Eclipse
2018-08-29 15:08 - 2017-08-15 11:16 - 000000000 ____D C:\Users\staub\.p2
2018-08-28 22:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-26 12:38 - 2018-07-29 23:46 - 000000000 ____D C:\Users\staub\Desktop\discord server stugg
2018-08-24 19:53 - 2017-09-11 16:01 - 000000000 ____D C:\Users\staub\AppData\Roaming\audacity
2018-08-23 19:53 - 2017-08-28 13:20 - 000000000 ____D C:\Users\staub\AppData\Local\gtk-2.0
2018-08-23 11:15 - 2017-08-12 10:02 - 000001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-08-23 11:15 - 2017-08-12 10:02 - 000001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-08-23 10:38 - 2018-06-04 08:16 - 000004306 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-08-23 10:38 - 2018-06-04 08:16 - 000004074 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-08-16 22:11 - 2017-09-27 21:15 - 000002540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-08-16 22:11 - 2016-06-08 10:42 - 000002587 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-08-16 22:11 - 2016-06-08 10:42 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-08-16 22:11 - 2016-06-08 10:42 - 000002562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-08-16 22:11 - 2016-06-08 10:42 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-08-16 22:11 - 2016-06-08 10:42 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-08-16 22:11 - 2016-06-08 10:42 - 000002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-08-16 22:09 - 2016-06-08 10:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-08-10 07:00 - 2017-08-10 22:52 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2018-03-18 19:44 - 2018-05-19 19:34 - 000007551 _____ () C:\Users\staub\AppData\Roaming\SpeedRunnersLog.txt
2017-08-04 18:47 - 2017-08-04 18:47 - 000000039 _____ () C:\Users\staub\AppData\Local\kritadisplayrc
2017-08-04 18:47 - 2017-08-04 18:47 - 000014964 _____ () C:\Users\staub\AppData\Local\kritarc
2018-09-08 10:54 - 2018-09-08 10:54 - 000001453 _____ () C:\Users\staub\AppData\Local\recently-used.xbel
2017-08-10 23:04 - 2017-08-10 23:04 - 000007628 _____ () C:\Users\staub\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
2018-09-06 11:37 - 2017-12-08 04:44 - 000036152 _____ () C:\Users\staub\AppData\Local\Temp\clearRemnants.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-06-04 08:07

==================== Ende von FRST.txt ============================
         

Code: Alles auswählenAufklappen

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23.08.2018
durchgeführt von staub (09-09-2018 23:54:58)
Gestartet von D:\Downloads
Windows 10 Home Version 1803 17134.112 (X64) (2018-06-04 06:17:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2089115426-2641811642-829515932-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2089115426-2641811642-829515932-503 - Limited - Disabled)
enogh (S-1-5-21-2089115426-2641811642-829515932-1002 - Limited - Enabled) => C:\Users\enogh
Gast (S-1-5-21-2089115426-2641811642-829515932-501 - Limited - Disabled)
shima (S-1-5-21-2089115426-2641811642-829515932-1004 - Limited - Enabled) => C:\Users\shima
staub (S-1-5-21-2089115426-2641811642-829515932-1001 - Administrator - Enabled) => C:\Users\staub
WDAGUtilityAccount (S-1-5-21-2089115426-2641811642-829515932-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4K Video Downloader 4.4 (HKLM-x32\...\{D04F9BA2-CF6F-41AD-8BD1-313ABD28FAF2}) (Version: 4.4.4.2275 - Open Media LLC)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Andy OS (HKLM\...\Andy OS) (Version: 46.16 - Andy OS, Inc)
Anki (HKLM-x32\...\Anki) (Version:  - )
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueJ (HKLM-x32\...\{92FD2477-5855-4863-B4C1-405C7853FD9F}) (Version: 4.1.2 - BlueJ Team)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.44.1625 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build and Shoot Launcher 1.2 (HKLM-x32\...\Build and Shoot Launcher) (Version: 1.2 - Buld Then Snip, LLC)
BYOND (HKLM-x32\...\BYOND) (Version: 512.1404 - BYOND)
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.5.02033 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{0C9580F0-95DC-4E64-BB4C-1091B660A64F}) (Version: 4.5.02033 - Cisco Systems, Inc.) Hidden
Citra (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{385074ac-5fd7-4e2a-ba3e-cae92abf1372}) (Version: 1.0.0 - Citra Team)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version:  - )
Discord (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.6.3.44 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 56.4.94 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.127.1 - Dropbox, Inc.) Hidden
ELAN Touchpad 15.19.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.19.7.1 - ELAN Microelectronic Corp.)
Epic Games Launcher (HKLM-x32\...\{42D23AAF-7D6F-48C7-A62C-8E02D6234156}) (Version: 1.1.147.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.27.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.0.1 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.)
Frets On Fire (HKLM-x32\...\Frets on Fire) (Version: 1.3.110-win32 - )
GÉANTLink 1.0a x64 (HKLM\...\{89C31957-7751-419E-A873-03C71B757195}) (Version: 1.0.28 - GÉANT)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Hero Lab 8.4 (HKLM-x32\...\{760AA190-82DF-4A80-BE05-B9FEEC88946D}_is1) (Version: 8.4 - LWD Technology, Inc.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1178 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{601DFCAC-FCC1-4779-9095-D69D82904A5A}) (Version: 18.1.1607.3129 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{fefa9370-e735-4821-9cbc-48bd843e7ac3}) (Version: 19.80.0 - Intel Corporation)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java SE Development Kit 8 Update 144 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180144}) (Version: 8.0.1440.1 - Oracle Corporation)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )
Krita (x64) 3.1.4.0 (HKLM\...\Krita_x64) (Version: 3.1.4.0 - Krita Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LIMBO (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Limbo) (Version:  - )
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.11.33287.817 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 60.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.2 (x64 en-US)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
MusicBee 3.1 (HKLM-x32\...\MusicBee) (Version: 3.1 - Steven Mayall)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.2.0 - Duodian Technology Co. Ltd.)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
Ondesoft Spotify Converter version 2.1.0 (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{4E9A8CA6-50D7-4A86-8086-37DDE546D429}_is1) (Version: 2.1.0 - Ondesoft, Inc.)
OpenRCT2 0.2.0 (HKLM-x32\...\OpenRCT2) (Version: 0.2.0 - OpenRCT2)
Origin (HKLM-x32\...\Origin) (Version: 10.5.26.8488 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{49281fb0-b08b-40c3-a0e1-f228f2cd6982}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0127 - Pegatron Corporation)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 3.6.0 (32-bit) (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{8ba65a8c-cb48-4716-bc24-47c148808015}) (Version: 3.6.150.0 - Python Software Foundation)
Python 3.6.0 Add to Path (32-bit) (HKLM-x32\...\{D4C8360E-C73A-46B9-AF8E-672684048BF0}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Core Interpreter (32-bit) (HKLM-x32\...\{FC638B75-E969-4496-A546-9D78EA7D8F35}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Development Libraries (32-bit) (HKLM-x32\...\{F2A430F2-A7AC-4B46-808A-FC6E8419ABDE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Documentation (32-bit) (HKLM-x32\...\{A66771E3-430A-40A7-B00C-94A239396BEE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Executables (32-bit) (HKLM-x32\...\{3C182441-3C75-4113-A28D-D3AEAD85B320}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 pip Bootstrap (32-bit) (HKLM-x32\...\{1D427483-31FE-4ED4-AD39-AB78BBF7D22D}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Standard Library (32-bit) (HKLM-x32\...\{4CB36E4F-EC00-479B-AA25-0B9EC5385B0C}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C7D63030-7738-499A-A0D2-8549174D2B70}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Test Suite (32-bit) (HKLM-x32\...\{6EAD5F85-97EC-4AFB-84D2-D52AC41D3C66}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Utility Scripts (32-bit) (HKLM-x32\...\{7C3DAC9E-E229-415C-A600-5974B5D9DE7F}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{2636F1E4-2BC5-4B19-BFFD-A08F72598309}) (Version: 3.6.6032.0 - Python Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10163.31215 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7811 - Realtek Semiconductor Corp.)
Redis on Windows (HKLM\...\{6E927557-4447-4348-AE9C-4B2EA64BDA17}) (Version: 3.0.504 - MSOpenTech)
RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\RollerCoaster Tycoon 2 Triple Thrill Pack_is1) (Version:  - GOG.com)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\GOGPACKRCT3_is1) (Version: 2.0.0.13 - GOG.com)
Rückkehr Nach Krondor (HKLM-x32\...\Rückkehr nach Krondor) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
ScreenToGif (HKLM-x32\...\{B46AB504-140F-4E7D-833C-C6CA1A4FAAD7}) (Version: 2.9.0 - Nicke Manarin)
Secret World Legends (HKLM-x32\...\Secret World Legends_is1) (Version: 1.0.0 - Funcom)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.2.0 - ShareX Team)
Sierra-Dienstprogramme (HKLM-x32\...\Sierra-Dienstprogramme) (Version:  - )
Sims 4 Tray Importer (S4TI) 1.6.7.9 (HKLM-x32\...\{8665A9CC-9652-4F31-907A-DE2E7A8E8E97}_is1) (Version: 1.6.7.9 - TeameeVo)
Spore™ (HKLM-x32\...\{4BDCC41C-FFE7-40a4-BCB6-B558916868F7}) (Version: 1.7.0.0 - Electronic Arts)
Spotify (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Spotify) (Version: 1.0.88.353.g15c26ea1 - Spotify AB)
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.3.0.5 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3126 (HKLM-x32\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Terraria (HKLM-x32\...\1207665503_is1) (Version: 1.3.5.3 - GOG.com)
The Sims 3 Complete Collection version 1.67.2 (HKLM-x32\...\The Sims 3 Complete Collection_is1) (Version: 1.67.2 - Mr DJ)
The Sims 4 (HKLM\...\The Sims 4_is1) (Version: 1.41.38.1020 - )
Unity (HKLM-x32\...\Unity) (Version: 2017.1.1f1 - Unity Technologies ApS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
vs_communitymsi (HKLM-x32\...\{52100697-9C66-44F3-BA20-68F8148CDF9B}) (Version: 15.0.26711 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{5297D80E-CD92-48D8-9DB0-301AB3205772}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DDEF2BD0-F728-4D04-A085-B5ACC9ADC311}) (Version: 15.0.26711 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{2512A3CE-E1E4-46D5-8B40-28DA3AE2261E}) (Version: 15.0.26711 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{384F31FB-B99D-48A7-9D72-E1FEBEC2201A}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{D0772A03-7FC2-4B20-AC1F-B278299AA9C7}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{0F2742A7-6A64-46A2-94AE-22F19808BE2F}) (Version: 15.0.26711 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{0D3A6730-43CE-4AF6-BDF7-4D0660296C60}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
WhatsApp (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-04] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08BA5A1B-5E65-4B61-9140-49D1A74E5CBC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-16] (Microsoft Corporation)
Task: {0F3CDA75-BCBB-404B-BA00-5915A030F35A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {15B5210C-333E-4806-BCFD-D940C6453BF9} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {17345D61-1E0E-4BCD-A526-EA31CDE23096} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-08-19] (AVAST Software)
Task: {19555B0A-D775-47E3-A9A6-22C29A5B6A57} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
Task: {1D1CB372-CCAD-4646-8883-FD800C26A5B1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-16] (Microsoft Corporation)
Task: {249A68DE-FE74-40EA-971F-9C25F5C235AC} - System32\Tasks\MICROSOFT\WINDOWS\APPLICATION EXPERIENCE\STARTUPCHECKLIBRARY => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary
Task: {2B6B3B70-2DDB-4FC6-830C-F7EA866AC6D3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-12] (Dropbox, Inc.)
Task: {353753FC-B0FC-4EA1-A232-3200F1CB243F} - System32\Tasks\S-1-5-21-2089115426-2641811642-829515932-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)
Task: {43C662DC-B631-492D-8A53-46E64C97345C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-10] (Google Inc.)
Task: {4F508EA6-7F19-494E-A126-C83F33FD01C9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-30] (AVAST Software)
Task: {5C059924-7C5E-4929-8724-5FA269766E91} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6673BC26-F155-4B3D-A62C-4F9AADEA5D14} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {8D5B0EC7-553E-41E2-8E77-FEFDEB03CFCC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {90DB7CBE-3215-40CB-831B-A16FDCB85BB5} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-08-16] (Microsoft Corporation)
Task: {931D7AA3-D3EC-4CC9-A15E-91395F420AAA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-08-16] (Microsoft Corporation)
Task: {A76FC8F2-D656-4678-BE6B-74FB88C68005} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-10] (Google Inc.)
Task: {A8E7BDD8-B578-4B0F-A612-3C34C5C36A9C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-08-16] (Microsoft Corporation)
Task: {C533C881-8B33-47F3-99C3-F3F125094253} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-08-16] (Microsoft Corporation)
Task: {E7BB11BE-5672-4FC3-8839-68AE3B442547} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-12] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\staub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Reee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-06-09 10:30 - 2014-08-07 12:45 - 000135680 _____ () C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-07-19 18:18 - 2017-07-19 18:18 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-08-29 02:43 - 2017-08-29 02:43 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-04-04 16:36 - 2017-04-04 16:36 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-01-27 05:04 - 2016-01-27 05:04 - 000163328 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
2018-06-23 08:47 - 2018-09-03 14:05 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-07-01 16:55 - 2016-07-01 16:55 - 001553408 _____ () D:\NadekoBot\redis\redis-server.exe
2018-06-13 19:01 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-23 13:41 - 2018-05-23 13:42 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-23 13:41 - 2018-05-23 13:42 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-23 13:41 - 2018-05-23 13:42 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-23 13:41 - 2018-05-23 13:42 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-23 13:41 - 2018-05-23 13:42 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-06-09 10:30 - 2016-03-29 15:56 - 002409472 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2016-06-09 10:30 - 2010-01-12 19:36 - 000117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2016-06-09 10:30 - 2010-01-12 19:36 - 000121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2016-06-09 10:30 - 2010-12-17 16:04 - 000449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2018-05-26 14:43 - 2018-05-26 14:43 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-05-26 14:43 - 2018-05-26 14:43 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 08:54 - 2017-09-26 08:54 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 009358848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntPlat.dll
2016-06-09 10:30 - 2014-03-18 23:54 - 005644800 _____ () C:\Program Files (x86)\PHotkey\Dolbyosd.exe
2018-08-10 07:00 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-10 07:00 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2016-06-09 10:30 - 2016-04-13 18:23 - 009054720 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2016-06-09 10:30 - 2015-10-06 15:52 - 000331776 _____ () C:\Program Files (x86)\PHotkey\Keyboardmonitortool.exe
2015-06-16 03:53 - 2015-06-16 03:53 - 000628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2018-08-30 19:53 - 2018-08-27 21:41 - 001054496 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-08-30 19:53 - 2018-08-27 22:52 - 098006816 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-08-30 19:53 - 2018-08-27 22:52 - 004443424 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-08-30 19:53 - 2018-08-27 22:52 - 000100128 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2017-09-20 15:46 - 2017-09-20 15:46 - 000033792 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_system-vc140-mt-1_59.dll
2017-09-20 15:45 - 2017-09-20 15:45 - 000062976 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_date_time-vc140-mt-1_59.dll
2017-09-20 15:46 - 2017-09-20 15:46 - 000106496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_thread-vc140-mt-1_59.dll
2017-09-20 15:46 - 2017-09-20 15:46 - 000042496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_chrono-vc140-mt-1_59.dll
2017-09-20 15:46 - 2017-09-20 15:46 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-06-09 10:30 - 2009-12-18 17:36 - 000973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2016-06-09 10:30 - 2013-09-18 01:23 - 000108032 _____ () C:\Program Files (x86)\PHotkey\PGFNEX.dll
2017-08-04 21:37 - 2018-08-27 21:41 - 000874784 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-08-04 21:37 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-08-04 21:37 - 2018-08-29 23:17 - 002646304 _____ () C:\Program Files (x86)\Steam\video.dll
2017-08-04 21:37 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-08-04 21:37 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-12-14 23:58 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-14 23:58 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-14 23:58 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 23:58 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 23:58 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-08-04 21:37 - 2018-08-29 23:17 - 001015584 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-08-04 21:37 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-08-30 19:55 - 2018-08-28 13:53 - 001111880 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-08-30 19:55 - 2018-08-28 13:53 - 002247496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-15 22:28 - 2018-08-28 13:58 - 000023888 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000142824 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 001958760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:53 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-05-15 22:28 - 2018-08-28 13:53 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 000074584 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:53 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-08-30 19:55 - 2018-08-28 13:53 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:58 - 000401240 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:58 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:55 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:59 - 000059744 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:59 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:58 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-07-31 20:16 - 2018-08-28 13:59 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:57 - 003822416 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:58 - 000090560 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 001779024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000032736 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:57 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 000519504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:57 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:57 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:57 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:57 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:59 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:58 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:58 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:59 - 000024032 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:53 - 000494048 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:57 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:59 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:53 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-08-30 19:55 - 2018-08-28 13:56 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:53 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-05-15 22:28 - 2018-08-28 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 000441672 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-15 22:28 - 2018-08-28 13:58 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:56 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-08-30 19:55 - 2018-08-28 13:56 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-15 22:28 - 2018-08-28 13:58 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
2018-05-15 22:28 - 2018-08-28 13:59 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:57 - 000531280 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:57 - 000354128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-08-30 19:55 - 2018-08-28 13:57 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2018-06-21 07:55 - 2018-06-21 07:55 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-30 22:19 - 2018-08-30 22:19 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\sharepoint.com -> hxxps://studiumunihamburgde-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2018-07-25 12:00 - 2018-07-25 12:00 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\staub\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Discord"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Windows Shutdown Assistant"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{AE92B345-3199-4EEF-9586-97639356C346}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{8B34D625-C8B6-4877-96C0-CBCDD25DF20E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{813C34EB-FF58-4882-A370-435EEBAAD5F1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{AD48AB42-02A1-4FE2-BB61-BD91FEFE0D9C}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [UDP Query User{BB52AE73-447A-4875-B1C4-489FF54D13A8}D:\uni\eclipse\eclipse\eclipse.exe] => (Allow) D:\uni\eclipse\eclipse\eclipse.exe
FirewallRules: [TCP Query User{1E018F34-2790-4BE2-807C-9FB190602EB2}D:\uni\eclipse\eclipse\eclipse.exe] => (Allow) D:\uni\eclipse\eclipse\eclipse.exe
FirewallRules: [{E442D729-9F1B-4991-A07D-4C1E4FD64E88}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{D36A68D1-D6AD-4B68-828E-A3713C4B7EB6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{02690E20-A6C1-4E8C-8966-FA878327C8B5}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{BE7832E1-7140-4C30-9357-0DADB4691F1B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{B701D663-0DA5-46ED-BC2A-1B8DAED27117}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm5.exe
FirewallRules: [{5099E323-58A7-4AE2-B9DF-58E9B847BE54}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm5.exe
FirewallRules: [{AA81E785-EBF6-4061-8C89-D657823E747E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm7.exe
FirewallRules: [{1AA2BFDC-78DD-4234-A48C-B28BF93C25FD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm7.exe
FirewallRules: [UDP Query User{4587EEC4-7F5C-425E-95F0-56F7EDD9ABBB}D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{BF443098-73E6-40A2-BE2F-A9909D946A26}D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{8DBDCE7E-3EF9-4E8A-9728-EAE711DB58A7}D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{49AFF02A-296E-45A6-A287-C7B93A122D77}D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{75D97824-3462-4A75-A6EA-A53E9A467964}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{970633DC-A219-44EA-AB6F-E056362A63AD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{E9F6A44A-0025-4C41-819C-1492EE4FF631}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{81728671-EFB2-44AF-88C9-7DCC094E4A78}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{067362FD-864A-4B84-87C3-62A7F329B816}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cinderella Phenomenon - OtomeVisual Novel\CinderellaPhenomenon.exe
FirewallRules: [{BFA943BE-A0BC-4E1F-B0C2-C4443C530327}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cinderella Phenomenon - OtomeVisual Novel\CinderellaPhenomenon.exe
FirewallRules: [{A38F2385-F440-4350-A7F8-FAC4503DA5F3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{4FA6104E-157C-4834-8C8E-07A57325397A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{887FCE58-5341-419B-8FA8-EAE86E02568D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{1DDB75C1-8E0D-4E64-BD1C-723A14398428}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{F150B6E4-4396-4D0A-B297-7E34A47C6BFB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{BAC971B4-6F80-4D24-AEF2-F60E59859263}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{FE34D1ED-A649-455D-8C5C-9611625CC50F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{1194BA1C-D046-45B9-91FB-19614B796F77}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{697E94D7-838B-4464-AA45-724365922964}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{3742AD2F-428F-438F-A781-CC5FCE95139F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{122944A9-A5C3-4EC4-8167-2F0BC5BE1442}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{35A07696-EDD7-481D-9634-01842C72BCE2}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{C536E400-CED9-4690-A95C-180258A5D957}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{DCA1F6DE-8A77-4407-A12A-5690EA77A60B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{0129324A-6372-4E23-9157-77101112E2BF}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{ED9C52F2-03DD-4A4C-8DD3-F3F95F10E880}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{6B1E3FBE-15B0-4297-8542-B3BAF3B497C6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Air Brawl\Air Brawl.exe
FirewallRules: [{8E52E0D5-830E-42F3-ACF1-C2A2E535FDC4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Air Brawl\Air Brawl.exe
FirewallRules: [{29298C02-98D6-4A46-AB0D-B58363A92EFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AE199B30-E14B-4564-926F-9DACC52886BB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{94884D5E-85EF-49C6-9EA6-D7B317BBF8DA}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{2F881564-4C2D-4BB6-8E47-B9132B8FFA0E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{7E226AB7-0100-4197-872C-2AB1CC4D8B9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{55F4FA45-21B1-4548-BCA7-A1A7C7A6FFA0}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A336D929-61D4-4E0C-A7C8-E8AD81F539BB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{A640F38C-B29C-44DC-BB89-A9FFA8AF66CB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{ACEB7411-E162-4759-BE40-C44B6ABF669B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{4F03E168-2919-449B-AC05-DAE9A6B21996}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{427ED94D-6264-4AED-BA42-9FC02B13B0BC}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{23B15E30-8A99-43B1-B072-CAF17BD69B98}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{527A802B-180B-4961-BF4D-4EEB6AE80E8F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{4C1A8BB0-F72C-4A84-8B61-51E4D38FB137}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{79D109B9-A491-4FFC-A6BE-BC68D9067405}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{43402D6D-559D-483A-8A3E-1501E082F775}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{9FA38818-BA1F-4D00-91E1-C543E1590AB1}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{2D572ADD-B1F2-4007-848A-7D4D60A569CB}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe
FirewallRules: [TCP Query User{8D15F317-AE12-4092-80F5-B1AE2E886579}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe
FirewallRules: [{31E08BA8-8D52-42FB-9532-DF4775B6D61E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shank Demo\bin\Shank.exe
FirewallRules: [{76B8CDEB-2B3F-48E5-B570-A305BEA01FAD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shank Demo\bin\Shank.exe
FirewallRules: [{416C241D-31D6-4DCB-9327-60A2984E6995}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{5F04DE88-8E60-41D3-81DF-7D60C6FFE1E3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{ECB14AF4-EB93-4A0A-82D4-662100C71B61}] => (Allow) D:\Downloads\Games\Secret World Legends\ClientPatcher.exe
FirewallRules: [{45915F72-F805-49BA-B0BB-F51067D81FE0}] => (Allow) D:\Downloads\Games\Secret World Legends\ClientPatcher.exe
FirewallRules: [{C29F60A8-53B2-4C11-AF24-F05D3E6E3C0D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{198FB835-EE23-4C23-AA0F-80BAC447CAB9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{1EAC6018-3CFE-4058-B9AB-44EE537FB950}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{2A792BEF-ABE7-470E-B56B-AF0776C2B61F}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{A211B133-CD1C-49ED-A262-AD21FF2F7439}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{F0275489-326F-44DF-AF5D-712804F2A1E8}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{9E09F80C-F2E5-4C26-A2DE-2A66603F5974}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{63B0CC1C-10BB-4A3C-AEA4-0CD1977FC8FF}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{EFEF078B-A97A-4138-9BAA-EAF1C428BFD9}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{5EA019D5-000B-4243-9437-64CBC5E87A45}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{DCA8E089-302C-4D2A-9E19-8F3AAEC06363}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{4D1A2EE0-7A50-4B78-B6E0-E2E9076A84CF}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{3BE4A387-D647-4D2D-A7CB-78D8F8A6275C}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{362E2A26-F57D-41D8-B27B-9DF48D79ACD5}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{21164AE7-EE79-4ADB-9E5E-66EC15C6B459}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{35BAD61C-063A-410D-8B18-8F9FCE0980B4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D57D6DA3-A095-4DE1-8C1E-589D249E08AD}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{A5A95D36-0D43-4B02-B89F-60E813862599}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1D693746-6BF1-46DA-AB36-FE75BF3D448C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{CEDEB133-B392-4829-A5F5-C97C75CEBA55}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{F2232837-6AFF-4411-980A-0CF014F3A76D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{671F6F13-5D7F-4F0B-8176-3132F0DF76EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{D3DBA6DE-89D0-40AD-955B-14792C40333A}C:\users\staub\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\staub\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7701EC30-F28C-4A01-ABD3-06DF31B5D166}C:\users\staub\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\staub\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8644FA34-D321-4D59-86A2-561EBF35856A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{E5E36995-E0FD-40B8-930D-6CE184D6FE04}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{168DC41D-682B-4A4D-8F7D-F2FC547FC2F9}D:\downloads\games\hearthstone\hearthstone.exe] => (Allow) D:\downloads\games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{384463DF-F7B6-4E60-B8B9-52FCE425C05A}D:\downloads\games\hearthstone\hearthstone.exe] => (Allow) D:\downloads\games\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{1C244ED8-2DC9-48BD-B4D1-AD98084AD126}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{36A229D1-7399-4672-9074-A6FBC4AAD585}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{9521923B-05DF-45E7-A686-A8773A27DBDF}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{DC5D19DA-CE0C-4C6B-A7BF-69BE3C430748}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{B8404964-6383-4E4B-B0E7-C96496718CE7}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe
FirewallRules: [UDP Query User{BD187D00-F099-4950-B100-5C5951AC5451}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe
FirewallRules: [{925DF980-0676-4BAA-914F-51A2F937A5A8}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [TCP Query User{0C740B5D-02C6-49E0-9C2B-A5620AF40E8D}D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{9931F919-BB93-464C-A62B-C8170CE39657}D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{7694F13F-9A65-48B8-8709-33DC69F2FAA4}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{218C3FDB-A6FD-43D8-820E-C8C22CDEC01C}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{24EC901C-C8C2-4903-AEFD-1F4FA957385D}C:\program files\unity\editor\data\tools\nodejs\node.exe] => (Allow) C:\program files\unity\editor\data\tools\nodejs\node.exe
FirewallRules: [UDP Query User{8B57865E-A3B9-4E11-A9F1-0E9C133E3193}C:\program files\unity\editor\data\tools\nodejs\node.exe] => (Allow) C:\program files\unity\editor\data\tools\nodejs\node.exe
FirewallRules: [{DBE2AD58-40B1-4605-8BCB-73B676437751}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{AF78346B-E0E8-469D-A252-0BEA47747C8A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [{F62EDF43-547C-4D81-B21C-E3C6EB9DC38F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [TCP Query User{124E2B6A-96AF-4349-A9D7-E52BB0A9D41F}D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe
FirewallRules: [UDP Query User{187F4ADD-3307-4BC1-9DA7-E8045316AC14}D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe
FirewallRules: [TCP Query User{BAB4A592-DC9F-4EB5-9978-0A1714BC10F0}D:\downloads\games\overwatch\overwatch.exe] => (Allow) D:\downloads\games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{EF225068-3D1B-4F51-BCD0-97FCC7A0F5E6}D:\downloads\games\overwatch\overwatch.exe] => (Allow) D:\downloads\games\overwatch\overwatch.exe
FirewallRules: [{291A6A69-4A4A-430C-BD0B-8CF5DB781E2D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here.exe
FirewallRules: [{62CC98E4-D3B0-4285-AE62-C1BE7CB95DA7}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here.exe
FirewallRules: [{C7AD0CE5-A384-42EA-BA7D-FAAAC014F785}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here VR.exe
FirewallRules: [{C54EB692-924F-488E-BEDD-06933478B2DF}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here VR.exe
FirewallRules: [{661875E2-6257-4000-9E2F-B3FD4458E48C}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{27203441-D992-4A21-B592-B6CE080FD0C1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{5408F76E-7694-4FCA-B107-0BC6B397634E}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
FirewallRules: [UDP Query User{14BA8636-3BB6-41D4-9EF7-EDD8F63842BF}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
FirewallRules: [{BEE825D1-265A-43F4-90B7-A9C0911E7F6C}] => (Allow) D:\NadekoBot\redis\redis-server.exe
FirewallRules: [{35FC2D14-20E9-425E-95C2-3AC6A6D6F551}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe
FirewallRules: [{7121F1B0-D504-4E79-9EB2-5ACC08271B5E}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe
FirewallRules: [{7437FCDA-29FB-4B9E-8584-0ED2D9FAEF59}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{AC23B224-E941-4006-98D2-2B21A052EEF9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{DF618C39-1EAD-4BAD-86D6-E0EB19FEA5E0}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{EBE552B3-416D-492D-BC42-294F6E363E41}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{CC39AFDC-E1C5-4822-B11D-0C782AF90C5E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{FC99EDFE-0363-4D97-AC10-48E3E949FAAD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{88AE44BC-D3C5-4D5E-B3E6-2A3DA432A4A6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{E18340FA-E27E-4116-AE58-6CA397489EBB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{BE341F1B-27B9-40D5-BA38-B8578E5855B4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\IdleChampions\IdleDragons.exe
FirewallRules: [{CC8ACDEA-E3BB-4B1D-95B6-24603D6A18C9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\IdleChampions\IdleDragons.exe
FirewallRules: [TCP Query User{AAD811C9-F772-44E0-8539-09E821447E18}D:\downloads\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\downloads\games\the sims 4\game\bin\ts4_x64.exe
FirewallRules: [UDP Query User{D19A33BA-5E20-473B-862E-FA5DB916EC65}D:\downloads\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\downloads\games\the sims 4\game\bin\ts4_x64.exe
FirewallRules: [{62C278E8-AF12-410D-B1E2-A6D7A7BA3756}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{53DB7A06-C0FD-4098-9670-75E1CC6ECFF9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F113299F-E258-494B-A588-5521E55DC913}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Doki Doki Literature Club\DDLC.exe
FirewallRules: [{CBF825E4-FFAF-4250-9D3F-979ED341EB9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Doki Doki Literature Club\DDLC.exe
FirewallRules: [{3EC7FB21-9B2F-435B-8383-70F0C0C100B5}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\World of Warships\bin\clientrunner\clientrunner.exe
FirewallRules: [{E0A3F8D8-AB5B-4D12-9741-4F5021721717}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\World of Warships\bin\clientrunner\clientrunner.exe
FirewallRules: [{C3F8DCB9-7380-4150-BD24-187491F0EC25}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{A7EE2576-9CDD-4954-9841-C4E5370EEC47}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{0FA6B34B-6FC2-4DFD-BDB9-53DB02EC6711}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{64B03985-9C33-4EF8-9680-501C50F47C9E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{A5DAEA93-6179-42AB-A1FE-CB08FF73C5FE}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\VRChat\VRChat.exe
FirewallRules: [{66AEFF59-0056-4556-A763-C7C25FA83463}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\VRChat\VRChat.exe
FirewallRules: [{7026AF56-C7E9-47E5-8D6B-9114EDE30342}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{34BED28F-3CDA-4A2E-AC9F-4DA0EBFA0095}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{85F24101-D257-49FC-B184-E7E7971A9CC4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [{463FAAAF-DA40-4C53-9830-FC5BD5CC0B54}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [TCP Query User{FE8ACD97-572B-4C4D-A4DC-C762589DF006}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [UDP Query User{05EDE794-953C-4C9B-B623-CDBE14CC8113}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [{1DBD8412-F824-4A71-B583-0B23B2AC5308}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{84431380-A50B-49FE-AF08-C97EA9133508}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{593A5877-36A3-48A3-B8A2-9BA1268428F9}] => (Allow) C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe
FirewallRules: [{067171D3-CDA7-4E39-B569-0CB6C53C9088}] => (Allow) C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe
FirewallRules: [{1E412C8C-099F-4FA6-8D00-9FD8C1DB1C33}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9D76A19B-CF0D-48A6-ADED-98E4E7A03325}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4ADA2929-08C1-41E7-A4B4-87129FDD103B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{1946D170-0099-467C-902D-A960EB1D9127}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DED97B08-41C0-484F-8FBA-0E312C8C8F9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{C8096ADF-822D-46F4-88CD-ECD23961898F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{2DC46937-B78E-4D8C-850A-BC6146E43CA0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{776F9125-BB9D-45E0-8FEF-F9C7C3355611}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{6C64D425-F60E-4DD4-9657-D277C9051029}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{76399528-22B3-4138-8998-530492ED64A1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{1E34F3DD-D166-4DDB-91B2-71BA0CA6EB9B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{87E6EEF0-2196-4408-ABEC-AB572A92DA68}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{12868E6F-7987-4627-A931-B1F09A150BBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{2CA45FB0-0BF7-4F0E-AAFB-0C83542422D2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{5397A3E5-A7A7-4890-BA7F-38119F27D5A6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{38E868AF-A069-4029-B6D3-F51EFE1FF59B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{E239E74A-C7FD-4E88-AD23-6824C0EF44C3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{DA439718-6F8A-4778-85C9-6D021A6DE749}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{D5929615-6992-45F9-B441-251A293F4F79}] => (Allow) C:\Program Files (x86)\Origin Games\Spore\Sporebin\SporeApp.exe
FirewallRules: [{7F0427C3-010A-4138-81D8-690FD10E1754}] => (Allow) C:\Program Files (x86)\Origin Games\Spore\Sporebin\SporeApp.exe
FirewallRules: [{E8D63457-1175-4F88-9EB4-4A163E86BBB6}] => (Allow) D:\Program Files\Nox\bin\Nox.exe
FirewallRules: [{7C7D0684-6420-420D-A67A-30F19FB6B64A}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/09/2018 11:19:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Audacity\audacity.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_fb3f961b30681c12.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_42ecccf244e44518.manifest.

