|
Log-Analyse und Auswertung: Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
09.09.2018, 23:10 | #1 |
| Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht? Sorry, es ist Startupchecklibrary.dll nicht startuplibrary Huhu, vor einigen Wochen hat Avast bei mir angeschlagen und gemeldet, dass StartUpLibrary.dll ein IDP.Generic ist und es in die Quarantäne verschoben. Alles gut und so aber immer wenn ich den Laptop an den Strom anschliesse oder ihn hochfahre, kommt die Meldung "StartUpLibrary.dll konnte nicht gefunden werden". Sonst keine Probleme, also hab ich die Schultern gezuckt und damit gelebt. Nun habe ich Probleme mit dem Windows Update. Fehlercode (0x80070424), Windows meldet mir, mir fehlen wichtige Updates, aber es kann nix geupdated werden. Dachte mir vllt liegt es an der DLL die jetzt in Quarantäne ist? also hab ich die wiederhergestellt. Bringt auch nix. Habe nach der Wiederherstellung Malwarebytes laufen lassen. Der hat nix gefunden also wohl kein Problem mit der DLL. Sehr verwirrend. Habe irgendwann dazwischen die DLL bei Avast als Ausnahmen hinzugefügt weswegen ich sie jetzt nicht wieder in die Quarantäne verschieben kann, bis ich herausfinde wie ich sie als Ausnahme entferne. Wäre super wenn mir jemand sagen könnte, wie. Ich weiß also gar nicht, ob ich Malware hab. Hatte die Logs also bereits gemacht, bin daher hierher statt in den anderen Bereich gegangen. Sonst verschiebt mich, wenn ich hier falsch bin. Logs spalte ich auf mehrere Beiträge auf, sonst häng ich sie im nächsten Beitrag an. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018 durchgeführt von staub (Administrator) auf DESKTOP-UKTCUI2 (09-09-2018 23:54:22) Gestartet von D:\Downloads Geladene Profile: staub (Verfügbare Profile: staub & enogh & shima) Platform: Windows 10 Home Version 1803 17134.112 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe () D:\NadekoBot\redis\redis-server.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe () C:\Program Files (x86)\PHotkey\PHotkey.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe () C:\Program Files (x86)\PHotkey\Atouch64.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe () C:\Program Files (x86)\PHotkey\Dolbyosd.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\PHotkey\GPMTray.exe () C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (ShareX Team) C:\Program Files\ShareX\ShareX.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2018-06-19] (Microsoft Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3352808 2015-11-06] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-06] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1429248 2016-05-06] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-30] (AVAST Software) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] () HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [54332920 2017-08-14] (Discord Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3750208 2018-08-28] (Dropbox, Inc.) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1226240 2017-09-20] (Cisco Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Spotify] => C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe [24453008 2018-08-23] (Spotify Ltd) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1398352 2018-06-11] (CyberGhost S.A.) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Discord] => C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Windows Shutdown Assistant] => C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe /autoStart HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\MountPoints2: {985ca1c1-6f35-11e8-bfdf-b881983425c3} - "G:\Setup.exe" Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-08-05] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome.lnk [2017-09-09] ShortcutTarget: chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-06-26] ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{6de58bda-e014-4104-bd91-a8315218f1f1}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{8e27d8c5-8315-4adf-8c15-08fd74f18d9f}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{cf97e8a1-698d-47eb-9b5f-ca89d553a6b7}: [DhcpNameServer] 185.156.172.178 185.93.180.131 83.143.245.42 Internet Explorer: ================== HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-16] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-23] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-23] (Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-21] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-21] (Oracle Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-16] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-16] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-16] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-16] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 0w2ntjwv.default-1518458315710 FF ProfilePath: C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710 [2018-08-31] FF Extension: (Avast SafePrice) - C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710\Extensions\sp@avast.com.xpi [2018-06-20] FF Extension: (uBlock Origin) - C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710\Extensions\uBlock0@raymondhill.net.xpi [2018-02-12] FF Extension: (Avast Online Security) - C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710\Extensions\wrc@avast.com.xpi [2018-06-20] FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-23] (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-06-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-06-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: BYOND -> D:\BYOND\bin\npbyond.dll [2008-07-08] (BYOND) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://calendar.google.com/calendar/render#main_7 CHR StartupUrls: Default -> "hxxps://calendar.google.com/calendar/render#main_7","hxxps://keep.google.com/","hxxps://docs.google.com/spreadsheets/d/1ruUreFE1R4ZzGHA86bTj83pJTyTPeQboafg75hVvfFA/edit#gid=485674309" CHR NewTab: Default -> Active:"chrome-extension://mefhakmgclhhfbdadeojlkbllmecialg/public/index.html" CHR DefaultSearchKeyword: Default -> lp CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default [2018-09-09] CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14] CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-10] CHR Extension: (ColorZilla) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2018-05-09] CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-10] CHR Extension: (uBlock Origin) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-08-28] CHR Extension: (Share on Rabbit) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplabnbcafdgpcjmibgkekpaejlfhnkl [2018-07-07] CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2018-06-20] CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14] CHR Extension: (News Feed Eradicator for Facebook) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg [2017-11-17] CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17] CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-06-21] CHR Extension: (LastPass: Free Password Manager) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-09-07] CHR Extension: (Voice to Text) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcdafhjjjfnkoeilnjmnadadaoehgdc [2018-03-21] CHR Extension: (StayFocusd) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2018-03-15] CHR Extension: (Tabby Cat) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mefhakmgclhhfbdadeojlkbllmecialg [2018-09-05] CHR Extension: (Milky Way Stars over Pine Valley, Utah) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\memcphligehabnghadofahejdodcfnnb [2017-08-11] CHR Extension: (Save to Pocket) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2018-08-05] CHR Extension: (Hotspot Shield VPN Free Proxy – Unblock Sites) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2018-07-31] CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-10] CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-08-26] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-08-24] CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28] CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28] CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28] CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28] CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-24] CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28] CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24] CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28] CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28] CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-24] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-08-07] CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28] CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28] CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28] CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28] CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28] CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28] CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-04] CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28] CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28] CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-08-05] CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28] CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28] CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28] CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28] CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28] CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28] CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-04] CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28] CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28] CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-07-29] CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28] CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28] CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28] CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28] CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28] CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28] CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-28] CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28] CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28] CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-29] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-30] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-30] (AVAST Software) S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-08-30] (AVAST Software) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-05] (BlueStack Systems, Inc.) R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost S.A.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation) S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [440304 2017-04-04] (Intel Corporation) R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163328 2016-01-27] () [Datei ist nicht signiert] S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-12] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-12] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-08-28] (Dropbox, Inc.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-09-07] (EasyAntiCheat Ltd) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-11-06] (ELAN Microelectronics Corp.) U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-11] (Hi-Rez Studios) [Datei ist nicht signiert] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515256 2017-08-10] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-04-04] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-08-03] () S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2213696 2018-08-20] (Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3084104 2018-08-20] (Electronic Arts) R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [135680 2014-08-07] () [Datei ist nicht signiert] R2 Redis; D:\NadekoBot\redis\redis-server.exe [1553408 2016-07-01] () [Datei ist nicht signiert] S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3756200 2017-08-03] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-30] (AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-30] (AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-30] (AVAST Software) R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-30] (AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-30] (AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-20] (AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249016 2018-08-30] (AVAST Software) S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-30] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163272 2018-08-30] (AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-30] (AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87904 2018-08-30] (AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-30] (AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467320 2018-09-04] (AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215728 2018-09-06] (AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-30] (AVAST Software) S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. ) R1 cgnetfilter1521; C:\WINDOWS\System32\drivers\cgnetfilter1521.sys [84768 2017-03-22] (Windows (R) Win 7 DDK provider) S3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation) R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [30808 2015-11-06] (ELAN Microelectronic Corp.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [245768 2017-08-10] (Intel Corporation) R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [259360 2018-09-03] (Malwarebytes) R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation) R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7644672 2017-09-05] (Intel Corporation) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) R3 PegaRadioSwitch; C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys [34096 2015-11-18] (Windows (R) Win 7 DDK provider) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-07-17] (Realsil Semiconductor Corporation) S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (The OpenVPN Project) S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-06-19] (The OpenVPN Project) S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2017-09-20] (Cisco Systems, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2018-09-06] (BigNox Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-09-09 23:22 - 2018-09-09 23:54 - 000000000 ____D C:\FRST 2018-09-09 23:11 - 2018-09-09 23:11 - 000000000 ___HD C:\OneDriveTemp 2018-09-08 10:54 - 2018-09-08 10:54 - 000001453 _____ C:\Users\staub\AppData\Local\recently-used.xbel 2018-09-06 19:51 - 2018-09-06 19:51 - 000000000 ____D C:\Users\staub\AppData\Local\MultiPlayerManager 2018-09-06 11:47 - 2018-09-06 11:47 - 000000066 _____ C:\Users\staub\inittk.ini 2018-09-06 11:46 - 2018-09-06 11:46 - 000000045 _____ C:\Users\staub\nuuid.ini 2018-09-06 11:46 - 2018-09-06 11:46 - 000000041 _____ C:\Users\staub\inst.ini 2018-09-06 11:46 - 2018-09-06 11:46 - 000000000 ____D C:\Users\staub\Nox_share 2018-09-06 11:38 - 2018-09-09 23:10 - 000000000 ____D C:\Users\staub\AppData\Local\Nox 2018-09-06 11:38 - 2018-09-09 10:27 - 000000000 ____D C:\Users\staub\vmlogs 2018-09-06 11:38 - 2018-09-09 10:27 - 000000000 ____D C:\Users\staub\.BigNox 2018-09-06 11:38 - 2018-09-06 11:38 - 000000715 _____ C:\Users\staub\Desktop\Nox.lnk 2018-09-06 11:38 - 2018-09-06 11:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Nox 2018-09-06 11:38 - 2018-09-06 11:38 - 000000000 ____D C:\Program Files (x86)\Bignox 2018-09-06 11:13 - 2018-09-06 11:13 - 000000000 ____D C:\Users\staub\Downloads\MEmu Download 2018-09-04 18:03 - 2018-09-04 18:03 - 000000000 ____D C:\Users\staub\Documents\MeinSpore-Kreationen 2018-09-04 18:00 - 2018-09-04 18:00 - 000000000 ____D C:\ProgramData\Electronic Arts 2018-09-04 17:44 - 2018-09-04 17:44 - 000000000 ____D C:\Users\staub\Documents\My Spore Creations 2018-09-04 17:44 - 2018-09-04 17:44 - 000000000 ____D C:\Users\staub\AppData\Roaming\Spore 2018-09-03 21:09 - 2018-09-03 21:09 - 000000000 ____D C:\Users\staub\Desktop\Entspannung 2018-09-03 19:52 - 2018-09-03 19:52 - 000000000 ____D C:\Users\staub\.cache 2018-09-03 19:50 - 2018-09-09 23:30 - 000000000 ____D C:\Users\staub\AppData\Roaming\AllToMP3 2018-09-03 19:46 - 2018-09-03 19:46 - 000000000 ____D C:\Users\staub\AppData\Local\mbam 2018-09-03 14:05 - 2018-09-03 19:09 - 000259360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-08-30 22:20 - 2018-08-30 22:20 - 000379608 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2018-08-30 19:55 - 2018-08-30 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-08-28 13:53 - 2018-08-28 13:53 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2018-08-28 13:53 - 2018-08-28 13:53 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2018-08-28 13:53 - 2018-08-28 13:53 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2018-08-28 13:53 - 2018-08-28 13:53 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2018-08-19 13:56 - 2018-08-19 13:56 - 000000000 ____D C:\Users\staub\.m2 2018-08-16 22:11 - 2018-08-16 22:11 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2018-08-16 22:11 - 2018-08-16 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2018-08-13 19:36 - 2018-08-13 19:36 - 000253801 _____ C:\Users\staub\Desktop\SBOnlineSemesterbescheinigung (1).pdf 2018-08-10 13:45 - 2018-08-10 13:45 - 000000063 _____ C:\Users\staub\Ondesoft 2018-08-10 13:38 - 2018-08-10 13:45 - 000000000 ____D C:\Users\staub\Ondesoft Spotify Converter 2018-08-10 13:38 - 2018-08-10 13:38 - 000001480 _____ C:\Users\staub\Desktop\Ondesoft Spotify Converter.lnk 2018-08-10 13:38 - 2018-08-10 13:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ondesoft 2018-08-10 13:38 - 2018-08-10 13:38 - 000000000 ____D C:\Users\staub\AppData\Local\Ondesoft ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-09-09 23:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps 2018-09-09 23:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-09-09 23:50 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-09-09 23:50 - 2017-12-01 01:06 - 000000000 ____D C:\Users\staub\AppData\Local\Packages 2018-09-09 23:48 - 2017-08-04 18:20 - 000000000 ____D C:\Users\staub\AppData\Local\Spotify 2018-09-09 23:43 - 2017-08-04 18:20 - 000000000 ____D C:\Users\staub\AppData\Roaming\Spotify 2018-09-09 23:18 - 2018-06-04 08:14 - 001722010 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-09-09 23:18 - 2018-04-12 18:13 - 000744134 _____ C:\WINDOWS\system32\perfh007.dat 2018-09-09 23:18 - 2018-04-12 18:13 - 000150268 _____ C:\WINDOWS\system32\perfc007.dat 2018-09-09 23:18 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF 2018-09-09 23:11 - 2018-07-16 10:41 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat 2018-09-09 23:11 - 2017-08-04 18:19 - 000000000 ____D C:\Program Files (x86)\Steam 2018-09-09 23:11 - 2017-08-04 12:24 - 000000000 ___RD C:\Users\staub\OneDrive 2018-09-09 23:10 - 2018-06-04 08:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-09-09 23:10 - 2018-04-11 23:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2018-09-09 23:10 - 2017-09-26 16:03 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2018-09-09 23:10 - 2017-09-07 18:44 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2018-09-09 23:10 - 2017-08-04 12:22 - 000000000 __SHD C:\Users\staub\IntelGraphicsProfiles 2018-09-09 22:59 - 2018-06-04 08:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-09-09 22:26 - 2018-06-04 08:16 - 000003558 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-09-09 22:26 - 2018-06-04 08:16 - 000003334 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-09-09 22:26 - 2018-06-04 08:16 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2018-09-09 22:26 - 2018-06-04 08:16 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2089115426-2641811642-829515932-1002 2018-09-09 22:26 - 2018-06-04 08:16 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2089115426-2641811642-829515932-1001 2018-09-09 22:26 - 2018-06-04 08:16 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2018-09-09 22:26 - 2018-06-04 08:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2018-09-09 16:23 - 2017-08-14 17:28 - 000000000 ____D C:\Users\staub\AppData\Local\ElevatedDiagnostics 2018-09-09 16:12 - 2017-08-04 19:42 - 000000000 ____D C:\Users\staub\AppData\Local\CrashDumps 2018-09-09 14:44 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\WhatsApp 2018-09-09 10:28 - 2017-10-17 12:27 - 000000000 ____D C:\Users\staub\.android 2018-09-08 15:46 - 2017-08-28 12:56 - 000000000 ____D C:\Users\staub\.gimp-2.8 2018-09-07 12:08 - 2018-06-04 08:16 