Error: (09/09/2018 11:10:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Audacity\audacity.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_fb3f961b30681c12.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_42ecccf244e44518.manifest.

Error: (09/09/2018 10:42:02 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263

Error: (09/09/2018 10:42:02 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263

Error: (09/09/2018 10:30:22 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263

Error: (09/09/2018 10:30:22 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263

Error: (09/09/2018 10:29:55 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263

Error: (09/09/2018 10:29:55 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263


Systemfehler:
=============
Error: (09/09/2018 11:33:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/09/2018 11:20:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/09/2018 11:11:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/09/2018 11:11:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (09/09/2018 11:11:13 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/09/2018 11:10:57 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/09/2018 11:10:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/09/2018 11:10:47 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================

Date: 2018-06-23 08:51:02.942
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-23 08:48:03.423
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6267U CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 74%
Installierter physikalischer RAM: 6062.59 MB
Verfügbarer physikalischer RAM: 1534.82 MB
Summe virtueller Speicher: 10670.59 MB
Verfügbarer virtueller Speicher: 4841.96 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.22 GB) (Free:18.58 GB) NTFS
Drive d: (Data) (Fixed) (Total:1337.26 GB) (Free:799.41 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:42.61 GB) NTFS

\\?\Volume{469da7c1-3405-49e3-9966-c1579fc63c47}\ () (Fixed) (Total:0.9 GB) (Free:0.45 GB) NTFS
\\?\Volume{37c984f9-d5e4-4a08-916b-06b97dddf7e8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: BBB25831)

Partition: GPT.

========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: BBB2585A)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Avast bitte komplett deinstallieren

Von Avast raten wir schon lange ab, außerdem will ich für eine Analyse und Bereinigung so wenig Störquellen wie nur möglich. Zum Abschluss gibt es Hinweise zur Absicherung deines Windows-Systems.

Wir deinstallieren dann am besten auch gleich weiteren unnötigen oder veralteten Krempel.

Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

• Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
• Klicke auf Optionen und wähle als Sprache Deutsch.
• Suche im Uninstallerfeld nach den Programmen:
  
  
  7-Zip 16.04 (x64)
  
  Avast Free Antivirus
  
  CCleaner
  
  Java 8 Update 171 (64-bit)
  
  Java 8 Update 171
  
  Java 8 Update 172
  
  Java SE Development Kit 8 Update 144 (64-bit)
  
  
  
• Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
• Wähle anschließend den Modus "Moderat" aus.
  
• Reste löschen:
  Klicke auf dann auf und dann auf .

 

Gib Bescheid wenn das weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

Gemacht. Möchte anmerken, dass ich Avast bereits deinstalliert habe, bevor ich deinen Post gesehen habe. Desweiteren habe ich jetzt gerade Malwarebytes am Laufen, hoffe das ist kein Problem?

Dann auch sinnigerweise gleich das Log posten wenn MBAM durch ist.

updates funzen immer noch nicht

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 10.09.18
Scan-Zeit: 18:46
Protokolldatei: 1e727b7c-b519-11e8-88f0-ecaaa029347b.json

-Softwaredaten-
Version: 3.5.1.2522
Komponentenversion: 1.0.441
Version des Aktualisierungspakets: 1.0.6749
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 10 (Build 17134.112)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-UKTCUI2\staub

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 389245
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 2 Min., 29 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         

Schädlinge suchen mit Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
• Drücke Start Scan
  
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
  Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Code: Alles auswählenAufklappen

ATTFilter

22:32:15.0631 0x092c  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
22:32:15.0631 0x092c  UEFI system
22:32:17.0871 0x092c  ============================================================
22:32:17.0871 0x092c  Current date / time: 2018/09/11 22:32:17.0871
22:32:17.0872 0x092c  SystemInfo:
22:32:17.0872 0x092c  
22:32:17.0872 0x092c  OS Version: 10.0.17134 ServicePack: 0.0
22:32:17.0872 0x092c  Product type: Workstation
22:32:17.0872 0x092c  ComputerName: DESKTOP-UKTCUI2
22:32:17.0872 0x092c  UserName: staub
22:32:17.0872 0x092c  Windows directory: C:\WINDOWS
22:32:17.0872 0x092c  System windows directory: C:\WINDOWS
22:32:17.0872 0x092c  Running under WOW64
22:32:17.0872 0x092c  Processor architecture: Intel x64
22:32:17.0872 0x092c  Number of processors: 4
22:32:17.0872 0x092c  Page size: 0x1000
22:32:17.0872 0x092c  Boot type: Normal boot
22:32:17.0872 0x092c  CodeIntegrityOptions = 0x00000001
22:32:17.0872 0x092c  ============================================================
22:32:17.0918 0x092c  KLMD registered as C:\WINDOWS\system32\drivers\01921402.sys
22:32:17.0918 0x092c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
22:32:17.0936 0x092c  System UUID: {EDB1CDC8-7A74-104B-02AF-2949488BCEB4}
22:32:18.0024 0x092c  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:32:18.0024 0x092c  Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:32:18.0028 0x092c  ============================================================
22:32:18.0028 0x092c  \Device\Harddisk0\DR0:
22:32:18.0028 0x092c  GPT partitions:
22:32:18.0029 0x092c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {694BD22E-7594-451D-9096-AF677B4917EB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xA7287000
22:32:18.0029 0x092c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CFE500BC-FDAB-400A-A9BB-68597C0FA1EA}, Name: Basic data partition, StartLBA 0xA7287800, BlocksNum 0x7800000
22:32:18.0029 0x092c  MBR partitions:
22:32:18.0029 0x092c  \Device\Harddisk1\DR1:
22:32:18.0029 0x092c  GPT partitions:
22:32:18.0030 0x092c  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {37C984F9-D5E4-4A08-916B-06B97DDDF7E8}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
22:32:18.0030 0x092c  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E56BC9C4-44E3-4B68-9BEA-B56A595BF278}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x8000
22:32:18.0030 0x092c  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {83D04214-4873-41EF-81F4-45DADF15BDE5}, Name: Basic data partition, StartLBA 0x3A800, BlocksNum 0xEA730B6
22:32:18.0030 0x092c  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {469DA7C1-3405-49E3-9966-C1579FC63C47}, Name: , StartLBA 0xEAAE000, BlocksNum 0x1CE000
22:32:18.0030 0x092c  \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {F5AF82CE-BB6E-4309-9DD1-F36D46EAA02A}, Name: Basic data partition, StartLBA 0xEC7C000, BlocksNum 0x200000
22:32:18.0030 0x092c  MBR partitions:
22:32:18.0030 0x092c  ============================================================
22:32:18.0031 0x092c  C: <-> \Device\Harddisk1\DR1\Partition3
22:32:18.0056 0x092c  D: <-> \Device\Harddisk0\DR0\Partition1
22:32:18.0110 0x092c  E: <-> \Device\Harddisk0\DR0\Partition2
22:32:18.0110 0x092c  ============================================================
22:32:18.0110 0x092c  Initialize success
22:32:18.0110 0x092c  ============================================================
22:32:22.0684 0x3784  ============================================================
22:32:22.0684 0x3784  Scan started
22:32:22.0684 0x3784  Mode: Manual; 
22:32:22.0684 0x3784  ============================================================
22:32:22.0684 0x3784  KSN ping started
22:32:22.0741 0x3784  KSN ping finished: true
22:32:23.0202 0x3784  ================ Scan system memory ========================
22:32:23.0202 0x3784  System memory - ok
22:32:23.0203 0x3784  ================ Scan services =============================
22:32:23.0250 0x3784  1394ohci - ok
22:32:23.0253 0x3784  3ware - ok
22:32:23.0256 0x3784  ACPI - ok
22:32:23.0259 0x3784  AcpiDev - ok
22:32:23.0264 0x3784  acpiex - ok
22:32:23.0268 0x3784  acpipagr - ok
22:32:23.0272 0x3784  [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
22:32:23.0273 0x3784  AcpiPmi - ok
22:32:23.0282 0x3784  acpitime - ok
22:32:23.0290 0x3784  [ 56FCC24867F2C87BF96EE9D17A4CC20E, 6DDEF1234D207C6CDE0298DD1DAC988AC6CD7716E4FDA01813D175AE50F6A022 ] acsock          C:\WINDOWS\system32\DRIVERS\acsock64.sys
22:32:23.0295 0x3784  acsock - ok
22:32:23.0301 0x3784  ADP80XX - ok
22:32:23.0305 0x3784  AFD - ok
22:32:23.0311 0x3784  [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix          C:\WINDOWS\system32\drivers\afunix.sys
22:32:23.0314 0x3784  afunix - ok
22:32:23.0321 0x3784  [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:32:23.0327 0x3784  ahcache - ok
22:32:23.0338 0x3784  [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
22:32:23.0340 0x3784  AJRouter - ok
22:32:23.0347 0x3784  [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG             C:\WINDOWS\System32\alg.exe
22:32:23.0349 0x3784  ALG - ok
22:32:23.0352 0x3784  AmdK8 - ok
22:32:23.0356 0x3784  AmdPPM - ok
22:32:23.0364 0x3784  amdsata - ok
22:32:23.0368 0x3784  amdsbs - ok
22:32:23.0372 0x3784  amdxata - ok
22:32:23.0380 0x3784  [ E4A18157BF5D8D714C05169A8A8D604C, 45D8CB25A9967D634F8331070BDFB3DF4ACB6295CF1520F9AAE8753D3BF4018A ] AppID           C:\WINDOWS\system32\drivers\appid.sys
22:32:23.0383 0x3784  AppID - ok
22:32:23.0388 0x3784  [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
22:32:23.0390 0x3784  AppIDSvc - ok
22:32:23.0399 0x3784  [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo         C:\WINDOWS\System32\appinfo.dll
22:32:23.0403 0x3784  Appinfo - ok
22:32:23.0408 0x3784  [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
22:32:23.0409 0x3784  applockerfltr - ok
22:32:23.0414 0x3784  AppReadiness - ok
22:32:23.0417 0x3784  AppXSvc - ok
22:32:23.0420 0x3784  arcsas - ok
22:32:23.0423 0x3784  AsyncMac - ok
22:32:23.0428 0x3784  atapi - ok
22:32:23.0433 0x3784  AudioEndpointBuilder - ok
22:32:23.0436 0x3784  Audiosrv - ok
22:32:23.0442 0x3784  [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
22:32:23.0446 0x3784  AxInstSV - ok
22:32:23.0450 0x3784  b06bdrv - ok
22:32:23.0455 0x3784  [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam             C:\WINDOWS\system32\drivers\bam.sys
22:32:23.0456 0x3784  bam - ok
22:32:23.0462 0x3784  BasicDisplay - ok
22:32:23.0466 0x3784  BasicRender - ok
22:32:23.0471 0x3784  BcastDVRUserService - ok
22:32:23.0480 0x3784  bcmfn2 - ok
22:32:23.0496 0x3784  [ 255D1EA1F4EDA1B7B28A88581F12A1CE, 5B2D7F2EFA7BB539719890CF2E45568C544DD0EECEC44BBA56CCECB792E8BC44 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
22:32:23.0504 0x3784  BDESVC - ok
22:32:23.0507 0x3784  [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:32:23.0509 0x3784  Beep - ok
22:32:23.0517 0x3784  BFE - ok
22:32:23.0523 0x3784  [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt         C:\WINDOWS\system32\drivers\bindflt.sys
22:32:23.0526 0x3784  bindflt - ok
22:32:23.0556 0x3784  [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS            C:\WINDOWS\System32\qmgr.dll
22:32:23.0584 0x3784  BITS - ok
22:32:23.0598 0x3784  [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
22:32:23.0611 0x3784  BluetoothUserService - ok
22:32:23.0626 0x3784  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:32:23.0635 0x3784  Bonjour Service - ok
22:32:23.0639 0x3784  bowser - ok
22:32:23.0641 0x3784  BrokerInfrastructure - ok
22:32:23.0650 0x3784  [ 3E4BF0145201239E0BBD0A937431C14C, 1DDC27C89B16ADD9346EB30AA9E17330FE0181BE96DC6F06C455493FBDCB1113 ] Browser         C:\WINDOWS\System32\browser.dll
22:32:23.0653 0x3784  Browser - ok
22:32:23.0667 0x3784  [ 2EB2D533A0C94F05F1F511D3FA20D892, 77375EC0C1FB059D03FF2D23C975EB9A6EB00F9B59000A60A89582D4F6D1D4C4 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
22:32:23.0674 0x3784  BstHdLogRotatorSvc - ok
22:32:23.0687 0x3784  [ 7DB8EE09821A6D81A19A6591C9B8AA3A, 0A9A826560884F95D64BDC8A2076AE33FB718A3A59C0BBEC48E48A5FB907ACA4 ] BstkDrv         C:\Program Files (x86)\BlueStacks\BstkDrv.sys
22:32:23.0692 0x3784  BstkDrv - ok
22:32:23.0706 0x3784  [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService     C:\WINDOWS\System32\BTAGService.dll
22:32:23.0716 0x3784  BTAGService - ok
22:32:23.0723 0x3784  [ 2B5EB1BB42AEE7A77B1E9C794DFCEF3D, E94040AAE365CFCAEEC75F38EBDDB2C7F13B41F41D96C33FE3F25078BA21DA13 ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys
22:32:23.0728 0x3784  BthA2DP - ok
22:32:23.0739 0x3784  [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc     C:\WINDOWS\System32\BthAvctpSvc.dll
22:32:23.0747 0x3784  BthAvctpSvc - ok
22:32:23.0753 0x3784  [ E0121734C2492406034FA23E3D394EBD, E855EB12DD35CC47F68C5C6B1622560599C7074E274E510528196D47BDA56960 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
22:32:23.0756 0x3784  BthEnum - ok
22:32:23.0761 0x3784  [ F56B351A4E2B384911B2BA2A98261F34, A8140A2ABEC704A11776D29894ADD5D1FA9C125567EB6B270694573DB9B0E30E ] BthHFAud        C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
22:32:23.0763 0x3784  BthHFAud - ok
22:32:23.0769 0x3784  [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
22:32:23.0772 0x3784  BthHFEnum - ok
22:32:23.0780 0x3784  [ 8EE632BFE4BABD4E7A299AF54476F9A5, 836675F295A033C0239DCF86D90985443A60D5A1F38B668CA82A30BDFD983352 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
22:32:23.0783 0x3784  BthLEEnum - ok
22:32:23.0789 0x3784  [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
22:32:23.0791 0x3784  BTHMODEM - ok
22:32:23.0799 0x3784  [ B10E0CC936462BBA7BC659C0927617A0, B4F2A318384D176D0ACF26372756CE097F34EED59FBB023E7DB8F95D8F73F69A ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
22:32:23.0801 0x3784  BthPan - ok
22:32:23.0826 0x3784  [ EF105DBEB81F14EBDBA5F7977AD8FA91, A4D20038B72361CD95446854F2E538314C4C8B5EA4618AC7B18A43D8AF777A34 ] BTHPORT         C:\WINDOWS\system32\DRIVERS\BTHport.sys
22:32:23.0852 0x3784  BTHPORT - ok
22:32:23.0861 0x3784  [ 1EB49C9E2716D4924460B2FAA295E313, B96D39479BFD2ABCD3A3BB8897EAD7C5A03DFFD7266E82A1FBA0E7FEAF73E4B8 ] bthserv         C:\WINDOWS\system32\bthserv.dll
22:32:23.0866 0x3784  bthserv - ok
22:32:23.0873 0x3784  [ 0D5ECDF2601312025811F6AC413F851A, B7E99CF02C6B511BD643E7F8BB59E983D8B65073D9B55ED44457EDC2BBBBC419 ] BTHUSB          C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
22:32:23.0876 0x3784  BTHUSB - ok
22:32:23.0881 0x3784  bttflt - ok
22:32:23.0884 0x3784  buttonconverter - ok
22:32:23.0888 0x3784  [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
22:32:23.0890 0x3784  CAD - ok
22:32:23.0895 0x3784  camsvc - ok
22:32:23.0900 0x3784  CapImg - ok
22:32:23.0905 0x3784  cdfs - ok
22:32:23.0922 0x3784  [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
22:32:23.0934 0x3784  CDPSvc - ok
22:32:23.0947 0x3784  [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
22:32:23.0957 0x3784  CDPUserSvc - ok
22:32:23.0964 0x3784  cdrom - ok
22:32:23.0972 0x3784  [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
22:32:23.0976 0x3784  CertPropSvc - ok
22:32:23.0986 0x3784  [ 6581A8AA7D4CDE34EBE6DDF6A9913F86, DA921C0CADF48778C9144BDA601EA1806D92BADE4A082F1CBB032294A6C00494 ] CG6Service      C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
22:32:23.0991 0x3784  CG6Service - ok
22:32:23.0997 0x3784  [ 44293BF717CA39DC925C6A05453D8D34, 7A0761662C2B79F38CE24DC04509500BD818E6CF27252949072659AB39716A7F ] cgnetfilter1521 C:\WINDOWS\system32\drivers\cgnetfilter1521.sys
22:32:24.0000 0x3784  cgnetfilter1521 - ok
22:32:24.0004 0x3784  cht4iscsi - ok
22:32:24.0007 0x3784  cht4vbd - ok
22:32:24.0014 0x3784  [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
22:32:24.0016 0x3784  circlass - ok
22:32:24.0028 0x3784  [ 5619FC2A3AE4F43D4B20D95472ED948E, A5D530FB6AC493FC01489A1D32C311F7D28F0D7B49C950E71F4ADF4FBA302689 ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
22:32:24.0035 0x3784  CldFlt - ok
22:32:24.0039 0x3784  CLFS - ok
22:32:24.0236 0x3784  [ 1C1E503D9246B059B5B19613BA97A53B, 70C91D253E776D74F927313E30675828732D68C2EAC1E49F7056FF3A60A87389 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
22:32:24.0401 0x3784  ClickToRunSvc - ok
22:32:24.0447 0x3784  [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
22:32:24.0464 0x3784  ClipSVC - ok
22:32:24.0474 0x3784  [ 228CB7727EC19833A74DAA5BE8627114, 7ABDEABF648C0CF04C736D9F1056CD54D5913837E1543CC358FDDFA9389934EC ] clwvd6          C:\WINDOWS\system32\DRIVERS\clwvd6.sys
22:32:24.0476 0x3784  clwvd6 - ok
22:32:24.0480 0x3784  CmBatt - ok
22:32:24.0485 0x3784  CNG - ok
22:32:24.0488 0x3784  [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
22:32:24.0489 0x3784  cnghwassist - ok
22:32:24.0515 0x3784  [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
22:32:24.0516 0x3784  CompositeBus - ok
22:32:24.0519 0x3784  COMSysApp - ok
22:32:24.0523 0x3784  condrv - ok
22:32:24.0528 0x3784  CoreMessagingRegistrar - ok
22:32:24.0560 0x3784  [ 2E0A35871680D1E9E5A94031E2B781A7, 8EE720D4326DB9E409A291ED1AA169DC5595BE05663787D49DA6552A5FF3C509 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
22:32:24.0566 0x3784  cphs - ok
22:32:24.0585 0x3784  [ 9E6D6C613E004890EFEAAE858C11BD6D, 26E4C2D12F0F7CDF5977206CDD3F8FA09A5E6DD020C959AF93B245501BF44225 ] cplspcon        C:\WINDOWS\system32\IntelCpHDCPSvc.exe
22:32:24.0595 0x3784  cplspcon - ok
22:32:24.0604 0x3784  CryptSvc - ok
22:32:24.0609 0x3784  [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam             C:\WINDOWS\system32\drivers\dam.sys
22:32:24.0611 0x3784  dam - ok
22:32:24.0619 0x3784  [ E59CAC3C48E862959CBDFD08DF40CD2D, 303CB1C89AD2608BB5837D3860964AA1F88F87B296A5C6AB8C88E2169CE6228B ] DAX2API         C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
22:32:24.0622 0x3784  DAX2API - ok
22:32:24.0629 0x3784  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
22:32:24.0632 0x3784  dbupdate - ok
22:32:24.0637 0x3784  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
22:32:24.0639 0x3784  dbupdatem - ok
22:32:24.0647 0x3784  [ 646AFD6F45B1B5AB9CE77C09B755B90B, CFC61FC136C9C062F509D2C756266F581BA9B2FDB1D2C8CBAAA66F51D1E8B876 ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
22:32:24.0649 0x3784  DbxSvc - ok
22:32:24.0657 0x3784  DcomLaunch - ok
22:32:24.0662 0x3784  defragsvc - ok
22:32:24.0675 0x3784  [ 8DF502E8116C625387DD789936D7A0C2, D42661E068F401199FAEA012C200EEF02C1409A09DACD30E6B08E3FBE4149BFA ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:32:24.0685 0x3784  DeviceAssociationService - ok
22:32:24.0689 0x3784  DeviceInstall - ok
22:32:24.0701 0x3784  [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
22:32:24.0714 0x3784  DevicePickerUserSvc - ok
22:32:24.0734 0x3784  [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
22:32:24.0758 0x3784  DevicesFlowUserSvc - ok
22:32:24.0767 0x3784  [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
22:32:24.0769 0x3784  DevQueryBroker - ok
22:32:24.0772 0x3784  Dfsc - ok
22:32:24.0777 0x3784  Dhcp - ok
22:32:24.0783 0x3784  diagnosticshub.standardcollector.service - ok
22:32:24.0790 0x3784  [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc         C:\WINDOWS\system32\DiagSvc.dll
22:32:24.0796 0x3784  diagsvc - ok
22:32:24.0800 0x3784  DiagTrack - ok
22:32:24.0803 0x3784  Disk - ok
22:32:24.0822 0x3784  [ 89FC056F9CEFB85FC7159AA063904AFF, 6B6F86F87C48EE92F616D4EEE624C9711D0606FD651F3B1D4DD5EF3767B76750 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
22:32:24.0843 0x3784  DmEnrollmentSvc - ok
22:32:24.0848 0x3784  dmvsc - ok
22:32:24.0852 0x3784  [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
22:32:24.0854 0x3784  dmwappushservice - ok
22:32:24.0857 0x3784  Dnscache - ok
22:32:24.0870 0x3784  [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:32:24.0875 0x3784  dot3svc - ok
22:32:24.0883 0x3784  [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS             C:\WINDOWS\system32\dps.dll
22:32:24.0886 0x3784  DPS - ok
22:32:24.0889 0x3784  drmkaud - ok
22:32:24.0899 0x3784  [ 5242DC5849014BCFBB3147B76A899783, 759542B42D9DCC224D9CBD19A0C6B8939417F2F08B547BE07FFA3356918C1ED7 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
22:32:24.0905 0x3784  DsmSvc - ok
22:32:24.0910 0x3784  DsSvc - ok
22:32:24.0923 0x3784  [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
22:32:24.0931 0x3784  DusmSvc - ok
22:32:24.0935 0x3784  DXGKrnl - ok
22:32:24.0939 0x3784  Eaphost - ok
22:32:24.0943 0x3784  EasyAntiCheat - ok
22:32:24.0947 0x3784  ebdrv - ok
22:32:24.0953 0x3784  EFS - ok
22:32:24.0957 0x3784  EhStorClass - ok
22:32:24.0962 0x3784  EhStorTcgDrv - ok
22:32:24.0969 0x3784  [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
22:32:24.0973 0x3784  embeddedmode - ok
22:32:24.0984 0x3784  [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
22:32:24.0990 0x3784  EntAppSvc - ok
22:32:24.0994 0x3784  ErrDev - ok
22:32:25.0012 0x3784  [ BF8362193CB83B5283BC5D24AA3D8DF3, 9A45520D624B101D18A434E63DB7EA6CC44F598EDA36B8A916BB76C1DBB0955C ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
22:32:25.0020 0x3784  ETD - ok
22:32:25.0029 0x3784  [ 06C67EE6E9E5DF0692BBE14437E56F3F, 9569B03031AE0CAC51AEF8B8CB8F8F2E717478B482AB4760711E1427C33A396D ] ETDService      C:\Program Files\Elantech\ETDService.exe
22:32:25.0031 0x3784  ETDService - ok
22:32:25.0036 0x3784  [ C75C4769BBAE1397E1333D895C2DAE63, A066F6D6BCF25976EA16EC2077A0656C44952A3CB49C6A1A857482C8346E9D2D ] ETDSMBus        C:\WINDOWS\System32\drivers\ETDSMBus.sys
22:32:25.0037 0x3784  ETDSMBus - ok
22:32:25.0052 0x3784  [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem     C:\WINDOWS\system32\es.dll
22:32:25.0062 0x3784  EventSystem - ok
22:32:25.0078 0x3784  [ 416D42491C6A21C2F7DF6F93E572B463, 940074B51DC14586A0BCE22293F445B22E6F7F02D1FE0E12D71F3A9748A8CCD2 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:32:25.0089 0x3784  EvtEng - ok
22:32:25.0094 0x3784  exfat - ok
22:32:25.0098 0x3784  fastfat - ok
22:32:25.0114 0x3784  [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax             C:\WINDOWS\system32\fxssvc.exe
22:32:25.0126 0x3784  Fax - ok
22:32:25.0131 0x3784  fdc - ok
22:32:25.0135 0x3784  [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
22:32:25.0138 0x3784  fdPHost - ok
22:32:25.0147 0x3784  [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
22:32:25.0150 0x3784  FDResPub - ok
22:32:25.0156 0x3784  [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
22:32:25.0160 0x3784  fhsvc - ok
22:32:25.0165 0x3784  [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
22:32:25.0166 0x3784  FileCrypt - ok
22:32:25.0169 0x3784  FileInfo - ok
22:32:25.0173 0x3784  Filetrace - ok
22:32:25.0177 0x3784  flpydisk - ok
22:32:25.0181 0x3784  FltMgr - ok
22:32:25.0185 0x3784  FontCache - ok
22:32:25.0189 0x3784  FontCache3.0.0.0 - ok
22:32:25.0192 0x3784  FrameServer - ok
22:32:25.0197 0x3784  FsDepends - ok
22:32:25.0200 0x3784  Fs_Rec - ok
22:32:25.0203 0x3784  fvevol - ok
22:32:25.0207 0x3784  [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
22:32:25.0210 0x3784  gencounter - ok
22:32:25.0214 0x3784  genericusbfn - ok
22:32:25.0218 0x3784  GPIOClx0101 - ok
22:32:25.0221 0x3784  gpsvc - ok
22:32:25.0223 0x3784  [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
22:32:25.0225 0x3784  GpuEnergyDrv - ok
22:32:25.0232 0x3784  [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
22:32:25.0236 0x3784  GraphicsPerfSvc - ok
22:32:25.0242 0x3784  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:32:25.0245 0x3784  gupdate - ok
22:32:25.0252 0x3784  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:32:25.0254 0x3784  gupdatem - ok
22:32:25.0258 0x3784  HDAudBus - ok
22:32:25.0263 0x3784  HidBatt - ok
22:32:25.0268 0x3784  [ 33346BD26BB0AE4361DF1ED00D2876CF, 1777169606573646F7E7D54E01E421F62479DF57FAE86005B1EEFDC06F4898B7 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
22:32:25.0270 0x3784  HidBth - ok
22:32:25.0274 0x3784  hidi2c - ok
22:32:25.0279 0x3784  hidinterrupt - ok
22:32:25.0284 0x3784  [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
22:32:25.0285 0x3784  HidIr - ok
22:32:25.0289 0x3784  hidserv - ok
22:32:25.0293 0x3784  HidUsb - ok
22:32:25.0298 0x3784  [ B815C6E6C0156330A09700901EA4154D, FF003B408CDC62563CEAB39CF081B4AC09C2DDFFA4128491525D9B4F9EB7B3D0 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
22:32:25.0299 0x3784  HiPatchService - ok
22:32:25.0305 0x3784  HpSAMD - ok
22:32:25.0312 0x3784  HTTP - ok
22:32:25.0316 0x3784  [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash         C:\WINDOWS\System32\drivers\hvcrash.sys
22:32:25.0317 0x3784  hvcrash - ok
22:32:25.0321 0x3784  [ 64A94654E5703D2E8830AA2500D8F0A4, A1E3C910DFF1485E412F01076A11B9441161224C0F08A9067082A9FD8A5D8E5B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
22:32:25.0325 0x3784  HvHost - ok
22:32:25.0331 0x3784  [ 621042C19113527CF8FA89F3454576BF, AB072C44B9BA8CD3AFE0DA33E42A69210AE87F4314FA3A0DF984DDF12516F063 ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
22:32:25.0333 0x3784  hvservice - ok
22:32:25.0337 0x3784  [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
22:32:25.0338 0x3784  HwNClx0101 - ok
22:32:25.0343 0x3784  hwpolicy - ok
22:32:25.0346 0x3784  hyperkbd - ok
22:32:25.0349 0x3784  HyperVideo - ok
22:32:25.0353 0x3784  i8042prt - ok
22:32:25.0357 0x3784  iagpio - ok
22:32:25.0363 0x3784  iai2c - ok
22:32:25.0369 0x3784  iaLPSS2i_GPIO2 - ok
22:32:25.0376 0x3784  iaLPSS2i_GPIO2_BXT_P - ok
22:32:25.0379 0x3784  iaLPSS2i_I2C - ok
22:32:25.0383 0x3784  iaLPSS2i_I2C_BXT_P - ok
22:32:25.0386 0x3784  iaLPSSi_GPIO - ok
22:32:25.0390 0x3784  iaLPSSi_I2C - ok
22:32:25.0421 0x3784  [ 5C9AAE902452EF47D8C9EA5838E666B9, 9171558EE78B555312FD8D99EDF85849A4CDE87142EB91DB9E8AF92A1DDF664E ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
22:32:25.0443 0x3784  iaStorA - ok
22:32:25.0449 0x3784  iaStorAVC - ok
22:32:25.0452 0x3784  [ 31BD488EE7F6ED608A7418F6A7C6948D, BB7DC889C0F73FDE089FC0E52D321F29CBB5A65A3D9F90B0B3A730EF938B6178 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:32:25.0453 0x3784  IAStorDataMgrSvc - ok
22:32:25.0456 0x3784  iaStorV - ok
22:32:25.0461 0x3784  ibbus - ok
22:32:25.0466 0x3784  ibtsiva - ok
22:32:25.0473 0x3784  [ 27AD258DB51E25496F74E98C3CF80415, 58180A50CC8C28A0F7388F62F8A7E4DFE96B40D16C6E10BB067FD4F1EF3868AF ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
22:32:25.0478 0x3784  ibtusb - ok
22:32:25.0488 0x3784  [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
22:32:25.0500 0x3784  icssvc - ok
22:32:25.0643 0x3784  [ F37606EAFFB621AA6A341CC76BEF37C3, 421674158785B8911354AA02514080390239FBFC8713A2F2AEF55223AF1C28D3 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
22:32:25.0771 0x3784  igfx - ok
22:32:25.0793 0x3784  [ 407102406ABA1916DFA7915E52A2EC48, 2DBC62F778579E3BB839D31E4C4BDB26E1EDD2735EECFF4298973A03EC53233F ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
22:32:25.0801 0x3784  igfxCUIService2.0.0.0 - ok
22:32:25.0805 0x3784  IKEEXT - ok
22:32:25.0811 0x3784  [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
22:32:25.0812 0x3784  IndirectKmd - ok
22:32:25.0818 0x3784  InstallService - ok
22:32:25.0906 0x3784  [ 35A78C3E44DAB0E8396A1FD9BF48597F, 6F61ECEC687A1271BEF85956ECEC9EE545065FFE3EE30933D3AF1000BDBCC511 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
22:32:25.0991 0x3784  IntcAzAudAddService - ok
22:32:26.0016 0x3784  [ 947360145F94C61E17EECD4BD3516AA9, F55A9EC31FE253E063D34B0118070B14156567B2E3B4ED74B697CA656D7789A0 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
22:32:26.0027 0x3784  IntcDAud - ok
22:32:26.0033 0x3784  intelide - ok
22:32:26.0040 0x3784  [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
22:32:26.0043 0x3784  intelpep - ok
22:32:26.0047 0x3784  intelppm - ok
22:32:26.0051 0x3784  [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
22:32:26.0053 0x3784  iorate - ok
22:32:26.0059 0x3784  [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:32:26.0061 0x3784  IpFilterDriver - ok
22:32:26.0084 0x3784  [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
22:32:26.0098 0x3784  iphlpsvc - ok
22:32:26.0103 0x3784  IPMIDRV - ok
22:32:26.0111 0x3784  [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
22:32:26.0115 0x3784  IPNAT - ok
22:32:26.0120 0x3784  [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
22:32:26.0121 0x3784  IPT - ok
22:32:26.0126 0x3784  [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
22:32:26.0131 0x3784  IpxlatCfgSvc - ok
22:32:26.0136 0x3784  [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda            C:\WINDOWS\system32\drivers\irda.sys
22:32:26.0138 0x3784  irda - ok
22:32:26.0143 0x3784  [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
22:32:26.0143 0x3784  IRENUM - ok
22:32:26.0154 0x3784  [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon           C:\WINDOWS\System32\irmon.dll
22:32:26.0157 0x3784  irmon - ok
22:32:26.0162 0x3784  isapnp - ok
22:32:26.0166 0x3784  iScsiPrt - ok
22:32:26.0169 0x3784  ItSas35i - ok
22:32:26.0173 0x3784  [ DA0A946E6C4228B659FA798EF0B075C1, BC2F5710D6165615CD578A970BC154C8DB1ECCA5725D09A29954E9BE8FAC0ED7 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
22:32:26.0175 0x3784  iwdbus - ok
22:32:26.0180 0x3784  kbdclass - ok
22:32:26.0185 0x3784  kbdhid - ok
22:32:26.0188 0x3784  kdnic - ok
22:32:26.0192 0x3784  KeyIso - ok
22:32:26.0196 0x3784  KSecDD - ok
22:32:26.0200 0x3784  KSecPkg - ok
22:32:26.0203 0x3784  ksthunk - ok
22:32:26.0214 0x3784  [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
22:32:26.0225 0x3784  KtmRm - ok
22:32:26.0229 0x3784  LanmanServer - ok
22:32:26.0233 0x3784  LanmanWorkstation - ok
22:32:26.0240 0x3784  [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
22:32:26.0246 0x3784  lfsvc - ok
22:32:26.0251 0x3784  [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
22:32:26.0254 0x3784  LicenseManager - ok
22:32:26.0260 0x3784  [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
22:32:26.0262 0x3784  lltdio - ok
22:32:26.0271 0x3784  [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
22:32:26.0279 0x3784  lltdsvc - ok
22:32:26.0283 0x3784  lmhosts - ok
22:32:26.0288 0x3784  LSI_SAS - ok
22:32:26.0293 0x3784  LSI_SAS2i - ok
22:32:26.0298 0x3784  LSI_SAS3i - ok
22:32:26.0301 0x3784  LSI_SSS - ok
22:32:26.0304 0x3784  LSM - ok
22:32:26.0310 0x3784  [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
22:32:26.0313 0x3784  luafv - ok
22:32:26.0322 0x3784  [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc          C:\WINDOWS\System32\LanguageOverlayServer.dll
22:32:26.0330 0x3784  LxpSvc - ok
22:32:26.0335 0x3784  [ 1C1FF36E51F73989FB4DD2DBAFAE11EC, B5C0B169BFEF5FD769745F924B3F30C960A555F8B0C0C7315B273435D9F246D5 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
22:32:26.0341 0x3784  MapsBroker - ok
22:32:26.0355 0x3784  mausbhost - ok
22:32:26.0359 0x3784  mausbip - ok
22:32:26.0475 0x3784  [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
22:32:26.0586 0x3784  MBAMService - ok
22:32:26.0602 0x3784  [ A692F41F46F789228CECB2AA128AEC85, 83F7A12934D008BE46A774ABB136A7C11408D92832A0AEFF4866AEACF2594C55 ] MBAMSwissArmy   C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
22:32:26.0607 0x3784  MBAMSwissArmy - ok
22:32:26.0613 0x3784  megasas - ok
22:32:26.0617 0x3784  megasas2i - ok
22:32:26.0620 0x3784  megasas35i - ok
22:32:26.0623 0x3784  megasr - ok
22:32:26.0631 0x3784  [ 86F565B0D41EBCCE7256B812F3A0442B, BACB5753D4501679B0C3D5D6B2D2D5233EC6B5BF76D0C2BD616EC460D5B9918F ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
22:32:26.0635 0x3784  MEIx64 - ok
22:32:26.0639 0x3784  [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll
22:32:26.0645 0x3784  MessagingService - ok
22:32:26.0655 0x3784  [ 1ECAB1D7A88F953397D09ECFCF789B91, 42AFE658FABAA6816700886B2F0697A692DE6B5DB0B90B361E099BF79B44E389 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys
22:32:26.0657 0x3784  Microsoft_Bluetooth_AvrcpTransport - ok
22:32:26.0662 0x3784  mlx4_bus - ok
22:32:26.0666 0x3784  MMCSS - ok
22:32:26.0670 0x3784  [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
22:32:26.0671 0x3784  Modem - ok
22:32:26.0677 0x3784  [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
22:32:26.0679 0x3784  monitor - ok
22:32:26.0683 0x3784  mouclass - ok
22:32:26.0686 0x3784  mouhid - ok
22:32:26.0689 0x3784  mountmgr - ok
22:32:26.0697 0x3784  [ 5FD8FEB002DCA919BA18F51C267BFFEB, E6F6F1A1C5C0299B9386AC8A97D4360936CBFC664B99452EE78AACA163673123 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:32:26.0701 0x3784  MozillaMaintenance - ok
22:32:26.0705 0x3784  mpsdrv - ok
22:32:26.0709 0x3784  mpssvc - ok
22:32:26.0714 0x3784  MRxDAV - ok
22:32:26.0718 0x3784  mrxsmb - ok
22:32:26.0722 0x3784  mrxsmb20 - ok
22:32:26.0729 0x3784  [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
22:32:26.0731 0x3784  MsBridge - ok
22:32:26.0750 0x3784  [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC           C:\WINDOWS\System32\msdtc.exe
22:32:26.0757 0x3784  MSDTC - ok
22:32:26.0766 0x3784  Msfs - ok
22:32:26.0770 0x3784  [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:32:26.0772 0x3784  msgpiowin32 - ok
22:32:26.0777 0x3784  mshidkmdf - ok
22:32:26.0784 0x3784  [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
22:32:26.0785 0x3784  mshidumdf - ok
22:32:26.0788 0x3784  msisadrv - ok
22:32:26.0794 0x3784  MSiSCSI - ok
22:32:26.0798 0x3784  msiserver - ok
22:32:26.0801 0x3784  MSKSSRV - ok
22:32:26.0806 0x3784  [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
22:32:26.0809 0x3784  MsLldp - ok
22:32:26.0813 0x3784  MSPCLOCK - ok
22:32:26.0816 0x3784  MSPQM - ok
22:32:26.0820 0x3784  MsRPC - ok
22:32:26.0825 0x3784  mssmbios - ok
22:32:26.0829 0x3784  MSTEE - ok
22:32:26.0833 0x3784  MTConfig - ok
22:32:26.0836 0x3784  Mup - ok
22:32:26.0839 0x3784  mvumis - ok
22:32:26.0849 0x3784  [ 808DEF96BB1E01490DC38520D22A05A3, C242E34A20FE765A8CC2D1314B13347005E266C39B3467661BC7FB1E4BB75ABE ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
22:32:26.0854 0x3784  MyWiFiDHCPDNS - ok
22:32:26.0861 0x3784  NativeWifiP - ok
22:32:26.0888 0x3784  [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
22:32:26.0907 0x3784  NaturalAuthentication - ok
22:32:26.0918 0x3784  [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
22:32:26.0925 0x3784  NcaSvc - ok
22:32:26.0937 0x3784  [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService      C:\WINDOWS\System32\ncbservice.dll
22:32:26.0949 0x3784  NcbService - ok
22:32:26.0956 0x3784  [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
22:32:26.0964 0x3784  NcdAutoSetup - ok
22:32:26.0968 0x3784  ndfltr - ok
22:32:26.0972 0x3784  NDIS - ok
22:32:26.0979 0x3784  [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
22:32:26.0981 0x3784  NdisCap - ok
22:32:26.0989 0x3784  [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
22:32:26.0992 0x3784  NdisImPlatform - ok
22:32:26.0997 0x3784  NdisTapi - ok
22:32:27.0000 0x3784  Ndisuio - ok
22:32:27.0004 0x3784  NdisVirtualBus - ok
22:32:27.0009 0x3784  NdisWan - ok
22:32:27.0014 0x3784  ndiswanlegacy - ok
22:32:27.0020 0x3784  ndproxy - ok
22:32:27.0027 0x3784  [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
22:32:27.0030 0x3784  Ndu - ok
22:32:27.0033 0x3784  NetAdapterCx - ok
22:32:27.0037 0x3784  NetBIOS - ok
22:32:27.0043 0x3784  NetBT - ok
22:32:27.0047 0x3784  Netlogon - ok
22:32:27.0051 0x3784  Netman - ok
22:32:27.0066 0x3784  [ E9931F57F05696CBF53A086449D97BF6, 986C99033AA10A258F0CC42727B14C5812BC76AB535CDF54FCA1B038C4BF9546 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
22:32:27.0079 0x3784  netprofm - ok
22:32:27.0084 0x3784  NetSetupSvc - ok
22:32:27.0095 0x3784  [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:32:27.0098 0x3784  NetTcpPortSharing - ok
22:32:27.0103 0x3784  netvsc - ok
22:32:27.0235 0x3784  [ 43A6FA571D6B06279B9CD30901957AA1, A3451C696FC5FBE2C3778D974CF28B429B6265178E5372239C205221E9BDB39E ] Netwtw04        C:\WINDOWS\system32\DRIVERS\Netwtw04.sys
22:32:27.0368 0x3784  Netwtw04 - ok
22:32:27.0394 0x3784  [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
22:32:27.0409 0x3784  NgcCtnrSvc - ok
22:32:27.0430 0x3784  [ DB3589FF79F06EC1967EBA56C7249E3C, C3F1B4687F2AAE869C8566B38DCFE507F8E7201A2241BD5342AAC22A2370D5E4 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
22:32:27.0447 0x3784  NgcSvc - ok
22:32:27.0452 0x3784  NlaSvc - ok
22:32:27.0455 0x3784  Npfs - ok
22:32:27.0461 0x3784  npsvctrig - ok
22:32:27.0465 0x3784  nsi - ok
22:32:27.0470 0x3784  nsiproxy - ok
22:32:27.0476 0x3784  Ntfs - ok
22:32:27.0480 0x3784  Null - ok
22:32:27.0485 0x3784  nvdimm - ok
22:32:27.0488 0x3784  nvraid - ok
22:32:27.0492 0x3784  nvstor - ok
22:32:27.0506 0x3784  [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
22:32:27.0512 0x3784  OneSyncSvc - ok
22:32:27.0578 0x3784  [ F5989050C229483DA0C25E41BBAD310F, B4593F01F710C4A457686328CC88EFC904ED34D73AFF85DB4A722BA6A25E0B7C ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
22:32:27.0619 0x3784  Origin Client Service - ok
22:32:27.0685 0x3784  [ 4A91DFB1F6B5DF14559DF9293EE2AC5F, 5E8ECB5797E11EDE3B57EA200A7103F772F687629BBCFD12F612BA8BC599F848 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