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2018-09-06 11:47 - 2018-06-04 08:09 - 000000000 ____D C:\Users\staub 2018-09-06 11:44 - 2018-06-20 22:42 - 000000000 ____D C:\Program Files (x86)\Origin 2018-09-06 11:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration 2018-09-06 11:10 - 2018-06-21 07:55 - 000000000 ____D C:\Users\staub\AppData\Local\AVAST Software 2018-09-06 11:09 - 2018-06-20 22:25 - 000215728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2018-09-04 23:54 - 2018-06-20 22:41 - 000000000 ____D C:\Users\staub\AppData\Roaming\Origin 2018-09-04 18:20 - 2018-06-04 01:00 - 000467320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2018-09-04 17:54 - 2018-06-20 22:45 - 000000000 ____D C:\Program Files (x86)\Origin Games 2018-09-04 17:53 - 2018-06-20 22:41 - 000000000 ____D C:\ProgramData\Origin 2018-09-03 14:22 - 2017-08-05 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\vlc 2018-09-03 14:05 - 2018-06-23 08:47 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-09-01 12:49 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2018-09-01 12:49 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Local\WhatsApp 2018-09-01 12:49 - 2017-08-04 14:08 - 000000000 ____D C:\Users\staub\AppData\Local\SquirrelTemp 2018-09-01 12:40 - 2018-06-04 08:09 - 000002387 _____ C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-08-30 22:20 - 2018-06-20 22:25 - 000111864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2018-08-30 22:20 - 2018-06-04 01:00 - 000381560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2018-08-30 22:20 - 2018-06-04 01:00 - 000199712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2018-08-30 22:20 - 2018-06-04 01:00 - 000163272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2018-08-30 22:20 - 2018-06-04 01:00 - 000087904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2018-08-30 22:20 - 2018-06-04 01:00 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2018-08-30 22:20 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2018-08-30 22:19 - 2018-06-04 01:00 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2018-08-30 22:19 - 2018-06-04 01:00 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys 2018-08-30 22:19 - 2018-06-04 01:00 - 000229384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2018-08-30 22:19 - 2018-06-04 01:00 - 000201320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2018-08-30 22:19 - 2018-06-04 01:00 - 000059568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2018-08-30 22:19 - 2017-10-04 20:12 - 000249016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys 2018-08-30 19:55 - 2017-08-12 10:02 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-08-29 15:08 - 2018-05-08 08:45 - 000000000 ____D C:\Users\staub\AppData\Local\Eclipse 2018-08-29 15:08 - 2017-08-15 11:16 - 000000000 ____D C:\Users\staub\.p2 2018-08-28 22:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-08-26 12:38 - 2018-07-29 23:46 - 000000000 ____D C:\Users\staub\Desktop\discord server stugg 2018-08-24 19:53 - 2017-09-11 16:01 - 000000000 ____D C:\Users\staub\AppData\Roaming\audacity 2018-08-23 19:53 - 2017-08-28 13:20 - 000000000 ____D C:\Users\staub\AppData\Local\gtk-2.0 2018-08-23 11:15 - 2017-08-12 10:02 - 000001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2018-08-23 11:15 - 2017-08-12 10:02 - 000001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2018-08-23 10:38 - 2018-06-04 08:16 - 000004306 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2018-08-23 10:38 - 2018-06-04 08:16 - 000004074 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2018-08-16 22:11 - 2017-09-27 21:15 - 000002540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2018-08-16 22:11 - 2016-06-08 10:42 - 000002587 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2018-08-16 22:11 - 2016-06-08 10:42 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2018-08-16 22:11 - 2016-06-08 10:42 - 000002562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2018-08-16 22:11 - 2016-06-08 10:42 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2018-08-16 22:11 - 2016-06-08 10:42 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2018-08-16 22:11 - 2016-06-08 10:42 - 000002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2018-08-16 22:09 - 2016-06-08 10:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-08-10 07:00 - 2017-08-10 22:52 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2018-03-18 19:44 - 2018-05-19 19:34 - 000007551 _____ () C:\Users\staub\AppData\Roaming\SpeedRunnersLog.txt 2017-08-04 18:47 - 2017-08-04 18:47 - 000000039 _____ () C:\Users\staub\AppData\Local\kritadisplayrc 2017-08-04 18:47 - 2017-08-04 18:47 - 000014964 _____ () C:\Users\staub\AppData\Local\kritarc 2018-09-08 10:54 - 2018-09-08 10:54 - 000001453 _____ () C:\Users\staub\AppData\Local\recently-used.xbel 2017-08-10 23:04 - 2017-08-10 23:04 - 000007628 _____ () C:\Users\staub\AppData\Local\Resmon.ResmonCfg Einige Dateien in TEMP: ==================== 2018-09-06 11:37 - 2017-12-08 04:44 - 000036152 _____ () C:\Users\staub\AppData\Local\Temp\clearRemnants.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2018-06-04 08:07 ==================== Ende von FRST.txt ============================ Geändert von Staub (09.09.2018 um 23:17 Uhr) |
09.09.2018, 23:11 | #2 |
| Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23.08.2018 durchgeführt von staub (09-09-2018 23:54:58) Gestartet von D:\Downloads Windows 10 Home Version 1803 17134.112 (X64) (2018-06-04 06:17:08) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2089115426-2641811642-829515932-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2089115426-2641811642-829515932-503 - Limited - Disabled) enogh (S-1-5-21-2089115426-2641811642-829515932-1002 - Limited - Enabled) => C:\Users\enogh Gast (S-1-5-21-2089115426-2641811642-829515932-501 - Limited - Disabled) shima (S-1-5-21-2089115426-2641811642-829515932-1004 - Limited - Enabled) => C:\Users\shima staub (S-1-5-21-2089115426-2641811642-829515932-1001 - Administrator - Enabled) => C:\Users\staub WDAGUtilityAccount (S-1-5-21-2089115426-2641811642-829515932-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 4K Video Downloader 4.4 (HKLM-x32\...\{D04F9BA2-CF6F-41AD-8BD1-313ABD28FAF2}) (Version: 4.4.4.2275 - Open Media LLC) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) 7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov) Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.) Andy OS (HKLM\...\Andy OS) (Version: 46.16 - Andy OS, Inc) Anki (HKLM-x32\...\Anki) (Version: - ) Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software) Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BlueJ (HKLM-x32\...\{92FD2477-5855-4863-B4C1-405C7853FD9F}) (Version: 4.1.2 - BlueJ Team) BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.44.1625 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build and Shoot Launcher 1.2 (HKLM-x32\...\Build and Shoot Launcher) (Version: 1.2 - Buld Then Snip, LLC) BYOND (HKLM-x32\...\BYOND) (Version: 512.1404 - BYOND) CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.5.02033 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{0C9580F0-95DC-4E64-BB4C-1091B660A64F}) (Version: 4.5.02033 - Cisco Systems, Inc.) Hidden Citra (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{385074ac-5fd7-4e2a-ba3e-cae92abf1372}) (Version: 1.0.0 - Citra Team) CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.) Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version: - ) Discord (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Discord) (Version: 0.0.301 - Discord Inc.) Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.6.3.44 - Dolby Laboratories, Inc.) Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 56.4.94 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.127.1 - Dropbox, Inc.) Hidden ELAN Touchpad 15.19.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.19.7.1 - ELAN Microelectronic Corp.) Epic Games Launcher (HKLM-x32\...\{42D23AAF-7D6F-48C7-A62C-8E02D6234156}) (Version: 1.1.147.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FileZilla Client 3.27.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.0.1 - Tim Kosse) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.) Frets On Fire (HKLM-x32\...\Frets on Fire) (Version: 1.3.110-win32 - ) GÉANTLink 1.0a x64 (HKLM\...\{89C31957-7751-419E-A873-03C71B757195}) (Version: 1.0.28 - GÉANT) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod) Hero Lab 8.4 (HKLM-x32\...\{760AA190-82DF-4A80-BE05-B9FEEC88946D}_is1) (Version: 8.4 - LWD Technology, Inc.) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1178 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4390 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{601DFCAC-FCC1-4779-9095-D69D82904A5A}) (Version: 18.1.1607.3129 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{fefa9370-e735-4821-9cbc-48bd843e7ac3}) (Version: 19.80.0 - Intel Corporation) Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation) Java SE Development Kit 8 Update 144 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180144}) (Version: 8.0.1440.1 - Oracle Corporation) Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - ) Krita (x64) 3.1.4.0 (HKLM\...\Krita_x64) (Version: 3.1.4.0 - Krita Foundation) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) LIMBO (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Limbo) (Version: - ) Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.10325.20118 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0006 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual Studio 2017 (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.11.33287.817 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org) Mozilla Firefox 60.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.2 (x64 en-US)) (Version: 60.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla) MusicBee 3.1 (HKLM-x32\...\MusicBee) (Version: 3.1 - Steven Mayall) NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team) Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.2.0 - Duodian Technology Co. Ltd.) NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd) Ondesoft Spotify Converter version 2.1.0 (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{4E9A8CA6-50D7-4A86-8086-37DDE546D429}_is1) (Version: 2.1.0 - Ondesoft, Inc.) OpenRCT2 0.2.0 (HKLM-x32\...\OpenRCT2) (Version: 0.2.0 - OpenRCT2) Origin (HKLM-x32\...\Origin) (Version: 10.5.26.8488 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{49281fb0-b08b-40c3-a0e1-f228f2cd6982}) (Version: latest - ppy Pty Ltd) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0127 - Pegatron Corporation) ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG) PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham) Python 3.6.0 (32-bit) (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{8ba65a8c-cb48-4716-bc24-47c148808015}) (Version: 3.6.150.0 - Python Software Foundation) Python 3.6.0 Add to Path (32-bit) (HKLM-x32\...\{D4C8360E-C73A-46B9-AF8E-672684048BF0}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Core Interpreter (32-bit) (HKLM-x32\...\{FC638B75-E969-4496-A546-9D78EA7D8F35}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Development Libraries (32-bit) (HKLM-x32\...\{F2A430F2-A7AC-4B46-808A-FC6E8419ABDE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Documentation (32-bit) (HKLM-x32\...\{A66771E3-430A-40A7-B00C-94A239396BEE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Executables (32-bit) (HKLM-x32\...\{3C182441-3C75-4113-A28D-D3AEAD85B320}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 pip Bootstrap (32-bit) (HKLM-x32\...\{1D427483-31FE-4ED4-AD39-AB78BBF7D22D}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Standard Library (32-bit) (HKLM-x32\...\{4CB36E4F-EC00-479B-AA25-0B9EC5385B0C}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C7D63030-7738-499A-A0D2-8549174D2B70}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Test Suite (32-bit) (HKLM-x32\...\{6EAD5F85-97EC-4AFB-84D2-D52AC41D3C66}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Utility Scripts (32-bit) (HKLM-x32\...\{7C3DAC9E-E229-415C-A600-5974B5D9DE7F}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{2636F1E4-2BC5-4B19-BFFD-A08F72598309}) (Version: 3.6.6032.0 - Python Software Foundation) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10163.31215 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7811 - Realtek Semiconductor Corp.) Redis on Windows (HKLM\...\{6E927557-4447-4348-AE9C-4B2EA64BDA17}) (Version: 3.0.504 - MSOpenTech) RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\RollerCoaster Tycoon 2 Triple Thrill Pack_is1) (Version: - GOG.com) RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\GOGPACKRCT3_is1) (Version: 2.0.0.13 - GOG.com) Rückkehr Nach Krondor (HKLM-x32\...\Rückkehr nach Krondor) (Version: - ) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.) ScreenToGif (HKLM-x32\...\{B46AB504-140F-4E7D-833C-C6CA1A4FAAD7}) (Version: 2.9.0 - Nicke Manarin) Secret World Legends (HKLM-x32\...\Secret World Legends_is1) (Version: 1.0.0 - Funcom) ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.2.0 - ShareX Team) Sierra-Dienstprogramme (HKLM-x32\...\Sierra-Dienstprogramme) (Version: - ) Sims 4 Tray Importer (S4TI) 1.6.7.9 (HKLM-x32\...\{8665A9CC-9652-4F31-907A-DE2E7A8E8E97}_is1) (Version: 1.6.7.9 - TeameeVo) Spore™ (HKLM-x32\...\{4BDCC41C-FFE7-40a4-BCB6-B558916868F7}) (Version: 1.7.0.0 - Electronic Arts) Spotify (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Spotify) (Version: 1.0.88.353.g15c26ea1 - Spotify AB) Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.3.0.5 - GOG.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sublime Text Build 3126 (HKLM-x32\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Terraria (HKLM-x32\...\1207665503_is1) (Version: 1.3.5.3 - GOG.com) The Sims 3 Complete Collection version 1.67.2 (HKLM-x32\...\The Sims 3 Complete Collection_is1) (Version: 1.67.2 - Mr DJ) The Sims 4 (HKLM\...\The Sims 4_is1) (Version: 1.41.38.1020 - ) Unity (HKLM-x32\...\Unity) (Version: 2017.1.1f1 - Unity Technologies ApS) VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN) vs_communitymsi (HKLM-x32\...\{52100697-9C66-44F3-BA20-68F8148CDF9B}) (Version: 15.0.26711 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{5297D80E-CD92-48D8-9DB0-301AB3205772}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{DDEF2BD0-F728-4D04-A085-B5ACC9ADC311}) (Version: 15.0.26711 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{2512A3CE-E1E4-46D5-8B40-28DA3AE2261E}) (Version: 15.0.26711 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{384F31FB-B99D-48A7-9D72-E1FEBEC2201A}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{D0772A03-7FC2-4B20-AC1F-B278299AA9C7}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{0F2742A7-6A64-46A2-94AE-22F19808BE2F}) (Version: 15.0.26711 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{0D3A6730-43CE-4AF6-BDF7-4D0660296C60}) (Version: 15.0.26621 - Microsoft Corporation) Hidden WhatsApp (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] () ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-04] (Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {08BA5A1B-5E65-4B61-9140-49D1A74E5CBC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-16] (Microsoft Corporation) Task: {0F3CDA75-BCBB-404B-BA00-5915A030F35A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation) Task: {15B5210C-333E-4806-BCFD-D940C6453BF9} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe Task: {17345D61-1E0E-4BCD-A526-EA31CDE23096} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-08-19] (AVAST Software) Task: {19555B0A-D775-47E3-A9A6-22C29A5B6A57} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe Task: {1D1CB372-CCAD-4646-8883-FD800C26A5B1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-16] (Microsoft Corporation) Task: {249A68DE-FE74-40EA-971F-9C25F5C235AC} - System32\Tasks\MICROSOFT\WINDOWS\APPLICATION EXPERIENCE\STARTUPCHECKLIBRARY => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary Task: {2B6B3B70-2DDB-4FC6-830C-F7EA866AC6D3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-12] (Dropbox, Inc.) Task: {353753FC-B0FC-4EA1-A232-3200F1CB243F} - System32\Tasks\S-1-5-21-2089115426-2641811642-829515932-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation) Task: {43C662DC-B631-492D-8A53-46E64C97345C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-10] (Google Inc.) Task: {4F508EA6-7F19-494E-A126-C83F33FD01C9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-30] (AVAST Software) Task: {5C059924-7C5E-4929-8724-5FA269766E91} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6673BC26-F155-4B3D-A62C-4F9AADEA5D14} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd) Task: {8D5B0EC7-553E-41E2-8E77-FEFDEB03CFCC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd) Task: {90DB7CBE-3215-40CB-831B-A16FDCB85BB5} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-08-16] (Microsoft Corporation) Task: {931D7AA3-D3EC-4CC9-A15E-91395F420AAA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-08-16] (Microsoft Corporation) Task: {A76FC8F2-D656-4678-BE6B-74FB88C68005} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-10] (Google Inc.) Task: {A8E7BDD8-B578-4B0F-A612-3C34C5C36A9C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-08-16] (Microsoft Corporation) Task: {C533C881-8B33-47F3-99C3-F3F125094253} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-08-16] (Microsoft Corporation) Task: {E7BB11BE-5672-4FC3-8839-68AE3B442547} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-12] (Dropbox, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\staub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Reee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-06-09 10:30 - 2014-08-07 12:45 - 000135680 _____ () C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-07-19 18:18 - 2017-07-19 18:18 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2017-08-29 02:43 - 2017-08-29 02:43 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2017-04-04 16:36 - 2017-04-04 16:36 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-01-27 05:04 - 2016-01-27 05:04 - 000163328 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe 2018-06-23 08:47 - 2018-09-03 14:05 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2016-07-01 16:55 - 2016-07-01 16:55 - 001553408 _____ () D:\NadekoBot\redis\redis-server.exe 2018-06-13 19:01 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-05-23 13:41 - 2018-05-23 13:42 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-05-23 13:41 - 2018-05-23 13:42 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-05-23 13:41 - 2018-05-23 13:42 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-05-23 13:41 - 2018-05-23 13:42 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll 2018-05-23 13:41 - 2018-05-23 13:42 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2016-06-09 10:30 - 2016-03-29 15:56 - 002409472 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe 2016-06-09 10:30 - 2010-01-12 19:36 - 000117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe 2016-06-09 10:30 - 2010-01-12 19:36 - 000121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe 2016-06-09 10:30 - 2010-12-17 16:04 - 000449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe 2018-05-26 14:43 - 2018-05-26 14:43 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-05-26 14:43 - 2018-05-26 14:43 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-09-26 08:54 - 2017-09-26 08:54 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 009358848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntPlat.dll 2016-06-09 10:30 - 2014-03-18 23:54 - 005644800 _____ () C:\Program Files (x86)\PHotkey\Dolbyosd.exe 2018-08-10 07:00 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll 2018-08-10 07:00 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll 2016-06-09 10:30 - 2016-04-13 18:23 - 009054720 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe 2016-06-09 10:30 - 2015-10-06 15:52 - 000331776 _____ () C:\Program Files (x86)\PHotkey\Keyboardmonitortool.exe 2015-06-16 03:53 - 2015-06-16 03:53 - 000628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe 2018-08-30 19:53 - 2018-08-27 21:41 - 001054496 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll 2018-08-30 19:53 - 2018-08-27 22:52 - 098006816 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2018-08-30 19:53 - 2018-08-27 22:52 - 004443424 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2018-08-30 19:53 - 2018-08-27 22:52 - 000100128 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2017-09-20 15:46 - 2017-09-20 15:46 - 000033792 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_system-vc140-mt-1_59.dll 