22:32:27.0742 0x3784  Origin Web Helper Service - ok
22:32:27.0752 0x3784  [ 9FACCCBC44D65D7D41E88D8DAD365871, 5B215F7E0F2F15033ACAB40328265A224057E5FB4E8D3A3F2BB35D878F4CEFE4 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:32:27.0755 0x3784  ose - ok
22:32:27.0766 0x3784  [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
22:32:27.0775 0x3784  p2pimsvc - ok
22:32:27.0788 0x3784  [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
22:32:27.0800 0x3784  p2psvc - ok
22:32:27.0803 0x3784  Parport - ok
22:32:27.0807 0x3784  partmgr - ok
22:32:27.0827 0x3784  [ 0CF87FC2DA60940031D553F8FDF5066B, 95F8A15210D6F431B84C6E18643F93C9D16F53D3FF4873F9A327A77924B4B9F8 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
22:32:27.0840 0x3784  PcaSvc - ok
22:32:27.0846 0x3784  pci - ok
22:32:27.0849 0x3784  pciide - ok
22:32:27.0853 0x3784  pcmcia - ok
22:32:27.0856 0x3784  pcw - ok
22:32:27.0861 0x3784  pdc - ok
22:32:27.0880 0x3784  [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
22:32:27.0891 0x3784  PEAUTH - ok
22:32:27.0896 0x3784  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\PHotkey\PEGAGFN.sys
22:32:27.0897 0x3784  PEGAGFN - ok
22:32:27.0902 0x3784  [ 753402F5B8C5B85AB60FCF53229FA072, 981D065EBE5A0BD5180974E9AE77E3307F97A0E66DE2A7A79FBE0888F6657B7D ] PegaRadioSwitch C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys
22:32:27.0903 0x3784  PegaRadioSwitch - ok
22:32:27.0908 0x3784  percsas2i - ok
22:32:27.0913 0x3784  percsas3i - ok
22:32:27.0937 0x3784  [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
22:32:27.0940 0x3784  PerfHost - ok
22:32:27.0958 0x3784  [ 9A7B272B8815093763B996C7EE5D001F, B0499C50D031B6BDED2365C105D0274B72D611C23CFD4B6AE58B1C7F84B30A00 ] PGFNEXSrv       C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
22:32:27.0961 0x3784  PGFNEXSrv - ok
22:32:27.0965 0x3784  PhoneSvc - ok
22:32:27.0973 0x3784  [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
22:32:27.0982 0x3784  PimIndexMaintenanceSvc - ok
22:32:28.0014 0x3784  [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla             C:\WINDOWS\system32\pla.dll
22:32:28.0043 0x3784  pla - ok
22:32:28.0048 0x3784  PlugPlay - ok
22:32:28.0053 0x3784  pmem - ok
22:32:28.0057 0x3784  [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
22:32:28.0059 0x3784  PNPMEM - ok
22:32:28.0064 0x3784  [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
22:32:28.0070 0x3784  PNRPAutoReg - ok
22:32:28.0081 0x3784  [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
22:32:28.0089 0x3784  PNRPsvc - ok
22:32:28.0094 0x3784  PolicyAgent - ok
22:32:28.0100 0x3784  Power - ok
22:32:28.0103 0x3784  PptpMiniport - ok
22:32:28.0184 0x3784  [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
22:32:28.0242 0x3784  PrintNotify - ok
22:32:28.0251 0x3784  [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
22:32:28.0258 0x3784  PrintWorkflowUserSvc - ok
22:32:28.0264 0x3784  Processor - ok
22:32:28.0267 0x3784  ProfSvc - ok
22:32:28.0274 0x3784  [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
22:32:28.0278 0x3784  Psched - ok
22:32:28.0287 0x3784  [ 29F12CD3F77B65C7E37F8517395B13D2, 690517756A21B3DE4CF4A027AA712FC62DB6F5F2E89B4D2DE220A29C4A36878B ] PushToInstall   C:\WINDOWS\system32\PushToInstall.dll
22:32:28.0296 0x3784  PushToInstall - ok
22:32:28.0305 0x3784  [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE           C:\WINDOWS\system32\qwave.dll
22:32:28.0314 0x3784  QWAVE - ok
22:32:28.0319 0x3784  [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
22:32:28.0320 0x3784  QWAVEdrv - ok
22:32:28.0324 0x3784  Ramdisk - ok
22:32:28.0329 0x3784  RasAcd - ok
22:32:28.0332 0x3784  RasAgileVpn - ok
22:32:28.0336 0x3784  RasAuto - ok
22:32:28.0339 0x3784  Rasl2tp - ok
22:32:28.0346 0x3784  RasMan - ok
22:32:28.0349 0x3784  RasPppoe - ok
22:32:28.0353 0x3784  RasSstp - ok
22:32:28.0356 0x3784  rdbss - ok
22:32:28.0365 0x3784  [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
22:32:28.0366 0x3784  rdpbus - ok
22:32:28.0374 0x3784  [ 52A6CC99F5934CFAE88353C47B6193E7, 37F6991FA526036866E8CFC938A16750644AD764FA52BB102B11B5D594DB7E96 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
22:32:28.0378 0x3784  RDPDR - ok
22:32:28.0388 0x3784  [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:32:28.0390 0x3784  RdpVideoMiniport - ok
22:32:28.0402 0x3784  [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
22:32:28.0408 0x3784  rdyboost - ok
22:32:28.0483 0x3784  Redis - ok
22:32:28.0486 0x3784  ReFS - ok
22:32:28.0489 0x3784  ReFSv1 - ok
22:32:28.0496 0x3784  [ 3B346EFB42F3D3FFAF775E9A5D84A2C8, 242BFB2836408728A6D8E721D3C25ABD29D83CEF2438724D7D663FD417F2979A ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:32:28.0499 0x3784  RegSrvc - ok
22:32:28.0512 0x3784  [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
22:32:28.0523 0x3784  RemoteAccess - ok
22:32:28.0532 0x3784  [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
22:32:28.0541 0x3784  RemoteRegistry - ok
22:32:28.0558 0x3784  [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
22:32:28.0572 0x3784  RetailDemo - ok
22:32:28.0583 0x3784  [ 59F600BDA5B6EE591802945F1D8388D5, A30593A0EC696DE21264969664261E7ADA12C9E1161445BD41E71B7E3232604F ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
22:32:28.0586 0x3784  RFCOMM - ok
22:32:28.0592 0x3784  [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
22:32:28.0595 0x3784  rhproxy - ok
22:32:28.0607 0x3784  [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
22:32:28.0616 0x3784  RmSvc - ok
22:32:28.0619 0x3784  RpcEptMapper - ok
22:32:28.0624 0x3784  [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
22:32:28.0629 0x3784  RpcLocator - ok
22:32:28.0632 0x3784  RpcSs - ok
22:32:28.0637 0x3784  [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
22:32:28.0639 0x3784  rspndr - ok
22:32:28.0663 0x3784  [ E11A3F79475F9D019CD51ADCCC377909, CF14C494C4A969233C1D2B32A56C86C8636AC70004725B53447C42EB63C31BA9 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
22:32:28.0676 0x3784  rt640x64 - ok
22:32:28.0690 0x3784  [ CD119D2452BCB3ED0803FAF8A24F74AE, 8FC84679AE0B682DD79FE3879F92F854430C724C22E4F1DCD1E2D01777103492 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
22:32:28.0697 0x3784  RTSUER - ok
22:32:28.0702 0x3784  [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
22:32:28.0704 0x3784  s3cap - ok
22:32:28.0708 0x3784  SamSs - ok
22:32:28.0712 0x3784  sbp2port - ok
22:32:28.0722 0x3784  [ D48F36EA4B4E8237B24E33B18D76EB2A, 128E754F15FDB00D218FB23431BF0FBDC65D64EEF294D72535B0C07EB5472136 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
22:32:28.0733 0x3784  SCardSvr - ok
22:32:28.0744 0x3784  [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
22:32:28.0752 0x3784  ScDeviceEnum - ok
22:32:28.0757 0x3784  [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:32:28.0759 0x3784  scfilter - ok
22:32:28.0781 0x3784  [ 9D13410D7B4D76AA2EA73EC8CA0E0190, 7C46D202683F34F1C07D9D297E9A239376800DC8C84FE1585FE7FC723B6EBBA0 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
22:32:28.0801 0x3784  Schedule - ok
22:32:28.0811 0x3784  scmbus - ok
22:32:28.0819 0x3784  [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
22:32:28.0822 0x3784  SCPolicySvc - ok
22:32:28.0827 0x3784  sdbus - ok
22:32:28.0832 0x3784  [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
22:32:28.0833 0x3784  SDFRd - ok
22:32:28.0841 0x3784  [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
22:32:28.0849 0x3784  SDRSVC - ok
22:32:28.0853 0x3784  sdstor - ok
22:32:28.0857 0x3784  [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon        C:\WINDOWS\system32\seclogon.dll
22:32:28.0864 0x3784  seclogon - ok
22:32:28.0893 0x3784  [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
22:32:28.0921 0x3784  SEMgrSvc - ok
22:32:28.0927 0x3784  [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS            C:\WINDOWS\System32\sens.dll
22:32:28.0934 0x3784  SENS - ok
22:32:28.0978 0x3784  [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
22:32:29.0004 0x3784  SensorDataService - ok
22:32:29.0023 0x3784  [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService   C:\WINDOWS\system32\SensorService.dll
22:32:29.0040 0x3784  SensorService - ok
22:32:29.0050 0x3784  [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
22:32:29.0058 0x3784  SensrSvc - ok
22:32:29.0062 0x3784  SerCx - ok
22:32:29.0065 0x3784  SerCx2 - ok
22:32:29.0069 0x3784  Serenum - ok
22:32:29.0072 0x3784  Serial - ok
22:32:29.0083 0x3784  sermouse - ok
22:32:29.0102 0x3784  [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
22:32:29.0113 0x3784  SessionEnv - ok
22:32:29.0116 0x3784  sfloppy - ok
22:32:29.0122 0x3784  [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent       C:\WINDOWS\system32\drivers\SgrmAgent.sys
22:32:29.0125 0x3784  SgrmAgent - ok
22:32:29.0133 0x3784  [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker      C:\WINDOWS\system32\SgrmBroker.exe
22:32:29.0142 0x3784  SgrmBroker - ok
22:32:29.0159 0x3784  [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
22:32:29.0171 0x3784  SharedAccess - ok
22:32:29.0190 0x3784  [ 0BE15FDA358837ABD88DC72AA75C75CD, 3990FA051E7C280B446C8A749FCEE04E384230CC5E286B4E7080B1737E5730DD ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
22:32:29.0208 0x3784  SharedRealitySvc - ok
22:32:29.0224 0x3784  [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:32:29.0241 0x3784  ShellHWDetection - ok
22:32:29.0251 0x3784  [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
22:32:29.0260 0x3784  shpamsvc - ok
22:32:29.0265 0x3784  SiSRaid2 - ok
22:32:29.0268 0x3784  SiSRaid4 - ok
22:32:29.0272 0x3784  smphost - ok
22:32:29.0288 0x3784  [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
22:32:29.0303 0x3784  SmsRouter - ok
22:32:29.0313 0x3784  [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
22:32:29.0318 0x3784  SNMPTRAP - ok
22:32:29.0322 0x3784  spaceport - ok
22:32:29.0328 0x3784  [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
22:32:29.0331 0x3784  SpatialGraphFilter - ok
22:32:29.0334 0x3784  SpbCx - ok
22:32:29.0338 0x3784  spectrum - ok
22:32:29.0359 0x3784  [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
22:32:29.0375 0x3784  Spooler - ok
22:32:29.0381 0x3784  sppsvc - ok
22:32:29.0385 0x3784  srv - ok
22:32:29.0388 0x3784  srv2 - ok
22:32:29.0395 0x3784  srvnet - ok
22:32:29.0405 0x3784  [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
22:32:29.0417 0x3784  SSDPSRV - ok
22:32:29.0430 0x3784  [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent       C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
22:32:29.0436 0x3784  ssh-agent - ok
22:32:29.0442 0x3784  SstpSvc - ok
22:32:29.0461 0x3784  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
22:32:29.0471 0x3784  ss_conn_service - ok
22:32:29.0477 0x3784  StateRepository - ok
22:32:29.0512 0x3784  [ 3BCC3C334DF59EE4765B31730D7EA04C, BA193D484666BF5FFEEF715A74501F068E13F0330E5EFD4A9864175E313EAB63 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:32:29.0539 0x3784  Steam Client Service - ok
22:32:29.0545 0x3784  stexstor - ok
22:32:29.0562 0x3784  [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc          C:\WINDOWS\System32\wiaservc.dll
22:32:29.0577 0x3784  stisvc - ok
22:32:29.0582 0x3784  storahci - ok
22:32:29.0586 0x3784  storflt - ok
22:32:29.0589 0x3784  stornvme - ok
22:32:29.0595 0x3784  storqosflt - ok
22:32:29.0599 0x3784  StorSvc - ok
22:32:29.0602 0x3784  storufs - ok
22:32:29.0606 0x3784  storvsc - ok
22:32:29.0611 0x3784  svsvc - ok
22:32:29.0633 0x3784  swenum - ok
22:32:29.0636 0x3784  swprv - ok
22:32:29.0641 0x3784  [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
22:32:29.0643 0x3784  Synth3dVsc - ok
22:32:29.0667 0x3784  [ 62492FAAC26223E8A21E79A2331A3F10, 164C2650EAD344B6DFF95B8275436231E7994B7F06ACB3DA19054849BED61FD2 ] SysMain         C:\WINDOWS\system32\sysmain.dll
22:32:29.0687 0x3784  SysMain - ok
22:32:29.0693 0x3784  SystemEventsBroker - ok
22:32:29.0701 0x3784  [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:32:29.0711 0x3784  TabletInputService - ok
22:32:29.0716 0x3784  [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901         C:\WINDOWS\System32\drivers\tap0901.sys
22:32:29.0718 0x3784  tap0901 - ok
22:32:29.0727 0x3784  [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
22:32:29.0737 0x3784  TapiSrv - ok
22:32:29.0743 0x3784  [ 1960E9FD4082A0170FBA0231FD709113, D5854811787EBC979E9FAB02847F1E662F430A06AB2D3CB9F0EE4BB3A9EC56FE ] tapprotonvpn    C:\WINDOWS\System32\drivers\tapprotonvpn.sys
22:32:29.0745 0x3784  tapprotonvpn - ok
22:32:29.0749 0x3784  [ 039CFEDBC0D1A751A1308228A72C1CCD, C451FA71353CB2D31AE4AA3F2B03D098A2C6156B687EC33E0AD2DFC766646647 ] tapwindscribe0901 C:\WINDOWS\System32\drivers\tapwindscribe0901.sys
22:32:29.0751 0x3784  tapwindscribe0901 - ok
22:32:29.0755 0x3784  Tcpip - ok
22:32:29.0760 0x3784  Tcpip6 - ok
22:32:29.0768 0x3784  [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
22:32:29.0770 0x3784  tcpipreg - ok
22:32:29.0779 0x3784  tdx - ok
22:32:29.0784 0x3784  [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
22:32:29.0786 0x3784  terminpt - ok
22:32:29.0808 0x3784  [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService     C:\WINDOWS\System32\termsrv.dll
22:32:29.0830 0x3784  TermService - ok
22:32:29.0835 0x3784  [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes          C:\WINDOWS\system32\themeservice.dll
22:32:29.0844 0x3784  Themes - ok
22:32:29.0854 0x3784  [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
22:32:29.0864 0x3784  TieringEngineService - ok
22:32:29.0869 0x3784  TimeBrokerSvc - ok
22:32:29.0871 0x3784  TokenBroker - ok
22:32:29.0876 0x3784  TPM - ok
22:32:29.0883 0x3784  [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
22:32:29.0889 0x3784  TrkWks - ok
22:32:29.0894 0x3784  TrustedInstaller - ok
22:32:29.0902 0x3784  [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
22:32:29.0904 0x3784  TsUsbFlt - ok
22:32:29.0913 0x3784  [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:32:29.0915 0x3784  TsUsbGD - ok
22:32:29.0925 0x3784  [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel          C:\WINDOWS\system32\drivers\tunnel.sys
22:32:29.0928 0x3784  tunnel - ok
22:32:29.0935 0x3784  [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
22:32:29.0945 0x3784  tzautoupdate - ok
22:32:29.0949 0x3784  UASPStor - ok
22:32:29.0963 0x3784  [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
22:32:29.0966 0x3784  UcmCx0101 - ok
22:32:29.0973 0x3784  [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
22:32:29.0977 0x3784  UcmTcpciCx0101 - ok
22:32:29.0990 0x3784  [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
22:32:29.0993 0x3784  UcmUcsi - ok
22:32:29.0997 0x3784  Ucx01000 - ok
22:32:30.0002 0x3784  UdeCx - ok
22:32:30.0006 0x3784  udfs - ok
22:32:30.0012 0x3784  UEFI - ok
22:32:30.0022 0x3784  [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
22:32:30.0029 0x3784  Ufx01000 - ok
22:32:30.0034 0x3784  UfxChipidea - ok
22:32:30.0038 0x3784  ufxsynopsys - ok
22:32:30.0049 0x3784  umbus - ok
22:32:30.0054 0x3784  UmPass - ok
22:32:30.0066 0x3784  [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
22:32:30.0077 0x3784  UmRdpService - ok
22:32:30.0102 0x3784  [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
22:32:30.0129 0x3784  UnistoreSvc - ok
22:32:30.0146 0x3784  [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost        C:\WINDOWS\System32\upnphost.dll
22:32:30.0158 0x3784  upnphost - ok
22:32:30.0165 0x3784  [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
22:32:30.0167 0x3784  UrsChipidea - ok
22:32:30.0172 0x3784  [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
22:32:30.0175 0x3784  UrsCx01000 - ok
22:32:30.0180 0x3784  [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
22:32:30.0181 0x3784  UrsSynopsys - ok
22:32:30.0185 0x3784  usbccgp - ok
22:32:30.0190 0x3784  [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
22:32:30.0194 0x3784  usbcir - ok
22:32:30.0197 0x3784  usbehci - ok
22:32:30.0200 0x3784  usbhub - ok
22:32:30.0203 0x3784  USBHUB3 - ok
22:32:30.0208 0x3784  usbohci - ok
22:32:30.0214 0x3784  [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
22:32:30.0216 0x3784  usbprint - ok
22:32:30.0220 0x3784  usbser - ok
22:32:30.0224 0x3784  USBSTOR - ok
22:32:30.0229 0x3784  usbuhci - ok
22:32:30.0239 0x3784  [ 9431F7E997A8750139517709B04D8629, 250DE2A461DD3E6D40BD7A21041BF451D954D5BC14A9BC4D819955A135FC34F4 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
22:32:30.0246 0x3784  usbvideo - ok
22:32:30.0251 0x3784  USBXHCI - ok
22:32:30.0284 0x3784  [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
22:32:30.0316 0x3784  UserDataSvc - ok
22:32:30.0324 0x3784  UserManager - ok
22:32:30.0329 0x3784  UsoSvc - ok
22:32:30.0341 0x3784  [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc          C:\WINDOWS\System32\vac.dll
22:32:30.0354 0x3784  VacSvc - ok
22:32:30.0360 0x3784  VaultSvc - ok
22:32:30.0365 0x3784  [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone          C:\WINDOWS\System32\drivers\VClone.sys
22:32:30.0366 0x3784  VClone - ok
22:32:30.0369 0x3784  vdrvroot - ok
22:32:30.0373 0x3784  vds - ok
22:32:30.0379 0x3784  VerifierExt - ok
22:32:30.0383 0x3784  vhdmp - ok
22:32:30.0387 0x3784  vhf - ok
22:32:30.0392 0x3784  vmbus - ok
22:32:30.0396 0x3784  VMBusHID - ok
22:32:30.0400 0x3784  [ C9F69EBA06A703CE726CC6FC0AEFB5E9, 53E441D9D6017CC4BB75F41C6CB9DA79DE500CACBDDE58104D1857A2B749C373 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
22:32:30.0401 0x3784  vmgid - ok
22:32:30.0412 0x3784  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
22:32:30.0419 0x3784  vmicguestinterface - ok
22:32:30.0428 0x3784  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
22:32:30.0434 0x3784  vmicheartbeat - ok
22:32:30.0442 0x3784  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
22:32:30.0449 0x3784  vmickvpexchange - ok
22:32:30.0458 0x3784  [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
22:32:30.0466 0x3784  vmicrdv - ok
22:32:30.0475 0x3784  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
22:32:30.0482 0x3784  vmicshutdown - ok
22:32:30.0490 0x3784  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
22:32:30.0497 0x3784  vmictimesync - ok
22:32:30.0506 0x3784  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
22:32:30.0514 0x3784  vmicvmsession - ok
22:32:30.0525 0x3784  [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
22:32:30.0533 0x3784  vmicvss - ok
22:32:30.0537 0x3784  volmgr - ok
22:32:30.0543 0x3784  volmgrx - ok
22:32:30.0548 0x3784  volsnap - ok
22:32:30.0552 0x3784  volume - ok
22:32:30.0557 0x3784  [ CB90DACF9194DD9D60A2C1DBFBC1E0D1, BE454495C79857FD8DF4ABAF5BDB7D076467BBC27B31E87FA9D920F2001B670D ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
22:32:30.0560 0x3784  vpci - ok
22:32:30.0580 0x3784  [ 7AE0B2F48B374DB0F423C9807BCC4F1F, 541D692295427CA3BF9AB66D7185AD4154D2618E5554D7E145B2ED8B1AA4AC98 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
22:32:30.0591 0x3784  vpnagent - ok
22:32:30.0598 0x3784  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\WINDOWS\System32\drivers\vpnva64-6.sys
22:32:30.0599 0x3784  vpnva - ok
22:32:30.0603 0x3784  vsmraid - ok
22:32:30.0607 0x3784  VSS - ok
22:32:30.0612 0x3784  VSTXRAID - ok
22:32:30.0616 0x3784  vwifibus - ok
22:32:30.0620 0x3784  vwififlt - ok
22:32:30.0625 0x3784  vwifimp - ok
22:32:30.0629 0x3784  W32Time - ok
22:32:30.0641 0x3784  [ 1C8447EFBC2B36B1CFE889E519F46A6E, 2601185B01909682FB921400C26BE6391AC93F72E84E70E2F49B4059987E191E ] WaaSMedicSvc    C:\WINDOWS\System32\WaaSMedicSvc.dll
22:32:30.0654 0x3784  WaaSMedicSvc - ok
22:32:30.0659 0x3784  WacomPen - ok
22:32:30.0672 0x3784  [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService   C:\WINDOWS\system32\WalletService.dll
22:32:30.0687 0x3784  WalletService - ok
22:32:30.0692 0x3784  wanarp - ok
22:32:30.0697 0x3784  wanarpv6 - ok
22:32:30.0702 0x3784  [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
22:32:30.0710 0x3784  WarpJITSvc - ok
22:32:30.0716 0x3784  wbengine - ok
22:32:30.0720 0x3784  WbioSrvc - ok
22:32:30.0728 0x3784  [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
22:32:30.0732 0x3784  wcifs - ok
22:32:30.0769 0x3784  [ 2BCA9BABB5CEC329E604AE9C1DBA9D5B, 315C72B80A5E6278A725E7BD2DE0C8A2751C2A3F9B4D82F7A034B1ADDE687507 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
22:32:30.0792 0x3784  Wcmsvc - ok
22:32:30.0798 0x3784  wcncsvc - ok
22:32:30.0803 0x3784  [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
22:32:30.0806 0x3784  wcnfs - ok
22:32:30.0812 0x3784  [ 9BD1C97BAED4B916C95D4E107B3D9812, 722456319EBA63AC6EB21B6A99F4FC928F58AA972DF227EDF0982BC51F4DE86D ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
22:32:30.0814 0x3784  WdBoot - ok
22:32:30.0818 0x3784  Wdf01000 - ok
22:32:30.0829 0x3784  [ D25D9930BFD78A09B8FD4A7504C6F57A, 9D94BC1368A73B06312ED9016482534EA64F7005C85AAB240ED619FDD19E7F4C ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
22:32:30.0835 0x3784  WdFilter - ok
22:32:30.0841 0x3784  [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
22:32:30.0849 0x3784  WdiServiceHost - ok
22:32:30.0854 0x3784  [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
22:32:30.0863 0x3784  WdiSystemHost - ok
22:32:30.0866 0x3784  wdiwifi - ok
22:32:30.0870 0x3784  [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
22:32:30.0871 0x3784  WdmCompanionFilter - ok
22:32:30.0879 0x3784  [ 8542EAE47D35CB658614C1813C7599A2, 67AEB01B5D4E6CA8C669EFB12A7876A378CEA4CAE2810DD790D2DAC5F07D6E52 ] wdm_usb         C:\WINDOWS\system32\DRIVERS\usb2ser.sys
22:32:30.0883 0x3784  wdm_usb - ok
22:32:30.0888 0x3784  [ 54E97FEADEEFF973797EB878DC0D2850, A7ABD9E8B94DA19328BB9BF498D64603C6147BE998C40A6F0F8C2E0716CBFC95 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:32:30.0891 0x3784  WdNisDrv - ok
22:32:30.0895 0x3784  WdNisSvc - ok
22:32:30.0903 0x3784  [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient       C:\WINDOWS\System32\webclnt.dll
22:32:30.0915 0x3784  WebClient - ok
22:32:30.0923 0x3784  [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
22:32:30.0933 0x3784  Wecsvc - ok
22:32:30.0938 0x3784  [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
22:32:30.0947 0x3784  WEPHOSTSVC - ok
22:32:30.0954 0x3784  [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
22:32:30.0964 0x3784  wercplsupport - ok
22:32:30.0968 0x3784  WerSvc - ok
22:32:30.0983 0x3784  [ 0427A785512BB39BEA530DC5367A9A03, 8ED29AE0FDB65D4E1D8CD3FA1783D74EF7B01AB30DD1090C917A74AC88FD4C3E ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
22:32:30.0998 0x3784  WFDSConMgrSvc - ok
22:32:31.0002 0x3784  WFPLWFS - ok
22:32:31.0008 0x3784  [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
22:32:31.0016 0x3784  WiaRpc - ok
22:32:31.0020 0x3784  WIMMount - ok
22:32:31.0031 0x3784  [ EC7C1A7397988EFAF37BF685CA25525D, 50DA7D63CDE618D6426649AED250CEBE229CBBAC718C4E3CD882D816839B4CE9 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
22:32:31.0033 0x3784  WindowsTrustedRT - ok
22:32:31.0037 0x3784  [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
22:32:31.0039 0x3784  WindowsTrustedRTProxy - ok
22:32:31.0044 0x3784  WinHttpAutoProxySvc - ok
22:32:31.0048 0x3784  WinMad - ok
22:32:31.0055 0x3784  Winmgmt - ok
22:32:31.0070 0x3784  [ 48194110C410B335AC985D9194275A1C, 1CE64B9DD2DB4CCB3916AA4F4C5F8C71C647ABF7845D284019725761138B8A8B ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
22:32:31.0074 0x3784  WinNat - ok
22:32:31.0123 0x3784  [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
22:32:31.0174 0x3784  WinRM - ok
22:32:31.0189 0x3784  [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
22:32:31.0193 0x3784  WINUSB - ok
22:32:31.0197 0x3784  WinVerbs - ok
22:32:31.0200 0x3784  wisvc - ok
22:32:31.0205 0x3784  WlanSvc - ok
22:32:31.0211 0x3784  wlidsvc - ok
22:32:31.0242 0x3784  [ 59F6A50CD336D0ADD22E3F1FC0D73957, A62469B30325965735FE76AE7D83E5D829AE09D7F0996CC0B42604E68426B088 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
22:32:31.0271 0x3784  wlpasvc - ok
22:32:31.0276 0x3784  WmiAcpi - ok
22:32:31.0283 0x3784  wmiApSrv - ok
22:32:31.0286 0x3784  WMPNetworkSvc - ok
22:32:31.0297 0x3784  [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
22:32:31.0300 0x3784  Wof - ok
22:32:31.0347 0x3784  [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
22:32:31.0387 0x3784  workfolderssvc - ok
22:32:31.0395 0x3784  WpcMonSvc - ok
22:32:31.0400 0x3784  [ 25180559693250D7B7FF16A6BE7AC9BE, 1872BC298C3ED6A204B3BA2AB13D08EB9DAE5B30B7F83CA7A67BFDECA8D043AD ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
22:32:31.0412 0x3784  WPDBusEnum - ok
22:32:31.0420 0x3784  [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:32:31.0421 0x3784  WpdUpFltr - ok
22:32:31.0431 0x3784  [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService      C:\WINDOWS\system32\WpnService.dll
22:32:31.0442 0x3784  WpnService - ok
22:32:31.0448 0x3784  [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
22:32:31.0459 0x3784  WpnUserService - ok
22:32:31.0467 0x3784  ws2ifsl - ok
22:32:31.0476 0x3784  [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
22:32:31.0487 0x3784  wscsvc - ok
22:32:31.0492 0x3784  WSearch - ok
22:32:31.0502 0x3784  [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
22:32:31.0504 0x3784  WudfPf - ok
22:32:31.0515 0x3784  [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
22:32:31.0519 0x3784  WUDFRd - ok
22:32:31.0529 0x3784  [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:32:31.0533 0x3784  WUDFWpdFs - ok
22:32:31.0541 0x3784  [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:32:31.0546 0x3784  WUDFWpdMtp - ok
22:32:31.0584 0x3784  [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
22:32:31.0620 0x3784  WwanSvc - ok
22:32:31.0628 0x3784  [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm            C:\WINDOWS\system32\xbgmsvc.exe
22:32:31.0636 0x3784  xbgm - ok
22:32:31.0661 0x3784  [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
22:32:31.0688 0x3784  XblAuthManager - ok
22:32:31.0720 0x3784  [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
22:32:31.0755 0x3784  XblGameSave - ok
22:32:31.0767 0x3784  [ 0AA38B54EB292CB3EB13FFF948473DBA, C5256ABC0A4A2117EC6F1C88B5BFDBECAE673AD47639A274BFFF92A46452E9B0 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
22:32:31.0772 0x3784  xboxgip - ok
22:32:31.0779 0x3784  [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
22:32:31.0787 0x3784  XboxGipSvc - ok
22:32:31.0814 0x3784  [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
22:32:31.0842 0x3784  XboxNetApiSvc - ok
22:32:31.0849 0x3784  [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
22:32:31.0851 0x3784  xinputhid - ok
22:32:31.0866 0x3784  [ 3C68ADDE2437FB45CFE71FD8C33C4919, 7F19F51F3664BE5FDD79BCF216DF8D1D1BC3015D522E989DD592BFA1AB3DFE8B ] YSDrv           C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
22:32:31.0872 0x3784  YSDrv - ok
22:32:31.0944 0x3784  [ 1EBEA7CCAB778865336E4F6C79E807D6, A95FE0B9622E9390CB3482E18846C4EE8ECE67905F4CB6D239BCACC16679A5C4 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
22:32:32.0003 0x3784  ZeroConfigService - ok
22:32:32.0009 0x3784  ================ Scan global ===============================
22:32:32.0023 0x3784  [ Global ] - ok
22:32:32.0024 0x3784  ================ Scan MBR ==================================
22:32:32.0026 0x3784  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:32:32.0034 0x3784  \Device\Harddisk0\DR0 - ok
22:32:32.0036 0x3784  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
22:32:32.0041 0x3784  \Device\Harddisk1\DR1 - ok
22:32:32.0042 0x3784  ================ Scan VBR ==================================
22:32:32.0044 0x3784  [ DF911AD26D6AD77D910F0D2F6365A0E3 ] \Device\Harddisk0\DR0\Partition1
22:32:32.0045 0x3784  \Device\Harddisk0\DR0\Partition1 - ok
22:32:32.0047 0x3784  [ D797F3B4113DB4D8FE8B976E455F024C ] \Device\Harddisk0\DR0\Partition2
22:32:32.0048 0x3784  \Device\Harddisk0\DR0\Partition2 - ok
22:32:32.0051 0x3784  [ 5D4A449D7585BB685981813AA82E4778 ] \Device\Harddisk1\DR1\Partition1
22:32:32.0052 0x3784  \Device\Harddisk1\DR1\Partition1 - ok
22:32:32.0053 0x3784  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition2
22:32:32.0054 0x3784  \Device\Harddisk1\DR1\Partition2 - ok
22:32:32.0059 0x3784  [ 892200FF57E3E149C7E74953CAFED1ED ] \Device\Harddisk1\DR1\Partition3
22:32:32.0060 0x3784  \Device\Harddisk1\DR1\Partition3 - ok
22:32:32.0063 0x3784  [ E62DE48BB29D2CE86A1328B87EFAE779 ] \Device\Harddisk1\DR1\Partition4
22:32:32.0065 0x3784  \Device\Harddisk1\DR1\Partition4 - ok
22:32:32.0067 0x3784  [ B5FE3401605610FF0EB06614D298A41A ] \Device\Harddisk1\DR1\Partition5
22:32:32.0068 0x3784  \Device\Harddisk1\DR1\Partition5 - ok
22:32:32.0068 0x3784  ================ Scan generic autorun ======================
22:32:32.0068 0x3784  SecurityHealth - ok
22:32:32.0069 0x3784  ETDCtrl - ok
22:32:32.0353 0x3784  [ 8F16BC456BAA770C0FCC1CD7D3998A1B, 089AF447DC487F4B2D09E0F30E634C63EFD1913628219F3242E638536D922248 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:32:32.0610 0x3784  RTHDVCPL - ok
22:32:32.0652 0x3784  [ 59582ECA7AEC295A61BF79EC651BD89A, E086E8022F5363F9D6D94123854E8570E60C93D0AF84E0CCE4CD1602EB7863EB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:32:32.0675 0x3784  RtHDVBg_Dolby - ok
22:32:32.0682 0x3784  [ A8012BE61DC9CEFA5C41C2DA995812BD, 63D64926B700AD5378C7A719CD71906382EAAA1BE3CB2EE22D9A63D13E12C272 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
22:32:32.0683 0x3784  IAStorIcon - ok
22:32:32.0698 0x3784  [ 5DB2D863BEECABABE5AFBD36AD055919, EDA57E210834275DD78650C55267F1EB55BB03964D0BCB8C87CCB5CCE290AE51 ] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
22:32:32.0706 0x3784  DAX2_APP - ok
22:32:32.0710 0x3784  Discord - ok
22:32:32.0793 0x3784  [ E67118779196D1FDB49899709B62CBD5, E2891E34735C29018831818A58DA40900179A90A68FC92C6C903C57947AF73FC ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
22:32:32.0843 0x3784  Dropbox - ok
22:32:32.0871 0x3784  [ 4FE439A1651F4E2F74022253ADD1C925, 8D855B05D3FF5C840A30A5E00CB0ED9D774C84C9BA11B7657CEB3CC2E3F4C145 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
22:32:32.0891 0x3784  Cisco AnyConnect Secure Mobility Agent for Windows - ok
22:32:33.0256 0x3784  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:32:33.0544 0x3784  OneDriveSetup - ok
22:32:33.0573 0x3784  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
22:32:33.0580 0x3784  WAB Migrate - ok
22:32:33.0936 0x3784  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:32:34.0224 0x3784  OneDriveSetup - ok
22:32:34.0255 0x3784  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
22:32:34.0263 0x3784  WAB Migrate - ok
22:32:34.0296 0x3784  [ C84B6E5F646590F201E88F2C0955285A, 1785CC39A455F3ED3D0BAB97C03ED80D58CE24157E00C3AAECD31C2C98AA9806 ] C:\Users\staub\AppData\Local\Microsoft\OneDrive\OneDrive.exe
22:32:34.0321 0x3784  OneDrive - ok
22:32:34.0384 0x3784  [ 036D82DD70A5D8B7A29BCDDF3E5C243D, E54A465BF2D70C93B440B05612C8F11B7CA8C8AEECB822E65E518DD862A00700 ] C:\Program Files (x86)\Steam\steam.exe
22:32:34.0428 0x3784  Steam - ok
22:32:34.0435 0x3784  Spotify - ok
22:32:34.0466 0x3784  [ 23686E6FA80E49F08715598A3EFF36BB, B7DC968ADB7DC2FCA1D67A3E6ECE0FF71DC5A909547249CB4A479093319BA7B5 ] C:\Program Files\CyberGhost 6\CyberGhost.exe
22:32:34.0486 0x3784  CyberGhost - ok
22:32:34.0493 0x3784  Discord - ok
22:32:34.0495 0x3784  Windscribe - ok
22:32:34.0496 0x3784  Windows Shutdown Assistant - ok
22:32:34.0845 0x3784  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:32:35.0134 0x3784  OneDriveSetup - ok
22:32:35.0156 0x3784  Discord - ok
22:32:35.0186 0x3784  [ 10E204B6AEB476E50D07F22DFDFBF62D, AB189636BAB5020B671CBB763E245F27F60847405FC14BEA6E50285E60DC85ED ] C:\Users\enogh\AppData\Local\Microsoft\OneDrive\OneDrive.exe
22:32:35.0209 0x3784  OneDrive - ok
22:32:35.0223 0x3784  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
22:32:35.0231 0x3784  WAB Migrate - ok
22:32:35.0606 0x3784  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:32:35.0903 0x3784  OneDriveSetup - ok
22:32:36.0079 0x3784  [ 90029F7160037122DA12101C0C8850F7, DE4BFD8E60AC0222EACCA8BAC94562ED2B38CBEF569F8B927CCD197735655AC0 ] C:\Users\shima\AppData\Local\Microsoft\OneDrive\OneDrive.exe
22:32:36.0104 0x3784  OneDrive - ok
22:32:36.0120 0x3784  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
22:32:36.0128 0x3784  WAB Migrate - ok
22:32:36.0130 0x3784  Waiting for KSN requests completion. In queue: 293
22:32:37.0164 0x3784  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x60100 ( disabled : updated )
22:32:37.0174 0x3784  Win FW state via NFP2: enabled ( trusted )
22:32:37.0258 0x3784  ============================================================
22:32:37.0258 0x3784  Scan finished
22:32:37.0258 0x3784  ============================================================
22:32:37.0266 0x2148  Detected object count: 0
22:32:37.0266 0x2148  Actual detected object count: 0
22:32:40.0732 0x370c  Deinitialize success
         

Zitat:

22:32:22.0684 0x3784 Scan started
22:32:22.0684 0x3784 Mode: Manual;

tdssskiller wurde falsch eingestellt

Code: Alles auswählenAufklappen

ATTFilter

11:49:13.0116 0x2ea0  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
11:49:13.0116 0x2ea0  UEFI system
11:49:16.0036 0x2ea0  ============================================================
11:49:16.0036 0x2ea0  Current date / time: 2018/09/12 11:49:16.0036
11:49:16.0036 0x2ea0  SystemInfo:
11:49:16.0036 0x2ea0  
11:49:16.0036 0x2ea0  OS Version: 10.0.17134 ServicePack: 0.0
11:49:16.0036 0x2ea0  Product type: Workstation
11:49:16.0036 0x2ea0  ComputerName: DESKTOP-UKTCUI2
11:49:16.0036 0x2ea0  UserName: staub
11:49:16.0036 0x2ea0  Windows directory: C:\WINDOWS
11:49:16.0036 0x2ea0  System windows directory: C:\WINDOWS
11:49:16.0036 0x2ea0  Running under WOW64
11:49:16.0036 0x2ea0  Processor architecture: Intel x64
11:49:16.0036 0x2ea0  Number of processors: 4
11:49:16.0036 0x2ea0  Page size: 0x1000
11:49:16.0036 0x2ea0  Boot type: Normal boot
11:49:16.0036 0x2ea0  CodeIntegrityOptions = 0x00000001
11:49:16.0036 0x2ea0  ============================================================
11:49:16.0076 0x2ea0  KLMD registered as C:\WINDOWS\system32\drivers\43565767.sys
11:49:16.0076 0x2ea0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
11:49:16.0111 0x2ea0  System UUID: {EDB1CDC8-7A74-104B-02AF-2949488BCEB4}
11:49:16.0219 0x2ea0  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:49:16.0236 0x2ea0  Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:49:16.0241 0x2ea0  ============================================================
11:49:16.0241 0x2ea0  \Device\Harddisk0\DR0:
11:49:16.0241 0x2ea0  GPT partitions:
11:49:16.0241 0x2ea0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {694BD22E-7594-451D-9096-AF677B4917EB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xA7287000
11:49:16.0241 0x2ea0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CFE500BC-FDAB-400A-A9BB-68597C0FA1EA}, Name: Basic data partition, StartLBA 0xA7287800, BlocksNum 0x7800000
11:49:16.0241 0x2ea0  MBR partitions:
11:49:16.0241 0x2ea0  \Device\Harddisk1\DR1:
11:49:16.0242 0x2ea0  GPT partitions:
11:49:16.0242 0x2ea0  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {37C984F9-D5E4-4A08-916B-06B97DDDF7E8}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
11:49:16.0242 0x2ea0  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E56BC9C4-44E3-4B68-9BEA-B56A595BF278}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x8000
11:49:16.0242 0x2ea0  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {83D04214-4873-41EF-81F4-45DADF15BDE5}, Name: Basic data partition, StartLBA 0x3A800, BlocksNum 0xEA730B6
11:49:16.0242 0x2ea0  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {469DA7C1-3405-49E3-9966-C1579FC63C47}, Name: , StartLBA 0xEAAE000, BlocksNum 0x1CE000
11:49:16.0242 0x2ea0  \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {F5AF82CE-BB6E-4309-9DD1-F36D46EAA02A}, Name: Basic data partition, StartLBA 0xEC7C000, BlocksNum 0x200000
11:49:16.0242 0x2ea0  MBR partitions:
11:49:16.0242 0x2ea0  ============================================================
11:49:16.0243 0x2ea0  C: <-> \Device\Harddisk1\DR1\Partition3
11:49:16.0307 0x2ea0  D: <-> \Device\Harddisk0\DR0\Partition1
11:49:16.0383 0x2ea0  E: <-> \Device\Harddisk0\DR0\Partition2
11:49:16.0383 0x2ea0  ============================================================
11:49:16.0383 0x2ea0  Initialize success
11:49:16.0383 0x2ea0  ============================================================
11:49:57.0398 0x1f88  ============================================================
11:49:57.0398 0x1f88  Scan started
11:49:57.0398 0x1f88  Mode: Manual; SigCheck; TDLFS; 
11:49:57.0398 0x1f88  ============================================================
11:49:57.0398 0x1f88  KSN ping started
11:49:57.0468 0x1f88  KSN ping finished: true
11:50:01.0571 0x1f88  ================ Scan system memory ========================
11:50:01.0571 0x1f88  System memory - ok
11:50:01.0572 0x1f88  ================ Scan services =============================
11:50:01.0625 0x1f88  1394ohci - ok
11:50:01.0629 0x1f88  3ware - ok
11:50:01.0633 0x1f88  ACPI - ok
11:50:01.0635 0x1f88  AcpiDev - ok
11:50:01.0639 0x1f88  acpiex - ok
11:50:01.0644 0x1f88  acpipagr - ok
11:50:01.0649 0x1f88  [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
11:50:01.0691 0x1f88  AcpiPmi - ok
11:50:01.0700 0x1f88  acpitime - ok
11:50:01.0709 0x1f88  [ 56FCC24867F2C87BF96EE9D17A4CC20E, 6DDEF1234D207C6CDE0298DD1DAC988AC6CD7716E4FDA01813D175AE50F6A022 ] acsock          C:\WINDOWS\system32\DRIVERS\acsock64.sys
11:50:01.0732 0x1f88  acsock - ok
11:50:01.0737 0x1f88  ADP80XX - ok
11:50:01.0743 0x1f88  AFD - ok
11:50:01.0747 0x1f88  [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix          C:\WINDOWS\system32\drivers\afunix.sys
11:50:01.0762 0x1f88  afunix - ok
11:50:01.0769 0x1f88  [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
11:50:01.0794 0x1f88  ahcache - ok
11:50:01.0798 0x1f88  [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
11:50:01.0813 0x1f88  AJRouter - ok
11:50:01.0818 0x1f88  [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG             C:\WINDOWS\System32\alg.exe
11:50:01.0838 0x1f88  ALG - ok
11:50:01.0843 0x1f88  AmdK8 - ok
11:50:01.0846 0x1f88  AmdPPM - ok
11:50:01.0850 0x1f88  amdsata - ok
11:50:01.0853 0x1f88  amdsbs - ok
11:50:01.0858 0x1f88  amdxata - ok
11:50:01.0865 0x1f88  [ E4A18157BF5D8D714C05169A8A8D604C, 45D8CB25A9967D634F8331070BDFB3DF4ACB6295CF1520F9AAE8753D3BF4018A ] AppID           C:\WINDOWS\system32\drivers\appid.sys
11:50:01.0879 0x1f88  AppID - ok
11:50:01.0884 0x1f88  [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
11:50:01.0901 0x1f88  AppIDSvc - ok
11:50:01.0908 0x1f88  [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo         C:\WINDOWS\System32\appinfo.dll
11:50:01.0926 0x1f88  Appinfo - ok
11:50:01.0930 0x1f88  [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
11:50:01.0946 0x1f88  applockerfltr - ok
11:50:01.0950 0x1f88  AppReadiness - ok
11:50:01.0953 0x1f88  AppXSvc - ok
11:50:01.0956 0x1f88  arcsas - ok
11:50:01.0962 0x1f88  AsyncMac - ok
11:50:01.0966 0x1f88  atapi - ok
11:50:01.0969 0x1f88  AudioEndpointBuilder - ok
11:50:01.0973 0x1f88  Audiosrv - ok
11:50:01.0979 0x1f88  [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
11:50:02.0007 0x1f88  AxInstSV - ok
11:50:02.0011 0x1f88  b06bdrv - ok
11:50:02.0016 0x1f88  [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam             C:\WINDOWS\system32\drivers\bam.sys
11:50:02.0028 0x1f88  bam - ok
11:50:02.0031 0x1f88  BasicDisplay - ok
11:50:02.0035 0x1f88  BasicRender - ok
11:50:02.0041 0x1f88  BcastDVRUserService - ok
11:50:02.0048 0x1f88  bcmfn2 - ok
11:50:02.0060 0x1f88  [ 255D1EA1F4EDA1B7B28A88581F12A1CE, 5B2D7F2EFA7BB539719890CF2E45568C544DD0EECEC44BBA56CCECB792E8BC44 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
11:50:02.0087 0x1f88  BDESVC - ok
11:50:02.0092 0x1f88  [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
11:50:02.0115 0x1f88  Beep - ok
11:50:02.0118 0x1f88  BFE - ok
11:50:02.0124 0x1f88  [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt         C:\WINDOWS\system32\drivers\bindflt.sys
11:50:02.0137 0x1f88  bindflt - ok
11:50:02.0169 0x1f88  [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS            C:\WINDOWS\System32\qmgr.dll
11:50:02.0277 0x1f88  BITS - ok
11:50:02.0291 0x1f88  [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
11:50:02.0326 0x1f88  BluetoothUserService - ok
11:50:02.0340 0x1f88  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:50:02.0353 0x1f88  Bonjour Service - ok
11:50:02.0358 0x1f88  bowser - ok
11:50:02.0362 0x1f88  BrokerInfrastructure - ok
11:50:02.0368 0x1f88  [ 3E4BF0145201239E0BBD0A937431C14C, 1DDC27C89B16ADD9346EB30AA9E17330FE0181BE96DC6F06C455493FBDCB1113 ] Browser         C:\WINDOWS\System32\browser.dll
11:50:02.0383 0x1f88  Browser - ok
11:50:02.0395 0x1f88  [ 2EB2D533A0C94F05F1F511D3FA20D892, 77375EC0C1FB059D03FF2D23C975EB9A6EB00F9B59000A60A89582D4F6D1D4C4 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
11:50:02.0415 0x1f88  BstHdLogRotatorSvc - ok
11:50:02.0423 0x1f88  [ 7DB8EE09821A6D81A19A6591C9B8AA3A, 0A9A826560884F95D64BDC8A2076AE33FB718A3A59C0BBEC48E48A5FB907ACA4 ] BstkDrv         C:\Program Files (x86)\BlueStacks\BstkDrv.sys
11:50:02.0436 0x1f88  BstkDrv - ok
11:50:02.0449 0x1f88  [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService     C:\WINDOWS\System32\BTAGService.dll
11:50:02.0479 0x1f88  BTAGService - ok
11:50:02.0487 0x1f88  [ 2B5EB1BB42AEE7A77B1E9C794DFCEF3D, E94040AAE365CFCAEEC75F38EBDDB2C7F13B41F41D96C33FE3F25078BA21DA13 ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys
11:50:02.0504 0x1f88  BthA2DP - ok
11:50:02.0516 0x1f88  [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc     C:\WINDOWS\System32\BthAvctpSvc.dll
11:50:02.0542 0x1f88  BthAvctpSvc - ok
11:50:02.0548 0x1f88  [ E0121734C2492406034FA23E3D394EBD, E855EB12DD35CC47F68C5C6B1622560599C7074E274E510528196D47BDA56960 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
11:50:02.0562 0x1f88  BthEnum - ok
11:50:02.0568 0x1f88  [ F56B351A4E2B384911B2BA2A98261F34, A8140A2ABEC704A11776D29894ADD5D1FA9C125567EB6B270694573DB9B0E30E ] BthHFAud        C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
11:50:02.0584 0x1f88  BthHFAud - ok
11:50:02.0590 0x1f88  [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
11:50:02.0609 0x1f88  BthHFEnum - ok
11:50:02.0614 0x1f88  [ 8EE632BFE4BABD4E7A299AF54476F9A5, 836675F295A033C0239DCF86D90985443A60D5A1F38B668CA82A30BDFD983352 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
11:50:02.0660 0x1f88  BthLEEnum - ok
11:50:02.0665 0x1f88  [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
11:50:02.0682 0x1f88  BTHMODEM - ok
11:50:02.0688 0x1f88  [ B10E0CC936462BBA7BC659C0927617A0, B4F2A318384D176D0ACF26372756CE097F34EED59FBB023E7DB8F95D8F73F69A ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
11:50:02.0702 0x1f88  BthPan - ok
11:50:02.0726 0x1f88  [ EF105DBEB81F14EBDBA5F7977AD8FA91, A4D20038B72361CD95446854F2E538314C4C8B5EA4618AC7B18A43D8AF777A34 ] BTHPORT         C:\WINDOWS\system32\DRIVERS\BTHport.sys
11:50:02.0773 0x1f88  BTHPORT - ok
11:50:02.0781 0x1f88  [ 1EB49C9E2716D4924460B2FAA295E313, B96D39479BFD2ABCD3A3BB8897EAD7C5A03DFFD7266E82A1FBA0E7FEAF73E4B8 ] bthserv         C:\WINDOWS\system32\bthserv.dll
11:50:02.0798 0x1f88  bthserv - ok
11:50:02.0803 0x1f88  [ 0D5ECDF2601312025811F6AC413F851A, B7E99CF02C6B511BD643E7F8BB59E983D8B65073D9B55ED44457EDC2BBBBC419 ] BTHUSB          C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
11:50:02.0820 0x1f88  BTHUSB - ok
11:50:02.0824 0x1f88  bttflt - ok
11:50:02.0827 0x1f88  buttonconverter - ok
11:50:02.0831 0x1f88  [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
11:50:02.0843 0x1f88  CAD - ok
11:50:02.0847 0x1f88  camsvc - ok
11:50:02.0850 0x1f88  CapImg - ok
11:50:02.0854 0x1f88  cdfs - ok
11:50:02.0884 0x1f88  [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
11:50:02.0923 0x1f88  CDPSvc - ok
11:50:02.0935 0x1f88  [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
11:50:02.0962 0x1f88  CDPUserSvc - ok
11:50:02.0967 0x1f88  cdrom - ok
11:50:02.0974 0x1f88  [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
11:50:02.0994 0x1f88  CertPropSvc - ok
11:50:03.0002 0x1f88  [ 6581A8AA7D4CDE34EBE6DDF6A9913F86, DA921C0CADF48778C9144BDA601EA1806D92BADE4A082F1CBB032294A6C00494 ] CG6Service      C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
11:50:03.0016 0x1f88  CG6Service - ok
11:50:03.0020 0x1f88  [ 44293BF717CA39DC925C6A05453D8D34, 7A0761662C2B79F38CE24DC04509500BD818E6CF27252949072659AB39716A7F ] cgnetfilter1521 C:\WINDOWS\system32\drivers\cgnetfilter1521.sys
11:50:03.0030 0x1f88  cgnetfilter1521 - ok
11:50:03.0033 0x1f88  cht4iscsi - ok
11:50:03.0036 0x1f88  cht4vbd - ok
11:50:03.0041 0x1f88  [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
11:50:03.0052 0x1f88  circlass - ok
11:50:03.0064 0x1f88  [ 5619FC2A3AE4F43D4B20D95472ED948E, A5D530FB6AC493FC01489A1D32C311F7D28F0D7B49C950E71F4ADF4FBA302689 ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
11:50:03.0092 0x1f88  CldFlt - ok
11:50:03.0095 0x1f88  CLFS - ok
11:50:03.0284 0x1f88  [ 1C1E503D9246B059B5B19613BA97A53B, 70C91D253E776D74F927313E30675828732D68C2EAC1E49F7056FF3A60A87389 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
11:50:03.0503 0x1f88  ClickToRunSvc - ok
11:50:03.0547 0x1f88  [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
11:50:03.0578 0x1f88  ClipSVC - ok
11:50:03.0589 0x1f88  [ 228CB7727EC19833A74DAA5BE8627114, 7ABDEABF648C0CF04C736D9F1056CD54D5913837E1543CC358FDDFA9389934EC ] clwvd6          C:\WINDOWS\system32\DRIVERS\clwvd6.sys
11:50:03.0596 0x1f88  clwvd6 - ok
11:50:03.0600 0x1f88  CmBatt - ok
11:50:03.0608 0x1f88  CNG - ok
11:50:03.0612 0x1f88  [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
11:50:03.0620 0x1f88  cnghwassist - ok
11:50:03.0644 0x1f88  [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
11:50:03.0654 0x1f88  CompositeBus - ok
11:50:03.0658 0x1f88  COMSysApp - ok
11:50:03.0662 0x1f88  condrv - ok
11:50:03.0666 0x1f88  CoreMessagingRegistrar - ok
11:50:03.0695 0x1f88  [ 2E0A35871680D1E9E5A94031E2B781A7, 8EE720D4326DB9E409A291ED1AA169DC5595BE05663787D49DA6552A5FF3C509 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
11:50:03.0722 0x1f88  cphs - ok
11:50:03.0737 0x1f88  [ 9E6D6C613E004890EFEAAE858C11BD6D, 26E4C2D12F0F7CDF5977206CDD3F8FA09A5E6DD020C959AF93B245501BF44225 ] cplspcon        C:\WINDOWS\system32\IntelCpHDCPSvc.exe
11:50:03.0754 0x1f88  cplspcon - ok
11:50:03.0761 0x1f88  CryptSvc - ok
11:50:03.0765 0x1f88  [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam             C:\WINDOWS\system32\drivers\dam.sys
11:50:03.0775 0x1f88  dam - ok
11:50:03.0781 0x1f88  [ E59CAC3C48E862959CBDFD08DF40CD2D, 303CB1C89AD2608BB5837D3860964AA1F88F87B296A5C6AB8C88E2169CE6228B ] DAX2API         C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
11:50:03.0793 0x1f88  DAX2API - detected UnsignedFile.Multi.Generic ( 1 )
11:50:03.0847 0x1f88  Detect skipped due to KSN trusted
11:50:03.0847 0x1f88  DAX2API - ok
11:50:03.0863 0x1f88  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11:50:03.0877 0x1f88  dbupdate - ok
11:50:03.0883 0x1f88  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11:50:03.0891 0x1f88  dbupdatem - ok
11:50:03.0896 0x1f88  [ 8A6F51A5349EAF68AB2389C8F6E7D12F, 5ABFC27B422591EEB59CA0B7B27FDB2B920AF422508A1C75EB0BFE3B57B9F95E ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
11:50:03.0904 0x1f88  DbxSvc - ok
11:50:03.0910 0x1f88  DcomLaunch - ok
11:50:03.0913 0x1f88  defragsvc - ok
11:50:03.0927 0x1f88  [ 8DF502E8116C625387DD789936D7A0C2, D42661E068F401199FAEA012C200EEF02C1409A09DACD30E6B08E3FBE4149BFA ] DeviceAssociationService C:\WINDOWS\system32\das.dll
11:50:03.0954 0x1f88  DeviceAssociationService - ok
11:50:03.0958 0x1f88  DeviceInstall - ok
11:50:03.0969 0x1f88  [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
11:50:04.0026 0x1f88  DevicePickerUserSvc - ok
11:50:04.0059 0x1f88  [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
11:50:04.0104 0x1f88  DevicesFlowUserSvc - ok
11:50:04.0110 0x1f88  [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
11:50:04.0132 0x1f88  DevQueryBroker - ok
11:50:04.0136 0x1f88  Dfsc - ok
11:50:04.0142 0x1f88  Dhcp - ok
11:50:04.0145 0x1f88  diagnosticshub.standardcollector.service - ok
11:50:04.0153 0x1f88  [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc         C:\WINDOWS\system32\DiagSvc.dll
11:50:04.0176 0x1f88  diagsvc - ok
11:50:04.0181 0x1f88  DiagTrack - ok
11:50:04.0184 0x1f88  Disk - ok
11:50:04.0203 0x1f88  [ 89FC056F9CEFB85FC7159AA063904AFF, 6B6F86F87C48EE92F616D4EEE624C9711D0606FD651F3B1D4DD5EF3767B76750 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
11:50:04.0247 0x1f88  DmEnrollmentSvc - ok
11:50:04.0252 0x1f88  dmvsc - ok
11:50:04.0256 0x1f88  [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
11:50:04.0271 0x1f88  dmwappushservice - ok
11:50:04.0276 0x1f88  Dnscache - ok
11:50:04.0284 0x1f88  [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
11:50:04.0319 0x1f88  dot3svc - ok
11:50:04.0326 0x1f88  [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS             C:\WINDOWS\system32\dps.dll
11:50:04.0343 0x1f88  DPS - ok
11:50:04.0347 0x1f88  drmkaud - ok
11:50:04.0355 0x1f88  [ 5242DC5849014BCFBB3147B76A899783, 759542B42D9DCC224D9CBD19A0C6B8939417F2F08B547BE07FFA3356918C1ED7 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
11:50:04.0385 0x1f88  DsmSvc - ok
11:50:04.0389 0x1f88  DsSvc - ok
11:50:04.0401 0x1f88  [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
11:50:04.0426 0x1f88  DusmSvc - ok
11:50:04.0431 0x1f88  DXGKrnl - ok
11:50:04.0434 0x1f88  Eaphost - ok
11:50:04.0437 0x1f88  EasyAntiCheat - ok
11:50:04.0441 0x1f88  ebdrv - ok
11:50:04.0445 0x1f88  EFS - ok
11:50:04.0449 0x1f88  EhStorClass - ok
11:50:04.0452 0x1f88  EhStorTcgDrv - ok
11:50:04.0461 0x1f88  [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
11:50:04.0485 0x1f88  embeddedmode - ok
11:50:04.0498 0x1f88  [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
11:50:04.0525 0x1f88  EntAppSvc - ok
11:50:04.0528 0x1f88  ErrDev - ok
11:50:04.0544 0x1f88  [ BF8362193CB83B5283BC5D24AA3D8DF3, 9A45520D624B101D18A434E63DB7EA6CC44F598EDA36B8A916BB76C1DBB0955C ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
11:50:04.0563 0x1f88  ETD - ok
11:50:04.0571 0x1f88  [ 06C67EE6E9E5DF0692BBE14437E56F3F, 9569B03031AE0CAC51AEF8B8CB8F8F2E717478B482AB4760711E1427C33A396D ] ETDService      C:\Program Files\Elantech\ETDService.exe
11:50:04.0581 0x1f88  ETDService - ok
11:50:04.0585 0x1f88  [ C75C4769BBAE1397E1333D895C2DAE63, A066F6D6BCF25976EA16EC2077A0656C44952A3CB49C6A1A857482C8346E9D2D ] ETDSMBus        C:\WINDOWS\System32\drivers\ETDSMBus.sys
11:50:04.0591 0x1f88  ETDSMBus - ok
11:50:04.0606 0x1f88  [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem     C:\WINDOWS\system32\es.dll
11:50:04.0639 0x1f88  EventSystem - ok
11:50:04.0654 0x1f88  [ 416D42491C6A21C2F7DF6F93E572B463, 940074B51DC14586A0BCE22293F445B22E6F7F02D1FE0E12D71F3A9748A8CCD2 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:50:04.0676 0x1f88  EvtEng - ok
11:50:04.0680 0x1f88  exfat - ok
11:50:04.0682 0x1f88  fastfat - ok
11:50:04.0700 0x1f88  [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax             C:\WINDOWS\system32\fxssvc.exe
11:50:04.0733 0x1f88  Fax - ok
11:50:04.0737 0x1f88  fdc - ok
11:50:04.0743 0x1f88  [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
11:50:04.0763 0x1f88  fdPHost - ok
11:50:04.0768 0x1f88  [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
11:50:04.0783 0x1f88  FDResPub - ok
11:50:04.0789 0x1f88  [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
11:50:04.0809 0x1f88  fhsvc - ok
11:50:04.0814 0x1f88  [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
11:50:04.0826 0x1f88  FileCrypt - ok
11:50:04.0829 0x1f88  FileInfo - ok
11:50:04.0833 0x1f88  Filetrace - ok
11:50:04.0836 0x1f88  flpydisk - ok
11:50:04.0840 0x1f88  FltMgr - ok
11:50:04.0844 0x1f88  FontCache - ok
11:50:04.0848 0x1f88  FontCache3.0.0.0 - ok
11:50:04.0852 0x1f88  FrameServer - ok
11:50:04.0857 0x1f88  FsDepends - ok
11:50:04.0860 0x1f88  Fs_Rec - ok
11:50:04.0864 0x1f88  fvevol - ok
11:50:04.0868 0x1f88  [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
11:50:04.0895 0x1f88  gencounter - ok
11:50:04.0899 0x1f88  genericusbfn - ok
11:50:04.0902 0x1f88  GPIOClx0101 - ok
11:50:04.0906 0x1f88  gpsvc - ok
11:50:04.0911 0x1f88  [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
11:50:04.0926 0x1f88  GpuEnergyDrv - ok
11:50:04.0932 0x1f88  [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
11:50:04.0949 0x1f88  GraphicsPerfSvc - ok
11:50:04.0955 0x1f88  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:50:04.0964 0x1f88  gupdate - ok
11:50:04.0969 0x1f88  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:50:04.0977 0x1f88  gupdatem - ok
11:50:04.0980 0x1f88  HDAudBus - ok
11:50:04.0983 0x1f88  HidBatt - ok
11:50:04.0989 0x1f88  [ 33346BD26BB0AE4361DF1ED00D2876CF, 1777169606573646F7E7D54E01E421F62479DF57FAE86005B1EEFDC06F4898B7 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
11:50:05.0007 0x1f88  HidBth - ok
11:50:05.0011 0x1f88  hidi2c - ok
11:50:05.0014 0x1f88  hidinterrupt - ok
11:50:05.0018 0x1f88  [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
11:50:05.0030 0x1f88  HidIr - ok
11:50:05.0034 0x1f88  hidserv - ok
11:50:05.0037 0x1f88  HidUsb - ok
11:50:05.0042 0x1f88  [ B815C6E6C0156330A09700901EA4154D, FF003B408CDC62563CEAB39CF081B4AC09C2DDFFA4128491525D9B4F9EB7B3D0 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
11:50:05.0047 0x1f88  HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
11:50:05.0099 0x1f88  Detect skipped due to KSN trusted
11:50:05.0099 0x1f88  HiPatchService - ok
11:50:05.0106 0x1f88  HpSAMD - ok
11:50:05.0110 0x1f88  HTTP - ok
11:50:05.0114 0x1f88  [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash         C:\WINDOWS\System32\drivers\hvcrash.sys
11:50:05.0123 0x1f88  hvcrash - ok
11:50:05.0129 0x1f88  [ 64A94654E5703D2E8830AA2500D8F0A4, A1E3C910DFF1485E412F01076A11B9441161224C0F08A9067082A9FD8A5D8E5B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
11:50:05.0141 0x1f88  HvHost - ok
11:50:05.0146 0x1f88  [ 621042C19113527CF8FA89F3454576BF, AB072C44B9BA8CD3AFE0DA33E42A69210AE87F4314FA3A0DF984DDF12516F063 ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
11:50:05.0156 0x1f88  hvservice - ok
11:50:05.0162 0x1f88  [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
11:50:05.0181 0x1f88  HwNClx0101 - ok
11:50:05.0184 0x1f88  hwpolicy - ok
11:50:05.0188 0x1f88  hyperkbd - ok
11:50:05.0193 0x1f88  HyperVideo - ok
11:50:05.0196 0x1f88  i8042prt - ok
11:50:05.0199 0x1f88  iagpio - ok
11:50:05.0202 0x1f88  iai2c - ok
11:50:05.0206 0x1f88  iaLPSS2i_GPIO2 - ok
11:50:05.0211 0x1f88  iaLPSS2i_GPIO2_BXT_P - ok
11:50:05.0214 0x1f88  iaLPSS2i_I2C - ok
11:50:05.0218 0x1f88  iaLPSS2i_I2C_BXT_P - ok
11:50:05.0221 0x1f88  iaLPSSi_GPIO - ok
11:50:05.0226 0x1f88  iaLPSSi_I2C - ok
11:50:05.0260 0x1f88  [ 5C9AAE902452EF47D8C9EA5838E666B9, 9171558EE78B555312FD8D99EDF85849A4CDE87142EB91DB9E8AF92A1DDF664E ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
11:50:05.0294 0x1f88  iaStorA - ok
11:50:05.0300 0x1f88  iaStorAVC - ok
11:50:05.0304 0x1f88  [ 31BD488EE7F6ED608A7418F6A7C6948D, BB7DC889C0F73FDE089FC0E52D321F29CBB5A65A3D9F90B0B3A730EF938B6178 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:50:05.0311 0x1f88  IAStorDataMgrSvc - ok
11:50:05.0315 0x1f88  iaStorV - ok
11:50:05.0317 0x1f88  ibbus - ok
11:50:05.0335 0x1f88  ibtsiva - ok
11:50:05.0345 0x1f88  [ 27AD258DB51E25496F74E98C3CF80415, 58180A50CC8C28A0F7388F62F8A7E4DFE96B40D16C6E10BB067FD4F1EF3868AF ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
11:50:05.0356 0x1f88  ibtusb - ok
11:50:05.0366 0x1f88  [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
11:50:05.0391 0x1f88  icssvc - ok
11:50:05.0527 0x1f88  [ F37606EAFFB621AA6A341CC76BEF37C3, 421674158785B8911354AA02514080390239FBFC8713A2F2AEF55223AF1C28D3 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
11:50:05.0702 0x1f88  igfx - ok
11:50:05.0721 0x1f88  [ 407102406ABA1916DFA7915E52A2EC48, 2DBC62F778579E3BB839D31E4C4BDB26E1EDD2735EECFF4298973A03EC53233F ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
11:50:05.0739 0x1f88  igfxCUIService2.0.0.0 - ok
11:50:05.0744 0x1f88  IKEEXT - ok
11:50:05.0748 0x1f88  [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
11:50:05.0762 0x1f88  IndirectKmd - ok
11:50:05.0766 0x1f88  InstallService - ok
11:50:05.0852 0x1f88  [ 35A78C3E44DAB0E8396A1FD9BF48597F, 6F61ECEC687A1271BEF85956ECEC9EE545065FFE3EE30933D3AF1000BDBCC511 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
11:50:05.0963 0x1f88  IntcAzAudAddService - ok
11:50:05.0986 0x1f88  [ 947360145F94C61E17EECD4BD3516AA9, F55A9EC31FE253E063D34B0118070B14156567B2E3B4ED74B697CA656D7789A0 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
11:50:06.0010 0x1f88  IntcDAud - ok
11:50:06.0016 0x1f88  intelide - ok
11:50:06.0022 0x1f88  [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
11:50:06.0033 0x1f88  intelpep - ok
11:50:06.0037 0x1f88  intelppm - ok
11:50:06.0042 0x1f88  [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
11:50:06.0052 0x1f88  iorate - ok
11:50:06.0057 0x1f88  [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:50:06.0073 0x1f88  IpFilterDriver - ok
11:50:06.0096 0x1f88  [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
11:50:06.0138 0x1f88  iphlpsvc - ok
11:50:06.0143 0x1f88  IPMIDRV - ok
11:50:06.0151 0x1f88  [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
11:50:06.0174 0x1f88  IPNAT - ok
11:50:06.0179 0x1f88  [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
11:50:06.0191 0x1f88  IPT - ok
11:50:06.0197 0x1f88  [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
11:50:06.0213 0x1f88  IpxlatCfgSvc - ok
11:50:06.0218 0x1f88  [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda            C:\WINDOWS\system32\drivers\irda.sys
11:50:06.0233 0x1f88  irda - ok
11:50:06.0237 0x1f88  [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
11:50:06.0249 0x1f88  IRENUM - ok
11:50:06.0253 0x1f88  [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon           C:\WINDOWS\System32\irmon.dll
11:50:06.0268 0x1f88  irmon - ok
11:50:06.0272 0x1f88  isapnp - ok
11:50:06.0275 0x1f88  iScsiPrt - ok
11:50:06.0279 0x1f88  ItSas35i - ok
11:50:06.0283 0x1f88  [ DA0A946E6C4228B659FA798EF0B075C1, BC2F5710D6165615CD578A970BC154C8DB1ECCA5725D09A29954E9BE8FAC0ED7 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
11:50:06.0291 0x1f88  iwdbus - ok
11:50:06.0295 0x1f88  kbdclass - ok
11:50:06.0298 0x1f88  kbdhid - ok
11:50:06.0302 0x1f88  kdnic - ok
11:50:06.0306 0x1f88  KeyIso - ok
11:50:06.0310 0x1f88  KSecDD - ok
11:50:06.0313 0x1f88  KSecPkg - ok
11:50:06.0317 0x1f88  ksthunk - ok
11:50:06.0328 0x1f88  [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
11:50:06.0359 0x1f88  KtmRm - ok
11:50:06.0364 0x1f88  LanmanServer - ok
11:50:06.0368 0x1f88  LanmanWorkstation - ok
11:50:06.0374 0x1f88  [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
11:50:06.0389 0x1f88  lfsvc - ok
11:50:06.0393 0x1f88  [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
11:50:06.0410 0x1f88  LicenseManager - ok
11:50:06.0416 0x1f88  [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
11:50:06.0430 0x1f88  lltdio - ok
11:50:06.0440 0x1f88  [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
11:50:06.0464 0x1f88  lltdsvc - ok
11:50:06.0467 0x1f88  lmhosts - ok
11:50:06.0472 0x1f88  LSI_SAS - ok
11:50:06.0476 0x1f88  LSI_SAS2i - ok
11:50:06.0480 0x1f88  LSI_SAS3i - ok
11:50:06.0484 0x1f88  LSI_SSS - ok
11:50:06.0487 0x1f88  LSM - ok
11:50:06.0493 0x1f88  [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
11:50:06.0511 0x1f88  luafv - ok
11:50:06.0519 0x1f88  [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc          C:\WINDOWS\System32\LanguageOverlayServer.dll
11:50:06.0539 0x1f88  LxpSvc - ok
11:50:06.0545 0x1f88  [ 1C1FF36E51F73989FB4DD2DBAFAE11EC, B5C0B169BFEF5FD769745F924B3F30C960A555F8B0C0C7315B273435D9F246D5 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
11:50:06.0563 0x1f88  MapsBroker - ok
11:50:06.0566 0x1f88  mausbhost - ok
11:50:06.0569 0x1f88  mausbip - ok
11:50:06.0695 0x1f88  [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
11:50:06.0834 0x1f88  MBAMService - ok
11:50:06.0851 0x1f88  [ A692F41F46F789228CECB2AA128AEC85, 83F7A12934D008BE46A774ABB136A7C11408D92832A0AEFF4866AEACF2594C55 ] MBAMSwissArmy   C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
11:50:06.0862 0x1f88  MBAMSwissArmy - ok
11:50:06.0866 0x1f88  megasas - ok
11:50:06.0868 0x1f88  megasas2i - ok
11:50:06.0872 0x1f88  megasas35i - ok
11:50:06.0876 0x1f88  megasr - ok
11:50:06.0883 0x1f88  [ 86F565B0D41EBCCE7256B812F3A0442B, BACB5753D4501679B0C3D5D6B2D2D5233EC6B5BF76D0C2BD616EC460D5B9918F ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
11:50:06.0898 0x1f88  MEIx64 - ok
11:50:06.0903 0x1f88  [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll
11:50:06.0925 0x1f88  MessagingService - ok
11:50:06.0931 0x1f88  [ 1ECAB1D7A88F953397D09ECFCF789B91, 42AFE658FABAA6816700886B2F0697A692DE6B5DB0B90B361E099BF79B44E389 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys
11:50:06.0949 0x1f88  Microsoft_Bluetooth_AvrcpTransport - ok
11:50:06.0953 0x1f88  mlx4_bus - ok
11:50:06.0957 0x1f88  MMCSS - ok
11:50:06.0962 0x1f88  [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
11:50:06.0976 0x1f88  Modem - ok
11:50:06.0982 0x1f88  [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
11:50:06.0993 0x1f88  monitor - ok
11:50:06.0996 0x1f88  mouclass - ok
11:50:06.0999 0x1f88  mouhid - ok
11:50:07.0002 0x1f88  mountmgr - ok
11:50:07.0010 0x1f88  [ 5FD8FEB002DCA919BA18F51C267BFFEB, E6F6F1A1C5C0299B9386AC8A97D4360936CBFC664B99452EE78AACA163673123 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:50:07.0020 0x1f88  MozillaMaintenance - ok
11:50:07.0025 0x1f88  mpsdrv - ok
11:50:07.0027 0x1f88  mpssvc - ok
11:50:07.0032 0x1f88  MRxDAV - ok
11:50:07.0034 0x1f88  mrxsmb - ok
11:50:07.0037 0x1f88  mrxsmb20 - ok
11:50:07.0044 0x1f88  [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
11:50:07.0059 0x1f88  MsBridge - ok
11:50:07.0065 0x1f88  [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC           C:\WINDOWS\System32\msdtc.exe
11:50:07.0088 0x1f88  MSDTC - ok
11:50:07.0093 0x1f88  Msfs - ok
11:50:07.0097 0x1f88  [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
11:50:07.0108 0x1f88  msgpiowin32 - ok
11:50:07.0112 0x1f88  mshidkmdf - ok
11:50:07.0115 0x1f88  [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
11:50:07.0127 0x1f88  mshidumdf - ok
11:50:07.0131 0x1f88  msisadrv - ok
11:50:07.0134 0x1f88  MSiSCSI - ok
11:50:07.0141 0x1f88  msiserver - ok
11:50:07.0144 0x1f88  MSKSSRV - ok
11:50:07.0151 0x1f88  [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
11:50:07.0168 0x1f88  MsLldp - ok
11:50:07.0173 0x1f88  MSPCLOCK - ok
11:50:07.0177 0x1f88  MSPQM - ok
11:50:07.0181 0x1f88  MsRPC - ok
11:50:07.0186 0x1f88  mssmbios - ok
11:50:07.0191 0x1f88  MSTEE - ok
11:50:07.0195 0x1f88  MTConfig - ok
11:50:07.0199 0x1f88  Mup - ok
11:50:07.0203 0x1f88  mvumis - ok
11:50:07.0211 0x1f88  [ 808DEF96BB1E01490DC38520D22A05A3, C242E34A20FE765A8CC2D1314B13347005E266C39B3467661BC7FB1E4BB75ABE ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:50:07.0223 0x1f88  MyWiFiDHCPDNS - ok
11:50:07.0229 0x1f88  NativeWifiP - ok
11:50:07.0249 0x1f88  [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
11:50:07.0292 0x1f88  NaturalAuthentication - ok
11:50:07.0299 0x1f88  [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
11:50:07.0319 0x1f88  NcaSvc - ok
11:50:07.0331 0x1f88  [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService      C:\WINDOWS\System32\ncbservice.dll
11:50:07.0361 0x1f88  NcbService - ok
11:50:07.0367 0x1f88  [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
11:50:07.0383 0x1f88  NcdAutoSetup - ok
11:50:07.0386 0x1f88  ndfltr - ok
11:50:07.0390 0x1f88  NDIS - ok
11:50:07.0397 0x1f88  [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
11:50:07.0410 0x1f88  NdisCap - ok
11:50:07.0416 0x1f88  [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
11:50:07.0432 0x1f88  NdisImPlatform - ok
11:50:07.0435 0x1f88  NdisTapi - ok
11:50:07.0439 0x1f88  Ndisuio - ok
11:50:07.0442 0x1f88  NdisVirtualBus - ok
11:50:07.0444 0x1f88  NdisWan - ok
11:50:07.0448 0x1f88  ndiswanlegacy - ok
11:50:07.0452 0x1f88  ndproxy - ok
11:50:07.0459 0x1f88  [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
11:50:07.0476 0x1f88  Ndu - ok
11:50:07.0480 0x1f88  NetAdapterCx - ok
11:50:07.0483 0x1f88  NetBIOS - ok
11:50:07.0487 0x1f88  NetBT - ok
11:50:07.0491 0x1f88  Netlogon - ok
11:50:07.0496 0x1f88  Netman - ok
11:50:07.0509 0x1f88  [ E9931F57F05696CBF53A086449D97BF6, 986C99033AA10A258F0CC42727B14C5812BC76AB535CDF54FCA1B038C4BF9546 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
11:50:07.0539 0x1f88  netprofm - ok
11:50:07.0544 0x1f88  NetSetupSvc - ok
11:50:07.0553 0x1f88  [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:07.0567 0x1f88  NetTcpPortSharing - ok
11:50:07.0570 0x1f88  netvsc - ok
11:50:07.0695 0x1f88  [ 43A6FA571D6B06279B9CD30901957AA1, A3451C696FC5FBE2C3778D974CF28B429B6265178E5372239C205221E9BDB39E ] Netwtw04        C:\WINDOWS\system32\DRIVERS\Netwtw04.sys
11:50:07.0860 0x1f88  Netwtw04 - ok
11:50:07.0886 0x1f88  [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
11:50:07.0928 0x1f88  NgcCtnrSvc - ok
11:50:07.0950 0x1f88  [ DB3589FF79F06EC1967EBA56C7249E3C, C3F1B4687F2AAE869C8566B38DCFE507F8E7201A2241BD5342AAC22A2370D5E4 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
11:50:07.0993 0x1f88  NgcSvc - ok
11:50:07.0997 0x1f88  NlaSvc - ok
11:50:08.0001 0x1f88  Npfs - ok
11:50:08.0005 0x1f88  npsvctrig - ok
11:50:08.0009 0x1f88  nsi - ok
11:50:08.0013 0x1f88  nsiproxy - ok
11:50:08.0018 0x1f88  Ntfs - ok
11:50:08.0022 0x1f88  Null - ok
11:50:08.0026 0x1f88  nvdimm - ok
11:50:08.0030 0x1f88  nvraid - ok
11:50:08.0033 0x1f88  nvstor - ok
11:50:08.0045 0x1f88  [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
11:50:08.0067 0x1f88  OneSyncSvc - ok
11:50:08.0112 0x1f88  [ F5989050C229483DA0C25E41BBAD310F, B4593F01F710C4A457686328CC88EFC904ED34D73AFF85DB4A722BA6A25E0B7C ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
11:50:08.0166 0x1f88  Origin Client Service - ok
11:50:08.0229 0x1f88  [ 4A91DFB1F6B5DF14559DF9293EE2AC5F, 5E8ECB5797E11EDE3B57EA200A7103F772F687629BBCFD12F612BA8BC599F848 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
11:50:08.0298 0x1f88  Origin Web Helper Service - ok