2017-09-20 15:45 - 2017-09-20 15:45 - 000062976 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_date_time-vc140-mt-1_59.dll 2017-09-20 15:46 - 2017-09-20 15:46 - 000106496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_thread-vc140-mt-1_59.dll 2017-09-20 15:46 - 2017-09-20 15:46 - 000042496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_chrono-vc140-mt-1_59.dll 2017-09-20 15:46 - 2017-09-20 15:46 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll 2016-06-09 10:30 - 2009-12-18 17:36 - 000973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll 2016-06-09 10:30 - 2013-09-18 01:23 - 000108032 _____ () C:\Program Files (x86)\PHotkey\PGFNEX.dll 2017-08-04 21:37 - 2018-08-27 21:41 - 000874784 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2017-08-04 21:37 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2017-08-04 21:37 - 2018-08-29 23:17 - 002646304 _____ () C:\Program Files (x86)\Steam\video.dll 2017-08-04 21:37 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2017-08-04 21:37 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2017-12-14 23:58 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2017-12-14 23:58 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2017-12-14 23:58 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2017-12-14 23:58 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2017-12-14 23:58 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2017-08-04 21:37 - 2018-08-29 23:17 - 001015584 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-08-04 21:37 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2018-08-30 19:55 - 2018-08-28 13:53 - 001111880 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2018-08-30 19:55 - 2018-08-28 13:53 - 002247496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2018-05-15 22:28 - 2018-08-28 13:58 - 000023888 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000142824 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 001958760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:53 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll 2018-05-15 22:28 - 2018-08-28 13:53 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 000074584 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:53 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll 2018-08-30 19:55 - 2018-08-28 13:53 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:58 - 000401240 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:58 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:55 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:59 - 000059744 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:59 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:58 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd 2018-07-31 20:16 - 2018-08-28 13:59 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:57 - 003822416 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:58 - 000090560 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 001779024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000032736 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:57 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 000519504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:57 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:57 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:57 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:57 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:59 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:58 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:58 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:59 - 000024032 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:53 - 000494048 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:57 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:59 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:53 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2018-08-30 19:55 - 2018-08-28 13:56 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:53 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2018-05-15 22:28 - 2018-08-28 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 000441672 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2018-05-15 22:28 - 2018-08-28 13:58 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:56 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2018-08-30 19:55 - 2018-08-28 13:56 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2018-05-15 22:28 - 2018-08-28 13:58 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd 2018-05-15 22:28 - 2018-08-28 13:59 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:57 - 000531280 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:57 - 000354128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd 2018-08-30 19:55 - 2018-08-28 13:57 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd 2018-06-21 07:55 - 2018-06-21 07:55 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-08-30 22:19 - 2018-08-30 22:19 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\sharepoint.com -> hxxps://studiumunihamburgde-files.sharepoint.com ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2018-07-25 12:00 - 2018-07-25 12:00 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\staub\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == HKLM\...\StartupApproved\Run32: => "Discord" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "CyberGhost" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Windows Shutdown Assistant" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{AE92B345-3199-4EEF-9586-97639356C346}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe FirewallRules: [{8B34D625-C8B6-4877-96C0-CBCDD25DF20E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe FirewallRules: [{813C34EB-FF58-4882-A370-435EEBAAD5F1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe FirewallRules: [{AD48AB42-02A1-4FE2-BB61-BD91FEFE0D9C}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe FirewallRules: [UDP Query User{BB52AE73-447A-4875-B1C4-489FF54D13A8}D:\uni\eclipse\eclipse\eclipse.exe] => (Allow) D:\uni\eclipse\eclipse\eclipse.exe FirewallRules: [TCP Query User{1E018F34-2790-4BE2-807C-9FB190602EB2}D:\uni\eclipse\eclipse\eclipse.exe] => (Allow) D:\uni\eclipse\eclipse\eclipse.exe FirewallRules: [{E442D729-9F1B-4991-A07D-4C1E4FD64E88}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe FirewallRules: [{D36A68D1-D6AD-4B68-828E-A3713C4B7EB6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe FirewallRules: [{02690E20-A6C1-4E8C-8966-FA878327C8B5}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe FirewallRules: [{BE7832E1-7140-4C30-9357-0DADB4691F1B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe FirewallRules: [{B701D663-0DA5-46ED-BC2A-1B8DAED27117}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm5.exe FirewallRules: [{5099E323-58A7-4AE2-B9DF-58E9B847BE54}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm5.exe FirewallRules: [{AA81E785-EBF6-4061-8C89-D657823E747E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm7.exe FirewallRules: [{1AA2BFDC-78DD-4234-A48C-B28BF93C25FD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm7.exe FirewallRules: [UDP Query User{4587EEC4-7F5C-425E-95F0-56F7EDD9ABBB}D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{BF443098-73E6-40A2-BE2F-A9909D946A26}D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{8DBDCE7E-3EF9-4E8A-9728-EAE711DB58A7}D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{49AFF02A-296E-45A6-A287-C7B93A122D77}D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [{75D97824-3462-4A75-A6EA-A53E9A467964}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe FirewallRules: [{970633DC-A219-44EA-AB6F-E056362A63AD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe FirewallRules: [{E9F6A44A-0025-4C41-819C-1492EE4FF631}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{81728671-EFB2-44AF-88C9-7DCC094E4A78}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{067362FD-864A-4B84-87C3-62A7F329B816}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cinderella Phenomenon - OtomeVisual Novel\CinderellaPhenomenon.exe FirewallRules: [{BFA943BE-A0BC-4E1F-B0C2-C4443C530327}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cinderella Phenomenon - OtomeVisual Novel\CinderellaPhenomenon.exe FirewallRules: [{A38F2385-F440-4350-A7F8-FAC4503DA5F3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [{4FA6104E-157C-4834-8C8E-07A57325397A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [{887FCE58-5341-419B-8FA8-EAE86E02568D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\nmrih\sdk\hl2.exe FirewallRules: [{1DDB75C1-8E0D-4E64-BD1C-723A14398428}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\nmrih\sdk\hl2.exe FirewallRules: [{F150B6E4-4396-4D0A-B297-7E34A47C6BFB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [{BAC971B4-6F80-4D24-AEF2-F60E59859263}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [{FE34D1ED-A649-455D-8C5C-9611625CC50F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{1194BA1C-D046-45B9-91FB-19614B796F77}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{697E94D7-838B-4464-AA45-724365922964}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\Launcher.exe FirewallRules: [{3742AD2F-428F-438F-A781-CC5FCE95139F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\Launcher.exe FirewallRules: [{122944A9-A5C3-4EC4-8167-2F0BC5BE1442}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\aamfp.exe FirewallRules: [{35A07696-EDD7-481D-9634-01842C72BCE2}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\aamfp.exe FirewallRules: [{C536E400-CED9-4690-A95C-180258A5D957}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe FirewallRules: [{DCA1F6DE-8A77-4407-A12A-5690EA77A60B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe FirewallRules: [{0129324A-6372-4E23-9157-77101112E2BF}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe FirewallRules: [{ED9C52F2-03DD-4A4C-8DD3-F3F95F10E880}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe FirewallRules: [{6B1E3FBE-15B0-4297-8542-B3BAF3B497C6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Air Brawl\Air Brawl.exe FirewallRules: [{8E52E0D5-830E-42F3-ACF1-C2A2E535FDC4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Air Brawl\Air Brawl.exe FirewallRules: [{29298C02-98D6-4A46-AB0D-B58363A92EFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{AE199B30-E14B-4564-926F-9DACC52886BB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{94884D5E-85EF-49C6-9EA6-D7B317BBF8DA}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{2F881564-4C2D-4BB6-8E47-B9132B8FFA0E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{7E226AB7-0100-4197-872C-2AB1CC4D8B9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{55F4FA45-21B1-4548-BCA7-A1A7C7A6FFA0}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [{A336D929-61D4-4E0C-A7C8-E8AD81F539BB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{A640F38C-B29C-44DC-BB89-A9FFA8AF66CB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [{ACEB7411-E162-4759-BE40-C44B6ABF669B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{4F03E168-2919-449B-AC05-DAE9A6B21996}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{427ED94D-6264-4AED-BA42-9FC02B13B0BC}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{23B15E30-8A99-43B1-B072-CAF17BD69B98}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [{527A802B-180B-4961-BF4D-4EEB6AE80E8F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{4C1A8BB0-F72C-4A84-8B61-51E4D38FB137}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [{79D109B9-A491-4FFC-A6BE-BC68D9067405}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [UDP Query User{43402D6D-559D-483A-8A3E-1501E082F775}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe FirewallRules: [TCP Query User{9FA38818-BA1F-4D00-91E1-C543E1590AB1}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe FirewallRules: [UDP Query User{2D572ADD-B1F2-4007-848A-7D4D60A569CB}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe FirewallRules: [TCP Query User{8D15F317-AE12-4092-80F5-B1AE2E886579}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe FirewallRules: [{31E08BA8-8D52-42FB-9532-DF4775B6D61E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shank Demo\bin\Shank.exe FirewallRules: [{76B8CDEB-2B3F-48E5-B570-A305BEA01FAD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shank Demo\bin\Shank.exe FirewallRules: [{416C241D-31D6-4DCB-9327-60A2984E6995}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{5F04DE88-8E60-41D3-81DF-7D60C6FFE1E3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{ECB14AF4-EB93-4A0A-82D4-662100C71B61}] => (Allow) D:\Downloads\Games\Secret World Legends\ClientPatcher.exe FirewallRules: [{45915F72-F805-49BA-B0BB-F51067D81FE0}] => (Allow) D:\Downloads\Games\Secret World Legends\ClientPatcher.exe FirewallRules: [{C29F60A8-53B2-4C11-AF24-F05D3E6E3C0D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Monaco\MONACO.exe FirewallRules: [{198FB835-EE23-4C23-AA0F-80BAC447CAB9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Monaco\MONACO.exe FirewallRules: [{1EAC6018-3CFE-4058-B9AB-44EE537FB950}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe FirewallRules: [{2A792BEF-ABE7-470E-B56B-AF0776C2B61F}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe FirewallRules: [{A211B133-CD1C-49ED-A262-AD21FF2F7439}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe FirewallRules: [{F0275489-326F-44DF-AF5D-712804F2A1E8}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe FirewallRules: [{9E09F80C-F2E5-4C26-A2DE-2A66603F5974}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe FirewallRules: [{63B0CC1C-10BB-4A3C-AEA4-0CD1977FC8FF}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe FirewallRules: [{EFEF078B-A97A-4138-9BAA-EAF1C428BFD9}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{5EA019D5-000B-4243-9437-64CBC5E87A45}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{DCA8E089-302C-4D2A-9E19-8F3AAEC06363}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{4D1A2EE0-7A50-4B78-B6E0-E2E9076A84CF}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{3BE4A387-D647-4D2D-A7CB-78D8F8A6275C}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{362E2A26-F57D-41D8-B27B-9DF48D79ACD5}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{21164AE7-EE79-4ADB-9E5E-66EC15C6B459}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{35BAD61C-063A-410D-8B18-8F9FCE0980B4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D57D6DA3-A095-4DE1-8C1E-589D249E08AD}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{A5A95D36-0D43-4B02-B89F-60E813862599}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{1D693746-6BF1-46DA-AB36-FE75BF3D448C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{CEDEB133-B392-4829-A5F5-C97C75CEBA55}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{F2232837-6AFF-4411-980A-0CF014F3A76D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{671F6F13-5D7F-4F0B-8176-3132F0DF76EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{D3DBA6DE-89D0-40AD-955B-14792C40333A}C:\users\staub\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\staub\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{7701EC30-F28C-4A01-ABD3-06DF31B5D166}C:\users\staub\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\staub\appdata\roaming\spotify\spotify.exe FirewallRules: [{8644FA34-D321-4D59-86A2-561EBF35856A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{E5E36995-E0FD-40B8-930D-6CE184D6FE04}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [TCP Query User{168DC41D-682B-4A4D-8F7D-F2FC547FC2F9}D:\downloads\games\hearthstone\hearthstone.exe] => (Allow) D:\downloads\games\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{384463DF-F7B6-4E60-B8B9-52FCE425C05A}D:\downloads\games\hearthstone\hearthstone.exe] => (Allow) D:\downloads\games\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{1C244ED8-2DC9-48BD-B4D1-AD98084AD126}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [UDP Query User{36A229D1-7399-4672-9074-A6FBC4AAD585}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [TCP Query User{9521923B-05DF-45E7-A686-A8773A27DBDF}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [UDP Query User{DC5D19DA-CE0C-4C6B-A7BF-69BE3C430748}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [TCP Query User{B8404964-6383-4E4B-B0E7-C96496718CE7}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe FirewallRules: [UDP Query User{BD187D00-F099-4950-B100-5C5951AC5451}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe FirewallRules: [{925DF980-0676-4BAA-914F-51A2F937A5A8}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe FirewallRules: [TCP Query User{0C740B5D-02C6-49E0-9C2B-A5620AF40E8D}D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{9931F919-BB93-464C-A62B-C8170CE39657}D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{7694F13F-9A65-48B8-8709-33DC69F2FAA4}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe FirewallRules: [UDP Query User{218C3FDB-A6FD-43D8-820E-C8C22CDEC01C}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe FirewallRules: [TCP Query User{24EC901C-C8C2-4903-AEFD-1F4FA957385D}C:\program files\unity\editor\data\tools\nodejs\node.exe] => (Allow) C:\program files\unity\editor\data\tools\nodejs\node.exe FirewallRules: [UDP Query User{8B57865E-A3B9-4E11-A9F1-0E9C133E3193}C:\program files\unity\editor\data\tools\nodejs\node.exe] => (Allow) C:\program files\unity\editor\data\tools\nodejs\node.exe FirewallRules: [{DBE2AD58-40B1-4605-8BCB-73B676437751}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{AF78346B-E0E8-469D-A252-0BEA47747C8A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe FirewallRules: [{F62EDF43-547C-4D81-B21C-E3C6EB9DC38F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe FirewallRules: [TCP Query User{124E2B6A-96AF-4349-A9D7-E52BB0A9D41F}D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe FirewallRules: [UDP Query User{187F4ADD-3307-4BC1-9DA7-E8045316AC14}D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe FirewallRules: [TCP Query User{BAB4A592-DC9F-4EB5-9978-0A1714BC10F0}D:\downloads\games\overwatch\overwatch.exe] => (Allow) D:\downloads\games\overwatch\overwatch.exe FirewallRules: [UDP Query User{EF225068-3D1B-4F51-BCD0-97FCC7A0F5E6}D:\downloads\games\overwatch\overwatch.exe] => (Allow) D:\downloads\games\overwatch\overwatch.exe FirewallRules: [{291A6A69-4A4A-430C-BD0B-8CF5DB781E2D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here.exe FirewallRules: [{62CC98E4-D3B0-4285-AE62-C1BE7CB95DA7}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here.exe FirewallRules: [{C7AD0CE5-A384-42EA-BA7D-FAAAC014F785}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here VR.exe FirewallRules: [{C54EB692-924F-488E-BEDD-06933478B2DF}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here VR.exe FirewallRules: [{661875E2-6257-4000-9E2F-B3FD4458E48C}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{27203441-D992-4A21-B592-B6CE080FD0C1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [TCP Query User{5408F76E-7694-4FCA-B107-0BC6B397634E}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe FirewallRules: [UDP Query User{14BA8636-3BB6-41D4-9EF7-EDD8F63842BF}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe FirewallRules: [{BEE825D1-265A-43F4-90B7-A9C0911E7F6C}] => (Allow) D:\NadekoBot\redis\redis-server.exe FirewallRules: [{35FC2D14-20E9-425E-95C2-3AC6A6D6F551}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe FirewallRules: [{7121F1B0-D504-4E79-9EB2-5ACC08271B5E}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe FirewallRules: [{7437FCDA-29FB-4B9E-8584-0ED2D9FAEF59}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{AC23B224-E941-4006-98D2-2B21A052EEF9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{DF618C39-1EAD-4BAD-86D6-E0EB19FEA5E0}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout\FalloutLauncher.exe FirewallRules: [{EBE552B3-416D-492D-BC42-294F6E363E41}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout\FalloutLauncher.exe FirewallRules: [{CC39AFDC-E1C5-4822-B11D-0C782AF90C5E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe FirewallRules: [{FC99EDFE-0363-4D97-AC10-48E3E949FAAD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe FirewallRules: [{88AE44BC-D3C5-4D5E-B3E6-2A3DA432A4A6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dust An Elysian Tail\DustAET.exe FirewallRules: [{E18340FA-E27E-4116-AE58-6CA397489EBB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dust An Elysian Tail\DustAET.exe FirewallRules: [{BE341F1B-27B9-40D5-BA38-B8578E5855B4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\IdleChampions\IdleDragons.exe FirewallRules: [{CC8ACDEA-E3BB-4B1D-95B6-24603D6A18C9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\IdleChampions\IdleDragons.exe FirewallRules: [TCP Query User{AAD811C9-F772-44E0-8539-09E821447E18}D:\downloads\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\downloads\games\the sims 4\game\bin\ts4_x64.exe FirewallRules: [UDP Query User{D19A33BA-5E20-473B-862E-FA5DB916EC65}D:\downloads\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\downloads\games\the sims 4\game\bin\ts4_x64.exe FirewallRules: [{62C278E8-AF12-410D-B1E2-A6D7A7BA3756}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{53DB7A06-C0FD-4098-9670-75E1CC6ECFF9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{F113299F-E258-494B-A588-5521E55DC913}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Doki Doki Literature Club\DDLC.exe FirewallRules: [{CBF825E4-FFAF-4250-9D3F-979ED341EB9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Doki Doki Literature Club\DDLC.exe FirewallRules: [{3EC7FB21-9B2F-435B-8383-70F0C0C100B5}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\World of Warships\bin\clientrunner\clientrunner.exe FirewallRules: [{E0A3F8D8-AB5B-4D12-9741-4F5021721717}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\World of Warships\bin\clientrunner\clientrunner.exe FirewallRules: [{C3F8DCB9-7380-4150-BD24-187491F0EC25}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shadowrun Returns\Shadowrun.exe FirewallRules: [{A7EE2576-9CDD-4954-9841-C4E5370EEC47}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shadowrun Returns\Shadowrun.exe FirewallRules: [{0FA6B34B-6FC2-4DFD-BDB9-53DB02EC6711}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe FirewallRules: [{64B03985-9C33-4EF8-9680-501C50F47C9E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe FirewallRules: [{A5DAEA93-6179-42AB-A1FE-CB08FF73C5FE}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\VRChat\VRChat.exe FirewallRules: [{66AEFF59-0056-4556-A763-C7C25FA83463}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\VRChat\VRChat.exe FirewallRules: [{7026AF56-C7E9-47E5-8D6B-9114EDE30342}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe FirewallRules: [{34BED28F-3CDA-4A2E-AC9F-4DA0EBFA0095}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe FirewallRules: [{85F24101-D257-49FC-B184-E7E7971A9CC4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\FlameInTheFlood\RiverGame.exe FirewallRules: [{463FAAAF-DA40-4C53-9830-FC5BD5CC0B54}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\FlameInTheFlood\RiverGame.exe FirewallRules: [TCP Query User{FE8ACD97-572B-4C4D-A4DC-C762589DF006}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe FirewallRules: [UDP Query User{05EDE794-953C-4C9B-B623-CDBE14CC8113}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe FirewallRules: [{1DBD8412-F824-4A71-B583-0B23B2AC5308}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{84431380-A50B-49FE-AF08-C97EA9133508}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{593A5877-36A3-48A3-B8A2-9BA1268428F9}] => (Allow) C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe FirewallRules: [{067171D3-CDA7-4E39-B569-0CB6C53C9088}] => (Allow) C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe FirewallRules: [{1E412C8C-099F-4FA6-8D00-9FD8C1DB1C33}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{9D76A19B-CF0D-48A6-ADED-98E4E7A03325}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{4ADA2929-08C1-41E7-A4B4-87129FDD103B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{1946D170-0099-467C-902D-A960EB1D9127}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{DED97B08-41C0-484F-8FBA-0E312C8C8F9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [{C8096ADF-822D-46F4-88CD-ECD23961898F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [{2DC46937-B78E-4D8C-850A-BC6146E43CA0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{776F9125-BB9D-45E0-8FEF-F9C7C3355611}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{6C64D425-F60E-4DD4-9657-D277C9051029}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{76399528-22B3-4138-8998-530492ED64A1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{1E34F3DD-D166-4DDB-91B2-71BA0CA6EB9B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{87E6EEF0-2196-4408-ABEC-AB572A92DA68}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{12868E6F-7987-4627-A931-B1F09A150BBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{2CA45FB0-0BF7-4F0E-AAFB-0C83542422D2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{5397A3E5-A7A7-4890-BA7F-38119F27D5A6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{38E868AF-A069-4029-B6D3-F51EFE1FF59B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{E239E74A-C7FD-4E88-AD23-6824C0EF44C3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{DA439718-6F8A-4778-85C9-6D021A6DE749}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{D5929615-6992-45F9-B441-251A293F4F79}] => (Allow) C:\Program Files (x86)\Origin Games\Spore\Sporebin\SporeApp.exe FirewallRules: [{7F0427C3-010A-4138-81D8-690FD10E1754}] => (Allow) C:\Program Files (x86)\Origin Games\Spore\Sporebin\SporeApp.exe FirewallRules: [{E8D63457-1175-4F88-9EB4-4A163E86BBB6}] => (Allow) D:\Program Files\Nox\bin\Nox.exe FirewallRules: [{7C7D0684-6420-420D-A67A-30F19FB6B64A}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (09/09/2018 11:19:22 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Audacity\audacity.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_fb3f961b30681c12.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_42ecccf244e44518.manifest. Error: (09/09/2018 11:10:51 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Audacity\audacity.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_fb3f961b30681c12.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_42ecccf244e44518.manifest. Error: (09/09/2018 10:42:02 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Error: (09/09/2018 10:42:02 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Error: (09/09/2018 10:30:22 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Error: (09/09/2018 10:30:22 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Error: (09/09/2018 10:29:55 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Error: (09/09/2018 10:29:55 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Systemfehler: ============= Error: (09/09/2018 11:33:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/09/2018 11:20:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/09/2018 11:11:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (09/09/2018 11:11:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht. Error: (09/09/2018 11:11:13 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/09/2018 11:10:57 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/09/2018 11:10:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} und der APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/09/2018 11:10:47 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} und der APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. CodeIntegrity: =================================== Date: 2018-06-23 08:51:02.942 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-23 08:48:03.423 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-6267U CPU @ 2.90GHz Prozentuale Nutzung des RAM: 74% Installierter physikalischer RAM: 6062.59 MB Verfügbarer physikalischer RAM: 1534.82 MB Summe virtueller Speicher: 10670.59 MB Verfügbarer virtueller Speicher: 4841.96 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:117.22 GB) (Free:18.58 GB) NTFS Drive d: (Data) (Fixed) (Total:1337.26 GB) (Free:799.41 GB) NTFS Drive e: (Recover) (Fixed) (Total:60 GB) (Free:42.61 GB) NTFS \\?\Volume{469da7c1-3405-49e3-9966-c1579fc63c47}\ () (Fixed) (Total:0.9 GB) (Free:0.45 GB) NTFS \\?\Volume{37c984f9-d5e4-4a08-916b-06b97dddf7e8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 1397.3 GB) (Disk ID: BBB25831) Partition: GPT. ======================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: BBB2585A) Partition: GPT. ==================== Ende von Addition.txt ============================ |
10.09.2018, 08:41 | #3 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht? Avast bitte komplett deinstallieren
__________________Von Avast raten wir schon lange ab, außerdem will ich für eine Analyse und Bereinigung so wenig Störquellen wie nur möglich. Zum Abschluss gibt es Hinweise zur Absicherung deines Windows-Systems. Wir deinstallieren dann am besten auch gleich weiteren unnötigen oder veralteten Krempel. Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Gib Bescheid wenn das weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ |
10.09.2018, 10:02 | #4 |
| Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht? Gemacht. Möchte anmerken, dass ich Avast bereits deinstalliert habe, bevor ich deinen Post gesehen habe. Desweiteren habe ich jetzt gerade Malwarebytes am Laufen, hoffe das ist kein Problem? |
10.09.2018, 10:06 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht? Dann auch sinnigerweise gleich das Log posten wenn MBAM durch ist.
__________________ Logfiles bitte immer in CODE-Tags posten |
10.09.2018, 17:53 | #6 |
| Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht? updates funzen immer noch nicht Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 10.09.18 Scan-Zeit: 18:46 Protokolldatei: 1e727b7c-b519-11e8-88f0-ecaaa029347b.json -Softwaredaten- Version: 3.5.1.2522 Komponentenversion: 1.0.441 Version des Aktualisierungspakets: 1.0.6749 Lizenz: Kostenlos -Systemdaten- Betriebssystem: Windows 10 (Build 17134.112) CPU: x64 Dateisystem: NTFS Benutzer: DESKTOP-UKTCUI2\staub -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 389245 Erkannte Bedrohungen: 0 (keine bösartigen Elemente erkannt) In die Quarantäne verschobene Bedrohungen: 0 (keine bösartigen Elemente erkannt) Abgelaufene Zeit: 2 Min., 29 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) |
10.09.2018, 21:26 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht? Schädlinge suchen mit Kaspersky TDSS-Killer Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
11.09.2018, 21:35 | #8 |
| Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht?Code:
ATTFilter 22:32:15.0631 0x092c TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17 22:32:15.0631 0x092c UEFI system 22:32:17.0871 0x092c ============================================================ 22:32:17.0871 0x092c Current date / time: 2018/09/11 22:32:17.0871 22:32:17.0872 0x092c SystemInfo: 22:32:17.0872 0x092c 22:32:17.0872 0x092c OS Version: 10.0.17134 ServicePack: 0.0 22:32:17.0872 0x092c Product type: Workstation 22:32:17.0872 0x092c ComputerName: DESKTOP-UKTCUI2 22:32:17.0872 0x092c UserName: staub 22:32:17.0872 0x092c Windows directory: C:\WINDOWS 22:32:17.0872 0x092c System windows directory: C:\WINDOWS 22:32:17.0872 0x092c Running under WOW64 22:32:17.0872 0x092c Processor architecture: Intel x64 22:32:17.0872 0x092c Number of processors: 4 22:32:17.0872 0x092c Page size: 0x1000 22:32:17.0872 0x092c Boot type: Normal boot 22:32:17.0872 0x092c CodeIntegrityOptions = 0x00000001 22:32:17.0872 0x092c ============================================================ 22:32:17.0918 0x092c KLMD registered as C:\WINDOWS\system32\drivers\01921402.sys 22:32:17.0918 0x092c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19 22:32:17.0936 0x092c System UUID: {EDB1CDC8-7A74-104B-02AF-2949488BCEB4} 22:32:18.0024 0x092c Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 22:32:18.0024 0x092c Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 22:32:18.0028 0x092c ============================================================ 22:32:18.0028 0x092c \Device\Harddisk0\DR0: 22:32:18.0028 0x092c GPT partitions: 22:32:18.0029 0x092c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {694BD22E-7594-451D-9096-AF677B4917EB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xA7287000 22:32:18.0029 0x092c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CFE500BC-FDAB-400A-A9BB-68597C0FA1EA}, Name: Basic data partition, StartLBA 0xA7287800, BlocksNum 0x7800000 22:32:18.0029 0x092c MBR partitions: 22:32:18.0029 0x092c \Device\Harddisk1\DR1: 22:32:18.0029 0x092c GPT partitions: 22:32:18.0030 0x092c \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {37C984F9-D5E4-4A08-916B-06B97DDDF7E8}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000 22:32:18.0030 0x092c \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E56BC9C4-44E3-4B68-9BEA-B56A595BF278}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x8000 22:32:18.0030 0x092c \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {83D04214-4873-41EF-81F4-45DADF15BDE5}, Name: Basic data partition, StartLBA 0x3A800, BlocksNum 0xEA730B6 22:32:18.0030 0x092c \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {469DA7C1-3405-49E3-9966-C1579FC63C47}, Name: , StartLBA 0xEAAE000, BlocksNum 0x1CE000 22:32:18.0030 0x092c \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {F5AF82CE-BB6E-4309-9DD1-F36D46EAA02A}, Name: Basic data partition, StartLBA 0xEC7C000, BlocksNum 0x200000 22:32:18.0030 0x092c MBR partitions: 22:32:18.0030 0x092c ============================================================ 22:32:18.0031 0x092c C: <-> \Device\Harddisk1\DR1\Partition3 22:32:18.0056 0x092c D: <-> \Device\Harddisk0\DR0\Partition1 22:32:18.0110 0x092c E: <-> \Device\Harddisk0\DR0\Partition2 22:32:18.0110 0x092c ============================================================ 22:32:18.0110 0x092c Initialize success 22:32:18.0110 0x092c ============================================================ 22:32:22.0684 0x3784 ============================================================ 22:32:22.0684 0x3784 Scan started 22:32:22.0684 0x3784 Mode: Manual; 22:32:22.0684 0x3784 ============================================================ 22:32:22.0684 0x3784 KSN ping started 22:32:22.0741 0x3784 KSN ping finished: true 22:32:23.0202 0x3784 ================ Scan system memory ======================== 22:32:23.0202 0x3784 System memory - ok 22:32:23.0203 0x3784 ================ Scan services ============================= 22:32:23.0250 0x3784 1394ohci - ok 22:32:23.0253 0x3784 3ware - ok 22:32:23.0256 0x3784 ACPI - ok 22:32:23.0259 0x3784 AcpiDev - ok 22:32:23.0264 0x3784 acpiex - ok 22:32:23.0268 0x3784 acpipagr - ok 22:32:23.0272 0x3784 [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 22:32:23.0273 0x3784 AcpiPmi - ok 22:32:23.0282 0x3784 acpitime - ok 22:32:23.0290 0x3784 [ 56FCC24867F2C87BF96EE9D17A4CC20E, 6DDEF1234D207C6CDE0298DD1DAC988AC6CD7716E4FDA01813D175AE50F6A022 ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys 22:32:23.0295 0x3784 acsock - ok 22:32:23.0301 0x3784 ADP80XX - ok 22:32:23.0305 0x3784 AFD - ok 22:32:23.0311 0x3784 [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix C:\WINDOWS\system32\drivers\afunix.sys 22:32:23.0314 0x3784 afunix - ok 22:32:23.0321 0x3784 [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 22:32:23.0327 0x3784 ahcache - ok 22:32:23.0338 0x3784 [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll 22:32:23.0340 0x3784 AJRouter - ok 22:32:23.0347 0x3784 [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG C:\WINDOWS\System32\alg.exe 22:32:23.0349 0x3784 ALG - ok 22:32:23.0352 0x3784 AmdK8 - ok 22:32:23.0356 0x3784 AmdPPM - ok 22:32:23.0364 0x3784 amdsata - ok 22:32:23.0368 0x3784 amdsbs - ok 22:32:23.0372 0x3784 amdxata - ok 22:32:23.0380 0x3784 [ E4A18157BF5D8D714C05169A8A8D604C, 45D8CB25A9967D634F8331070BDFB3DF4ACB6295CF1520F9AAE8753D3BF4018A ] AppID C:\WINDOWS\system32\drivers\appid.sys 22:32:23.0383 0x3784 AppID - ok 22:32:23.0388 0x3784 [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 22:32:23.0390 0x3784 AppIDSvc - ok 22:32:23.0399 0x3784 [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo C:\WINDOWS\System32\appinfo.dll 22:32:23.0403 0x3784 Appinfo - ok 22:32:23.0408 0x3784 [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys 22:32:23.0409 0x3784 applockerfltr - ok 22:32:23.0414 0x3784 AppReadiness - ok 22:32:23.0417 0x3784 AppXSvc - ok 22:32:23.0420 0x3784 arcsas - ok 22:32:23.0423 0x3784 AsyncMac - ok 22:32:23.0428 0x3784 atapi - ok 22:32:23.0433 0x3784 AudioEndpointBuilder - ok 22:32:23.0436 0x3784 Audiosrv - ok 22:32:23.0442 0x3784 [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 22:32:23.0446 0x3784 AxInstSV - ok 22:32:23.0450 0x3784 b06bdrv - ok 22:32:23.0455 0x3784 [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam C:\WINDOWS\system32\drivers\bam.sys 22:32:23.0456 0x3784 bam - ok 22:32:23.0462 0x3784 BasicDisplay - ok 22:32:23.0466 0x3784 BasicRender - ok 22:32:23.0471 0x3784 BcastDVRUserService - ok 22:32:23.0480 0x3784 bcmfn2 - ok 22:32:23.0496 0x3784 [ 255D1EA1F4EDA1B7B28A88581F12A1CE, 5B2D7F2EFA7BB539719890CF2E45568C544DD0EECEC44BBA56CCECB792E8BC44 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 22:32:23.0504 0x3784 BDESVC - ok 22:32:23.0507 0x3784 [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 22:32:23.0509 0x3784 Beep - ok 22:32:23.0517 0x3784 BFE - ok 22:32:23.0523 0x3784 [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt C:\WINDOWS\system32\drivers\bindflt.sys 22:32:23.0526 0x3784 bindflt - ok 22:32:23.0556 0x3784 [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS C:\WINDOWS\System32\qmgr.dll 22:32:23.0584 0x3784 BITS - ok 22:32:23.0598 0x3784 [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll 22:32:23.0611 0x3784 BluetoothUserService - ok 22:32:23.0626 0x3784 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 22:32:23.0635 0x3784 Bonjour Service - ok 22:32:23.0639 0x3784 bowser - ok 22:32:23.0641 0x3784 BrokerInfrastructure - ok 22:32:23.0650 0x3784 [ 3E4BF0145201239E0BBD0A937431C14C, 1DDC27C89B16ADD9346EB30AA9E17330FE0181BE96DC6F06C455493FBDCB1113 ] Browser C:\WINDOWS\System32\browser.dll 22:32:23.0653 0x3784 Browser - ok 22:32:23.0667 0x3784 [ 2EB2D533A0C94F05F1F511D3FA20D892, 77375EC0C1FB059D03FF2D23C975EB9A6EB00F9B59000A60A89582D4F6D1D4C4 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe 22:32:23.0674 0x3784 BstHdLogRotatorSvc - ok 22:32:23.0687 0x3784 [ 7DB8EE09821A6D81A19A6591C9B8AA3A, 0A9A826560884F95D64BDC8A2076AE33FB718A3A59C0BBEC48E48A5FB907ACA4 ] BstkDrv C:\Program Files (x86)\BlueStacks\BstkDrv.sys 22:32:23.0692 0x3784 BstkDrv - ok 22:32:23.0706 0x3784 [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService C:\WINDOWS\System32\BTAGService.dll 22:32:23.0716 0x3784 BTAGService - ok 22:32:23.0723 0x3784 [ 2B5EB1BB42AEE7A77B1E9C794DFCEF3D, E94040AAE365CFCAEEC75F38EBDDB2C7F13B41F41D96C33FE3F25078BA21DA13 ] BthA2DP C:\WINDOWS\system32\drivers\BthA2DP.sys 22:32:23.0728 0x3784 BthA2DP - ok 22:32:23.0739 0x3784 [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc C:\WINDOWS\System32\BthAvctpSvc.dll 22:32:23.0747 0x3784 BthAvctpSvc - ok 22:32:23.0753 0x3784 [ E0121734C2492406034FA23E3D394EBD, E855EB12DD35CC47F68C5C6B1622560599C7074E274E510528196D47BDA56960 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys 22:32:23.0756 0x3784 BthEnum - ok 22:32:23.0761 0x3784 [ F56B351A4E2B384911B2BA2A98261F34, A8140A2ABEC704A11776D29894ADD5D1FA9C125567EB6B270694573DB9B0E30E ] BthHFAud C:\WINDOWS\system32\DRIVERS\BthHfAud.sys 22:32:23.0763 0x3784 BthHFAud - ok 22:32:23.0769 0x3784 [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 22:32:23.0772 0x3784 BthHFEnum - ok 22:32:23.0780 0x3784 [ 8EE632BFE4BABD4E7A299AF54476F9A5, 836675F295A033C0239DCF86D90985443A60D5A1F38B668CA82A30BDFD983352 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys 22:32:23.0783 0x3784 BthLEEnum - ok 22:32:23.0789 0x3784 [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 22:32:23.0791 0x3784 BTHMODEM - ok 22:32:23.0799 0x3784 [ B10E0CC936462BBA7BC659C0927617A0, B4F2A318384D176D0ACF26372756CE097F34EED59FBB023E7DB8F95D8F73F69A ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys 22:32:23.0801 0x3784 BthPan - ok 22:32:23.0826 0x3784 [ EF105DBEB81F14EBDBA5F7977AD8FA91, A4D20038B72361CD95446854F2E538314C4C8B5EA4618AC7B18A43D8AF777A34 ] BTHPORT C:\WINDOWS\system32\DRIVERS\BTHport.sys 22:32:23.0852 0x3784 BTHPORT - ok 22:32:23.0861 0x3784 [ 1EB49C9E2716D4924460B2FAA295E313, B96D39479BFD2ABCD3A3BB8897EAD7C5A03DFFD7266E82A1FBA0E7FEAF73E4B8 ] bthserv C:\WINDOWS\system32\bthserv.dll 22:32:23.0866 0x3784 bthserv - ok 22:32:23.0873 0x3784 [ 0D5ECDF2601312025811F6AC413F851A, B7E99CF02C6B511BD643E7F8BB59E983D8B65073D9B55ED44457EDC2BBBBC419 ] BTHUSB C:\WINDOWS\system32\DRIVERS\BTHUSB.sys 22:32:23.0876 0x3784 BTHUSB - ok 22:32:23.0881 0x3784 bttflt - ok 22:32:23.0884 0x3784 buttonconverter - ok 22:32:23.0888 0x3784 [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD C:\WINDOWS\System32\drivers\CAD.sys 22:32:23.0890 0x3784 CAD - ok 22:32:23.0895 0x3784 camsvc - ok 22:32:23.0900 0x3784 CapImg - ok 22:32:23.0905 0x3784 cdfs - ok 22:32:23.0922 0x3784 [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll 22:32:23.0934 0x3784 CDPSvc - ok 22:32:23.0947 0x3784 [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll 22:32:23.0957 0x3784 CDPUserSvc - ok 22:32:23.0964 0x3784 cdrom - ok 22:32:23.0972 0x3784 [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 22:32:23.0976 0x3784 CertPropSvc - ok 22:32:23.0986 0x3784 [ 6581A8AA7D4CDE34EBE6DDF6A9913F86, DA921C0CADF48778C9144BDA601EA1806D92BADE4A082F1CBB032294A6C00494 ] CG6Service C:\Program Files\CyberGhost 6\CyberGhost.Service.exe 22:32:23.0991 0x3784 CG6Service - ok 22:32:23.0997 0x3784 [ 44293BF717CA39DC925C6A05453D8D34, 7A0761662C2B79F38CE24DC04509500BD818E6CF27252949072659AB39716A7F ] cgnetfilter1521 C:\WINDOWS\system32\drivers\cgnetfilter1521.sys 22:32:24.0000 0x3784 cgnetfilter1521 - ok 22:32:24.0004 0x3784 cht4iscsi - ok 22:32:24.0007 0x3784 cht4vbd - ok 22:32:24.0014 0x3784 [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 22:32:24.0016 0x3784 circlass - ok 22:32:24.0028 0x3784 [ 5619FC2A3AE4F43D4B20D95472ED948E, A5D530FB6AC493FC01489A1D32C311F7D28F0D7B49C950E71F4ADF4FBA302689 ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys 22:32:24.0035 0x3784 CldFlt - ok 22:32:24.0039 0x3784 CLFS - ok 22:32:24.0236 0x3784 [ 1C1E503D9246B059B5B19613BA97A53B, 70C91D253E776D74F927313E30675828732D68C2EAC1E49F7056FF3A60A87389 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe 22:32:24.0401 0x3784 ClickToRunSvc - ok 22:32:24.0447 0x3784 [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll 22:32:24.0464 0x3784 ClipSVC - ok 22:32:24.0474 0x3784 [ 228CB7727EC19833A74DAA5BE8627114, 7ABDEABF648C0CF04C736D9F1056CD54D5913837E1543CC358FDDFA9389934EC ] clwvd6 C:\WINDOWS\system32\DRIVERS\clwvd6.sys 22:32:24.0476 0x3784 clwvd6 - ok 22:32:24.0480 0x3784 CmBatt - ok 22:32:24.0485 0x3784 CNG - ok 22:32:24.0488 0x3784 [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys 22:32:24.0489 0x3784 cnghwassist - ok 22:32:24.0515 0x3784 [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys 22:32:24.0516 0x3784 CompositeBus - ok 22:32:24.0519 0x3784 COMSysApp - ok 22:32:24.0523 0x3784 condrv - ok 22:32:24.0528 0x3784 CoreMessagingRegistrar - ok 22:32:24.0560 0x3784 [ 2E0A35871680D1E9E5A94031E2B781A7, 8EE720D4326DB9E409A291ED1AA169DC5595BE05663787D49DA6552A5FF3C509 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 22:32:24.0566 0x3784 cphs - ok 22:32:24.0585 0x3784 [ 9E6D6C613E004890EFEAAE858C11BD6D, 26E4C2D12F0F7CDF5977206CDD3F8FA09A5E6DD020C959AF93B245501BF44225 ] cplspcon C:\WINDOWS\system32\IntelCpHDCPSvc.exe 22:32:24.0595 0x3784 cplspcon - ok 22:32:24.0604 0x3784 CryptSvc - ok 22:32:24.0609 0x3784 [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam C:\WINDOWS\system32\drivers\dam.sys 22:32:24.0611 0x3784 dam - ok 22:32:24.0619 0x3784 [ E59CAC3C48E862959CBDFD08DF40CD2D, 303CB1C89AD2608BB5837D3860964AA1F88F87B296A5C6AB8C88E2169CE6228B ] DAX2API C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe 22:32:24.0622 0x3784 DAX2API - ok 22:32:24.0629 0x3784 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe 22:32:24.0632 0x3784 dbupdate - ok 22:32:24.0637 0x3784 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe 22:32:24.0639 0x3784 dbupdatem - ok 22:32:24.0647 0x3784 [ 646AFD6F45B1B5AB9CE77C09B755B90B, CFC61FC136C9C062F509D2C756266F581BA9B2FDB1D2C8CBAAA66F51D1E8B876 ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe 22:32:24.0649 0x3784 DbxSvc - ok 22:32:24.0657 0x3784 DcomLaunch - ok 22:32:24.0662 0x3784 defragsvc - ok 22:32:24.0675 0x3784 [ 8DF502E8116C625387DD789936D7A0C2, D42661E068F401199FAEA012C200EEF02C1409A09DACD30E6B08E3FBE4149BFA ] DeviceAssociationService C:\WINDOWS\system32\das.dll 22:32:24.0685 0x3784 DeviceAssociationService - ok 22:32:24.0689 0x3784 DeviceInstall - ok 22:32:24.0701 0x3784 [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll 22:32:24.0714 0x3784 DevicePickerUserSvc - ok 22:32:24.0734 0x3784 [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll 22:32:24.0758 0x3784 DevicesFlowUserSvc - ok 22:32:24.0767 0x3784 [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll 22:32:24.0769 0x3784 DevQueryBroker - ok 22:32:24.0772 0x3784 Dfsc - ok 22:32:24.0777 0x3784 Dhcp - ok 22:32:24.0783 0x3784 diagnosticshub.standardcollector.service - ok 22:32:24.0790 0x3784 [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll 22:32:24.0796 0x3784 diagsvc - ok 22:32:24.0800 0x3784 DiagTrack - ok 22:32:24.0803 0x3784 Disk - ok 22:32:24.0822 0x3784 [ 89FC056F9CEFB85FC7159AA063904AFF, 6B6F86F87C48EE92F616D4EEE624C9711D0606FD651F3B1D4DD5EF3767B76750 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll 22:32:24.0843 0x3784 DmEnrollmentSvc - ok 22:32:24.0848 0x3784 dmvsc - ok 22:32:24.0852 0x3784 [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll 22:32:24.0854 0x3784 dmwappushservice - ok 22:32:24.0857 0x3784 Dnscache - ok 22:32:24.0870 0x3784 [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc C:\WINDOWS\System32\dot3svc.dll 22:32:24.0875 0x3784 dot3svc - ok 22:32:24.0883 0x3784 [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS C:\WINDOWS\system32\dps.dll 22:32:24.0886 0x3784 DPS - ok 22:32:24.0889 0x3784 drmkaud - ok 22:32:24.0899 0x3784 [ 5242DC5849014BCFBB3147B76A899783, 759542B42D9DCC224D9CBD19A0C6B8939417F2F08B547BE07FFA3356918C1ED7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 22:32:24.0905 0x3784 DsmSvc - ok 22:32:24.0910 0x3784 DsSvc - ok 22:32:24.0923 0x3784 [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll 22:32:24.0931 0x3784 DusmSvc - ok 22:32:24.0935 0x3784 DXGKrnl - ok 22:32:24.0939 0x3784 Eaphost - ok 22:32:24.0943 0x3784 EasyAntiCheat - ok 22:32:24.0947 0x3784 ebdrv - ok 22:32:24.0953 0x3784 EFS - ok 22:32:24.0957 0x3784 EhStorClass - ok 22:32:24.0962 0x3784 EhStorTcgDrv - ok 22:32:24.0969 0x3784 [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll 22:32:24.0973 0x3784 embeddedmode - ok 22:32:24.0984 0x3784 [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 22:32:24.0990 0x3784 EntAppSvc - ok 22:32:24.0994 0x3784 ErrDev - ok 22:32:25.0012 0x3784 [ BF8362193CB83B5283BC5D24AA3D8DF3, 9A45520D624B101D18A434E63DB7EA6CC44F598EDA36B8A916BB76C1DBB0955C ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys 22:32:25.0020 0x3784 ETD - ok 22:32:25.0029 0x3784 [ 06C67EE6E9E5DF0692BBE14437E56F3F, 9569B03031AE0CAC51AEF8B8CB8F8F2E717478B482AB4760711E1427C33A396D ] ETDService C:\Program Files\Elantech\ETDService.exe 22:32:25.0031 0x3784 ETDService - ok 22:32:25.0036 0x3784 [ C75C4769BBAE1397E1333D895C2DAE63, A066F6D6BCF25976EA16EC2077A0656C44952A3CB49C6A1A857482C8346E9D2D ] ETDSMBus C:\WINDOWS\System32\drivers\ETDSMBus.sys 22:32:25.0037 0x3784 ETDSMBus - ok 22:32:25.0052 0x3784 [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem C:\WINDOWS\system32\es.dll 22:32:25.0062 0x3784 EventSystem - ok 22:32:25.0078 0x3784 [ 416D42491C6A21C2F7DF6F93E572B463, 940074B51DC14586A0BCE22293F445B22E6F7F02D1FE0E12D71F3A9748A8CCD2 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 22:32:25.0089 0x3784 EvtEng - ok 22:32:25.0094 0x3784 exfat - ok 22:32:25.0098 0x3784 fastfat - ok 22:32:25.0114 0x3784 [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax C:\WINDOWS\system32\fxssvc.exe 22:32:25.0126 0x3784 Fax - ok 22:32:25.0131 0x3784 fdc - ok 22:32:25.0135 0x3784 [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 22:32:25.0138 0x3784 fdPHost - ok 22:32:25.0147 0x3784 [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 22:32:25.0150 0x3784 FDResPub - ok 22:32:25.0156 0x3784 [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 22:32:25.0160 0x3784 fhsvc - ok 22:32:25.0165 0x3784 [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys 22:32:25.0166 0x3784 FileCrypt - ok 22:32:25.0169 0x3784 FileInfo - ok 22:32:25.0173 0x3784 Filetrace - ok 22:32:25.0177 0x3784 flpydisk - ok 22:32:25.0181 0x3784 FltMgr - ok 22:32:25.0185 0x3784 FontCache - ok 22:32:25.0189 0x3784 FontCache3.0.0.0 - ok 22:32:25.0192 0x3784 FrameServer - ok 22:32:25.0197 0x3784 FsDepends - ok 22:32:25.0200 0x3784 Fs_Rec - ok 22:32:25.0203 0x3784 fvevol - ok 22:32:25.0207 0x3784 [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 22:32:25.0210 0x3784 gencounter - ok 22:32:25.0214 0x3784 genericusbfn - ok 22:32:25.0218 0x3784 GPIOClx0101 - ok 22:32:25.0221 0x3784 gpsvc - ok 22:32:25.0223 0x3784 [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys 22:32:25.0225 0x3784 GpuEnergyDrv - ok 22:32:25.0232 0x3784 [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll 22:32:25.0236 0x3784 GraphicsPerfSvc - ok 22:32:25.0242 0x3784 [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 22:32:25.0245 0x3784 gupdate - ok 22:32:25.0252 0x3784 [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 22:32:25.0254 0x3784 gupdatem - ok 22:32:25.0258 0x3784 HDAudBus - ok 22:32:25.0263 0x3784 HidBatt - ok 22:32:25.0268 0x3784 [ 33346BD26BB0AE4361DF1ED00D2876CF, 1777169606573646F7E7D54E01E421F62479DF57FAE86005B1EEFDC06F4898B7 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 22:32:25.0270 0x3784 HidBth - ok 22:32:25.0274 0x3784 hidi2c - ok 22:32:25.0279 0x3784 hidinterrupt - ok 22:32:25.0284 0x3784 [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 22:32:25.0285 0x3784 HidIr - ok 22:32:25.0289 0x3784 hidserv - ok 22:32:25.0293 0x3784 HidUsb - ok 22:32:25.0298 0x3784 [ B815C6E6C0156330A09700901EA4154D, FF003B408CDC62563CEAB39CF081B4AC09C2DDFFA4128491525D9B4F9EB7B3D0 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe 22:32:25.0299 0x3784 HiPatchService - ok 22:32:25.0305 0x3784 HpSAMD - ok 22:32:25.0312 0x3784 HTTP - ok 22:32:25.0316 0x3784 [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys 22:32:25.0317 0x3784 hvcrash - ok 22:32:25.0321 0x3784 [ 64A94654E5703D2E8830AA2500D8F0A4, A1E3C910DFF1485E412F01076A11B9441161224C0F08A9067082A9FD8A5D8E5B ] HvHost C:\WINDOWS\System32\hvhostsvc.dll 22:32:25.0325 0x3784 HvHost - ok 22:32:25.0331 0x3784 [ 621042C19113527CF8FA89F3454576BF, AB072C44B9BA8CD3AFE0DA33E42A69210AE87F4314FA3A0DF984DDF12516F063 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys 22:32:25.0333 0x3784 hvservice - ok 22:32:25.0337 0x3784 [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys 22:32:25.0338 0x3784 HwNClx0101 - ok 22:32:25.0343 0x3784 hwpolicy - ok 22:32:25.0346 0x3784 hyperkbd - ok 22:32:25.0349 0x3784 HyperVideo - ok 22:32:25.0353 0x3784 i8042prt - ok 22:32:25.0357 0x3784 iagpio - ok 22:32:25.0363 0x3784 iai2c - ok 22:32:25.0369 0x3784 iaLPSS2i_GPIO2 - ok 22:32:25.0376 0x3784 iaLPSS2i_GPIO2_BXT_P - ok 22:32:25.0379 0x3784 iaLPSS2i_I2C - ok 22:32:25.0383 0x3784 iaLPSS2i_I2C_BXT_P - ok 22:32:25.0386 0x3784 iaLPSSi_GPIO - ok 22:32:25.0390 0x3784 iaLPSSi_I2C - ok 22:32:25.0421 0x3784 [ 5C9AAE902452EF47D8C9EA5838E666B9, 9171558EE78B555312FD8D99EDF85849A4CDE87142EB91DB9E8AF92A1DDF664E ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 22:32:25.0443 0x3784 iaStorA - ok 22:32:25.0449 0x3784 iaStorAVC - ok 22:32:25.0452 0x3784 [ 31BD488EE7F6ED608A7418F6A7C6948D, BB7DC889C0F73FDE089FC0E52D321F29CBB5A65A3D9F90B0B3A730EF938B6178 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 22:32:25.0453 0x3784 IAStorDataMgrSvc - ok 22:32:25.0456 0x3784 iaStorV - ok 22:32:25.0461 0x3784 ibbus - ok 22:32:25.0466 0x3784 ibtsiva - ok 22:32:25.0473 0x3784 [ 27AD258DB51E25496F74E98C3CF80415, 58180A50CC8C28A0F7388F62F8A7E4DFE96B40D16C6E10BB067FD4F1EF3868AF ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys 22:32:25.0478 0x3784 ibtusb - ok 22:32:25.0488 0x3784 [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc C:\WINDOWS\System32\tetheringservice.dll 22:32:25.0500 0x3784 icssvc - ok 22:32:25.0643 0x3784 [ F37606EAFFB621AA6A341CC76BEF37C3, 421674158785B8911354AA02514080390239FBFC8713A2F2AEF55223AF1C28D3 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 22:32:25.0771 0x3784 igfx - ok 22:32:25.0793 0x3784 [ 407102406ABA1916DFA7915E52A2EC48, 2DBC62F778579E3BB839D31E4C4BDB26E1EDD2735EECFF4298973A03EC53233F ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe 22:32:25.0801 0x3784 igfxCUIService2.0.0.0 - ok 22:32:25.0805 0x3784 IKEEXT - ok 22:32:25.0811 0x3784 [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys 22:32:25.0812 0x3784 IndirectKmd - ok 22:32:25.0818 0x3784 InstallService - ok 22:32:25.0906 0x3784 [ 35A78C3E44DAB0E8396A1FD9BF48597F, 6F61ECEC687A1271BEF85956ECEC9EE545065FFE3EE30933D3AF1000BDBCC511 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 22:32:25.0991 0x3784 IntcAzAudAddService - ok 22:32:26.0016 0x3784 [ 947360145F94C61E17EECD4BD3516AA9, F55A9EC31FE253E063D34B0118070B14156567B2E3B4ED74B697CA656D7789A0 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 22:32:26.0027 0x3784 IntcDAud - ok 22:32:26.0033 0x3784 intelide - ok 22:32:26.0040 0x3784 [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 22:32:26.0043 0x3784 intelpep - ok 22:32:26.0047 0x3784 intelppm - ok 22:32:26.0051 0x3784 [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate C:\WINDOWS\system32\drivers\iorate.sys 22:32:26.0053 0x3784 iorate - ok 22:32:26.0059 0x3784 [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 22:32:26.0061 0x3784 IpFilterDriver - ok 22:32:26.0084 0x3784 [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 22:32:26.0098 0x3784 iphlpsvc - ok 22:32:26.0103 0x3784 IPMIDRV - ok 22:32:26.0111 0x3784 [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 22:32:26.0115 0x3784 IPNAT - ok 22:32:26.0120 0x3784 [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT C:\WINDOWS\System32\drivers\ipt.sys 22:32:26.0121 0x3784 IPT - ok 22:32:26.0126 0x3784 [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll 22:32:26.0131 0x3784 IpxlatCfgSvc - ok 22:32:26.0136 0x3784 [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda C:\WINDOWS\system32\drivers\irda.sys 22:32:26.0138 0x3784 irda - ok 22:32:26.0143 0x3784 [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 22:32:26.0143 0x3784 IRENUM - ok 22:32:26.0154 0x3784 [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon C:\WINDOWS\System32\irmon.dll 22:32:26.0157 0x3784 irmon - ok 22:32:26.0162 0x3784 isapnp - ok 22:32:26.0166 0x3784 iScsiPrt - ok 22:32:26.0169 0x3784 ItSas35i - ok 22:32:26.0173 0x3784 [ DA0A946E6C4228B659FA798EF0B075C1, BC2F5710D6165615CD578A970BC154C8DB1ECCA5725D09A29954E9BE8FAC0ED7 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 22:32:26.0175 0x3784 iwdbus - ok 22:32:26.0180 0x3784 kbdclass - ok 22:32:26.0185 0x3784 kbdhid - ok 22:32:26.0188 0x3784 kdnic - ok 22:32:26.0192 0x3784 KeyIso - ok 22:32:26.0196 0x3784 KSecDD - ok 22:32:26.0200 0x3784 KSecPkg - ok 22:32:26.0203 0x3784 ksthunk - ok 22:32:26.0214 0x3784 [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 22:32:26.0225 0x3784 KtmRm - ok 22:32:26.0229 0x3784 LanmanServer - ok 22:32:26.0233 0x3784 LanmanWorkstation - ok 22:32:26.0240 0x3784 [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc C:\WINDOWS\System32\lfsvc.dll 22:32:26.0246 0x3784 lfsvc - ok 22:32:26.0251 0x3784 [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll 22:32:26.0254 0x3784 LicenseManager - ok 22:32:26.0260 0x3784 [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys 22:32:26.0262 0x3784 lltdio - ok 22:32:26.0271 0x3784 [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 22:32:26.0279 0x3784 lltdsvc - ok 22:32:26.0283 0x3784 lmhosts - ok 22:32:26.0288 0x3784 LSI_SAS - ok 22:32:26.0293 0x3784 LSI_SAS2i - ok 22:32:26.0298 0x3784 LSI_SAS3i - ok 22:32:26.0301 0x3784 LSI_SSS - ok 22:32:26.0304 0x3784 LSM - ok 22:32:26.0310 0x3784 [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 22:32:26.0313 0x3784 luafv - ok 22:32:26.0322 0x3784 [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc C:\WINDOWS\System32\LanguageOverlayServer.dll 22:32:26.0330 0x3784 LxpSvc - ok 22:32:26.0335 0x3784 [ 1C1FF36E51F73989FB4DD2DBAFAE11EC, B5C0B169BFEF5FD769745F924B3F30C960A555F8B0C0C7315B273435D9F246D5 ] MapsBroker C:\WINDOWS\System32\moshost.dll 22:32:26.0341 0x3784 MapsBroker - ok 22:32:26.0355 0x3784 mausbhost - ok 22:32:26.0359 0x3784 mausbip - ok 22:32:26.0475 0x3784 [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe 22:32:26.0586 0x3784 MBAMService - ok 22:32:26.0602 0x3784 [ A692F41F46F789228CECB2AA128AEC85, 83F7A12934D008BE46A774ABB136A7C11408D92832A0AEFF4866AEACF2594C55 ] MBAMSwissArmy C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 22:32:26.0607 0x3784 MBAMSwissArmy - ok 22:32:26.0613 0x3784 megasas - ok 22:32:26.0617 0x3784 megasas2i - ok 22:32:26.0620 0x3784 megasas35i - ok 22:32:26.0623 0x3784 megasr - ok 22:32:26.0631 0x3784 [ 86F565B0D41EBCCE7256B812F3A0442B, BACB5753D4501679B0C3D5D6B2D2D5233EC6B5BF76D0C2BD616EC460D5B9918F ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys 22:32:26.0635 0x3784 MEIx64 - ok 22:32:26.0639 0x3784 [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll 22:32:26.0645 0x3784 MessagingService - ok 22:32:26.0655 0x3784 [ 1ECAB1D7A88F953397D09ECFCF789B91, 42AFE658FABAA6816700886B2F0697A692DE6B5DB0B90B361E099BF79B44E389 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys 22:32:26.0657 0x3784 Microsoft_Bluetooth_AvrcpTransport - ok 22:32:26.0662 0x3784 mlx4_bus - ok 22:32:26.0666 0x3784 MMCSS - ok 22:32:26.0670 0x3784 [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem C:\WINDOWS\system32\drivers\modem.sys 22:32:26.0671 0x3784 Modem - ok 22:32:26.0677 0x3784 [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor C:\WINDOWS\System32\drivers\monitor.sys 22:32:26.0679 0x3784 monitor - ok 22:32:26.0683 0x3784 mouclass - ok 22:32:26.0686 0x3784 mouhid - ok 22:32:26.0689 0x3784 mountmgr - ok 22:32:26.0697 0x3784 [ 5FD8FEB002DCA919BA18F51C267BFFEB, E6F6F1A1C5C0299B9386AC8A97D4360936CBFC664B99452EE78AACA163673123 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 22:32:26.0701 0x3784 MozillaMaintenance - ok 22:32:26.0705 0x3784 mpsdrv - ok 22:32:26.0709 0x3784 mpssvc - ok 22:32:26.0714 0x3784 MRxDAV - ok 22:32:26.0718 0x3784 mrxsmb - ok 22:32:26.0722 0x3784 mrxsmb20 - ok 22:32:26.0729 0x3784 [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys 22:32:26.0731 0x3784 MsBridge - ok 22:32:26.0750 0x3784 [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC C:\WINDOWS\System32\msdtc.exe 22:32:26.0757 0x3784 MSDTC - ok 22:32:26.0766 0x3784 Msfs - ok 22:32:26.0770 0x3784 [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 22:32:26.0772 0x3784 msgpiowin32 - ok 22:32:26.0777 0x3784 mshidkmdf - ok 22:32:26.0784 0x3784 [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 22:32:26.0785 0x3784 mshidumdf - ok 22:32:26.0788 0x3784 msisadrv - ok 22:32:26.0794 0x3784 MSiSCSI - ok 22:32:26.0798 0x3784 msiserver - ok 22:32:26.0801 0x3784 MSKSSRV - ok 22:32:26.0806 0x3784 [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys 22:32:26.0809 0x3784 MsLldp - ok 22:32:26.0813 0x3784 MSPCLOCK - ok 22:32:26.0816 0x3784 MSPQM - ok 22:32:26.0820 0x3784 MsRPC - ok 22:32:26.0825 0x3784 mssmbios - ok 22:32:26.0829 0x3784 MSTEE - ok 22:32:26.0833 0x3784 MTConfig - ok 22:32:26.0836 0x3784 Mup - ok 22:32:26.0839 0x3784 mvumis - ok 22:32:26.0849 0x3784 [ 808DEF96BB1E01490DC38520D22A05A3, C242E34A20FE765A8CC2D1314B13347005E266C39B3467661BC7FB1E4BB75ABE ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 22:32:26.0854 0x3784 MyWiFiDHCPDNS - ok 22:32:26.0861 0x3784 NativeWifiP - ok 22:32:26.0888 0x3784 [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll 22:32:26.0907 0x3784 NaturalAuthentication - ok 22:32:26.0918 0x3784 [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 22:32:26.0925 0x3784 NcaSvc - ok 22:32:26.0937 0x3784 [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService C:\WINDOWS\System32\ncbservice.dll 22:32:26.0949 0x3784 NcbService - ok 22:32:26.0956 0x3784 [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 22:32:26.0964 0x3784 NcdAutoSetup - ok 22:32:26.0968 0x3784 ndfltr - ok 22:32:26.0972 0x3784 NDIS - ok 22:32:26.0979 0x3784 [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys 22:32:26.0981 0x3784 NdisCap - ok 22:32:26.0989 0x3784 [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys 22:32:26.0992 0x3784 NdisImPlatform - ok 22:32:26.0997 0x3784 NdisTapi - ok 22:32:27.0000 0x3784 Ndisuio - ok 22:32:27.0004 0x3784 NdisVirtualBus - ok 22:32:27.0009 0x3784 NdisWan - ok 22:32:27.0014 0x3784 ndiswanlegacy - ok 22:32:27.0020 0x3784 ndproxy - ok 22:32:27.0027 0x3784 [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 22:32:27.0030 0x3784 Ndu - ok 22:32:27.0033 0x3784 NetAdapterCx - ok 22:32:27.0037 0x3784 NetBIOS - ok 22:32:27.0043 0x3784 NetBT - ok 22:32:27.0047 0x3784 Netlogon - ok 22:32:27.0051 0x3784 Netman - ok 22:32:27.0066 0x3784 [ E9931F57F05696CBF53A086449D97BF6, 986C99033AA10A258F0CC42727B14C5812BC76AB535CDF54FCA1B038C4BF9546 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 22:32:27.0079 0x3784 netprofm - ok 22:32:27.0084 0x3784 NetSetupSvc - ok 22:32:27.0095 0x3784 [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 22:32:27.0098 0x3784 NetTcpPortSharing - ok 22:32:27.0103 0x3784 netvsc - ok 22:32:27.0235 0x3784 [ 43A6FA571D6B06279B9CD30901957AA1, A3451C696FC5FBE2C3778D974CF28B429B6265178E5372239C205221E9BDB39E ] Netwtw04 C:\WINDOWS\system32\DRIVERS\Netwtw04.sys 22:32:27.0368 0x3784 Netwtw04 - ok 22:32:27.0394 0x3784 [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll 22:32:27.0409 0x3784 NgcCtnrSvc - ok 22:32:27.0430 0x3784 [ DB3589FF79F06EC1967EBA56C7249E3C, C3F1B4687F2AAE869C8566B38DCFE507F8E7201A2241BD5342AAC22A2370D5E4 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll 22:32:27.0447 0x3784 NgcSvc - ok 22:32:27.0452 0x3784 NlaSvc - ok 22:32:27.0455 0x3784 Npfs - ok 22:32:27.0461 0x3784 npsvctrig - ok 22:32:27.0465 0x3784 nsi - ok 22:32:27.0470 0x3784 nsiproxy - ok 22:32:27.0476 0x3784 Ntfs - ok 22:32:27.0480 0x3784 Null - ok 22:32:27.0485 0x3784 nvdimm - ok 22:32:27.0488 0x3784 nvraid - ok 22:32:27.0492 0x3784 nvstor - ok 22:32:27.0506 0x3784 [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll 22:32:27.0512 0x3784 OneSyncSvc - ok 22:32:27.0578 0x3784 [ F5989050C229483DA0C25E41BBAD310F, B4593F01F710C4A457686328CC88EFC904ED34D73AFF85DB4A722BA6A25E0B7C ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe 22:32:27.0619 0x3784 Origin Client Service - ok 22:32:27.0685 0x3784 [ 4A91DFB1F6B5DF14559DF9293EE2AC5F, 5E8ECB5797E11EDE3B57EA200A7103F772F687629BBCFD12F612BA8BC599F848 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe 22:32:27.0742 0x3784 Origin Web Helper Service - ok 22:32:27.0752 0x3784 [ 9FACCCBC44D65D7D41E88D8DAD365871, 5B215F7E0F2F15033ACAB40328265A224057E5FB4E8D3A3F2BB35D878F4CEFE4 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 22:32:27.0755 0x3784 ose - ok 22:32:27.0766 0x3784 [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 22:32:27.0775 0x3784 p2pimsvc - ok 22:32:27.0788 0x3784 [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 22:32:27.0800 0x3784 p2psvc - ok 22:32:27.0803 0x3784 Parport - ok 22:32:27.0807 0x3784 partmgr - ok 22:32:27.0827 0x3784 [ 0CF87FC2DA60940031D553F8FDF5066B, 95F8A15210D6F431B84C6E18643F93C9D16F53D3FF4873F9A327A77924B4B9F8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 22:32:27.0840 0x3784 PcaSvc - ok 22:32:27.0846 0x3784 pci - ok 22:32:27.0849 0x3784 pciide - ok 22:32:27.0853 0x3784 pcmcia - ok 22:32:27.0856 0x3784 pcw - ok 22:32:27.0861 0x3784 pdc - ok 22:32:27.0880 0x3784 [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 22:32:27.0891 0x3784 PEAUTH - ok 22:32:27.0896 0x3784 [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN C:\Program Files (x86)\PHotkey\PEGAGFN.sys 22:32:27.0897 0x3784 PEGAGFN - ok 22:32:27.0902 0x3784 [ 753402F5B8C5B85AB60FCF53229FA072, 981D065EBE5A0BD5180974E9AE77E3307F97A0E66DE2A7A79FBE0888F6657B7D ] PegaRadioSwitch C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys 22:32:27.0903 0x3784 PegaRadioSwitch - ok 22:32:27.0908 0x3784 percsas2i - ok 22:32:27.0913 0x3784 percsas3i - ok 22:32:27.0937 0x3784 [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 22:32:27.0940 0x3784 PerfHost - ok 22:32:27.0958 0x3784 [ 9A7B272B8815093763B996C7EE5D001F, B0499C50D031B6BDED2365C105D0274B72D611C23CFD4B6AE58B1C7F84B30A00 ] PGFNEXSrv C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe 22:32:27.0961 0x3784 PGFNEXSrv - ok 22:32:27.0965 0x3784 PhoneSvc - ok 22:32:27.0973 0x3784 [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll 22:32:27.0982 0x3784 PimIndexMaintenanceSvc - ok 22:32:28.0014 0x3784 [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla C:\WINDOWS\system32\pla.dll 22:32:28.0043 0x3784 pla - ok 22:32:28.0048 0x3784 PlugPlay - ok 22:32:28.0053 0x3784 pmem - ok 22:32:28.0057 0x3784 [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys 22:32:28.0059 0x3784 PNPMEM - ok 22:32:28.0064 0x3784 [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 22:32:28.0070 0x3784 PNRPAutoReg - ok 22:32:28.0081 0x3784 [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 22:32:28.0089 0x3784 PNRPsvc - ok 22:32:28.0094 0x3784 PolicyAgent - ok 22:32:28.0100 0x3784 Power - ok 22:32:28.0103 0x3784 PptpMiniport - ok 22:32:28.0184 0x3784 [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 22:32:28.0242 0x3784 PrintNotify - ok 22:32:28.0251 0x3784 [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll 22:32:28.0258 0x3784 PrintWorkflowUserSvc - ok 22:32:28.0264 0x3784 Processor - ok 22:32:28.0267 0x3784 ProfSvc - ok 22:32:28.0274 0x3784 [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched C:\WINDOWS\system32\drivers\pacer.sys 22:32:28.0278 0x3784 Psched - ok 22:32:28.0287 0x3784 [ 29F12CD3F77B65C7E37F8517395B13D2, 690517756A21B3DE4CF4A027AA712FC62DB6F5F2E89B4D2DE220A29C4A36878B ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll 22:32:28.0296 0x3784 PushToInstall - ok 22:32:28.0305 0x3784 [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE C:\WINDOWS\system32\qwave.dll 22:32:28.0314 0x3784 QWAVE - ok 22:32:28.0319 0x3784 [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 22:32:28.0320 0x3784 QWAVEdrv - ok 22:32:28.0324 0x3784 Ramdisk - ok 22:32:28.0329 0x3784 RasAcd - ok 22:32:28.0332 0x3784 RasAgileVpn - ok 22:32:28.0336 0x3784 RasAuto - ok 22:32:28.0339 0x3784 Rasl2tp - ok 22:32:28.0346 0x3784 RasMan - ok 22:32:28.0349 0x3784 RasPppoe - ok 22:32:28.0353 0x3784 RasSstp - ok 22:32:28.0356 0x3784 rdbss - ok 22:32:28.0365 0x3784 [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 22:32:28.0366 0x3784 rdpbus - ok 22:32:28.0374 0x3784 [ 52A6CC99F5934CFAE88353C47B6193E7, 37F6991FA526036866E8CFC938A16750644AD764FA52BB102B11B5D594DB7E96 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 22:32:28.0378 0x3784 RDPDR - ok 22:32:28.0388 0x3784 [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 22:32:28.0390 0x3784 RdpVideoMiniport - ok 22:32:28.0402 0x3784 [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 22:32:28.0408 0x3784 rdyboost - ok 22:32:28.0483 0x3784 Redis - ok 22:32:28.0486 0x3784 ReFS - ok 22:32:28.0489 0x3784 ReFSv1 - ok 22:32:28.0496 0x3784 [ 3B346EFB42F3D3FFAF775E9A5D84A2C8, 242BFB2836408728A6D8E721D3C25ABD29D83CEF2438724D7D663FD417F2979A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 22:32:28.0499 0x3784 RegSrvc - ok 22:32:28.0512 0x3784 [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 22:32:28.0523 0x3784 RemoteAccess - ok 22:32:28.0532 0x3784 [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 22:32:28.0541 0x3784 RemoteRegistry - ok 22:32:28.0558 0x3784 [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo C:\WINDOWS\system32\RDXService.dll 22:32:28.0572 0x3784 RetailDemo - ok 22:32:28.0583 0x3784 [ 59F600BDA5B6EE591802945F1D8388D5, A30593A0EC696DE21264969664261E7ADA12C9E1161445BD41E71B7E3232604F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 22:32:28.0586 0x3784 RFCOMM - ok 22:32:28.0592 0x3784 [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys 22:32:28.0595 0x3784 rhproxy - ok 22:32:28.0607 0x3784 [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc C:\WINDOWS\System32\RMapi.dll 22:32:28.0616 0x3784 RmSvc - ok 22:32:28.0619 0x3784 RpcEptMapper - ok 22:32:28.0624 0x3784 [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator C:\WINDOWS\system32\locator.exe 22:32:28.0629 0x3784 RpcLocator - ok 22:32:28.0632 0x3784 RpcSs - ok 22:32:28.0637 0x3784 [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys 22:32:28.0639 0x3784 rspndr - ok 22:32:28.0663 0x3784 [ E11A3F79475F9D019CD51ADCCC377909, CF14C494C4A969233C1D2B32A56C86C8636AC70004725B53447C42EB63C31BA9 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys 22:32:28.0676 0x3784 rt640x64 - ok 22:32:28.0690 0x3784 [ CD119D2452BCB3ED0803FAF8A24F74AE, 8FC84679AE0B682DD79FE3879F92F854430C724C22E4F1DCD1E2D01777103492 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys 22:32:28.0697 0x3784 RTSUER - ok 22:32:28.0702 0x3784 [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 22:32:28.0704 0x3784 s3cap - ok 22:32:28.0708 0x3784 SamSs - ok 22:32:28.0712 0x3784 sbp2port - ok 22:32:28.0722 0x3784 [ D48F36EA4B4E8237B24E33B18D76EB2A, 128E754F15FDB00D218FB23431BF0FBDC65D64EEF294D72535B0C07EB5472136 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 22:32:28.0733 0x3784 SCardSvr - ok 22:32:28.0744 0x3784 [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 22:32:28.0752 0x3784 ScDeviceEnum - ok 22:32:28.0757 0x3784 [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 22:32:28.0759 0x3784 scfilter - ok 22:32:28.0781 0x3784 [ 9D13410D7B4D76AA2EA73EC8CA0E0190, 7C46D202683F34F1C07D9D297E9A239376800DC8C84FE1585FE7FC723B6EBBA0 ] Schedule C:\WINDOWS\system32\schedsvc.dll 22:32:28.0801 0x3784 Schedule - ok 22:32:28.0811 0x3784 scmbus - ok 22:32:28.0819 0x3784 [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 22:32:28.0822 0x3784 SCPolicySvc - ok 22:32:28.0827 0x3784 sdbus - ok 22:32:28.0832 0x3784 [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys 22:32:28.0833 0x3784 SDFRd - ok 22:32:28.0841 0x3784 [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll 22:32:28.0849 0x3784 SDRSVC - ok 22:32:28.0853 0x3784 sdstor - ok 22:32:28.0857 0x3784 [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon C:\WINDOWS\system32\seclogon.dll 22:32:28.0864 0x3784 seclogon - ok 22:32:28.0893 0x3784 [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll 22:32:28.0921 0x3784 SEMgrSvc - ok 22:32:28.0927 0x3784 [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS C:\WINDOWS\System32\sens.dll 22:32:28.0934 0x3784 SENS - ok 22:32:28.0978 0x3784 [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe 22:32:29.0004 0x3784 SensorDataService - ok 22:32:29.0023 0x3784 [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService C:\WINDOWS\system32\SensorService.dll 22:32:29.0040 0x3784 SensorService - ok 22:32:29.0050 0x3784 [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 22:32:29.0058 0x3784 SensrSvc - ok 22:32:29.0062 0x3784 SerCx - ok 22:32:29.0065 0x3784 SerCx2 - ok 22:32:29.0069 0x3784 Serenum - ok 22:32:29.0072 0x3784 Serial - ok 22:32:29.0083 0x3784 sermouse - ok 22:32:29.0102 0x3784 [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv C:\WINDOWS\system32\sessenv.dll 22:32:29.0113 0x3784 SessionEnv - ok 22:32:29.0116 0x3784 sfloppy - ok 22:32:29.0122 0x3784 [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys 22:32:29.0125 0x3784 SgrmAgent - ok 22:32:29.0133 0x3784 [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe 22:32:29.0142 0x3784 SgrmBroker - ok 22:32:29.0159 0x3784 [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 22:32:29.0171 0x3784 SharedAccess - ok 22:32:29.0190 0x3784 [ 0BE15FDA358837ABD88DC72AA75C75CD, 3990FA051E7C280B446C8A749FCEE04E384230CC5E286B4E7080B1737E5730DD ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll 22:32:29.0208 0x3784 SharedRealitySvc - ok 22:32:29.0224 0x3784 [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 22:32:29.0241 0x3784 ShellHWDetection - ok 22:32:29.0251 0x3784 [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll 22:32:29.0260 0x3784 shpamsvc - ok 22:32:29.0265 0x3784 SiSRaid2 - ok 22:32:29.0268 0x3784 SiSRaid4 - ok 22:32:29.0272 0x3784 smphost - ok 22:32:29.0288 0x3784 [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll 22:32:29.0303 0x3784 SmsRouter - ok 22:32:29.0313 0x3784 [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 22:32:29.0318 0x3784 SNMPTRAP - ok 22:32:29.0322 0x3784 spaceport - ok 22:32:29.0328 0x3784 [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys 22:32:29.0331 0x3784 SpatialGraphFilter - ok 22:32:29.0334 0x3784 SpbCx - ok 22:32:29.0338 0x3784 spectrum - ok 22:32:29.0359 0x3784 [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler C:\WINDOWS\System32\spoolsv.exe 22:32:29.0375 0x3784 Spooler - ok 22:32:29.0381 0x3784 sppsvc - ok 22:32:29.0385 0x3784 srv - ok 22:32:29.0388 0x3784 srv2 - ok 22:32:29.0395 0x3784 srvnet - ok 22:32:29.0405 0x3784 [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 22:32:29.0417 0x3784 SSDPSRV - ok 22:32:29.0430 0x3784 [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe 22:32:29.0436 0x3784 ssh-agent - ok 22:32:29.0442 0x3784 SstpSvc - ok 22:32:29.0461 0x3784 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe 22:32:29.0471 0x3784 ss_conn_service - ok 22:32:29.0477 0x3784 StateRepository - ok 22:32:29.0512 0x3784 [ 3BCC3C334DF59EE4765B31730D7EA04C, BA193D484666BF5FFEEF715A74501F068E13F0330E5EFD4A9864175E313EAB63 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 22:32:29.0539 0x3784 Steam Client Service - ok 22:32:29.0545 0x3784 stexstor - ok 22:32:29.0562 0x3784 [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc C:\WINDOWS\System32\wiaservc.dll 22:32:29.0577 0x3784 stisvc - ok 22:32:29.0582 0x3784 storahci - ok 22:32:29.0586 0x3784 storflt - ok 22:32:29.0589 0x3784 stornvme - ok 22:32:29.0595 0x3784 storqosflt - ok 22:32:29.0599 0x3784 StorSvc - ok 22:32:29.0602 0x3784 storufs - ok 22:32:29.0606 0x3784 storvsc - ok 22:32:29.0611 0x3784 svsvc - ok 22:32:29.0633 0x3784 swenum - ok 22:32:29.0636 0x3784 swprv - ok 22:32:29.0641 0x3784 [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys 22:32:29.0643 0x3784 Synth3dVsc - ok 22:32:29.0667 0x3784 [ 62492FAAC26223E8A21E79A2331A3F10, 164C2650EAD344B6DFF95B8275436231E7994B7F06ACB3DA19054849BED61FD2 ] SysMain C:\WINDOWS\system32\sysmain.dll 22:32:29.0687 0x3784 SysMain - ok 22:32:29.0693 0x3784 SystemEventsBroker - ok 22:32:29.0701 0x3784 [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 22:32:29.0711 0x3784 TabletInputService - ok 22:32:29.0716 0x3784 [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys 22:32:29.0718 0x3784 tap0901 - ok 22:32:29.0727 0x3784 [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 22:32:29.0737 0x3784 TapiSrv - ok 22:32:29.0743 0x3784 [ 1960E9FD4082A0170FBA0231FD709113, D5854811787EBC979E9FAB02847F1E662F430A06AB2D3CB9F0EE4BB3A9EC56FE ] tapprotonvpn C:\WINDOWS\System32\drivers\tapprotonvpn.sys 22:32:29.0745 0x3784 tapprotonvpn - ok 22:32:29.0749 0x3784 [ 039CFEDBC0D1A751A1308228A72C1CCD, C451FA71353CB2D31AE4AA3F2B03D098A2C6156B687EC33E0AD2DFC766646647 ] tapwindscribe0901 C:\WINDOWS\System32\drivers\tapwindscribe0901.sys 22:32:29.0751 0x3784 tapwindscribe0901 - ok 22:32:29.0755 0x3784 Tcpip - ok 22:32:29.0760 0x3784 Tcpip6 - ok 22:32:29.0768 0x3784 [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 22:32:29.0770 0x3784 tcpipreg - ok 22:32:29.0779 0x3784 tdx - ok 22:32:29.0784 0x3784 [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 22:32:29.0786 0x3784 terminpt - ok 22:32:29.0808 0x3784 [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService C:\WINDOWS\System32\termsrv.dll 22:32:29.0830 0x3784 TermService - ok 22:32:29.0835 0x3784 [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes C:\WINDOWS\system32\themeservice.dll 22:32:29.0844 0x3784 Themes - ok 22:32:29.0854 0x3784 [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe 22:32:29.0864 0x3784 TieringEngineService - ok 22:32:29.0869 0x3784 TimeBrokerSvc - ok 22:32:29.0871 0x3784 TokenBroker - ok 22:32:29.0876 0x3784 TPM - ok 22:32:29.0883 0x3784 [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks C:\WINDOWS\System32\trkwks.dll 22:32:29.0889 0x3784 TrkWks - ok 22:32:29.0894 0x3784 TrustedInstaller - ok 22:32:29.0902 0x3784 [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 22:32:29.0904 0x3784 TsUsbFlt - ok 22:32:29.0913 0x3784 [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 22:32:29.0915 0x3784 TsUsbGD - ok 22:32:29.0925 0x3784 [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys 22:32:29.0928 0x3784 tunnel - ok 22:32:29.0935 0x3784 [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll 22:32:29.0945 0x3784 tzautoupdate - ok 22:32:29.0949 0x3784 UASPStor - ok 22:32:29.0963 0x3784 [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys 22:32:29.0966 0x3784 UcmCx0101 - ok 22:32:29.0973 0x3784 [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys 22:32:29.0977 0x3784 UcmTcpciCx0101 - ok 22:32:29.0990 0x3784 [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys 22:32:29.0993 0x3784 UcmUcsi - ok 22:32:29.0997 0x3784 Ucx01000 - ok 22:32:30.0002 0x3784 UdeCx - ok 22:32:30.0006 0x3784 udfs - ok 22:32:30.0012 0x3784 UEFI - ok 22:32:30.0022 0x3784 [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys 22:32:30.0029 0x3784 Ufx01000 - ok 22:32:30.0034 0x3784 UfxChipidea - ok 22:32:30.0038 0x3784 ufxsynopsys - ok 22:32:30.0049 0x3784 umbus - ok 22:32:30.0054 0x3784 UmPass - ok 22:32:30.0066 0x3784 [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 22:32:30.0077 0x3784 UmRdpService - ok 22:32:30.0102 0x3784 [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll 22:32:30.0129 0x3784 UnistoreSvc - ok 22:32:30.0146 0x3784 [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost C:\WINDOWS\System32\upnphost.dll 22:32:30.0158 0x3784 upnphost - ok 22:32:30.0165 0x3784 [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys 22:32:30.0167 0x3784 UrsChipidea - ok 22:32:30.0172 0x3784 [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys 22:32:30.0175 0x3784 UrsCx01000 - ok 22:32:30.0180 0x3784 [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys 22:32:30.0181 0x3784 UrsSynopsys - ok 22:32:30.0185 0x3784 usbccgp - ok 22:32:30.0190 0x3784 [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 22:32:30.0194 0x3784 usbcir - ok 22:32:30.0197 0x3784 usbehci - ok 22:32:30.0200 0x3784 usbhub - ok 22:32:30.0203 0x3784 USBHUB3 - ok 22:32:30.0208 0x3784 usbohci - ok 22:32:30.0214 0x3784 [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 22:32:30.0216 0x3784 usbprint - ok 22:32:30.0220 0x3784 usbser - ok 22:32:30.0224 0x3784 USBSTOR - ok 22:32:30.0229 0x3784 usbuhci - ok 22:32:30.0239 0x3784 [ 9431F7E997A8750139517709B04D8629, 250DE2A461DD3E6D40BD7A21041BF451D954D5BC14A9BC4D819955A135FC34F4 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 22:32:30.0246 0x3784 usbvideo - ok 22:32:30.0251 0x3784 USBXHCI - ok 22:32:30.0284 0x3784 [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll 22:32:30.0316 0x3784 UserDataSvc - ok 22:32:30.0324 0x3784 UserManager - ok 22:32:30.0329 0x3784 UsoSvc - ok 22:32:30.0341 0x3784 [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc C:\WINDOWS\System32\vac.dll 22:32:30.0354 0x3784 VacSvc - ok 22:32:30.0360 0x3784 VaultSvc - ok 22:32:30.0365 0x3784 [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone C:\WINDOWS\System32\drivers\VClone.sys 22:32:30.0366 0x3784 VClone - ok 22:32:30.0369 0x3784 vdrvroot - ok 22:32:30.0373 0x3784 vds - ok 22:32:30.0379 0x3784 VerifierExt - ok 22:32:30.0383 0x3784 vhdmp - ok 22:32:30.0387 0x3784 vhf - ok 22:32:30.0392 0x3784 vmbus - ok 22:32:30.0396 0x3784 VMBusHID - ok 22:32:30.0400 0x3784 [ C9F69EBA06A703CE726CC6FC0AEFB5E9, 53E441D9D6017CC4BB75F41C6CB9DA79DE500CACBDDE58104D1857A2B749C373 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys 22:32:30.0401 0x3784 vmgid - ok 22:32:30.0412 0x3784 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll 22:32:30.0419 0x3784 vmicguestinterface - ok 22:32:30.0428 0x3784 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll 22:32:30.0434 0x3784 vmicheartbeat - ok 22:32:30.0442 0x3784 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll 22:32:30.0449 0x3784 vmickvpexchange - ok 22:32:30.0458 0x3784 [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll 22:32:30.0466 0x3784 vmicrdv - ok 22:32:30.0475 0x3784 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll 22:32:30.0482 0x3784 vmicshutdown - ok 22:32:30.0490 0x3784 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync C:\WINDOWS\System32\icsvc.dll 22:32:30.0497 0x3784 vmictimesync - ok 22:32:30.0506 0x3784 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll 22:32:30.0514 0x3784 vmicvmsession - ok 22:32:30.0525 0x3784 [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll 22:32:30.0533 0x3784 vmicvss - ok 22:32:30.0537 0x3784 volmgr - ok 22:32:30.0543 0x3784 volmgrx - ok 22:32:30.0548 0x3784 volsnap - ok 22:32:30.0552 0x3784 volume - ok 22:32:30.0557 0x3784 [ CB90DACF9194DD9D60A2C1DBFBC1E0D1, BE454495C79857FD8DF4ABAF5BDB7D076467BBC27B31E87FA9D920F2001B670D ] vpci C:\WINDOWS\System32\drivers\vpci.sys 22:32:30.0560 0x3784 vpci - ok 22:32:30.0580 0x3784 [ 7AE0B2F48B374DB0F423C9807BCC4F1F, 541D692295427CA3BF9AB66D7185AD4154D2618E5554D7E145B2ED8B1AA4AC98 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe 22:32:30.0591 0x3784 vpnagent - ok 22:32:30.0598 0x3784 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\WINDOWS\System32\drivers\vpnva64-6.sys 22:32:30.0599 0x3784 vpnva - ok 22:32:30.0603 0x3784 vsmraid - ok 22:32:30.0607 0x3784 VSS - ok 22:32:30.0612 0x3784 VSTXRAID - ok 22:32:30.0616 0x3784 vwifibus - ok 22:32:30.0620 0x3784 vwififlt - ok 22:32:30.0625 0x3784 vwifimp - ok 22:32:30.0629 0x3784 W32Time - ok 22:32:30.0641 0x3784 [ 