11:50:08.0308 0x1f88  [ 9FACCCBC44D65D7D41E88D8DAD365871, 5B215F7E0F2F15033ACAB40328265A224057E5FB4E8D3A3F2BB35D878F4CEFE4 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:50:08.0319 0x1f88  ose - ok
11:50:08.0331 0x1f88  [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
11:50:08.0356 0x1f88  p2pimsvc - ok
11:50:08.0368 0x1f88  [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
11:50:08.0394 0x1f88  p2psvc - ok
11:50:08.0398 0x1f88  Parport - ok
11:50:08.0401 0x1f88  partmgr - ok
11:50:08.0415 0x1f88  [ 0CF87FC2DA60940031D553F8FDF5066B, 95F8A15210D6F431B84C6E18643F93C9D16F53D3FF4873F9A327A77924B4B9F8 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
11:50:08.0438 0x1f88  PcaSvc - ok
11:50:08.0443 0x1f88  pci - ok
11:50:08.0446 0x1f88  pciide - ok
11:50:08.0450 0x1f88  pcmcia - ok
11:50:08.0453 0x1f88  pcw - ok
11:50:08.0456 0x1f88  pdc - ok
11:50:08.0475 0x1f88  [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
11:50:08.0509 0x1f88  PEAUTH - ok
11:50:08.0513 0x1f88  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\PHotkey\PEGAGFN.sys
11:50:08.0518 0x1f88  PEGAGFN - ok
11:50:08.0522 0x1f88  [ 753402F5B8C5B85AB60FCF53229FA072, 981D065EBE5A0BD5180974E9AE77E3307F97A0E66DE2A7A79FBE0888F6657B7D ] PegaRadioSwitch C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys
11:50:08.0538 0x1f88  PegaRadioSwitch - ok
11:50:08.0541 0x1f88  percsas2i - ok
11:50:08.0544 0x1f88  percsas3i - ok
11:50:08.0569 0x1f88  [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
11:50:08.0611 0x1f88  PerfHost - ok
11:50:08.0622 0x1f88  [ 9A7B272B8815093763B996C7EE5D001F, B0499C50D031B6BDED2365C105D0274B72D611C23CFD4B6AE58B1C7F84B30A00 ] PGFNEXSrv       C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
11:50:08.0632 0x1f88  PGFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 )
11:50:08.0755 0x1f88  PGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
11:50:08.0755 0x1f88  Force sending object to P2P due to detect: PGFNEXSrv
11:50:08.0874 0x1f88  Object send P2P result: true
11:50:08.0987 0x1f88  PhoneSvc - ok
11:50:08.0995 0x1f88  [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
11:50:09.0023 0x1f88  PimIndexMaintenanceSvc - ok
11:50:09.0062 0x1f88  [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla             C:\WINDOWS\system32\pla.dll
11:50:09.0131 0x1f88  pla - ok
11:50:09.0138 0x1f88  PlugPlay - ok
11:50:09.0142 0x1f88  pmem - ok
11:50:09.0147 0x1f88  [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
11:50:09.0160 0x1f88  PNPMEM - ok
11:50:09.0164 0x1f88  [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
11:50:09.0180 0x1f88  PNRPAutoReg - ok
11:50:09.0190 0x1f88  [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
11:50:09.0212 0x1f88  PNRPsvc - ok
11:50:09.0216 0x1f88  PolicyAgent - ok
11:50:09.0221 0x1f88  Power - ok
11:50:09.0225 0x1f88  PptpMiniport - ok
11:50:09.0303 0x1f88  [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:50:09.0419 0x1f88  PrintNotify - ok
11:50:09.0429 0x1f88  [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
11:50:09.0452 0x1f88  PrintWorkflowUserSvc - ok
11:50:09.0458 0x1f88  Processor - ok
11:50:09.0462 0x1f88  ProfSvc - ok
11:50:09.0469 0x1f88  [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
11:50:09.0480 0x1f88  Psched - ok
11:50:09.0489 0x1f88  [ 29F12CD3F77B65C7E37F8517395B13D2, 690517756A21B3DE4CF4A027AA712FC62DB6F5F2E89B4D2DE220A29C4A36878B ] PushToInstall   C:\WINDOWS\system32\PushToInstall.dll
11:50:09.0514 0x1f88  PushToInstall - ok
11:50:09.0523 0x1f88  [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE           C:\WINDOWS\system32\qwave.dll
11:50:09.0550 0x1f88  QWAVE - ok
11:50:09.0555 0x1f88  [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
11:50:09.0567 0x1f88  QWAVEdrv - ok
11:50:09.0573 0x1f88  Ramdisk - ok
11:50:09.0576 0x1f88  RasAcd - ok
11:50:09.0579 0x1f88  RasAgileVpn - ok
11:50:09.0582 0x1f88  RasAuto - ok
11:50:09.0586 0x1f88  Rasl2tp - ok
11:50:09.0591 0x1f88  RasMan - ok
11:50:09.0595 0x1f88  RasPppoe - ok
11:50:09.0599 0x1f88  RasSstp - ok
11:50:09.0602 0x1f88  rdbss - ok
11:50:09.0608 0x1f88  [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
11:50:09.0620 0x1f88  rdpbus - ok
11:50:09.0628 0x1f88  [ 52A6CC99F5934CFAE88353C47B6193E7, 37F6991FA526036866E8CFC938A16750644AD764FA52BB102B11B5D594DB7E96 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
11:50:09.0655 0x1f88  RDPDR - ok
11:50:09.0664 0x1f88  [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
11:50:09.0673 0x1f88  RdpVideoMiniport - ok
11:50:09.0682 0x1f88  [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
11:50:09.0700 0x1f88  rdyboost - ok
11:50:09.0774 0x1f88  Redis - ok
11:50:09.0780 0x1f88  ReFS - ok
11:50:09.0785 0x1f88  ReFSv1 - ok
11:50:09.0794 0x1f88  [ 3B346EFB42F3D3FFAF775E9A5D84A2C8, 242BFB2836408728A6D8E721D3C25ABD29D83CEF2438724D7D663FD417F2979A ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:50:09.0804 0x1f88  RegSrvc - ok
11:50:09.0817 0x1f88  [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
11:50:09.0846 0x1f88  RemoteAccess - ok
11:50:09.0853 0x1f88  [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
11:50:09.0878 0x1f88  RemoteRegistry - ok
11:50:09.0895 0x1f88  [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
11:50:09.0937 0x1f88  RetailDemo - ok
11:50:09.0946 0x1f88  [ 59F600BDA5B6EE591802945F1D8388D5, A30593A0EC696DE21264969664261E7ADA12C9E1161445BD41E71B7E3232604F ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
11:50:09.0965 0x1f88  RFCOMM - ok
11:50:09.0971 0x1f88  [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
11:50:09.0983 0x1f88  rhproxy - ok
11:50:09.0991 0x1f88  [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
11:50:10.0010 0x1f88  RmSvc - ok
11:50:10.0014 0x1f88  RpcEptMapper - ok
11:50:10.0018 0x1f88  [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
11:50:10.0034 0x1f88  RpcLocator - ok
11:50:10.0038 0x1f88  RpcSs - ok
11:50:10.0042 0x1f88  [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
11:50:10.0058 0x1f88  rspndr - ok
11:50:10.0080 0x1f88  [ E11A3F79475F9D019CD51ADCCC377909, CF14C494C4A969233C1D2B32A56C86C8636AC70004725B53447C42EB63C31BA9 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
11:50:10.0118 0x1f88  rt640x64 - ok
11:50:10.0131 0x1f88  [ CD119D2452BCB3ED0803FAF8A24F74AE, 8FC84679AE0B682DD79FE3879F92F854430C724C22E4F1DCD1E2D01777103492 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
11:50:10.0146 0x1f88  RTSUER - ok
11:50:10.0150 0x1f88  [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
11:50:10.0162 0x1f88  s3cap - ok
11:50:10.0166 0x1f88  SamSs - ok
11:50:10.0170 0x1f88  sbp2port - ok
11:50:10.0178 0x1f88  [ D48F36EA4B4E8237B24E33B18D76EB2A, 128E754F15FDB00D218FB23431BF0FBDC65D64EEF294D72535B0C07EB5472136 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
11:50:10.0205 0x1f88  SCardSvr - ok
11:50:10.0213 0x1f88  [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
11:50:10.0238 0x1f88  ScDeviceEnum - ok
11:50:10.0244 0x1f88  [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
11:50:10.0263 0x1f88  scfilter - ok
11:50:10.0283 0x1f88  [ 9D13410D7B4D76AA2EA73EC8CA0E0190, 7C46D202683F34F1C07D9D297E9A239376800DC8C84FE1585FE7FC723B6EBBA0 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
11:50:10.0328 0x1f88  Schedule - ok
11:50:10.0333 0x1f88  scmbus - ok
11:50:10.0341 0x1f88  [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
11:50:10.0359 0x1f88  SCPolicySvc - ok
11:50:10.0362 0x1f88  sdbus - ok
11:50:10.0367 0x1f88  [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
11:50:10.0377 0x1f88  SDFRd - ok
11:50:10.0383 0x1f88  [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
11:50:10.0402 0x1f88  SDRSVC - ok
11:50:10.0406 0x1f88  sdstor - ok
11:50:10.0411 0x1f88  [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon        C:\WINDOWS\system32\seclogon.dll
11:50:10.0428 0x1f88  seclogon - ok
11:50:10.0455 0x1f88  [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
11:50:10.0510 0x1f88  SEMgrSvc - ok
11:50:10.0516 0x1f88  [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS            C:\WINDOWS\System32\sens.dll
11:50:10.0534 0x1f88  SENS - ok
11:50:10.0576 0x1f88  [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
11:50:10.0643 0x1f88  SensorDataService - ok
11:50:10.0663 0x1f88  [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService   C:\WINDOWS\system32\SensorService.dll
11:50:10.0708 0x1f88  SensorService - ok
11:50:10.0716 0x1f88  [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
11:50:10.0740 0x1f88  SensrSvc - ok
11:50:10.0743 0x1f88  SerCx - ok
11:50:10.0746 0x1f88  SerCx2 - ok
11:50:10.0749 0x1f88  Serenum - ok
11:50:10.0752 0x1f88  Serial - ok
11:50:10.0757 0x1f88  sermouse - ok
11:50:10.0775 0x1f88  [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
11:50:10.0801 0x1f88  SessionEnv - ok
11:50:10.0805 0x1f88  sfloppy - ok
11:50:10.0810 0x1f88  [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent       C:\WINDOWS\system32\drivers\SgrmAgent.sys
11:50:10.0819 0x1f88  SgrmAgent - ok
11:50:10.0827 0x1f88  [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker      C:\WINDOWS\system32\SgrmBroker.exe
11:50:10.0844 0x1f88  SgrmBroker - ok
11:50:10.0859 0x1f88  [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
11:50:10.0891 0x1f88  SharedAccess - ok
11:50:10.0911 0x1f88  [ 0BE15FDA358837ABD88DC72AA75C75CD, 3990FA051E7C280B446C8A749FCEE04E384230CC5E286B4E7080B1737E5730DD ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
11:50:10.0953 0x1f88  SharedRealitySvc - ok
11:50:10.0969 0x1f88  [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:50:11.0011 0x1f88  ShellHWDetection - ok
11:50:11.0020 0x1f88  [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
11:50:11.0044 0x1f88  shpamsvc - ok
11:50:11.0049 0x1f88  SiSRaid2 - ok
11:50:11.0053 0x1f88  SiSRaid4 - ok
11:50:11.0057 0x1f88  smphost - ok
11:50:11.0072 0x1f88  [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
11:50:11.0107 0x1f88  SmsRouter - ok
11:50:11.0114 0x1f88  [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
11:50:11.0145 0x1f88  SNMPTRAP - ok
11:50:11.0149 0x1f88  spaceport - ok
11:50:11.0153 0x1f88  [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
11:50:11.0165 0x1f88  SpatialGraphFilter - ok
11:50:11.0168 0x1f88  SpbCx - ok
11:50:11.0172 0x1f88  spectrum - ok
11:50:11.0191 0x1f88  [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
11:50:11.0230 0x1f88  Spooler - ok
11:50:11.0235 0x1f88  sppsvc - ok
11:50:11.0238 0x1f88  srv - ok
11:50:11.0241 0x1f88  srv2 - ok
11:50:11.0245 0x1f88  srvnet - ok
11:50:11.0254 0x1f88  [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
11:50:11.0280 0x1f88  SSDPSRV - ok
11:50:11.0293 0x1f88  [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent       C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
11:50:11.0320 0x1f88  ssh-agent - ok
11:50:11.0325 0x1f88  SstpSvc - ok
11:50:11.0343 0x1f88  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
11:50:11.0365 0x1f88  ss_conn_service - ok
11:50:11.0370 0x1f88  StateRepository - ok
11:50:11.0403 0x1f88  [ 3BCC3C334DF59EE4765B31730D7EA04C, BA193D484666BF5FFEEF715A74501F068E13F0330E5EFD4A9864175E313EAB63 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:50:11.0443 0x1f88  Steam Client Service - ok
11:50:11.0448 0x1f88  stexstor - ok
11:50:11.0463 0x1f88  [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc          C:\WINDOWS\System32\wiaservc.dll
11:50:11.0498 0x1f88  stisvc - ok
11:50:11.0503 0x1f88  storahci - ok
11:50:11.0507 0x1f88  storflt - ok
11:50:11.0510 0x1f88  stornvme - ok
11:50:11.0513 0x1f88  storqosflt - ok
11:50:11.0516 0x1f88  StorSvc - ok
11:50:11.0519 0x1f88  storufs - ok
11:50:11.0523 0x1f88  storvsc - ok
11:50:11.0528 0x1f88  svsvc - ok
11:50:11.0549 0x1f88  swenum - ok
11:50:11.0553 0x1f88  swprv - ok
11:50:11.0559 0x1f88  [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
11:50:11.0573 0x1f88  Synth3dVsc - ok
11:50:11.0609 0x1f88  [ 62492FAAC26223E8A21E79A2331A3F10, 164C2650EAD344B6DFF95B8275436231E7994B7F06ACB3DA19054849BED61FD2 ] SysMain         C:\WINDOWS\system32\sysmain.dll
11:50:11.0655 0x1f88  SysMain - ok
11:50:11.0661 0x1f88  SystemEventsBroker - ok
11:50:11.0668 0x1f88  [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
11:50:11.0695 0x1f88  TabletInputService - ok
11:50:11.0699 0x1f88  [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901         C:\WINDOWS\System32\drivers\tap0901.sys
11:50:11.0713 0x1f88  tap0901 - ok
11:50:11.0722 0x1f88  [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
11:50:11.0756 0x1f88  TapiSrv - ok
11:50:11.0762 0x1f88  [ 1960E9FD4082A0170FBA0231FD709113, D5854811787EBC979E9FAB02847F1E662F430A06AB2D3CB9F0EE4BB3A9EC56FE ] tapprotonvpn    C:\WINDOWS\System32\drivers\tapprotonvpn.sys
11:50:11.0773 0x1f88  tapprotonvpn - ok
11:50:11.0778 0x1f88  [ 039CFEDBC0D1A751A1308228A72C1CCD, C451FA71353CB2D31AE4AA3F2B03D098A2C6156B687EC33E0AD2DFC766646647 ] tapwindscribe0901 C:\WINDOWS\System32\drivers\tapwindscribe0901.sys
11:50:11.0787 0x1f88  tapwindscribe0901 - ok
11:50:11.0792 0x1f88  Tcpip - ok
11:50:11.0795 0x1f88  Tcpip6 - ok
11:50:11.0802 0x1f88  [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
11:50:11.0817 0x1f88  tcpipreg - ok
11:50:11.0825 0x1f88  tdx - ok
11:50:11.0830 0x1f88  [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
11:50:11.0840 0x1f88  terminpt - ok
11:50:11.0864 0x1f88  [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService     C:\WINDOWS\System32\termsrv.dll
11:50:11.0914 0x1f88  TermService - ok
11:50:11.0920 0x1f88  [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes          C:\WINDOWS\system32\themeservice.dll
11:50:11.0948 0x1f88  Themes - ok
11:50:11.0957 0x1f88  [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
11:50:11.0992 0x1f88  TieringEngineService - ok
11:50:11.0999 0x1f88  TimeBrokerSvc - ok
11:50:12.0003 0x1f88  TokenBroker - ok
11:50:12.0008 0x1f88  TPM - ok
11:50:12.0014 0x1f88  [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
11:50:12.0038 0x1f88  TrkWks - ok
11:50:12.0041 0x1f88  TrustedInstaller - ok
11:50:12.0047 0x1f88  [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
11:50:12.0062 0x1f88  TsUsbFlt - ok
11:50:12.0067 0x1f88  [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
11:50:12.0078 0x1f88  TsUsbGD - ok
11:50:12.0084 0x1f88  [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel          C:\WINDOWS\system32\drivers\tunnel.sys
11:50:12.0103 0x1f88  tunnel - ok
11:50:12.0108 0x1f88  [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
11:50:12.0133 0x1f88  tzautoupdate - ok
11:50:12.0138 0x1f88  UASPStor - ok
11:50:12.0145 0x1f88  [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
11:50:12.0162 0x1f88  UcmCx0101 - ok
11:50:12.0169 0x1f88  [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
11:50:12.0186 0x1f88  UcmTcpciCx0101 - ok
11:50:12.0191 0x1f88  [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
11:50:12.0206 0x1f88  UcmUcsi - ok
11:50:12.0209 0x1f88  Ucx01000 - ok
11:50:12.0212 0x1f88  UdeCx - ok
11:50:12.0215 0x1f88  udfs - ok
11:50:12.0218 0x1f88  UEFI - ok
11:50:12.0228 0x1f88  [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
11:50:12.0243 0x1f88  Ufx01000 - ok
11:50:12.0247 0x1f88  UfxChipidea - ok
11:50:12.0250 0x1f88  ufxsynopsys - ok
11:50:12.0257 0x1f88  umbus - ok
11:50:12.0263 0x1f88  UmPass - ok
11:50:12.0273 0x1f88  [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
11:50:12.0298 0x1f88  UmRdpService - ok
11:50:12.0324 0x1f88  [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
11:50:12.0381 0x1f88  UnistoreSvc - ok
11:50:12.0398 0x1f88  [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost        C:\WINDOWS\System32\upnphost.dll
11:50:12.0433 0x1f88  upnphost - ok
11:50:12.0439 0x1f88  [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
11:50:12.0448 0x1f88  UrsChipidea - ok
11:50:12.0454 0x1f88  [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
11:50:12.0466 0x1f88  UrsCx01000 - ok
11:50:12.0472 0x1f88  [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
11:50:12.0481 0x1f88  UrsSynopsys - ok
11:50:12.0484 0x1f88  usbccgp - ok
11:50:12.0491 0x1f88  [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
11:50:12.0505 0x1f88  usbcir - ok
11:50:12.0508 0x1f88  usbehci - ok
11:50:12.0512 0x1f88  usbhub - ok
11:50:12.0516 0x1f88  USBHUB3 - ok
11:50:12.0519 0x1f88  usbohci - ok
11:50:12.0526 0x1f88  [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
11:50:12.0537 0x1f88  usbprint - ok
11:50:12.0541 0x1f88  usbser - ok
11:50:12.0545 0x1f88  USBSTOR - ok
11:50:12.0548 0x1f88  usbuhci - ok
11:50:12.0558 0x1f88  [ 9431F7E997A8750139517709B04D8629, 250DE2A461DD3E6D40BD7A21041BF451D954D5BC14A9BC4D819955A135FC34F4 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
11:50:12.0577 0x1f88  usbvideo - ok
11:50:12.0581 0x1f88  USBXHCI - ok
11:50:12.0627 0x1f88  [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
11:50:12.0758 0x1f88  UserDataSvc - ok
11:50:12.0765 0x1f88  UserManager - ok
11:50:12.0768 0x1f88  UsoSvc - ok
11:50:12.0781 0x1f88  [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc          C:\WINDOWS\System32\vac.dll
11:50:12.0805 0x1f88  VacSvc - ok
11:50:12.0810 0x1f88  VaultSvc - ok
11:50:12.0814 0x1f88  [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone          C:\WINDOWS\System32\drivers\VClone.sys
11:50:12.0826 0x1f88  VClone - ok
11:50:12.0830 0x1f88  vdrvroot - ok
11:50:12.0834 0x1f88  vds - ok
11:50:12.0838 0x1f88  VerifierExt - ok
11:50:12.0842 0x1f88  vhdmp - ok
11:50:12.0846 0x1f88  vhf - ok
11:50:12.0850 0x1f88  vmbus - ok
11:50:12.0854 0x1f88  VMBusHID - ok
11:50:12.0858 0x1f88  [ C9F69EBA06A703CE726CC6FC0AEFB5E9, 53E441D9D6017CC4BB75F41C6CB9DA79DE500CACBDDE58104D1857A2B749C373 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
11:50:12.0870 0x1f88  vmgid - ok
11:50:12.0882 0x1f88  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
11:50:12.0904 0x1f88  vmicguestinterface - ok
11:50:12.0914 0x1f88  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
11:50:12.0935 0x1f88  vmicheartbeat - ok
11:50:12.0946 0x1f88  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
11:50:12.0968 0x1f88  vmickvpexchange - ok
11:50:12.0979 0x1f88  [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
11:50:13.0007 0x1f88  vmicrdv - ok
11:50:13.0017 0x1f88  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
11:50:13.0036 0x1f88  vmicshutdown - ok
11:50:13.0044 0x1f88  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
11:50:13.0062 0x1f88  vmictimesync - ok
11:50:13.0070 0x1f88  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
11:50:13.0090 0x1f88  vmicvmsession - ok
11:50:13.0100 0x1f88  [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
11:50:13.0122 0x1f88  vmicvss - ok
11:50:13.0125 0x1f88  volmgr - ok
11:50:13.0128 0x1f88  volmgrx - ok
11:50:13.0133 0x1f88  volsnap - ok
11:50:13.0138 0x1f88  volume - ok
11:50:13.0145 0x1f88  [ CB90DACF9194DD9D60A2C1DBFBC1E0D1, BE454495C79857FD8DF4ABAF5BDB7D076467BBC27B31E87FA9D920F2001B670D ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
11:50:13.0155 0x1f88  vpci - ok
11:50:13.0175 0x1f88  [ 7AE0B2F48B374DB0F423C9807BCC4F1F, 541D692295427CA3BF9AB66D7185AD4154D2618E5554D7E145B2ED8B1AA4AC98 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
11:50:13.0198 0x1f88  vpnagent - ok
11:50:13.0205 0x1f88  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\WINDOWS\System32\drivers\vpnva64-6.sys
11:50:13.0212 0x1f88  vpnva - ok
11:50:13.0216 0x1f88  vsmraid - ok
11:50:13.0220 0x1f88  VSS - ok
11:50:13.0225 0x1f88  VSTXRAID - ok
11:50:13.0227 0x1f88  vwifibus - ok
11:50:13.0232 0x1f88  vwififlt - ok
11:50:13.0236 0x1f88  vwifimp - ok
11:50:13.0240 0x1f88  W32Time - ok
11:50:13.0250 0x1f88  [ 1C8447EFBC2B36B1CFE889E519F46A6E, 2601185B01909682FB921400C26BE6391AC93F72E84E70E2F49B4059987E191E ] WaaSMedicSvc    C:\WINDOWS\System32\WaaSMedicSvc.dll
11:50:13.0282 0x1f88  WaaSMedicSvc - ok
11:50:13.0287 0x1f88  WacomPen - ok
11:50:13.0299 0x1f88  [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService   C:\WINDOWS\system32\WalletService.dll
11:50:13.0331 0x1f88  WalletService - ok
11:50:13.0337 0x1f88  wanarp - ok
11:50:13.0341 0x1f88  wanarpv6 - ok
11:50:13.0346 0x1f88  [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
11:50:13.0366 0x1f88  WarpJITSvc - ok
11:50:13.0371 0x1f88  wbengine - ok
11:50:13.0376 0x1f88  WbioSrvc - ok
11:50:13.0382 0x1f88  [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
11:50:13.0394 0x1f88  wcifs - ok
11:50:13.0415 0x1f88  [ 2BCA9BABB5CEC329E604AE9C1DBA9D5B, 315C72B80A5E6278A725E7BD2DE0C8A2751C2A3F9B4D82F7A034B1ADDE687507 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
11:50:13.0463 0x1f88  Wcmsvc - ok
11:50:13.0468 0x1f88  wcncsvc - ok
11:50:13.0474 0x1f88  [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
11:50:13.0490 0x1f88  wcnfs - ok
11:50:13.0495 0x1f88  [ 9BD1C97BAED4B916C95D4E107B3D9812, 722456319EBA63AC6EB21B6A99F4FC928F58AA972DF227EDF0982BC51F4DE86D ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
11:50:13.0506 0x1f88  WdBoot - ok
11:50:13.0510 0x1f88  Wdf01000 - ok
11:50:13.0521 0x1f88  [ D25D9930BFD78A09B8FD4A7504C6F57A, 9D94BC1368A73B06312ED9016482534EA64F7005C85AAB240ED619FDD19E7F4C ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
11:50:13.0536 0x1f88  WdFilter - ok
11:50:13.0544 0x1f88  [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
11:50:13.0564 0x1f88  WdiServiceHost - ok
11:50:13.0569 0x1f88  [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
11:50:13.0590 0x1f88  WdiSystemHost - ok
11:50:13.0594 0x1f88  wdiwifi - ok
11:50:13.0601 0x1f88  [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
11:50:13.0610 0x1f88  WdmCompanionFilter - ok
11:50:13.0617 0x1f88  [ 8542EAE47D35CB658614C1813C7599A2, 67AEB01B5D4E6CA8C669EFB12A7876A378CEA4CAE2810DD790D2DAC5F07D6E52 ] wdm_usb         C:\WINDOWS\system32\DRIVERS\usb2ser.sys
11:50:13.0633 0x1f88  wdm_usb - ok
11:50:13.0639 0x1f88  [ 54E97FEADEEFF973797EB878DC0D2850, A7ABD9E8B94DA19328BB9BF498D64603C6147BE998C40A6F0F8C2E0716CBFC95 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
11:50:13.0653 0x1f88  WdNisDrv - ok
11:50:13.0657 0x1f88  WdNisSvc - ok
11:50:13.0665 0x1f88  [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient       C:\WINDOWS\System32\webclnt.dll
11:50:13.0689 0x1f88  WebClient - ok
11:50:13.0698 0x1f88  [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
11:50:13.0722 0x1f88  Wecsvc - ok
11:50:13.0727 0x1f88  [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
11:50:13.0747 0x1f88  WEPHOSTSVC - ok
11:50:13.0754 0x1f88  [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
11:50:13.0777 0x1f88  wercplsupport - ok
11:50:13.0781 0x1f88  WerSvc - ok
11:50:13.0796 0x1f88  [ 0427A785512BB39BEA530DC5367A9A03, 8ED29AE0FDB65D4E1D8CD3FA1783D74EF7B01AB30DD1090C917A74AC88FD4C3E ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
11:50:13.0833 0x1f88  WFDSConMgrSvc - ok
11:50:13.0837 0x1f88  WFPLWFS - ok
11:50:13.0843 0x1f88  [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
11:50:13.0862 0x1f88  WiaRpc - ok
11:50:13.0867 0x1f88  WIMMount - ok
11:50:13.0876 0x1f88  [ EC7C1A7397988EFAF37BF685CA25525D, 50DA7D63CDE618D6426649AED250CEBE229CBBAC718C4E3CD882D816839B4CE9 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
11:50:13.0887 0x1f88  WindowsTrustedRT - ok
11:50:13.0891 0x1f88  [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
11:50:13.0898 0x1f88  WindowsTrustedRTProxy - ok
11:50:13.0902 0x1f88  WinHttpAutoProxySvc - ok
11:50:13.0907 0x1f88  WinMad - ok
11:50:13.0916 0x1f88  Winmgmt - ok
11:50:13.0924 0x1f88  [ 48194110C410B335AC985D9194275A1C, 1CE64B9DD2DB4CCB3916AA4F4C5F8C71C647ABF7845D284019725761138B8A8B ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
11:50:13.0946 0x1f88  WinNat - ok
11:50:13.0994 0x1f88  [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
11:50:14.0110 0x1f88  WinRM - ok
11:50:14.0122 0x1f88  [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
11:50:14.0140 0x1f88  WINUSB - ok
11:50:14.0143 0x1f88  WinVerbs - ok
11:50:14.0148 0x1f88  wisvc - ok
11:50:14.0153 0x1f88  WlanSvc - ok
11:50:14.0157 0x1f88  wlidsvc - ok
11:50:14.0187 0x1f88  [ 59F6A50CD336D0ADD22E3F1FC0D73957, A62469B30325965735FE76AE7D83E5D829AE09D7F0996CC0B42604E68426B088 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
11:50:14.0245 0x1f88  wlpasvc - ok
11:50:14.0251 0x1f88  WmiAcpi - ok
11:50:14.0257 0x1f88  wmiApSrv - ok
11:50:14.0259 0x1f88  WMPNetworkSvc - ok
11:50:14.0272 0x1f88  [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
11:50:14.0287 0x1f88  Wof - ok
11:50:14.0332 0x1f88  [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
11:50:14.0400 0x1f88  workfolderssvc - ok
11:50:14.0407 0x1f88  WpcMonSvc - ok
11:50:14.0414 0x1f88  [ 25180559693250D7B7FF16A6BE7AC9BE, 1872BC298C3ED6A204B3BA2AB13D08EB9DAE5B30B7F83CA7A67BFDECA8D043AD ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
11:50:14.0435 0x1f88  WPDBusEnum - ok
11:50:14.0439 0x1f88  [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
11:50:14.0450 0x1f88  WpdUpFltr - ok
11:50:14.0460 0x1f88  [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService      C:\WINDOWS\system32\WpnService.dll
11:50:14.0489 0x1f88  WpnService - ok
11:50:14.0495 0x1f88  [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
11:50:14.0516 0x1f88  WpnUserService - ok
11:50:14.0523 0x1f88  ws2ifsl - ok
11:50:14.0532 0x1f88  [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
11:50:14.0559 0x1f88  wscsvc - ok
11:50:14.0562 0x1f88  WSearch - ok
11:50:14.0571 0x1f88  [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
11:50:14.0590 0x1f88  WudfPf - ok
11:50:14.0600 0x1f88  [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
11:50:14.0620 0x1f88  WUDFRd - ok
11:50:14.0629 0x1f88  [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:50:14.0651 0x1f88  WUDFWpdFs - ok
11:50:14.0660 0x1f88  [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:50:14.0677 0x1f88  WUDFWpdMtp - ok
11:50:14.0710 0x1f88  [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
11:50:14.0777 0x1f88  WwanSvc - ok
11:50:14.0784 0x1f88  [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm            C:\WINDOWS\system32\xbgmsvc.exe
11:50:14.0802 0x1f88  xbgm - ok
11:50:14.0827 0x1f88  [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
11:50:14.0885 0x1f88  XblAuthManager - ok
11:50:14.0914 0x1f88  [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
11:50:14.0975 0x1f88  XblGameSave - ok
11:50:14.0985 0x1f88  [ 0AA38B54EB292CB3EB13FFF948473DBA, C5256ABC0A4A2117EC6F1C88B5BFDBECAE673AD47639A274BFFF92A46452E9B0 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
11:50:15.0008 0x1f88  xboxgip - ok
11:50:15.0014 0x1f88  [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
11:50:15.0034 0x1f88  XboxGipSvc - ok
11:50:15.0060 0x1f88  [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
11:50:15.0117 0x1f88  XboxNetApiSvc - ok
11:50:15.0127 0x1f88  [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
11:50:15.0143 0x1f88  xinputhid - ok
11:50:15.0156 0x1f88  [ 3C68ADDE2437FB45CFE71FD8C33C4919, 7F19F51F3664BE5FDD79BCF216DF8D1D1BC3015D522E989DD592BFA1AB3DFE8B ] YSDrv           C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
11:50:15.0172 0x1f88  YSDrv - ok
11:50:15.0241 0x1f88  [ 1EBEA7CCAB778865336E4F6C79E807D6, A95FE0B9622E9390CB3482E18846C4EE8ECE67905F4CB6D239BCACC16679A5C4 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
11:50:15.0322 0x1f88  ZeroConfigService - ok
11:50:15.0325 0x1f88  ================ Scan global ===============================
11:50:15.0340 0x1f88  [ Global ] - ok
11:50:15.0341 0x1f88  ================ Scan MBR ==================================
11:50:15.0355 0x1f88  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:50:15.0444 0x1f88  \Device\Harddisk0\DR0 - ok
11:50:15.0447 0x1f88  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:50:15.0480 0x1f88  \Device\Harddisk1\DR1 - ok
11:50:15.0480 0x1f88  ================ Scan VBR ==================================
11:50:15.0494 0x1f88  [ DF911AD26D6AD77D910F0D2F6365A0E3 ] \Device\Harddisk0\DR0\Partition1
11:50:15.0507 0x1f88  \Device\Harddisk0\DR0\Partition1 - ok
11:50:15.0528 0x1f88  [ D797F3B4113DB4D8FE8B976E455F024C ] \Device\Harddisk0\DR0\Partition2
11:50:15.0551 0x1f88  \Device\Harddisk0\DR0\Partition2 - ok
11:50:15.0553 0x1f88  [ 5D4A449D7585BB685981813AA82E4778 ] \Device\Harddisk1\DR1\Partition1
11:50:15.0554 0x1f88  \Device\Harddisk1\DR1\Partition1 - ok
11:50:15.0558 0x1f88  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition2
11:50:15.0558 0x1f88  \Device\Harddisk1\DR1\Partition2 - ok
11:50:15.0562 0x1f88  [ 892200FF57E3E149C7E74953CAFED1ED ] \Device\Harddisk1\DR1\Partition3
11:50:15.0564 0x1f88  \Device\Harddisk1\DR1\Partition3 - ok
11:50:15.0567 0x1f88  [ E62DE48BB29D2CE86A1328B87EFAE779 ] \Device\Harddisk1\DR1\Partition4
11:50:15.0569 0x1f88  \Device\Harddisk1\DR1\Partition4 - ok
11:50:15.0572 0x1f88  [ B5FE3401605610FF0EB06614D298A41A ] \Device\Harddisk1\DR1\Partition5
11:50:15.0572 0x1f88  \Device\Harddisk1\DR1\Partition5 - ok
11:50:15.0573 0x1f88  ================ Scan generic autorun ======================
11:50:15.0573 0x1f88  SecurityHealth - ok
11:50:15.0575 0x1f88  ETDCtrl - ok
11:50:15.0867 0x1f88  [ 8F16BC456BAA770C0FCC1CD7D3998A1B, 089AF447DC487F4B2D09E0F30E634C63EFD1913628219F3242E638536D922248 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:50:16.0240 0x1f88  RTHDVCPL - ok
11:50:16.0290 0x1f88  [ 59582ECA7AEC295A61BF79EC651BD89A, E086E8022F5363F9D6D94123854E8570E60C93D0AF84E0CCE4CD1602EB7863EB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:50:16.0331 0x1f88  RtHDVBg_Dolby - ok
11:50:16.0339 0x1f88  [ A8012BE61DC9CEFA5C41C2DA995812BD, 63D64926B700AD5378C7A719CD71906382EAAA1BE3CB2EE22D9A63D13E12C272 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
11:50:16.0349 0x1f88  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
11:50:16.0401 0x1f88  Detect skipped due to KSN trusted
11:50:16.0401 0x1f88  IAStorIcon - ok
11:50:16.0419 0x1f88  [ 5DB2D863BEECABABE5AFBD36AD055919, EDA57E210834275DD78650C55267F1EB55BB03964D0BCB8C87CCB5CCE290AE51 ] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
11:50:16.0467 0x1f88  DAX2_APP - detected UnsignedFile.Multi.Generic ( 1 )
11:50:16.0545 0x1f88  Detect skipped due to KSN trusted
11:50:16.0545 0x1f88  DAX2_APP - ok
11:50:16.0578 0x1f88  Discord - ok
11:50:16.0674 0x1f88  [ 4E4673BBCAE7B4A613236689C683C121, D400F5BC90C7776AE84C95B27E78532175750E14A3FA5E2ECBF5225E60D483B2 ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
11:50:16.0771 0x1f88  Dropbox - ok
11:50:16.0802 0x1f88  [ 4FE439A1651F4E2F74022253ADD1C925, 8D855B05D3FF5C840A30A5E00CB0ED9D774C84C9BA11B7657CEB3CC2E3F4C145 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
11:50:16.0835 0x1f88  Cisco AnyConnect Secure Mobility Agent for Windows - ok
11:50:17.0412 0x1f88  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:50:17.0852 0x1f88  OneDriveSetup - ok
11:50:17.0880 0x1f88  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
11:50:17.0910 0x1f88  WAB Migrate - ok
11:50:18.0272 0x1f88  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:50:18.0669 0x1f88  OneDriveSetup - ok
11:50:18.0698 0x1f88  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
11:50:18.0724 0x1f88  WAB Migrate - ok
11:50:18.0758 0x1f88  [ C84B6E5F646590F201E88F2C0955285A, 1785CC39A455F3ED3D0BAB97C03ED80D58CE24157E00C3AAECD31C2C98AA9806 ] C:\Users\staub\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:50:18.0798 0x1f88  OneDrive - ok
11:50:18.0862 0x1f88  [ 036D82DD70A5D8B7A29BCDDF3E5C243D, E54A465BF2D70C93B440B05612C8F11B7CA8C8AEECB822E65E518DD862A00700 ] C:\Program Files (x86)\Steam\steam.exe
11:50:18.0933 0x1f88  Steam - ok
11:50:18.0942 0x1f88  Spotify - ok
11:50:18.0976 0x1f88  [ 23686E6FA80E49F08715598A3EFF36BB, B7DC968ADB7DC2FCA1D67A3E6ECE0FF71DC5A909547249CB4A479093319BA7B5 ] C:\Program Files\CyberGhost 6\CyberGhost.exe
11:50:19.0020 0x1f88  CyberGhost - ok
11:50:19.0025 0x1f88  Discord - ok
11:50:19.0028 0x1f88  Windscribe - ok
11:50:19.0030 0x1f88  Windows Shutdown Assistant - ok
11:50:19.0445 0x1f88  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:50:19.0830 0x1f88  OneDriveSetup - ok
11:50:19.0862 0x1f88  Discord - ok
11:50:19.0897 0x1f88  [ 10E204B6AEB476E50D07F22DFDFBF62D, AB189636BAB5020B671CBB763E245F27F60847405FC14BEA6E50285E60DC85ED ] C:\Users\enogh\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:50:19.0943 0x1f88  OneDrive - ok
11:50:19.0963 0x1f88  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
11:50:20.0002 0x1f88  WAB Migrate - ok
11:50:20.0448 0x1f88  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:50:20.0935 0x1f88  OneDriveSetup - ok
11:50:20.0984 0x1f88  [ 90029F7160037122DA12101C0C8850F7, DE4BFD8E60AC0222EACCA8BAC94562ED2B38CBEF569F8B927CCD197735655AC0 ] C:\Users\shima\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:50:21.0032 0x1f88  OneDrive - ok
11:50:21.0047 0x1f88  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
11:50:21.0088 0x1f88  WAB Migrate - ok
11:50:21.0089 0x1f88  Waiting for KSN requests completion. In queue: 288
11:50:22.0170 0x1f88  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x60100 ( disabled : updated )
11:50:22.0200 0x1f88  Win FW state via NFP2: enabled ( trusted )
11:50:22.0289 0x1f88  ============================================================
11:50:22.0289 0x1f88  Scan finished
11:50:22.0289 0x1f88  ============================================================
11:50:22.0301 0x16ec  Detected object count: 1
11:50:22.0301 0x16ec  Actual detected object count: 1
11:50:30.0209 0x16ec  PGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:50:30.0209 0x16ec  PGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:50:53.0059 0x27ec  Deinitialize success
         

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!



adwCleaner v7.x

Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

• Schließe alle offenen Programme und Browser.
• Starte die adwcleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Einstellungen, scrolle nach unten und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • Tracing Schlüssel löschen
  • Prefetch-Dateien löschen
  • Proxy wiederherstellen
  • IE-Policies wiederherstellen
  • Chrome-Policies wiederherstellen
  • Winsock wiederherstellen
• Klicke nun auf Dashboard, dann auf Jetzt scannen und warte bis der Suchlauf abgeschlossen ist.
• Klicke nun auf Bereinigen & Reparieren und bestätige mit Jetzt bereinigen.
  
• WICHTIG:
  Sollte AdwCleaner nichts finden, klicke auf Grundlegende Reparatur ausführen und anschließend auf Jetzt bereinigen.
• Nach dem Neustart öffnet sich AdwCleaner automatisch. Klicke auf Log-Datei ansehen.
• Poste mir deren Inhalt der Log-Datei mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt. (xx = fortlaufende Nummer).

Adwcleaner crasht bei einer grundlegenden Bereinigung. Findet bei der normalen nix.

Ich meinte es crasht in der ersten Sekunde der grundlegenden Reparatur.

Hier aber die Logs die ichbekommen hab.

Code: Alles auswählenAufklappen

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build:    09-03-2018
# Database: 2018-09-14.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    09-16-2018
# Duration: 00:00:13
# OS:       Windows 10 Home
# Scanned:  41927
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
         

Zitat:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-14.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-16-2018
# Duration: 00:00:10
# OS: Windows 10 Home
# Scanned: 41927
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1250 octets] - [16/09/2018 15:21:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

Windows Defender wollte das Programm blocken, habe einfach auf trotzdem ausführen geklickt. Hoffe es war nicht windows defender der den vorherigen Scan unterbrochen hat.

Code: Alles auswählenAufklappen

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
durchgeführt von staub (Administrator) auf DESKTOP-UKTCUI2 (16-09-2018 21:10:08)
Gestartet von D:\Downloads
Geladene Profile: staub (Verfügbare Profile: staub & enogh & shima)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() D:\NadekoBot\redis\redis-server.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\PHotkey\Dolbyosd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(ShareX Team) C:\Program Files\ShareX\ShareX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Discord Inc.) C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Spencer Kimball, Peter Mattis and the GIMP Development Team) C:\Program Files\GIMP 2\bin\gimp-2.8.exe
(Spencer Kimball, Peter Mattis and the GIMP Development Team) C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) D:\Downloads\FRST64 (1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2018-06-19] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3352808 2015-11-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1429248 2016-05-06] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] ()
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [54332920 2017-08-14] (Discord Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3753280 2018-09-11] (Dropbox, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1226240 2017-09-20] (Cisco Systems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Spotify] => C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe [24453008 2018-08-23] (Spotify Ltd)
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1398352 2018-06-11] (CyberGhost S.A.)
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Discord] => C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Windows Shutdown Assistant] => C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe /autoStart
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\MountPoints2: {985ca1c1-6f35-11e8-bfdf-b881983425c3} - "G:\Setup.exe" 
Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-08-05]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome.lnk [2017-09-09]
ShortcutTarget: chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-06-26]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{6de58bda-e014-4104-bd91-a8315218f1f1}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{8e27d8c5-8315-4adf-8c15-08fd74f18d9f}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{cf97e8a1-698d-47eb-9b5f-ca89d553a6b7}: [DhcpNameServer] 185.156.172.178 185.93.180.131 83.143.245.42

Internet Explorer:
==================
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-09-11] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-11] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 0w2ntjwv.default-1518458315710
FF ProfilePath: C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710 [2018-08-31]
FF Extension: (uBlock Origin) - C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710\Extensions\uBlock0@raymondhill.net.xpi [2018-02-12]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: BYOND -> D:\BYOND\bin\npbyond.dll [2008-07-08] (BYOND)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://calendar.google.com/calendar/render#main_7
CHR StartupUrls: Default -> "hxxps://calendar.google.com/calendar/render#main_7","hxxps://keep.google.com/","hxxps://docs.google.com/spreadsheets/d/1ruUreFE1R4ZzGHA86bTj83pJTyTPeQboafg75hVvfFA/edit#gid=485674309"
CHR NewTab: Default ->  Active:"chrome-extension://mefhakmgclhhfbdadeojlkbllmecialg/public/index.html"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default [2018-09-16]
CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-10]
CHR Extension: (ColorZilla) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2018-05-09]
CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-10]
CHR Extension: (uBlock Origin) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-08-28]
CHR Extension: (Share on Rabbit) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplabnbcafdgpcjmibgkekpaejlfhnkl [2018-07-07]
CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2018-06-20]
CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (News Feed Eradicator for Facebook) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg [2017-11-17]
CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-09-07]
CHR Extension: (Voice to Text) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcdafhjjjfnkoeilnjmnadadaoehgdc [2018-03-21]
CHR Extension: (StayFocusd) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2018-03-15]
CHR Extension: (Tabby Cat) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mefhakmgclhhfbdadeojlkbllmecialg [2018-09-16]
CHR Extension: (Milky Way Stars over Pine Valley, Utah) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\memcphligehabnghadofahejdodcfnnb [2017-08-11]
CHR Extension: (Save to Pocket) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2018-08-05]
CHR Extension: (Hotspot Shield VPN Free Proxy – Unblock Sites) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2018-07-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-10]
CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-13]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-08-26]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-08-24]
CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28]
CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28]
CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28]
CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-24]
CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28]
CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28]
CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-24]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-08-07]
CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28]
CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28]
CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28]
CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28]
CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28]
CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-04]
CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28]
CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28]
CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-08-05]
CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28]
CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28]
CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28]
CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28]
CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28]
CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-04]
CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28]
CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28]
CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-07-29]
CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28]
CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28]
CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28]
CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28]
CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28]
CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-28]
CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28]
CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28]
CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28]
CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-29]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-05] (BlueStack Systems, Inc.)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost S.A.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation)
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [440304 2017-04-04] (Intel Corporation)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163328 2016-01-27] () [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-12] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-09-11] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-09-07] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-11-06] (ELAN Microelectronics Corp.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-11] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515256 2017-08-10] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-04-04] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-08-03] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2213696 2018-08-20] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3084104 2018-08-20] (Electronic Arts)
R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [135680 2014-08-07] () [Datei ist nicht signiert]
R2 Redis; D:\NadekoBot\redis\redis-server.exe [1553408 2016-07-01] () [Datei ist nicht signiert]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3756200 2017-08-03] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
R1 cgnetfilter1521; C:\WINDOWS\System32\drivers\cgnetfilter1521.sys [84768 2017-03-22] (Windows (R) Win 7 DDK provider)
S3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [30808 2015-11-06] (ELAN Microelectronic Corp.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [245768 2017-08-10] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [259360 2018-09-16] (Malwarebytes)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7644672 2017-09-05] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys [34096 2015-11-18] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-07-17] (Realsil Semiconductor Corporation)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-06-19] (The OpenVPN Project)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2017-09-20] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2018-09-06] (BigNox Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-09-16 19:42 - 2018-09-16 19:42 - 000008821 _____ C:\Users\staub\AppData\Local\recently-used.xbel
2018-09-16 15:24 - 2018-09-16 15:24 - 000259360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-09-16 15:19 - 2018-09-16 15:21 - 000000000 ____D C:\AdwCleaner
2018-09-16 08:41 - 2018-09-16 08:41 - 000000000 ___HD C:\OneDriveTemp
2018-09-14 10:31 - 2018-09-14 10:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-09-12 13:41 - 2018-09-12 13:41 - 000203860 _____ C:\Users\staub\Desktop\WICHTIGES zeugs.pdf
2018-09-12 11:49 - 2018-09-12 11:50 - 000181106 _____ C:\TDSSKiller.3.1.0.17_12.09.2018_11.49.13_log.txt
2018-09-11 23:23 - 2018-09-11 23:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-09-11 22:32 - 2018-09-11 22:32 - 000179164 _____ C:\TDSSKiller.3.1.0.17_11.09.2018_22.32.15_log.txt
2018-09-11 22:28 - 2018-09-11 22:30 - 000349888 _____ C:\TDSSKiller.3.1.0.17_11.09.2018_22.28.58_log.txt
2018-09-11 13:54 - 2018-09-11 13:54 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-09-11 13:54 - 2018-09-11 13:54 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-09-11 13:54 - 2018-09-11 13:54 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-09-11 13:54 - 2018-09-11 13:54 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-09-11 09:56 - 2018-09-14 10:31 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-09-11 09:56 - 2018-09-11 09:56 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2018-09-10 10:49 - 2018-09-10 10:49 - 000001083 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-09-10 10:49 - 2018-09-10 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-09-10 10:49 - 2018-09-10 10:49 - 000000000 ____D C:\Program Files\VS Revo Group
2018-09-09 23:22 - 2018-09-16 21:10 - 000000000 ____D C:\FRST
2018-09-06 19:51 - 2018-09-06 19:51 - 000000000 ____D C:\Users\staub\AppData\Local\MultiPlayerManager
2018-09-06 11:47 - 2018-09-06 11:47 - 000000066 _____ C:\Users\staub\inittk.ini
2018-09-06 11:46 - 2018-09-06 11:46 - 000000045 _____ C:\Users\staub\nuuid.ini
2018-09-06 11:46 - 2018-09-06 11:46 - 000000041 _____ C:\Users\staub\inst.ini
2018-09-06 11:46 - 2018-09-06 11:46 - 000000000 ____D C:\Users\staub\Nox_share
2018-09-06 11:38 - 2018-09-16 20:17 - 000000000 ____D C:\Users\staub\AppData\Local\Nox
2018-09-06 11:38 - 2018-09-16 20:17 - 000000000 ____D C:\Users\staub\.BigNox
2018-09-06 11:38 - 2018-09-16 17:23 - 000000000 ____D C:\Users\staub\vmlogs
2018-09-06 11:38 - 2018-09-06 11:38 - 000000715 _____ C:\Users\staub\Desktop\Nox.lnk
2018-09-06 11:38 - 2018-09-06 11:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2018-09-06 11:38 - 2018-09-06 11:38 - 000000000 ____D C:\Program Files (x86)\Bignox
2018-09-06 11:13 - 2018-09-06 11:13 - 000000000 ____D C:\Users\staub\Downloads\MEmu Download
2018-09-04 18:03 - 2018-09-04 18:03 - 000000000 ____D C:\Users\staub\Documents\MeinSpore-Kreationen
2018-09-04 18:00 - 2018-09-04 18:00 - 000000000 ____D C:\ProgramData\Electronic Arts
2018-09-04 17:44 - 2018-09-04 17:44 - 000000000 ____D C:\Users\staub\Documents\My Spore Creations
2018-09-04 17:44 - 2018-09-04 17:44 - 000000000 ____D C:\Users\staub\AppData\Roaming\Spore
2018-09-03 21:09 - 2018-09-03 21:09 - 000000000 ____D C:\Users\staub\Desktop\Entspannung
2018-09-03 19:52 - 2018-09-03 19:52 - 000000000 ____D C:\Users\staub\.cache
2018-09-03 19:50 - 2018-09-09 23:30 - 000000000 ____D C:\Users\staub\AppData\Roaming\AllToMP3
2018-09-03 19:46 - 2018-09-03 19:46 - 000000000 ____D C:\Users\staub\AppData\Local\mbam
2018-08-27 23:26 - 2018-08-27 23:26 - 000675984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000457512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000386712 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000343192 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000274072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000248624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000089248 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000087352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000031896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_1.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000028472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_1.dll
2018-08-19 13:56 - 2018-08-19 13:56 - 000000000 ____D C:\Users\staub\.m2

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-09-16 21:04 - 2018-06-04 08:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-16 21:04 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-16 19:40 - 2017-08-28 13:20 - 000000000 ____D C:\Users\staub\AppData\Local\gtk-2.0
2018-09-16 19:35 - 2017-08-28 12:56 - 000000000 ____D C:\Users\staub\.gimp-2.8
2018-09-16 19:00 - 2017-08-04 18:20 - 000000000 ____D C:\Users\staub\AppData\Roaming\Spotify
2018-09-16 17:23 - 2017-10-17 12:27 - 000000000 ____D C:\Users\staub\.android
2018-09-16 15:50 - 2017-08-04 18:20 - 000000000 ____D C:\Users\staub\AppData\Local\Spotify
2018-09-16 15:30 - 2018-06-04 08:14 - 001722010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-16 15:30 - 2018-04-12 18:13 - 000744134 _____ C:\WINDOWS\system32\perfh007.dat
2018-09-16 15:30 - 2018-04-12 18:13 - 000150268 _____ C:\WINDOWS\system32\perfc007.dat
2018-09-16 15:30 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-16 15:25 - 2017-08-04 18:19 - 000000000 ____D C:\Program Files (x86)\Steam
2018-09-16 15:25 - 2017-08-04 12:24 - 000000000 ___RD C:\Users\staub\OneDrive
2018-09-16 15:24 - 2018-06-04 08:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-16 15:24 - 2018-04-11 23:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-09-16 15:24 - 2017-09-26 16:03 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-09-16 15:24 - 2017-09-07 18:44 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-09-16 15:24 - 2017-08-04 12:22 - 000000000 __SHD C:\Users\staub\IntelGraphicsProfiles
2018-09-16 15:22 - 2017-08-04 19:42 - 000000000 ____D C:\Users\staub\AppData\Local\CrashDumps
2018-09-15 09:25 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\WhatsApp
2018-09-14 10:31 - 2017-09-27 21:15 - 000002540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-09-14 10:31 - 2016-06-08 10:42 - 000002587 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-14 10:31 - 2016-06-08 10:42 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-09-14 10:31 - 2016-06-08 10:42 - 000002562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-09-14 10:31 - 2016-06-08 10:42 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-09-14 10:31 - 2016-06-08 10:42 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-09-14 10:31 - 2016-06-08 10:42 - 000002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-09-14 10:31 - 2016-06-08 10:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-09-13 00:58 - 2017-08-10 22:52 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-11 23:23 - 2017-08-12 10:02 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-09-11 09:56 - 2018-04-12 01:34 - 000002251 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-11 09:56 - 2018-04-12 01:34 - 000002251 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-10 00:24 - 2018-06-21 07:55 - 000000000 ____D C:\Users\staub\AppData\Local\AVAST Software
2018-09-10 00:24 - 2017-08-04 15:28 - 000000000 ____D C:\ProgramData\AVAST Software
2018-09-10 00:22 - 2017-08-26 15:18 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-09-09 23:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-09 23:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-09 23:50 - 2017-12-01 01:06 - 000000000 ____D C:\Users\staub\AppData\Local\Packages
2018-09-09 23:11 - 2018-07-16 10:41 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2018-09-09 22:26 - 2018-06-04 08:16 - 000003558 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-09-09 22:26 - 2018-06-04 08:16 - 000003334 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-09-09 22:26 - 2018-06-04 08:16 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-09-09 22:26 - 2018-06-04 08:16 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2089115426-2641811642-829515932-1002
2018-09-09 22:26 - 2018-06-04 08:16 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2089115426-2641811642-829515932-1001
2018-09-09 22:26 - 2018-06-04 08:16 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-09-09 22:26 - 2018-06-04 08:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-09-09 16:23 - 2017-08-14 17:28 - 000000000 ____D C:\Users\staub\AppData\Local\ElevatedDiagnostics
2018-09-06 11:47 - 2018-06-04 08:09 - 000000000 ____D C:\Users\staub
2018-09-06 11:44 - 2018-06-20 22:42 - 000000000 ____D C:\Program Files (x86)\Origin
2018-09-06 11:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2018-09-04 23:54 - 2018-06-20 22:41 - 000000000 ____D C:\Users\staub\AppData\Roaming\Origin
2018-09-04 17:54 - 2018-06-20 22:45 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-09-04 17:53 - 2018-06-20 22:41 - 000000000 ____D C:\ProgramData\Origin
2018-09-03 14:22 - 2017-08-05 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\vlc
2018-09-03 14:05 - 2018-06-23 08:47 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-09-01 12:49 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-09-01 12:49 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Local\WhatsApp
2018-09-01 12:49 - 2017-08-04 14:08 - 000000000 ____D C:\Users\staub\AppData\Local\SquirrelTemp
2018-09-01 12:40 - 2018-06-04 08:09 - 000002387 _____ C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-30 22:20 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-29 15:08 - 2018-05-08 08:45 - 000000000 ____D C:\Users\staub\AppData\Local\Eclipse
2018-08-29 15:08 - 2017-08-15 11:16 - 000000000 ____D C:\Users\staub\.p2
2018-08-28 22:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-26 12:38 - 2018-07-29 23:46 - 000000000 ____D C:\Users\staub\Desktop\discord server stugg
2018-08-24 19:53 - 2017-09-11 16:01 - 000000000 ____D C:\Users\staub\AppData\Roaming\audacity
2018-08-23 11:15 - 2017-08-12 10:02 - 000001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-08-23 11:15 - 2017-08-12 10:02 - 000001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-08-23 10:38 - 2018-06-04 08:16 - 000004306 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-08-23 10:38 - 2018-06-04 08:16 - 000004074 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2018-03-18 19:44 - 2018-05-19 19:34 - 000007551 _____ () C:\Users\staub\AppData\Roaming\SpeedRunnersLog.txt
2017-08-04 18:47 - 2017-08-04 18:47 - 000000039 _____ () C:\Users\staub\AppData\Local\kritadisplayrc
2017-08-04 18:47 - 2017-08-04 18:47 - 000014964 _____ () C:\Users\staub\AppData\Local\kritarc
2018-09-16 19:42 - 2018-09-16 19:42 - 000008821 _____ () C:\Users\staub\AppData\Local\recently-used.xbel
2017-08-10 23:04 - 2017-08-10 23:04 - 000007628 _____ () C:\Users\staub\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
2018-09-06 11:37 - 2017-12-08 04:44 - 000036152 _____ () C:\Users\staub\AppData\Local\Temp\clearRemnants.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-06-04 08:07

==================== Ende von FRST.txt ============================
         

Code: Alles auswählenAufklappen

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15.09.2018
durchgeführt von staub (16-09-2018 21:10:44)
Gestartet von D:\Downloads
Windows 10 Home Version 1803 17134.112 (X64) (2018-06-04 06:17:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2089115426-2641811642-829515932-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2089115426-2641811642-829515932-503 - Limited - Disabled)
enogh (S-1-5-21-2089115426-2641811642-829515932-1002 - Limited - Enabled) => C:\Users\enogh
Gast (S-1-5-21-2089115426-2641811642-829515932-501 - Limited - Disabled)
shima (S-1-5-21-2089115426-2641811642-829515932-1004 - Limited - Enabled) => C:\Users\shima
staub (S-1-5-21-2089115426-2641811642-829515932-1001 - Administrator - Enabled) => C:\Users\staub
WDAGUtilityAccount (S-1-5-21-2089115426-2641811642-829515932-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4K Video Downloader 4.4 (HKLM-x32\...\{D04F9BA2-CF6F-41AD-8BD1-313ABD28FAF2}) (Version: 4.4.4.2275 - Open Media LLC)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Andy OS (HKLM\...\Andy OS) (Version: 46.16 - Andy OS, Inc)
Anki (HKLM-x32\...\Anki) (Version:  - )
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueJ (HKLM-x32\...\{92FD2477-5855-4863-B4C1-405C7853FD9F}) (Version: 4.1.2 - BlueJ Team)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.44.1625 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build and Shoot Launcher 1.2 (HKLM-x32\...\Build and Shoot Launcher) (Version: 1.2 - Buld Then Snip, LLC)
BYOND (HKLM-x32\...\BYOND) (Version: 512.1404 - BYOND)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.5.02033 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{0C9580F0-95DC-4E64-BB4C-1091B660A64F}) (Version: 4.5.02033 - Cisco Systems, Inc.) Hidden
Citra (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{385074ac-5fd7-4e2a-ba3e-cae92abf1372}) (Version: 1.0.0 - Citra Team)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version:  - )
Discord (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.6.3.44 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 57.4.89 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.127.1 - Dropbox, Inc.) Hidden
ELAN Touchpad 15.19.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.19.7.1 - ELAN Microelectronic Corp.)
Epic Games Launcher (HKLM-x32\...\{42D23AAF-7D6F-48C7-A62C-8E02D6234156}) (Version: 1.1.147.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.27.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.0.1 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.)
Frets On Fire (HKLM-x32\...\Frets on Fire) (Version: 1.3.110-win32 - )
GÉANTLink 1.0a x64 (HKLM\...\{89C31957-7751-419E-A873-03C71B757195}) (Version: 1.0.28 - GÉANT)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.92 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Hero Lab 8.4 (HKLM-x32\...\{760AA190-82DF-4A80-BE05-B9FEEC88946D}_is1) (Version: 8.4 - LWD Technology, Inc.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1178 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{601DFCAC-FCC1-4779-9095-D69D82904A5A}) (Version: 18.1.1607.3129 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{fefa9370-e735-4821-9cbc-48bd843e7ac3}) (Version: 19.80.0 - Intel Corporation)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )
Krita (x64) 3.1.4.0 (HKLM\...\Krita_x64) (Version: 3.1.4.0 - Krita Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LIMBO (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Limbo) (Version:  - )
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.11.33287.817 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 60.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.2 (x64 en-US)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
MusicBee 3.1 (HKLM-x32\...\MusicBee) (Version: 3.1 - Steven Mayall)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.2.0 - Duodian Technology Co. Ltd.)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
Ondesoft Spotify Converter version 2.1.0 (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{4E9A8CA6-50D7-4A86-8086-37DDE546D429}_is1) (Version: 2.1.0 - Ondesoft, Inc.)
OpenRCT2 0.2.0 (HKLM-x32\...\OpenRCT2) (Version: 0.2.0 - OpenRCT2)
Origin (HKLM-x32\...\Origin) (Version: 10.5.26.8488 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{49281fb0-b08b-40c3-a0e1-f228f2cd6982}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0127 - Pegatron Corporation)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 3.6.0 (32-bit) (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{8ba65a8c-cb48-4716-bc24-47c148808015}) (Version: 3.6.150.0 - Python Software Foundation)
Python 3.6.0 Add to Path (32-bit) (HKLM-x32\...\{D4C8360E-C73A-46B9-AF8E-672684048BF0}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Core Interpreter (32-bit) (HKLM-x32\...\{FC638B75-E969-4496-A546-9D78EA7D8F35}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Development Libraries (32-bit) (HKLM-x32\...\{F2A430F2-A7AC-4B46-808A-FC6E8419ABDE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Documentation (32-bit) (HKLM-x32\...\{A66771E3-430A-40A7-B00C-94A239396BEE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Executables (32-bit) (HKLM-x32\...\{3C182441-3C75-4113-A28D-D3AEAD85B320}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 pip Bootstrap (32-bit) (HKLM-x32\...\{1D427483-31FE-4ED4-AD39-AB78BBF7D22D}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Standard Library (32-bit) (HKLM-x32\...\{4CB36E4F-EC00-479B-AA25-0B9EC5385B0C}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C7D63030-7738-499A-A0D2-8549174D2B70}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Test Suite (32-bit) (HKLM-x32\...\{6EAD5F85-97EC-4AFB-84D2-D52AC41D3C66}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Utility Scripts (32-bit) (HKLM-x32\...\{7C3DAC9E-E229-415C-A600-5974B5D9DE7F}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{2636F1E4-2BC5-4B19-BFFD-A08F72598309}) (Version: 3.6.6032.0 - Python Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10163.31215 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7811 - Realtek Semiconductor Corp.)
Redis on Windows (HKLM\...\{6E927557-4447-4348-AE9C-4B2EA64BDA17}) (Version: 3.0.504 - MSOpenTech)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\RollerCoaster Tycoon 2 Triple Thrill Pack_is1) (Version:  - GOG.com)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\GOGPACKRCT3_is1) (Version: 2.0.0.13 - GOG.com)
Rückkehr Nach Krondor (HKLM-x32\...\Rückkehr nach Krondor) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
ScreenToGif (HKLM-x32\...\{B46AB504-140F-4E7D-833C-C6CA1A4FAAD7}) (Version: 2.9.0 - Nicke Manarin)
Secret World Legends (HKLM-x32\...\Secret World Legends_is1) (Version: 1.0.0 - Funcom)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.2.0 - ShareX Team)
Sierra-Dienstprogramme (HKLM-x32\...\Sierra-Dienstprogramme) (Version:  - )
Sims 4 Tray Importer (S4TI) 1.6.7.9 (HKLM-x32\...\{8665A9CC-9652-4F31-907A-DE2E7A8E8E97}_is1) (Version: 1.6.7.9 - TeameeVo)
Spore™ (HKLM-x32\...\{4BDCC41C-FFE7-40a4-BCB6-B558916868F7}) (Version: 1.7.0.0 - Electronic Arts)
Spotify (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Spotify) (Version: 1.0.88.353.g15c26ea1 - Spotify AB)
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.3.0.5 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3126 (HKLM-x32\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Terraria (HKLM-x32\...\1207665503_is1) (Version: 1.3.5.3 - GOG.com)
The Sims 3 Complete Collection version 1.67.2 (HKLM-x32\...\The Sims 3 Complete Collection_is1) (Version: 1.67.2 - Mr DJ)
The Sims 4 (HKLM\...\The Sims 4_is1) (Version: 1.41.38.1020 - )
Unity (HKLM-x32\...\Unity) (Version: 2017.1.1f1 - Unity Technologies ApS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
vs_communitymsi (HKLM-x32\...\{52100697-9C66-44F3-BA20-68F8148CDF9B}) (Version: 15.0.26711 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{5297D80E-CD92-48D8-9DB0-301AB3205772}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DDEF2BD0-F728-4D04-A085-B5ACC9ADC311}) (Version: 15.0.26711 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{2512A3CE-E1E4-46D5-8B40-28DA3AE2261E}) (Version: 15.0.26711 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{384F31FB-B99D-48A7-9D72-E1FEBEC2201A}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{D0772A03-7FC2-4B20-AC1F-B278299AA9C7}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{0F2742A7-6A64-46A2-94AE-22F19808BE2F}) (Version: 15.0.26711 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{0D3A6730-43CE-4AF6-BDF7-4D0660296C60}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
WhatsApp (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-04] (Intel Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01FB79BC-CA58-4136-912A-D660CC3A9A3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-14] (Microsoft Corporation)
Task: {05DC23A8-71D2-4B2B-B5B5-2FCFDD1525B9} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-09-14] (Microsoft Corporation)
Task: {0739CA7F-9BB7-46BC-B3D5-E4F0A443FB6A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {15B5210C-333E-4806-BCFD-D940C6453BF9} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {17345D61-1E0E-4BCD-A526-EA31CDE23096} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-15] (AVAST Software)
Task: {19555B0A-D775-47E3-A9A6-22C29A5B6A57} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
Task: {249A68DE-FE74-40EA-971F-9C25F5C235AC} - System32\Tasks\MICROSOFT\WINDOWS\APPLICATION EXPERIENCE\STARTUPCHECKLIBRARY => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary
Task: {2B6B3B70-2DDB-4FC6-830C-F7EA866AC6D3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-12] (Dropbox, Inc.)
Task: {353753FC-B0FC-4EA1-A232-3200F1CB243F} - System32\Tasks\S-1-5-21-2089115426-2641811642-829515932-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)
Task: {43C662DC-B631-492D-8A53-46E64C97345C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-10] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6673BC26-F155-4B3D-A62C-4F9AADEA5D14} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {8D5B0EC7-553E-41E2-8E77-FEFDEB03CFCC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe
Task: {995639CA-448D-445D-B4AE-E32C7742ED09} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {A76FC8F2-D656-4678-BE6B-74FB88C68005} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-10] (Google Inc.)
Task: {A8E7BDD8-B578-4B0F-A612-3C34C5C36A9C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-09-14] (Microsoft Corporation)
Task: {D8588FA1-8A99-48DD-AB01-D7E743E48622} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-14] (Microsoft Corporation)
Task: {E5D5A6A1-3D14-49E3-AD2C-58E33168E83B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-14] (Microsoft Corporation)
Task: {E7BB11BE-5672-4FC3-8839-68AE3B442547} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-12] (Dropbox, Inc.)
Task: {F446AD86-BC1A-4688-AD40-5ECA69BC6BFC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-14] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\staub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Reee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-06-09 10:30 - 2014-08-07 12:45 - 000135680 _____ () C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-07-19 18:18 - 2017-07-19 18:18 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-08-29 02:43 - 2017-08-29 02:43 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-01-27 05:04 - 2016-01-27 05:04 - 000163328 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
2018-06-23 08:47 - 2018-09-03 14:05 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-07-01 16:55 - 2016-07-01 16:55 - 001553408 _____ () D:\NadekoBot\redis\redis-server.exe
2017-04-04 16:36 - 2017-04-04 16:36 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-06-13 19:01 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-23 13:41 - 2018-05-23 13:42 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-23 13:41 - 2018-05-23 13:42 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-23 13:41 - 2018-05-23 13:42 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-23 13:41 - 2018-05-23 13:42 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-23 13:41 - 2018-05-23 13:42 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-06-09 10:30 - 2016-03-29 15:56 - 002409472 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2016-06-09 10:30 - 2010-01-12 19:36 - 000117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2016-06-09 10:30 - 2010-01-12 19:36 - 000121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2016-06-09 10:30 - 2010-12-17 16:04 - 000449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2016-06-09 10:30 - 2014-03-18 23:54 - 005644800 _____ () C:\Program Files (x86)\PHotkey\Dolbyosd.exe
2016-06-09 10:30 - 2016-04-13 18:23 - 009054720 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2016-06-09 10:30 - 2015-10-06 15:52 - 000331776 _____ () C:\Program Files (x86)\PHotkey\Keyboardmonitortool.exe
2018-05-26 14:43 - 2018-05-26 14:43 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-05-26 14:43 - 2018-05-26 14:43 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 08:54 - 2017-09-26 08:54 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 009358848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntPlat.dll
2015-06-16 03:53 - 2015-06-16 03:53 - 000628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2018-09-13 00:58 - 2018-09-11 01:50 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.92\libglesv2.dll
2018-09-13 00:58 - 2018-09-11 01:50 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.92\libegl.dll
2018-06-08 21:59 - 2018-06-08 21:59 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-08 21:59 - 2018-06-08 21:59 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 17:02 - 2017-10-05 17:02 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-04 20:37 - 2018-05-04 20:37 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-03-30 08:42 - 2018-03-30 08:42 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-08 21:59 - 2018-06-08 21:59 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-08 21:59 - 2018-06-08 21:59 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-08 21:59 - 2018-06-08 21:59 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
2018-05-26 14:43 - 2018-05-26 14:43 - 000103424 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-03-30 08:42 - 2018-03-30 08:42 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-05-19 12:21 - 2018-05-19 12:21 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-05-08 15:52 - 2018-05-08 15:52 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-08-28 12:36 - 2017-05-10 17:41 - 000042232 _____ () C:\Program Files\GIMP 2\bin\libgimpmodule-2.0-0.dll
2017-08-28 12:36 - 2017-05-10 17:41 - 000058672 _____ () C:\Program Files\GIMP 2\bin\libgimpthumb-2.0-0.dll
2017-08-28 12:36 - 2017-05-10 17:41 - 001249752 _____ () C:\Program Files\GIMP 2\bin\libgimpwidgets-2.0-0.dll
2017-08-28 12:36 - 2017-05-10 17:40 - 000107928 _____ () C:\Program Files\GIMP 2\bin\libgimpbase-2.0-0.dll
2017-08-28 12:36 - 2017-05-10 17:40 - 000075216 _____ () C:\Program Files\GIMP 2\bin\libgimpcolor-2.0-0.dll
2017-08-28 12:36 - 2017-05-10 17:40 - 000084928 _____ () C:\Program Files\GIMP 2\bin\libgimpconfig-2.0-0.dll
2017-08-28 12:36 - 2017-05-10 17:41 - 000047000 _____ () C:\Program Files\GIMP 2\bin\libgimpmath-2.0-0.dll
2017-08-28 12:36 - 2017-05-10 00:43 - 000290240 _____ () C:\Program Files\GIMP 2\bin\libfontconfig-1.dll
2017-08-28 12:36 - 2017-05-06 19:56 - 000130244 _____ () C:\Program Files\GIMP 2\bin\libbabl-0.1-0.dll
2017-08-28 12:36 - 2017-05-06 19:41 - 000516190 _____ () C:\Program Files\GIMP 2\bin\libfreetype-6.dll
2017-08-28 12:36 - 2017-05-06 19:54 - 000900199 _____ () C:\Program Files\GIMP 2\bin\libcairo-2.dll
2017-08-28 12:36 - 2017-05-06 20:50 - 000425279 _____ () C:\Program Files\GIMP 2\bin\libgegl-0.2-0.dll
2017-08-28 12:36 - 2017-05-06 20:16 - 000082221 _____ () C:\Program Files\GIMP 2\bin\libgcc_s_seh-1.dll
2017-08-28 12:36 - 2017-05-06 19:39 - 000091289 _____ () C:\Program Files\GIMP 2\bin\zlib1.dll
2017-08-28 12:36 - 2017-05-06 19:42 - 001253806 _____ () C:\Program Files\GIMP 2\bin\libxml2-2.dll
2017-08-28 12:36 - 2017-05-06 19:41 - 000219806 _____ () C:\Program Files\GIMP 2\bin\libpng16-16.dll
2017-08-28 12:36 - 2017-05-06 19:39 - 000344118 _____ () C:\Program Files\GIMP 2\bin\libjpeg-8.dll
2017-08-28 12:36 - 2017-05-06 19:50 - 000435601 _____ () C:\Program Files\GIMP 2\bin\libtiff-5.dll
2017-08-28 12:36 - 2017-05-06 20:36 - 000384957 _____ () C:\Program Files\GIMP 2\bin\libharfbuzz-0.dll
2017-08-28 12:36 - 2017-05-06 19:39 - 000662600 _____ () C:\Program Files\GIMP 2\bin\libpixman-1-0.dll
2017-08-28 12:36 - 2017-05-06 19:41 - 000304869 _____ () C:\Program Files\GIMP 2\bin\libjasper-4.dll
2017-08-28 12:36 - 2017-05-06 19:40 - 000032655 _____ () C:\Program Files\GIMP 2\bin\libffi-6.dll
2017-08-28 12:36 - 2017-05-06 20:43 - 000074543 _____ () C:\Program Files\GIMP 2\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2017-08-28 12:36 - 2017-05-10 17:42 - 000043024 _____ () C:\Program Files\GIMP 2\lib\gimp\2.0\modules\libdisplay-filter-lcms.dll
2017-08-28 12:36 - 2017-05-06 19:53 - 000320117 _____ () C:\Program Files\GIMP 2\bin\liblcms2-2.dll
2017-08-28 12:36 - 2017-05-10 17:41 - 000153280 _____ () C:\Program Files\GIMP 2\bin\libgimpui-2.0-0.dll
2017-08-28 12:36 - 2017-05-10 17:40 - 000248800 _____ () C:\Program Files\GIMP 2\bin\libgimp-2.0-0.dll
2017-09-20 15:46 - 2017-09-20 15:46 - 000033792 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_system-vc140-mt-1_59.dll
2017-09-20 15:45 - 2017-09-20 15:45 - 000062976 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_date_time-vc140-mt-1_59.dll
2017-09-20 15:46 - 2017-09-20 15:46 - 000106496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_thread-vc140-mt-1_59.dll
2017-09-20 15:46 - 2017-09-20 15:46 - 000042496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_chrono-vc140-mt-1_59.dll
2017-09-20 15:46 - 2017-09-20 15:46 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-06-09 10:30 - 2009-12-18 17:36 - 000973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2016-06-09 10:30 - 2013-09-18 01:23 - 000108032 _____ () C:\Program Files (x86)\PHotkey\PGFNEX.dll
2018-09-11 23:23 - 2018-09-11 13:54 - 001113928 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-09-11 23:23 - 2018-09-11 13:54 - 002247496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-15 22:28 - 2018-09-11 13:57 - 000023888 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:55 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000142824 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:55 - 001958760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:55 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:54 - 000117272 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-05-15 22:28 - 2018-09-11 13:54 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:54 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-05-15 22:28 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000074584 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:55 - 000026312 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:57 - 000401608 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:58 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:54 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:58 - 000059744 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:58 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:58 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:55 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000032736 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:57 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 001779024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000519504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000052424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 003822784 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:58 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-07-31 20:16 - 2018-09-11 13:58 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:58 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:58 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:55 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:54 - 000494048 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:58 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:54 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-09-11 23:23 - 2018-09-11 13:56 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:54 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-05-15 22:28 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:55 - 000441672 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-15 22:28 - 2018-09-11 13:58 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-09-11 23:23 - 2018-09-11 13:56 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-15 22:28 - 2018-09-11 13:58 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
2018-05-15 22:28 - 2018-09-11 13:58 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000531280 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000354128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-09-11 23:23 - 2018-09-11 13:56 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2018-05-01 19:01 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\staub\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-05-01 19:01 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\staub\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-05-01 19:01 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\staub\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-05-03 17:27 - 2018-09-08 19:31 - 011321176 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-03 17:27 - 2018-09-13 09:43 - 001615704 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-03 17:27 - 2018-05-03 17:27 - 001910104 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-05-03 17:27 - 2018-05-03 17:27 - 000422744 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-05-03 17:27 - 2018-05-03 17:27 - 000145240 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-05-03 17:27 - 2018-05-03 17:27 - 000512856 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-03 17:27 - 2018-08-19 11:58 - 001641304 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-05-03 17:27 - 2018-09-08 19:31 - 001743704 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node
2018-05-03 17:27 - 2018-05-03 17:27 - 002722648 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-08-19 11:59 - 2018-09-13 09:43 - 001257816 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-08-19 11:59 - 2018-09-13 09:43 - 022420824 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-05-03 17:27 - 2018-05-03 17:27 - 002760536 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-05-03 17:27 - 2018-05-03 17:27 - 001249112 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2017-08-04 18:20 - 2018-08-23 19:54 - 085627280 _____ () C:\Users\staub\AppData\Roaming\Spotify\libcef.dll
2017-08-04 18:20 - 2018-08-23 19:54 - 003867536 _____ () C:\Users\staub\AppData\Roaming\Spotify\libglesv2.dll
2017-08-04 18:20 - 2018-08-23 19:54 - 000088464 _____ () C:\Users\staub\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\sharepoint.com -> hxxps://studiumunihamburgde-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2018-07-25 12:00 - 2018-07-25 12:00 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\staub\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Discord"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Windows Shutdown Assistant"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{AE92B345-3199-4EEF-9586-97639356C346}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{8B34D625-C8B6-4877-96C0-CBCDD25DF20E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{813C34EB-FF58-4882-A370-435EEBAAD5F1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{AD48AB42-02A1-4FE2-BB61-BD91FEFE0D9C}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [UDP Query User{BB52AE73-447A-4875-B1C4-489FF54D13A8}D:\uni\eclipse\eclipse\eclipse.exe] => (Allow) D:\uni\eclipse\eclipse\eclipse.exe
FirewallRules: [TCP Query User{1E018F34-2790-4BE2-807C-9FB190602EB2}D:\uni\eclipse\eclipse\eclipse.exe] => (Allow) D:\uni\eclipse\eclipse\eclipse.exe
FirewallRules: [{E442D729-9F1B-4991-A07D-4C1E4FD64E88}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{D36A68D1-D6AD-4B68-828E-A3713C4B7EB6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{02690E20-A6C1-4E8C-8966-FA878327C8B5}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{BE7832E1-7140-4C30-9357-0DADB4691F1B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{B701D663-0DA5-46ED-BC2A-1B8DAED27117}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm5.exe
FirewallRules: [{5099E323-58A7-4AE2-B9DF-58E9B847BE54}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm5.exe
FirewallRules: [{AA81E785-EBF6-4061-8C89-D657823E747E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm7.exe
FirewallRules: [{1AA2BFDC-78DD-4234-A48C-B28BF93C25FD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm7.exe
FirewallRules: [UDP Query User{4587EEC4-7F5C-425E-95F0-56F7EDD9ABBB}D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{BF443098-73E6-40A2-BE2F-A9909D946A26}D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{8DBDCE7E-3EF9-4E8A-9728-EAE711DB58A7}D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{49AFF02A-296E-45A6-A287-C7B93A122D77}D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{75D97824-3462-4A75-A6EA-A53E9A467964}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{970633DC-A219-44EA-AB6F-E056362A63AD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{E9F6A44A-0025-4C41-819C-1492EE4FF631}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{81728671-EFB2-44AF-88C9-7DCC094E4A78}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{067362FD-864A-4B84-87C3-62A7F329B816}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cinderella Phenomenon - OtomeVisual Novel\CinderellaPhenomenon.exe
FirewallRules: [{BFA943BE-A0BC-4E1F-B0C2-C4443C530327}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cinderella Phenomenon - OtomeVisual Novel\CinderellaPhenomenon.exe
FirewallRules: [{A38F2385-F440-4350-A7F8-FAC4503DA5F3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{4FA6104E-157C-4834-8C8E-07A57325397A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{887FCE58-5341-419B-8FA8-EAE86E02568D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{1DDB75C1-8E0D-4E64-BD1C-723A14398428}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{F150B6E4-4396-4D0A-B297-7E34A47C6BFB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{BAC971B4-6F80-4D24-AEF2-F60E59859263}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{FE34D1ED-A649-455D-8C5C-9611625CC50F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{1194BA1C-D046-45B9-91FB-19614B796F77}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{697E94D7-838B-4464-AA45-724365922964}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{3742AD2F-428F-438F-A781-CC5FCE95139F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{122944A9-A5C3-4EC4-8167-2F0BC5BE1442}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{35A07696-EDD7-481D-9634-01842C72BCE2}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{C536E400-CED9-4690-A95C-180258A5D957}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{DCA1F6DE-8A77-4407-A12A-5690EA77A60B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{0129324A-6372-4E23-9157-77101112E2BF}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{ED9C52F2-03DD-4A4C-8DD3-F3F95F10E880}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{6B1E3FBE-15B0-4297-8542-B3BAF3B497C6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Air Brawl\Air Brawl.exe
FirewallRules: [{8E52E0D5-830E-42F3-ACF1-C2A2E535FDC4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Air Brawl\Air Brawl.exe
FirewallRules: [{29298C02-98D6-4A46-AB0D-B58363A92EFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AE199B30-E14B-4564-926F-9DACC52886BB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{94884D5E-85EF-49C6-9EA6-D7B317BBF8DA}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{2F881564-4C2D-4BB6-8E47-B9132B8FFA0E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{7E226AB7-0100-4197-872C-2AB1CC4D8B9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{55F4FA45-21B1-4548-BCA7-A1A7C7A6FFA0}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A336D929-61D4-4E0C-A7C8-E8AD81F539BB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{A640F38C-B29C-44DC-BB89-A9FFA8AF66CB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{ACEB7411-E162-4759-BE40-C44B6ABF669B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{4F03E168-2919-449B-AC05-DAE9A6B21996}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{427ED94D-6264-4AED-BA42-9FC02B13B0BC}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{23B15E30-8A99-43B1-B072-CAF17BD69B98}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{527A802B-180B-4961-BF4D-4EEB6AE80E8F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{4C1A8BB0-F72C-4A84-8B61-51E4D38FB137}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [UDP Query User{43402D6D-559D-483A-8A3E-1501E082F775}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{9FA38818-BA1F-4D00-91E1-C543E1590AB1}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{2D572ADD-B1F2-4007-848A-7D4D60A569CB}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe
FirewallRules: [TCP Query User{8D15F317-AE12-4092-80F5-B1AE2E886579}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe
FirewallRules: [{31E08BA8-8D52-42FB-9532-DF4775B6D61E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shank Demo\bin\Shank.exe
FirewallRules: [{76B8CDEB-2B3F-48E5-B570-A305BEA01FAD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shank Demo\bin\Shank.exe
FirewallRules: [{416C241D-31D6-4DCB-9327-60A2984E6995}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{5F04DE88-8E60-41D3-81DF-7D60C6FFE1E3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{ECB14AF4-EB93-4A0A-82D4-662100C71B61}] => (Allow) D:\Downloads\Games\Secret World Legends\ClientPatcher.exe
FirewallRules: [{45915F72-F805-49BA-B0BB-F51067D81FE0}] => (Allow) D:\Downloads\Games\Secret World Legends\ClientPatcher.exe
FirewallRules: [{C29F60A8-53B2-4C11-AF24-F05D3E6E3C0D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{198FB835-EE23-4C23-AA0F-80BAC447CAB9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{1EAC6018-3CFE-4058-B9AB-44EE537FB950}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{2A792BEF-ABE7-470E-B56B-AF0776C2B61F}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{A211B133-CD1C-49ED-A262-AD21FF2F7439}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{F0275489-326F-44DF-AF5D-712804F2A1E8}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{9E09F80C-F2E5-4C26-A2DE-2A66603F5974}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{63B0CC1C-10BB-4A3C-AEA4-0CD1977FC8FF}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{EFEF078B-A97A-4138-9BAA-EAF1C428BFD9}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{5EA019D5-000B-4243-9437-64CBC5E87A45}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{DCA8E089-302C-4D2A-9E19-8F3AAEC06363}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{4D1A2EE0-7A50-4B78-B6E0-E2E9076A84CF}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{3BE4A387-D647-4D2D-A7CB-78D8F8A6275C}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{362E2A26-F57D-41D8-B27B-9DF48D79ACD5}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{21164AE7-EE79-4ADB-9E5E-66EC15C6B459}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{35BAD61C-063A-410D-8B18-8F9FCE0980B4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D57D6DA3-A095-4DE1-8C1E-589D249E08AD}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{A5A95D36-0D43-4B02-B89F-60E813862599}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1D693746-6BF1-46DA-AB36-FE75BF3D448C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{CEDEB133-B392-4829-A5F5-C97C75CEBA55}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{F2232837-6AFF-4411-980A-0CF014F3A76D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{671F6F13-5D7F-4F0B-8176-3132F0DF76EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{D3DBA6DE-89D0-40AD-955B-14792C40333A}C:\users\staub\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\staub\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7701EC30-F28C-4A01-ABD3-06DF31B5D166}C:\users\staub\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\staub\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8644FA34-D321-4D59-86A2-561EBF35856A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{E5E36995-E0FD-40B8-930D-6CE184D6FE04}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{168DC41D-682B-4A4D-8F7D-F2FC547FC2F9}D:\downloads\games\hearthstone\hearthstone.exe] => (Allow) D:\downloads\games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{384463DF-F7B6-4E60-B8B9-52FCE425C05A}D:\downloads\games\hearthstone\hearthstone.exe] => (Allow) D:\downloads\games\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{1C244ED8-2DC9-48BD-B4D1-AD98084AD126}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{36A229D1-7399-4672-9074-A6FBC4AAD585}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{9521923B-05DF-45E7-A686-A8773A27DBDF}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{DC5D19DA-CE0C-4C6B-A7BF-69BE3C430748}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{B8404964-6383-4E4B-B0E7-C96496718CE7}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe
FirewallRules: [UDP Query User{BD187D00-F099-4950-B100-5C5951AC5451}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe
FirewallRules: [{925DF980-0676-4BAA-914F-51A2F937A5A8}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [TCP Query User{0C740B5D-02C6-49E0-9C2B-A5620AF40E8D}D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{9931F919-BB93-464C-A62B-C8170CE39657}D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{7694F13F-9A65-48B8-8709-33DC69F2FAA4}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{218C3FDB-A6FD-43D8-820E-C8C22CDEC01C}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{24EC901C-C8C2-4903-AEFD-1F4FA957385D}C:\program files\unity\editor\data\tools\nodejs\node.exe] => (Allow) C:\program files\unity\editor\data\tools\nodejs\node.exe
FirewallRules: [UDP Query User{8B57865E-A3B9-4E11-A9F1-0E9C133E3193}C:\program files\unity\editor\data\tools\nodejs\node.exe] => (Allow) C:\program files\unity\editor\data\tools\nodejs\node.exe
FirewallRules: [{DBE2AD58-40B1-4605-8BCB-73B676437751}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{AF78346B-E0E8-469D-A252-0BEA47747C8A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [{F62EDF43-547C-4D81-B21C-E3C6EB9DC38F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [TCP Query User{124E2B6A-96AF-4349-A9D7-E52BB0A9D41F}D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe
FirewallRules: [UDP Query User{187F4ADD-3307-4BC1-9DA7-E8045316AC14}D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe
FirewallRules: [TCP Query User{BAB4A592-DC9F-4EB5-9978-0A1714BC10F0}D:\downloads\games\overwatch\overwatch.exe] => (Allow) D:\downloads\games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{EF225068-3D1B-4F51-BCD0-97FCC7A0F5E6}D:\downloads\games\overwatch\overwatch.exe] => (Allow) D:\downloads\games\overwatch\overwatch.exe
FirewallRules: [{291A6A69-4A4A-430C-BD0B-8CF5DB781E2D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here.exe
FirewallRules: [{62CC98E4-D3B0-4285-AE62-C1BE7CB95DA7}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here.exe
FirewallRules: [{C7AD0CE5-A384-42EA-BA7D-FAAAC014F785}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here VR.exe
FirewallRules: [{C54EB692-924F-488E-BEDD-06933478B2DF}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here VR.exe
FirewallRules: [{661875E2-6257-4000-9E2F-B3FD4458E48C}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{27203441-D992-4A21-B592-B6CE080FD0C1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{5408F76E-7694-4FCA-B107-0BC6B397634E}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
FirewallRules: [UDP Query User{14BA8636-3BB6-41D4-9EF7-EDD8F63842BF}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
FirewallRules: [{BEE825D1-265A-43F4-90B7-A9C0911E7F6C}] => (Allow) D:\NadekoBot\redis\redis-server.exe
FirewallRules: [{35FC2D14-20E9-425E-95C2-3AC6A6D6F551}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe
FirewallRules: [{7121F1B0-D504-4E79-9EB2-5ACC08271B5E}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe
FirewallRules: [{7437FCDA-29FB-4B9E-8584-0ED2D9FAEF59}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{AC23B224-E941-4006-98D2-2B21A052EEF9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{DF618C39-1EAD-4BAD-86D6-E0EB19FEA5E0}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{EBE552B3-416D-492D-BC42-294F6E363E41}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{CC39AFDC-E1C5-4822-B11D-0C782AF90C5E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{FC99EDFE-0363-4D97-AC10-48E3E949FAAD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{88AE44BC-D3C5-4D5E-B3E6-2A3DA432A4A6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{E18340FA-E27E-4116-AE58-6CA397489EBB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{BE341F1B-27B9-40D5-BA38-B8578E5855B4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\IdleChampions\IdleDragons.exe
FirewallRules: [{CC8ACDEA-E3BB-4B1D-95B6-24603D6A18C9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\IdleChampions\IdleDragons.exe
FirewallRules: [TCP Query User{AAD811C9-F772-44E0-8539-09E821447E18}D:\downloads\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\downloads\games\the sims 4\game\bin\ts4_x64.exe
FirewallRules: [UDP Query User{D19A33BA-5E20-473B-862E-FA5DB916EC65}D:\downloads\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\downloads\games\the sims 4\game\bin\ts4_x64.exe
FirewallRules: [{F113299F-E258-494B-A588-5521E55DC913}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Doki Doki Literature Club\DDLC.exe
FirewallRules: [{CBF825E4-FFAF-4250-9D3F-979ED341EB9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Doki Doki Literature Club\DDLC.exe
FirewallRules: [{3EC7FB21-9B2F-435B-8383-70F0C0C100B5}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\World of Warships\bin\clientrunner\clientrunner.exe
FirewallRules: [{E0A3F8D8-AB5B-4D12-9741-4F5021721717}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\World of Warships\bin\clientrunner\clientrunner.exe
FirewallRules: [{C3F8DCB9-7380-4150-BD24-187491F0EC25}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{A7EE2576-9CDD-4954-9841-C4E5370EEC47}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{0FA6B34B-6FC2-4DFD-BDB9-53DB02EC6711}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{64B03985-9C33-4EF8-9680-501C50F47C9E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{A5DAEA93-6179-42AB-A1FE-CB08FF73C5FE}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\VRChat\VRChat.exe
FirewallRules: [{66AEFF59-0056-4556-A763-C7C25FA83463}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\VRChat\VRChat.exe
FirewallRules: [{7026AF56-C7E9-47E5-8D6B-9114EDE30342}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{34BED28F-3CDA-4A2E-AC9F-4DA0EBFA0095}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{85F24101-D257-49FC-B184-E7E7971A9CC4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [{463FAAAF-DA40-4C53-9830-FC5BD5CC0B54}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [TCP Query User{FE8ACD97-572B-4C4D-A4DC-C762589DF006}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [UDP Query User{05EDE794-953C-4C9B-B623-CDBE14CC8113}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [{1DBD8412-F824-4A71-B583-0B23B2AC5308}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{84431380-A50B-49FE-AF08-C97EA9133508}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{593A5877-36A3-48A3-B8A2-9BA1268428F9}] => (Allow) C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe
FirewallRules: [{067171D3-CDA7-4E39-B569-0CB6C53C9088}] => (Allow) C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe
FirewallRules: [{1E412C8C-099F-4FA6-8D00-9FD8C1DB1C33}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4ADA2929-08C1-41E7-A4B4-87129FDD103B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DED97B08-41C0-484F-8FBA-0E312C8C8F9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{C8096ADF-822D-46F4-88CD-ECD23961898F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{776F9125-BB9D-45E0-8FEF-F9C7C3355611}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{6C64D425-F60E-4DD4-9657-D277C9051029}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{76399528-22B3-4138-8998-530492ED64A1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{1E34F3DD-D166-4DDB-91B2-71BA0CA6EB9B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{87E6EEF0-2196-4408-ABEC-AB572A92DA68}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{12868E6F-7987-4627-A931-B1F09A150BBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{5397A3E5-A7A7-4890-BA7F-38119F27D5A6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{38E868AF-A069-4029-B6D3-F51EFE1FF59B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{E239E74A-C7FD-4E88-AD23-6824C0EF44C3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{DA439718-6F8A-4778-85C9-6D021A6DE749}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{D5929615-6992-45F9-B441-251A293F4F79}] => (Allow) C:\Program Files (x86)\Origin Games\Spore\Sporebin\SporeApp.exe
FirewallRules: [{7F0427C3-010A-4138-81D8-690FD10E1754}] => (Allow) C:\Program Files (x86)\Origin Games\Spore\Sporebin\SporeApp.exe
FirewallRules: [{E8D63457-1175-4F88-9EB4-4A163E86BBB6}] => (Allow) D:\Program Files\Nox\bin\Nox.exe
FirewallRules: [{7C7D0684-6420-420D-A67A-30F19FB6B64A}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{08356CC1-09F1-4638-9B0F-87D4F79854B7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{CA1A809F-0C05-4CD4-8621-FDD186FAD5CD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{E283343C-AFC6-49D6-91F6-ACF0E0968860}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E7EFEDA1-897F-41AA-BD53-F86525E80BA2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{56C69B6F-1C38-4AD1-8706-8376696C05FA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/16/2018 08:00:11 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263

Error: (09/16/2018 08:00:10 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263

Error: (09/16/2018 07:51:37 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263

Error: (09/16/2018 07:49:18 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263

Error: (09/16/2018 07:49:07 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263

Error: (09/16/2018 07:18:32 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/16/2018 07:08:00 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263

Error: (09/16/2018 07:07:59 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2)
Description: httphttp-2147467263


Systemfehler:
=============
Error: (09/16/2018 03:50:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/16/2018 03:35:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/16/2018 03:25:24 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
Windows.SecurityCenter.WscCloudBackupProvider
 und der APPID 
Nicht verfügbar
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/16/2018 03:24:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/16/2018 03:24:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/16/2018 03:24:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/16/2018 03:24:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/16/2018 03:24:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll


CodeIntegrity:
===================================

Date: 2018-06-23 08:51:02.942
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-23 08:48:03.423
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6267U CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 6062.59 MB
Verfügbarer physikalischer RAM: 2384.28 MB
Summe virtueller Speicher: 10670.59 MB
Verfügbarer virtueller Speicher: 4970.03 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.22 GB) (Free:20.74 GB) NTFS
Drive d: (Data) (Fixed) (Total:1337.26 GB) (Free:796.82 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:42.61 GB) NTFS

\\?\Volume{469da7c1-3405-49e3-9966-c1579fc63c47}\ () (Fixed) (Total:0.9 GB) (Free:0.45 GB) NTFS
\\?\Volume{37c984f9-d5e4-4a08-916b-06b97dddf7e8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: BBB25831)

Partition: GPT.

========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: BBB2585A)

Partition: GPT.

==================== Ende von Addition.txt ============================