1C8447EFBC2B36B1CFE889E519F46A6E, 2601185B01909682FB921400C26BE6391AC93F72E84E70E2F49B4059987E191E ] WaaSMedicSvc C:\WINDOWS\System32\WaaSMedicSvc.dll 22:32:30.0654 0x3784 WaaSMedicSvc - ok 22:32:30.0659 0x3784 WacomPen - ok 22:32:30.0672 0x3784 [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService C:\WINDOWS\system32\WalletService.dll 22:32:30.0687 0x3784 WalletService - ok 22:32:30.0692 0x3784 wanarp - ok 22:32:30.0697 0x3784 wanarpv6 - ok 22:32:30.0702 0x3784 [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll 22:32:30.0710 0x3784 WarpJITSvc - ok 22:32:30.0716 0x3784 wbengine - ok 22:32:30.0720 0x3784 WbioSrvc - ok 22:32:30.0728 0x3784 [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys 22:32:30.0732 0x3784 wcifs - ok 22:32:30.0769 0x3784 [ 2BCA9BABB5CEC329E604AE9C1DBA9D5B, 315C72B80A5E6278A725E7BD2DE0C8A2751C2A3F9B4D82F7A034B1ADDE687507 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 22:32:30.0792 0x3784 Wcmsvc - ok 22:32:30.0798 0x3784 wcncsvc - ok 22:32:30.0803 0x3784 [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys 22:32:30.0806 0x3784 wcnfs - ok 22:32:30.0812 0x3784 [ 9BD1C97BAED4B916C95D4E107B3D9812, 722456319EBA63AC6EB21B6A99F4FC928F58AA972DF227EDF0982BC51F4DE86D ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 22:32:30.0814 0x3784 WdBoot - ok 22:32:30.0818 0x3784 Wdf01000 - ok 22:32:30.0829 0x3784 [ D25D9930BFD78A09B8FD4A7504C6F57A, 9D94BC1368A73B06312ED9016482534EA64F7005C85AAB240ED619FDD19E7F4C ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 22:32:30.0835 0x3784 WdFilter - ok 22:32:30.0841 0x3784 [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 22:32:30.0849 0x3784 WdiServiceHost - ok 22:32:30.0854 0x3784 [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 22:32:30.0863 0x3784 WdiSystemHost - ok 22:32:30.0866 0x3784 wdiwifi - ok 22:32:30.0870 0x3784 [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys 22:32:30.0871 0x3784 WdmCompanionFilter - ok 22:32:30.0879 0x3784 [ 8542EAE47D35CB658614C1813C7599A2, 67AEB01B5D4E6CA8C669EFB12A7876A378CEA4CAE2810DD790D2DAC5F07D6E52 ] wdm_usb C:\WINDOWS\system32\DRIVERS\usb2ser.sys 22:32:30.0883 0x3784 wdm_usb - ok 22:32:30.0888 0x3784 [ 54E97FEADEEFF973797EB878DC0D2850, A7ABD9E8B94DA19328BB9BF498D64603C6147BE998C40A6F0F8C2E0716CBFC95 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 22:32:30.0891 0x3784 WdNisDrv - ok 22:32:30.0895 0x3784 WdNisSvc - ok 22:32:30.0903 0x3784 [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient C:\WINDOWS\System32\webclnt.dll 22:32:30.0915 0x3784 WebClient - ok 22:32:30.0923 0x3784 [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 22:32:30.0933 0x3784 Wecsvc - ok 22:32:30.0938 0x3784 [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 22:32:30.0947 0x3784 WEPHOSTSVC - ok 22:32:30.0954 0x3784 [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 22:32:30.0964 0x3784 wercplsupport - ok 22:32:30.0968 0x3784 WerSvc - ok 22:32:30.0983 0x3784 [ 0427A785512BB39BEA530DC5367A9A03, 8ED29AE0FDB65D4E1D8CD3FA1783D74EF7B01AB30DD1090C917A74AC88FD4C3E ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll 22:32:30.0998 0x3784 WFDSConMgrSvc - ok 22:32:31.0002 0x3784 WFPLWFS - ok 22:32:31.0008 0x3784 [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 22:32:31.0016 0x3784 WiaRpc - ok 22:32:31.0020 0x3784 WIMMount - ok 22:32:31.0031 0x3784 [ EC7C1A7397988EFAF37BF685CA25525D, 50DA7D63CDE618D6426649AED250CEBE229CBBAC718C4E3CD882D816839B4CE9 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys 22:32:31.0033 0x3784 WindowsTrustedRT - ok 22:32:31.0037 0x3784 [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys 22:32:31.0039 0x3784 WindowsTrustedRTProxy - ok 22:32:31.0044 0x3784 WinHttpAutoProxySvc - ok 22:32:31.0048 0x3784 WinMad - ok 22:32:31.0055 0x3784 Winmgmt - ok 22:32:31.0070 0x3784 [ 48194110C410B335AC985D9194275A1C, 1CE64B9DD2DB4CCB3916AA4F4C5F8C71C647ABF7845D284019725761138B8A8B ] WinNat C:\WINDOWS\system32\drivers\winnat.sys 22:32:31.0074 0x3784 WinNat - ok 22:32:31.0123 0x3784 [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 22:32:31.0174 0x3784 WinRM - ok 22:32:31.0189 0x3784 [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS 22:32:31.0193 0x3784 WINUSB - ok 22:32:31.0197 0x3784 WinVerbs - ok 22:32:31.0200 0x3784 wisvc - ok 22:32:31.0205 0x3784 WlanSvc - ok 22:32:31.0211 0x3784 wlidsvc - ok 22:32:31.0242 0x3784 [ 59F6A50CD336D0ADD22E3F1FC0D73957, A62469B30325965735FE76AE7D83E5D829AE09D7F0996CC0B42604E68426B088 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll 22:32:31.0271 0x3784 wlpasvc - ok 22:32:31.0276 0x3784 WmiAcpi - ok 22:32:31.0283 0x3784 wmiApSrv - ok 22:32:31.0286 0x3784 WMPNetworkSvc - ok 22:32:31.0297 0x3784 [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof C:\WINDOWS\system32\drivers\Wof.sys 22:32:31.0300 0x3784 Wof - ok 22:32:31.0347 0x3784 [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 22:32:31.0387 0x3784 workfolderssvc - ok 22:32:31.0395 0x3784 WpcMonSvc - ok 22:32:31.0400 0x3784 [ 25180559693250D7B7FF16A6BE7AC9BE, 1872BC298C3ED6A204B3BA2AB13D08EB9DAE5B30B7F83CA7A67BFDECA8D043AD ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 22:32:31.0412 0x3784 WPDBusEnum - ok 22:32:31.0420 0x3784 [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 22:32:31.0421 0x3784 WpdUpFltr - ok 22:32:31.0431 0x3784 [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService C:\WINDOWS\system32\WpnService.dll 22:32:31.0442 0x3784 WpnService - ok 22:32:31.0448 0x3784 [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll 22:32:31.0459 0x3784 WpnUserService - ok 22:32:31.0467 0x3784 ws2ifsl - ok 22:32:31.0476 0x3784 [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc C:\WINDOWS\System32\wscsvc.dll 22:32:31.0487 0x3784 wscsvc - ok 22:32:31.0492 0x3784 WSearch - ok 22:32:31.0502 0x3784 [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 22:32:31.0504 0x3784 WudfPf - ok 22:32:31.0515 0x3784 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 22:32:31.0519 0x3784 WUDFRd - ok 22:32:31.0529 0x3784 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 22:32:31.0533 0x3784 WUDFWpdFs - ok 22:32:31.0541 0x3784 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 22:32:31.0546 0x3784 WUDFWpdMtp - ok 22:32:31.0584 0x3784 [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 22:32:31.0620 0x3784 WwanSvc - ok 22:32:31.0628 0x3784 [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe 22:32:31.0636 0x3784 xbgm - ok 22:32:31.0661 0x3784 [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll 22:32:31.0688 0x3784 XblAuthManager - ok 22:32:31.0720 0x3784 [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll 22:32:31.0755 0x3784 XblGameSave - ok 22:32:31.0767 0x3784 [ 0AA38B54EB292CB3EB13FFF948473DBA, C5256ABC0A4A2117EC6F1C88B5BFDBECAE673AD47639A274BFFF92A46452E9B0 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys 22:32:31.0772 0x3784 xboxgip - ok 22:32:31.0779 0x3784 [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll 22:32:31.0787 0x3784 XboxGipSvc - ok 22:32:31.0814 0x3784 [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll 22:32:31.0842 0x3784 XboxNetApiSvc - ok 22:32:31.0849 0x3784 [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys 22:32:31.0851 0x3784 xinputhid - ok 22:32:31.0866 0x3784 [ 3C68ADDE2437FB45CFE71FD8C33C4919, 7F19F51F3664BE5FDD79BCF216DF8D1D1BC3015D522E989DD592BFA1AB3DFE8B ] YSDrv C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys 22:32:31.0872 0x3784 YSDrv - ok 22:32:31.0944 0x3784 [ 1EBEA7CCAB778865336E4F6C79E807D6, A95FE0B9622E9390CB3482E18846C4EE8ECE67905F4CB6D239BCACC16679A5C4 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 22:32:32.0003 0x3784 ZeroConfigService - ok 22:32:32.0009 0x3784 ================ Scan global =============================== 22:32:32.0023 0x3784 [ Global ] - ok 22:32:32.0024 0x3784 ================ Scan MBR ================================== 22:32:32.0026 0x3784 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 22:32:32.0034 0x3784 \Device\Harddisk0\DR0 - ok 22:32:32.0036 0x3784 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 22:32:32.0041 0x3784 \Device\Harddisk1\DR1 - ok 22:32:32.0042 0x3784 ================ Scan VBR ================================== 22:32:32.0044 0x3784 [ DF911AD26D6AD77D910F0D2F6365A0E3 ] \Device\Harddisk0\DR0\Partition1 22:32:32.0045 0x3784 \Device\Harddisk0\DR0\Partition1 - ok 22:32:32.0047 0x3784 [ D797F3B4113DB4D8FE8B976E455F024C ] \Device\Harddisk0\DR0\Partition2 22:32:32.0048 0x3784 \Device\Harddisk0\DR0\Partition2 - ok 22:32:32.0051 0x3784 [ 5D4A449D7585BB685981813AA82E4778 ] \Device\Harddisk1\DR1\Partition1 22:32:32.0052 0x3784 \Device\Harddisk1\DR1\Partition1 - ok 22:32:32.0053 0x3784 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition2 22:32:32.0054 0x3784 \Device\Harddisk1\DR1\Partition2 - ok 22:32:32.0059 0x3784 [ 892200FF57E3E149C7E74953CAFED1ED ] \Device\Harddisk1\DR1\Partition3 22:32:32.0060 0x3784 \Device\Harddisk1\DR1\Partition3 - ok 22:32:32.0063 0x3784 [ E62DE48BB29D2CE86A1328B87EFAE779 ] \Device\Harddisk1\DR1\Partition4 22:32:32.0065 0x3784 \Device\Harddisk1\DR1\Partition4 - ok 22:32:32.0067 0x3784 [ B5FE3401605610FF0EB06614D298A41A ] \Device\Harddisk1\DR1\Partition5 22:32:32.0068 0x3784 \Device\Harddisk1\DR1\Partition5 - ok 22:32:32.0068 0x3784 ================ Scan generic autorun ====================== 22:32:32.0068 0x3784 SecurityHealth - ok 22:32:32.0069 0x3784 ETDCtrl - ok 22:32:32.0353 0x3784 [ 8F16BC456BAA770C0FCC1CD7D3998A1B, 089AF447DC487F4B2D09E0F30E634C63EFD1913628219F3242E638536D922248 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 22:32:32.0610 0x3784 RTHDVCPL - ok 22:32:32.0652 0x3784 [ 59582ECA7AEC295A61BF79EC651BD89A, E086E8022F5363F9D6D94123854E8570E60C93D0AF84E0CCE4CD1602EB7863EB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 22:32:32.0675 0x3784 RtHDVBg_Dolby - ok 22:32:32.0682 0x3784 [ A8012BE61DC9CEFA5C41C2DA995812BD, 63D64926B700AD5378C7A719CD71906382EAAA1BE3CB2EE22D9A63D13E12C272 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe 22:32:32.0683 0x3784 IAStorIcon - ok 22:32:32.0698 0x3784 [ 5DB2D863BEECABABE5AFBD36AD055919, EDA57E210834275DD78650C55267F1EB55BB03964D0BCB8C87CCB5CCE290AE51 ] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe 22:32:32.0706 0x3784 DAX2_APP - ok 22:32:32.0710 0x3784 Discord - ok 22:32:32.0793 0x3784 [ E67118779196D1FDB49899709B62CBD5, E2891E34735C29018831818A58DA40900179A90A68FC92C6C903C57947AF73FC ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe 22:32:32.0843 0x3784 Dropbox - ok 22:32:32.0871 0x3784 [ 4FE439A1651F4E2F74022253ADD1C925, 8D855B05D3FF5C840A30A5E00CB0ED9D774C84C9BA11B7657CEB3CC2E3F4C145 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe 22:32:32.0891 0x3784 Cisco AnyConnect Secure Mobility Agent for Windows - ok 22:32:33.0256 0x3784 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe 22:32:33.0544 0x3784 OneDriveSetup - ok 22:32:33.0573 0x3784 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe 22:32:33.0580 0x3784 WAB Migrate - ok 22:32:33.0936 0x3784 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe 22:32:34.0224 0x3784 OneDriveSetup - ok 22:32:34.0255 0x3784 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe 22:32:34.0263 0x3784 WAB Migrate - ok 22:32:34.0296 0x3784 [ C84B6E5F646590F201E88F2C0955285A, 1785CC39A455F3ED3D0BAB97C03ED80D58CE24157E00C3AAECD31C2C98AA9806 ] C:\Users\staub\AppData\Local\Microsoft\OneDrive\OneDrive.exe 22:32:34.0321 0x3784 OneDrive - ok 22:32:34.0384 0x3784 [ 036D82DD70A5D8B7A29BCDDF3E5C243D, E54A465BF2D70C93B440B05612C8F11B7CA8C8AEECB822E65E518DD862A00700 ] C:\Program Files (x86)\Steam\steam.exe 22:32:34.0428 0x3784 Steam - ok 22:32:34.0435 0x3784 Spotify - ok 22:32:34.0466 0x3784 [ 23686E6FA80E49F08715598A3EFF36BB, B7DC968ADB7DC2FCA1D67A3E6ECE0FF71DC5A909547249CB4A479093319BA7B5 ] C:\Program Files\CyberGhost 6\CyberGhost.exe 22:32:34.0486 0x3784 CyberGhost - ok 22:32:34.0493 0x3784 Discord - ok 22:32:34.0495 0x3784 Windscribe - ok 22:32:34.0496 0x3784 Windows Shutdown Assistant - ok 22:32:34.0845 0x3784 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe 22:32:35.0134 0x3784 OneDriveSetup - ok 22:32:35.0156 0x3784 Discord - ok 22:32:35.0186 0x3784 [ 10E204B6AEB476E50D07F22DFDFBF62D, AB189636BAB5020B671CBB763E245F27F60847405FC14BEA6E50285E60DC85ED ] C:\Users\enogh\AppData\Local\Microsoft\OneDrive\OneDrive.exe 22:32:35.0209 0x3784 OneDrive - ok 22:32:35.0223 0x3784 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe 22:32:35.0231 0x3784 WAB Migrate - ok 22:32:35.0606 0x3784 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe 22:32:35.0903 0x3784 OneDriveSetup - ok 22:32:36.0079 0x3784 [ 90029F7160037122DA12101C0C8850F7, DE4BFD8E60AC0222EACCA8BAC94562ED2B38CBEF569F8B927CCD197735655AC0 ] C:\Users\shima\AppData\Local\Microsoft\OneDrive\OneDrive.exe 22:32:36.0104 0x3784 OneDrive - ok 22:32:36.0120 0x3784 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe 22:32:36.0128 0x3784 WAB Migrate - ok 22:32:36.0130 0x3784 Waiting for KSN requests completion. In queue: 293 22:32:37.0164 0x3784 AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x60100 ( disabled : updated ) 22:32:37.0174 0x3784 Win FW state via NFP2: enabled ( trusted ) 22:32:37.0258 0x3784 ============================================================ 22:32:37.0258 0x3784 Scan finished 22:32:37.0258 0x3784 ============================================================ 22:32:37.0266 0x2148 Detected object count: 0 22:32:37.0266 0x2148 Actual detected object count: 0 22:32:40.0732 0x370c Deinitialize success |
11.09.2018, 21:54 | #9 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht?Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
12.09.2018, 10:51 | #10 |
| Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht?Code:
ATTFilter 11:49:13.0116 0x2ea0 TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17 11:49:13.0116 0x2ea0 UEFI system 11:49:16.0036 0x2ea0 ============================================================ 11:49:16.0036 0x2ea0 Current date / time: 2018/09/12 11:49:16.0036 11:49:16.0036 0x2ea0 SystemInfo: 11:49:16.0036 0x2ea0 11:49:16.0036 0x2ea0 OS Version: 10.0.17134 ServicePack: 0.0 11:49:16.0036 0x2ea0 Product type: Workstation 11:49:16.0036 0x2ea0 ComputerName: DESKTOP-UKTCUI2 11:49:16.0036 0x2ea0 UserName: staub 11:49:16.0036 0x2ea0 Windows directory: C:\WINDOWS 11:49:16.0036 0x2ea0 System windows directory: C:\WINDOWS 11:49:16.0036 0x2ea0 Running under WOW64 11:49:16.0036 0x2ea0 Processor architecture: Intel x64 11:49:16.0036 0x2ea0 Number of processors: 4 11:49:16.0036 0x2ea0 Page size: 0x1000 11:49:16.0036 0x2ea0 Boot type: Normal boot 11:49:16.0036 0x2ea0 CodeIntegrityOptions = 0x00000001 11:49:16.0036 0x2ea0 ============================================================ 11:49:16.0076 0x2ea0 KLMD registered as C:\WINDOWS\system32\drivers\43565767.sys 11:49:16.0076 0x2ea0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19 11:49:16.0111 0x2ea0 System UUID: {EDB1CDC8-7A74-104B-02AF-2949488BCEB4} 11:49:16.0219 0x2ea0 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:49:16.0236 0x2ea0 Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:49:16.0241 0x2ea0 ============================================================ 11:49:16.0241 0x2ea0 \Device\Harddisk0\DR0: 11:49:16.0241 0x2ea0 GPT partitions: 11:49:16.0241 0x2ea0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {694BD22E-7594-451D-9096-AF677B4917EB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xA7287000 11:49:16.0241 0x2ea0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CFE500BC-FDAB-400A-A9BB-68597C0FA1EA}, Name: Basic data partition, StartLBA 0xA7287800, BlocksNum 0x7800000 11:49:16.0241 0x2ea0 MBR partitions: 11:49:16.0241 0x2ea0 \Device\Harddisk1\DR1: 11:49:16.0242 0x2ea0 GPT partitions: 11:49:16.0242 0x2ea0 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {37C984F9-D5E4-4A08-916B-06B97DDDF7E8}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000 11:49:16.0242 0x2ea0 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E56BC9C4-44E3-4B68-9BEA-B56A595BF278}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x8000 11:49:16.0242 0x2ea0 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {83D04214-4873-41EF-81F4-45DADF15BDE5}, Name: Basic data partition, StartLBA 0x3A800, BlocksNum 0xEA730B6 11:49:16.0242 0x2ea0 \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {469DA7C1-3405-49E3-9966-C1579FC63C47}, Name: , StartLBA 0xEAAE000, BlocksNum 0x1CE000 11:49:16.0242 0x2ea0 \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {F5AF82CE-BB6E-4309-9DD1-F36D46EAA02A}, Name: Basic data partition, StartLBA 0xEC7C000, BlocksNum 0x200000 11:49:16.0242 0x2ea0 MBR partitions: 11:49:16.0242 0x2ea0 ============================================================ 11:49:16.0243 0x2ea0 C: <-> \Device\Harddisk1\DR1\Partition3 11:49:16.0307 0x2ea0 D: <-> \Device\Harddisk0\DR0\Partition1 11:49:16.0383 0x2ea0 E: <-> \Device\Harddisk0\DR0\Partition2 11:49:16.0383 0x2ea0 ============================================================ 11:49:16.0383 0x2ea0 Initialize success 11:49:16.0383 0x2ea0 ============================================================ 11:49:57.0398 0x1f88 ============================================================ 11:49:57.0398 0x1f88 Scan started 11:49:57.0398 0x1f88 Mode: Manual; SigCheck; TDLFS; 11:49:57.0398 0x1f88 ============================================================ 11:49:57.0398 0x1f88 KSN ping started 11:49:57.0468 0x1f88 KSN ping finished: true 11:50:01.0571 0x1f88 ================ Scan system memory ======================== 11:50:01.0571 0x1f88 System memory - ok 11:50:01.0572 0x1f88 ================ Scan services ============================= 11:50:01.0625 0x1f88 1394ohci - ok 11:50:01.0629 0x1f88 3ware - ok 11:50:01.0633 0x1f88 ACPI - ok 11:50:01.0635 0x1f88 AcpiDev - ok 11:50:01.0639 0x1f88 acpiex - ok 11:50:01.0644 0x1f88 acpipagr - ok 11:50:01.0649 0x1f88 [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 11:50:01.0691 0x1f88 AcpiPmi - ok 11:50:01.0700 0x1f88 acpitime - ok 11:50:01.0709 0x1f88 [ 56FCC24867F2C87BF96EE9D17A4CC20E, 6DDEF1234D207C6CDE0298DD1DAC988AC6CD7716E4FDA01813D175AE50F6A022 ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys 11:50:01.0732 0x1f88 acsock - ok 11:50:01.0737 0x1f88 ADP80XX - ok 11:50:01.0743 0x1f88 AFD - ok 11:50:01.0747 0x1f88 [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix C:\WINDOWS\system32\drivers\afunix.sys 11:50:01.0762 0x1f88 afunix - ok 11:50:01.0769 0x1f88 [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 11:50:01.0794 0x1f88 ahcache - ok 11:50:01.0798 0x1f88 [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll 11:50:01.0813 0x1f88 AJRouter - ok 11:50:01.0818 0x1f88 [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG C:\WINDOWS\System32\alg.exe 11:50:01.0838 0x1f88 ALG - ok 11:50:01.0843 0x1f88 AmdK8 - ok 11:50:01.0846 0x1f88 AmdPPM - ok 11:50:01.0850 0x1f88 amdsata - ok 11:50:01.0853 0x1f88 amdsbs - ok 11:50:01.0858 0x1f88 amdxata - ok 11:50:01.0865 0x1f88 [ E4A18157BF5D8D714C05169A8A8D604C, 45D8CB25A9967D634F8331070BDFB3DF4ACB6295CF1520F9AAE8753D3BF4018A ] AppID C:\WINDOWS\system32\drivers\appid.sys 11:50:01.0879 0x1f88 AppID - ok 11:50:01.0884 0x1f88 [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 11:50:01.0901 0x1f88 AppIDSvc - ok 11:50:01.0908 0x1f88 [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo C:\WINDOWS\System32\appinfo.dll 11:50:01.0926 0x1f88 Appinfo - ok 11:50:01.0930 0x1f88 [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys 11:50:01.0946 0x1f88 applockerfltr - ok 11:50:01.0950 0x1f88 AppReadiness - ok 11:50:01.0953 0x1f88 AppXSvc - ok 11:50:01.0956 0x1f88 arcsas - ok 11:50:01.0962 0x1f88 AsyncMac - ok 11:50:01.0966 0x1f88 atapi - ok 11:50:01.0969 0x1f88 AudioEndpointBuilder - ok 11:50:01.0973 0x1f88 Audiosrv - ok 11:50:01.0979 0x1f88 [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 11:50:02.0007 0x1f88 AxInstSV - ok 11:50:02.0011 0x1f88 b06bdrv - ok 11:50:02.0016 0x1f88 [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam C:\WINDOWS\system32\drivers\bam.sys 11:50:02.0028 0x1f88 bam - ok 11:50:02.0031 0x1f88 BasicDisplay - ok 11:50:02.0035 0x1f88 BasicRender - ok 11:50:02.0041 0x1f88 BcastDVRUserService - ok 11:50:02.0048 0x1f88 bcmfn2 - ok 11:50:02.0060 0x1f88 [ 255D1EA1F4EDA1B7B28A88581F12A1CE, 5B2D7F2EFA7BB539719890CF2E45568C544DD0EECEC44BBA56CCECB792E8BC44 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 11:50:02.0087 0x1f88 BDESVC - ok 11:50:02.0092 0x1f88 [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 11:50:02.0115 0x1f88 Beep - ok 11:50:02.0118 0x1f88 BFE - ok 11:50:02.0124 0x1f88 [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt C:\WINDOWS\system32\drivers\bindflt.sys 11:50:02.0137 0x1f88 bindflt - ok 11:50:02.0169 0x1f88 [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS C:\WINDOWS\System32\qmgr.dll 11:50:02.0277 0x1f88 BITS - ok 11:50:02.0291 0x1f88 [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll 11:50:02.0326 0x1f88 BluetoothUserService - ok 11:50:02.0340 0x1f88 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 11:50:02.0353 0x1f88 Bonjour Service - ok 11:50:02.0358 0x1f88 bowser - ok 11:50:02.0362 0x1f88 BrokerInfrastructure - ok 11:50:02.0368 0x1f88 [ 3E4BF0145201239E0BBD0A937431C14C, 1DDC27C89B16ADD9346EB30AA9E17330FE0181BE96DC6F06C455493FBDCB1113 ] Browser C:\WINDOWS\System32\browser.dll 11:50:02.0383 0x1f88 Browser - ok 11:50:02.0395 0x1f88 [ 2EB2D533A0C94F05F1F511D3FA20D892, 77375EC0C1FB059D03FF2D23C975EB9A6EB00F9B59000A60A89582D4F6D1D4C4 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe 11:50:02.0415 0x1f88 BstHdLogRotatorSvc - ok 11:50:02.0423 0x1f88 [ 7DB8EE09821A6D81A19A6591C9B8AA3A, 0A9A826560884F95D64BDC8A2076AE33FB718A3A59C0BBEC48E48A5FB907ACA4 ] BstkDrv C:\Program Files (x86)\BlueStacks\BstkDrv.sys 11:50:02.0436 0x1f88 BstkDrv - ok 11:50:02.0449 0x1f88 [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService C:\WINDOWS\System32\BTAGService.dll 11:50:02.0479 0x1f88 BTAGService - ok 11:50:02.0487 0x1f88 [ 2B5EB1BB42AEE7A77B1E9C794DFCEF3D, E94040AAE365CFCAEEC75F38EBDDB2C7F13B41F41D96C33FE3F25078BA21DA13 ] BthA2DP C:\WINDOWS\system32\drivers\BthA2DP.sys 11:50:02.0504 0x1f88 BthA2DP - ok 11:50:02.0516 0x1f88 [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc C:\WINDOWS\System32\BthAvctpSvc.dll 11:50:02.0542 0x1f88 BthAvctpSvc - ok 11:50:02.0548 0x1f88 [ E0121734C2492406034FA23E3D394EBD, E855EB12DD35CC47F68C5C6B1622560599C7074E274E510528196D47BDA56960 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys 11:50:02.0562 0x1f88 BthEnum - ok 11:50:02.0568 0x1f88 [ F56B351A4E2B384911B2BA2A98261F34, A8140A2ABEC704A11776D29894ADD5D1FA9C125567EB6B270694573DB9B0E30E ] BthHFAud C:\WINDOWS\system32\DRIVERS\BthHfAud.sys 11:50:02.0584 0x1f88 BthHFAud - ok 11:50:02.0590 0x1f88 [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 11:50:02.0609 0x1f88 BthHFEnum - ok 11:50:02.0614 0x1f88 [ 8EE632BFE4BABD4E7A299AF54476F9A5, 836675F295A033C0239DCF86D90985443A60D5A1F38B668CA82A30BDFD983352 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys 11:50:02.0660 0x1f88 BthLEEnum - ok 11:50:02.0665 0x1f88 [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 11:50:02.0682 0x1f88 BTHMODEM - ok 11:50:02.0688 0x1f88 [ B10E0CC936462BBA7BC659C0927617A0, B4F2A318384D176D0ACF26372756CE097F34EED59FBB023E7DB8F95D8F73F69A ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys 11:50:02.0702 0x1f88 BthPan - ok 11:50:02.0726 0x1f88 [ EF105DBEB81F14EBDBA5F7977AD8FA91, A4D20038B72361CD95446854F2E538314C4C8B5EA4618AC7B18A43D8AF777A34 ] BTHPORT C:\WINDOWS\system32\DRIVERS\BTHport.sys 11:50:02.0773 0x1f88 BTHPORT - ok 11:50:02.0781 0x1f88 [ 1EB49C9E2716D4924460B2FAA295E313, B96D39479BFD2ABCD3A3BB8897EAD7C5A03DFFD7266E82A1FBA0E7FEAF73E4B8 ] bthserv C:\WINDOWS\system32\bthserv.dll 11:50:02.0798 0x1f88 bthserv - ok 11:50:02.0803 0x1f88 [ 0D5ECDF2601312025811F6AC413F851A, B7E99CF02C6B511BD643E7F8BB59E983D8B65073D9B55ED44457EDC2BBBBC419 ] BTHUSB C:\WINDOWS\system32\DRIVERS\BTHUSB.sys 11:50:02.0820 0x1f88 BTHUSB - ok 11:50:02.0824 0x1f88 bttflt - ok 11:50:02.0827 0x1f88 buttonconverter - ok 11:50:02.0831 0x1f88 [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD C:\WINDOWS\System32\drivers\CAD.sys 11:50:02.0843 0x1f88 CAD - ok 11:50:02.0847 0x1f88 camsvc - ok 11:50:02.0850 0x1f88 CapImg - ok 11:50:02.0854 0x1f88 cdfs - ok 11:50:02.0884 0x1f88 [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll 11:50:02.0923 0x1f88 CDPSvc - ok 11:50:02.0935 0x1f88 [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll 11:50:02.0962 0x1f88 CDPUserSvc - ok 11:50:02.0967 0x1f88 cdrom - ok 11:50:02.0974 0x1f88 [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 11:50:02.0994 0x1f88 CertPropSvc - ok 11:50:03.0002 0x1f88 [ 6581A8AA7D4CDE34EBE6DDF6A9913F86, DA921C0CADF48778C9144BDA601EA1806D92BADE4A082F1CBB032294A6C00494 ] CG6Service C:\Program Files\CyberGhost 6\CyberGhost.Service.exe 11:50:03.0016 0x1f88 CG6Service - ok 11:50:03.0020 0x1f88 [ 44293BF717CA39DC925C6A05453D8D34, 7A0761662C2B79F38CE24DC04509500BD818E6CF27252949072659AB39716A7F ] cgnetfilter1521 C:\WINDOWS\system32\drivers\cgnetfilter1521.sys 11:50:03.0030 0x1f88 cgnetfilter1521 - ok 11:50:03.0033 0x1f88 cht4iscsi - ok 11:50:03.0036 0x1f88 cht4vbd - ok 11:50:03.0041 0x1f88 [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 11:50:03.0052 0x1f88 circlass - ok 11:50:03.0064 0x1f88 [ 5619FC2A3AE4F43D4B20D95472ED948E, A5D530FB6AC493FC01489A1D32C311F7D28F0D7B49C950E71F4ADF4FBA302689 ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys 11:50:03.0092 0x1f88 CldFlt - ok 11:50:03.0095 0x1f88 CLFS - ok 11:50:03.0284 0x1f88 [ 1C1E503D9246B059B5B19613BA97A53B, 70C91D253E776D74F927313E30675828732D68C2EAC1E49F7056FF3A60A87389 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe 11:50:03.0503 0x1f88 ClickToRunSvc - ok 11:50:03.0547 0x1f88 [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll 11:50:03.0578 0x1f88 ClipSVC - ok 11:50:03.0589 0x1f88 [ 228CB7727EC19833A74DAA5BE8627114, 7ABDEABF648C0CF04C736D9F1056CD54D5913837E1543CC358FDDFA9389934EC ] clwvd6 C:\WINDOWS\system32\DRIVERS\clwvd6.sys 11:50:03.0596 0x1f88 clwvd6 - ok 11:50:03.0600 0x1f88 CmBatt - ok 11:50:03.0608 0x1f88 CNG - ok 11:50:03.0612 0x1f88 [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys 11:50:03.0620 0x1f88 cnghwassist - ok 11:50:03.0644 0x1f88 [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys 11:50:03.0654 0x1f88 CompositeBus - ok 11:50:03.0658 0x1f88 COMSysApp - ok 11:50:03.0662 0x1f88 condrv - ok 11:50:03.0666 0x1f88 CoreMessagingRegistrar - ok 11:50:03.0695 0x1f88 [ 2E0A35871680D1E9E5A94031E2B781A7, 8EE720D4326DB9E409A291ED1AA169DC5595BE05663787D49DA6552A5FF3C509 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 11:50:03.0722 0x1f88 cphs - ok 11:50:03.0737 0x1f88 [ 9E6D6C613E004890EFEAAE858C11BD6D, 26E4C2D12F0F7CDF5977206CDD3F8FA09A5E6DD020C959AF93B245501BF44225 ] cplspcon C:\WINDOWS\system32\IntelCpHDCPSvc.exe 11:50:03.0754 0x1f88 cplspcon - ok 11:50:03.0761 0x1f88 CryptSvc - ok 11:50:03.0765 0x1f88 [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam C:\WINDOWS\system32\drivers\dam.sys 11:50:03.0775 0x1f88 dam - ok 11:50:03.0781 0x1f88 [ E59CAC3C48E862959CBDFD08DF40CD2D, 303CB1C89AD2608BB5837D3860964AA1F88F87B296A5C6AB8C88E2169CE6228B ] DAX2API C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe 11:50:03.0793 0x1f88 DAX2API - detected UnsignedFile.Multi.Generic ( 1 ) 11:50:03.0847 0x1f88 Detect skipped due to KSN trusted 11:50:03.0847 0x1f88 DAX2API - ok 11:50:03.0863 0x1f88 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe 11:50:03.0877 0x1f88 dbupdate - ok 11:50:03.0883 0x1f88 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe 11:50:03.0891 0x1f88 dbupdatem - ok 11:50:03.0896 0x1f88 [ 8A6F51A5349EAF68AB2389C8F6E7D12F, 5ABFC27B422591EEB59CA0B7B27FDB2B920AF422508A1C75EB0BFE3B57B9F95E ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe 11:50:03.0904 0x1f88 DbxSvc - ok 11:50:03.0910 0x1f88 DcomLaunch - ok 11:50:03.0913 0x1f88 defragsvc - ok 11:50:03.0927 0x1f88 [ 8DF502E8116C625387DD789936D7A0C2, D42661E068F401199FAEA012C200EEF02C1409A09DACD30E6B08E3FBE4149BFA ] DeviceAssociationService C:\WINDOWS\system32\das.dll 11:50:03.0954 0x1f88 DeviceAssociationService - ok 11:50:03.0958 0x1f88 DeviceInstall - ok 11:50:03.0969 0x1f88 [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll 11:50:04.0026 0x1f88 DevicePickerUserSvc - ok 11:50:04.0059 0x1f88 [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll 11:50:04.0104 0x1f88 DevicesFlowUserSvc - ok 11:50:04.0110 0x1f88 [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll 11:50:04.0132 0x1f88 DevQueryBroker - ok 11:50:04.0136 0x1f88 Dfsc - ok 11:50:04.0142 0x1f88 Dhcp - ok 11:50:04.0145 0x1f88 diagnosticshub.standardcollector.service - ok 11:50:04.0153 0x1f88 [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll 11:50:04.0176 0x1f88 diagsvc - ok 11:50:04.0181 0x1f88 DiagTrack - ok 11:50:04.0184 0x1f88 Disk - ok 11:50:04.0203 0x1f88 [ 89FC056F9CEFB85FC7159AA063904AFF, 6B6F86F87C48EE92F616D4EEE624C9711D0606FD651F3B1D4DD5EF3767B76750 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll 11:50:04.0247 0x1f88 DmEnrollmentSvc - ok 11:50:04.0252 0x1f88 dmvsc - ok 11:50:04.0256 0x1f88 [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll 11:50:04.0271 0x1f88 dmwappushservice - ok 11:50:04.0276 0x1f88 Dnscache - ok 11:50:04.0284 0x1f88 [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc C:\WINDOWS\System32\dot3svc.dll 11:50:04.0319 0x1f88 dot3svc - ok 11:50:04.0326 0x1f88 [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS C:\WINDOWS\system32\dps.dll 11:50:04.0343 0x1f88 DPS - ok 11:50:04.0347 0x1f88 drmkaud - ok 11:50:04.0355 0x1f88 [ 5242DC5849014BCFBB3147B76A899783, 759542B42D9DCC224D9CBD19A0C6B8939417F2F08B547BE07FFA3356918C1ED7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 11:50:04.0385 0x1f88 DsmSvc - ok 11:50:04.0389 0x1f88 DsSvc - ok 11:50:04.0401 0x1f88 [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll 11:50:04.0426 0x1f88 DusmSvc - ok 11:50:04.0431 0x1f88 DXGKrnl - ok 11:50:04.0434 0x1f88 Eaphost - ok 11:50:04.0437 0x1f88 EasyAntiCheat - ok 11:50:04.0441 0x1f88 ebdrv - ok 11:50:04.0445 0x1f88 EFS - ok 11:50:04.0449 0x1f88 EhStorClass - ok 11:50:04.0452 0x1f88 EhStorTcgDrv - ok 11:50:04.0461 0x1f88 [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll 11:50:04.0485 0x1f88 embeddedmode - ok 11:50:04.0498 0x1f88 [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 11:50:04.0525 0x1f88 EntAppSvc - ok 11:50:04.0528 0x1f88 ErrDev - ok 11:50:04.0544 0x1f88 [ BF8362193CB83B5283BC5D24AA3D8DF3, 9A45520D624B101D18A434E63DB7EA6CC44F598EDA36B8A916BB76C1DBB0955C ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys 11:50:04.0563 0x1f88 ETD - ok 11:50:04.0571 0x1f88 [ 06C67EE6E9E5DF0692BBE14437E56F3F, 9569B03031AE0CAC51AEF8B8CB8F8F2E717478B482AB4760711E1427C33A396D ] ETDService C:\Program Files\Elantech\ETDService.exe 11:50:04.0581 0x1f88 ETDService - ok 11:50:04.0585 0x1f88 [ C75C4769BBAE1397E1333D895C2DAE63, A066F6D6BCF25976EA16EC2077A0656C44952A3CB49C6A1A857482C8346E9D2D ] ETDSMBus C:\WINDOWS\System32\drivers\ETDSMBus.sys 11:50:04.0591 0x1f88 ETDSMBus - ok 11:50:04.0606 0x1f88 [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem C:\WINDOWS\system32\es.dll 11:50:04.0639 0x1f88 EventSystem - ok 11:50:04.0654 0x1f88 [ 416D42491C6A21C2F7DF6F93E572B463, 940074B51DC14586A0BCE22293F445B22E6F7F02D1FE0E12D71F3A9748A8CCD2 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 11:50:04.0676 0x1f88 EvtEng - ok 11:50:04.0680 0x1f88 exfat - ok 11:50:04.0682 0x1f88 fastfat - ok 11:50:04.0700 0x1f88 [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax C:\WINDOWS\system32\fxssvc.exe 11:50:04.0733 0x1f88 Fax - ok 11:50:04.0737 0x1f88 fdc - ok 11:50:04.0743 0x1f88 [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 11:50:04.0763 0x1f88 fdPHost - ok 11:50:04.0768 0x1f88 [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 11:50:04.0783 0x1f88 FDResPub - ok 11:50:04.0789 0x1f88 [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 11:50:04.0809 0x1f88 fhsvc - ok 11:50:04.0814 0x1f88 [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys 11:50:04.0826 0x1f88 FileCrypt - ok 11:50:04.0829 0x1f88 FileInfo - ok 11:50:04.0833 0x1f88 Filetrace - ok 11:50:04.0836 0x1f88 flpydisk - ok 11:50:04.0840 0x1f88 FltMgr - ok 11:50:04.0844 0x1f88 FontCache - ok 11:50:04.0848 0x1f88 FontCache3.0.0.0 - ok 11:50:04.0852 0x1f88 FrameServer - ok 11:50:04.0857 0x1f88 FsDepends - ok 11:50:04.0860 0x1f88 Fs_Rec - ok 11:50:04.0864 0x1f88 fvevol - ok 11:50:04.0868 0x1f88 [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 11:50:04.0895 0x1f88 gencounter - ok 11:50:04.0899 0x1f88 genericusbfn - ok 11:50:04.0902 0x1f88 GPIOClx0101 - ok 11:50:04.0906 0x1f88 gpsvc - ok 11:50:04.0911 0x1f88 [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys 11:50:04.0926 0x1f88 GpuEnergyDrv - ok 11:50:04.0932 0x1f88 [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll 11:50:04.0949 0x1f88 GraphicsPerfSvc - ok 11:50:04.0955 0x1f88 [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:50:04.0964 0x1f88 gupdate - ok 11:50:04.0969 0x1f88 [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:50:04.0977 0x1f88 gupdatem - ok 11:50:04.0980 0x1f88 HDAudBus - ok 11:50:04.0983 0x1f88 HidBatt - ok 11:50:04.0989 0x1f88 [ 33346BD26BB0AE4361DF1ED00D2876CF, 1777169606573646F7E7D54E01E421F62479DF57FAE86005B1EEFDC06F4898B7 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 11:50:05.0007 0x1f88 HidBth - ok 11:50:05.0011 0x1f88 hidi2c - ok 11:50:05.0014 0x1f88 hidinterrupt - ok 11:50:05.0018 0x1f88 [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 11:50:05.0030 0x1f88 HidIr - ok 11:50:05.0034 0x1f88 hidserv - ok 11:50:05.0037 0x1f88 HidUsb - ok 11:50:05.0042 0x1f88 [ B815C6E6C0156330A09700901EA4154D, FF003B408CDC62563CEAB39CF081B4AC09C2DDFFA4128491525D9B4F9EB7B3D0 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe 11:50:05.0047 0x1f88 HiPatchService - detected UnsignedFile.Multi.Generic ( 1 ) 11:50:05.0099 0x1f88 Detect skipped due to KSN trusted 11:50:05.0099 0x1f88 HiPatchService - ok 11:50:05.0106 0x1f88 HpSAMD - ok 11:50:05.0110 0x1f88 HTTP - ok 11:50:05.0114 0x1f88 [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys 11:50:05.0123 0x1f88 hvcrash - ok 11:50:05.0129 0x1f88 [ 64A94654E5703D2E8830AA2500D8F0A4, A1E3C910DFF1485E412F01076A11B9441161224C0F08A9067082A9FD8A5D8E5B ] HvHost C:\WINDOWS\System32\hvhostsvc.dll 11:50:05.0141 0x1f88 HvHost - ok 11:50:05.0146 0x1f88 [ 621042C19113527CF8FA89F3454576BF, AB072C44B9BA8CD3AFE0DA33E42A69210AE87F4314FA3A0DF984DDF12516F063 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys 11:50:05.0156 0x1f88 hvservice - ok 11:50:05.0162 0x1f88 [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys 11:50:05.0181 0x1f88 HwNClx0101 - ok 11:50:05.0184 0x1f88 hwpolicy - ok 11:50:05.0188 0x1f88 hyperkbd - ok 11:50:05.0193 0x1f88 HyperVideo - ok 11:50:05.0196 0x1f88 i8042prt - ok 11:50:05.0199 0x1f88 iagpio - ok 11:50:05.0202 0x1f88 iai2c - ok 11:50:05.0206 0x1f88 iaLPSS2i_GPIO2 - ok 11:50:05.0211 0x1f88 iaLPSS2i_GPIO2_BXT_P - ok 11:50:05.0214 0x1f88 iaLPSS2i_I2C - ok 11:50:05.0218 0x1f88 iaLPSS2i_I2C_BXT_P - ok 11:50:05.0221 0x1f88 iaLPSSi_GPIO - ok 11:50:05.0226 0x1f88 iaLPSSi_I2C - ok 11:50:05.0260 0x1f88 [ 5C9AAE902452EF47D8C9EA5838E666B9, 9171558EE78B555312FD8D99EDF85849A4CDE87142EB91DB9E8AF92A1DDF664E ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 11:50:05.0294 0x1f88 iaStorA - ok 11:50:05.0300 0x1f88 iaStorAVC - ok 11:50:05.0304 0x1f88 [ 31BD488EE7F6ED608A7418F6A7C6948D, BB7DC889C0F73FDE089FC0E52D321F29CBB5A65A3D9F90B0B3A730EF938B6178 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 11:50:05.0311 0x1f88 IAStorDataMgrSvc - ok 11:50:05.0315 0x1f88 iaStorV - ok 11:50:05.0317 0x1f88 ibbus - ok 11:50:05.0335 0x1f88 ibtsiva - ok 11:50:05.0345 0x1f88 [ 27AD258DB51E25496F74E98C3CF80415, 58180A50CC8C28A0F7388F62F8A7E4DFE96B40D16C6E10BB067FD4F1EF3868AF ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys 11:50:05.0356 0x1f88 ibtusb - ok 11:50:05.0366 0x1f88 [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc C:\WINDOWS\System32\tetheringservice.dll 11:50:05.0391 0x1f88 icssvc - ok 11:50:05.0527 0x1f88 [ F37606EAFFB621AA6A341CC76BEF37C3, 421674158785B8911354AA02514080390239FBFC8713A2F2AEF55223AF1C28D3 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 11:50:05.0702 0x1f88 igfx - ok 11:50:05.0721 0x1f88 [ 407102406ABA1916DFA7915E52A2EC48, 2DBC62F778579E3BB839D31E4C4BDB26E1EDD2735EECFF4298973A03EC53233F ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe 11:50:05.0739 0x1f88 igfxCUIService2.0.0.0 - ok 11:50:05.0744 0x1f88 IKEEXT - ok 11:50:05.0748 0x1f88 [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys 11:50:05.0762 0x1f88 IndirectKmd - ok 11:50:05.0766 0x1f88 InstallService - ok 11:50:05.0852 0x1f88 [ 35A78C3E44DAB0E8396A1FD9BF48597F, 6F61ECEC687A1271BEF85956ECEC9EE545065FFE3EE30933D3AF1000BDBCC511 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 11:50:05.0963 0x1f88 IntcAzAudAddService - ok 11:50:05.0986 0x1f88 [ 947360145F94C61E17EECD4BD3516AA9, F55A9EC31FE253E063D34B0118070B14156567B2E3B4ED74B697CA656D7789A0 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 11:50:06.0010 0x1f88 IntcDAud - ok 11:50:06.0016 0x1f88 intelide - ok 11:50:06.0022 0x1f88 [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 11:50:06.0033 0x1f88 intelpep - ok 11:50:06.0037 0x1f88 intelppm - ok 11:50:06.0042 0x1f88 [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate C:\WINDOWS\system32\drivers\iorate.sys 11:50:06.0052 0x1f88 iorate - ok 11:50:06.0057 0x1f88 [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 11:50:06.0073 0x1f88 IpFilterDriver - ok 11:50:06.0096 0x1f88 [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 11:50:06.0138 0x1f88 iphlpsvc - ok 11:50:06.0143 0x1f88 IPMIDRV - ok 11:50:06.0151 0x1f88 [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 11:50:06.0174 0x1f88 IPNAT - ok 11:50:06.0179 0x1f88 [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT C:\WINDOWS\System32\drivers\ipt.sys 11:50:06.0191 0x1f88 IPT - ok 11:50:06.0197 0x1f88 [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll 11:50:06.0213 0x1f88 IpxlatCfgSvc - ok 11:50:06.0218 0x1f88 [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda C:\WINDOWS\system32\drivers\irda.sys 11:50:06.0233 0x1f88 irda - ok 11:50:06.0237 0x1f88 [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 11:50:06.0249 0x1f88 IRENUM - ok 11:50:06.0253 0x1f88 [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon C:\WINDOWS\System32\irmon.dll 11:50:06.0268 0x1f88 irmon - ok 11:50:06.0272 0x1f88 isapnp - ok 11:50:06.0275 0x1f88 iScsiPrt - ok 11:50:06.0279 0x1f88 ItSas35i - ok 11:50:06.0283 0x1f88 [ DA0A946E6C4228B659FA798EF0B075C1, BC2F5710D6165615CD578A970BC154C8DB1ECCA5725D09A29954E9BE8FAC0ED7 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 11:50:06.0291 0x1f88 iwdbus - ok 11:50:06.0295 0x1f88 kbdclass - ok 11:50:06.0298 0x1f88 kbdhid - ok 11:50:06.0302 0x1f88 kdnic - ok 11:50:06.0306 0x1f88 KeyIso - ok 11:50:06.0310 0x1f88 KSecDD - ok 11:50:06.0313 0x1f88 KSecPkg - ok 11:50:06.0317 0x1f88 ksthunk - ok 11:50:06.0328 0x1f88 [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 11:50:06.0359 0x1f88 KtmRm - ok 11:50:06.0364 0x1f88 LanmanServer - ok 11:50:06.0368 0x1f88 LanmanWorkstation - ok 11:50:06.0374 0x1f88 [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc C:\WINDOWS\System32\lfsvc.dll 11:50:06.0389 0x1f88 lfsvc - ok 11:50:06.0393 0x1f88 [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll 11:50:06.0410 0x1f88 LicenseManager - ok 11:50:06.0416 0x1f88 [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys 11:50:06.0430 0x1f88 lltdio - ok 11:50:06.0440 0x1f88 [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 11:50:06.0464 0x1f88 lltdsvc - ok 11:50:06.0467 0x1f88 lmhosts - ok 11:50:06.0472 0x1f88 LSI_SAS - ok 11:50:06.0476 0x1f88 LSI_SAS2i - ok 11:50:06.0480 0x1f88 LSI_SAS3i - ok 11:50:06.0484 0x1f88 LSI_SSS - ok 11:50:06.0487 0x1f88 LSM - ok 11:50:06.0493 0x1f88 [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 11:50:06.0511 0x1f88 luafv - ok 11:50:06.0519 0x1f88 [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc C:\WINDOWS\System32\LanguageOverlayServer.dll 11:50:06.0539 0x1f88 LxpSvc - ok 11:50:06.0545 0x1f88 [ 1C1FF36E51F73989FB4DD2DBAFAE11EC, B5C0B169BFEF5FD769745F924B3F30C960A555F8B0C0C7315B273435D9F246D5 ] MapsBroker C:\WINDOWS\System32\moshost.dll 11:50:06.0563 0x1f88 MapsBroker - ok 11:50:06.0566 0x1f88 mausbhost - ok 11:50:06.0569 0x1f88 mausbip - ok 11:50:06.0695 0x1f88 [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe 11:50:06.0834 0x1f88 MBAMService - ok 11:50:06.0851 0x1f88 [ A692F41F46F789228CECB2AA128AEC85, 83F7A12934D008BE46A774ABB136A7C11408D92832A0AEFF4866AEACF2594C55 ] MBAMSwissArmy C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 11:50:06.0862 0x1f88 MBAMSwissArmy - ok 11:50:06.0866 0x1f88 megasas - ok 11:50:06.0868 0x1f88 megasas2i - ok 11:50:06.0872 0x1f88 megasas35i - ok 11:50:06.0876 0x1f88 megasr - ok 11:50:06.0883 0x1f88 [ 86F565B0D41EBCCE7256B812F3A0442B, BACB5753D4501679B0C3D5D6B2D2D5233EC6B5BF76D0C2BD616EC460D5B9918F ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys 11:50:06.0898 0x1f88 MEIx64 - ok 11:50:06.0903 0x1f88 [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll 11:50:06.0925 0x1f88 MessagingService - ok 11:50:06.0931 0x1f88 [ 1ECAB1D7A88F953397D09ECFCF789B91, 42AFE658FABAA6816700886B2F0697A692DE6B5DB0B90B361E099BF79B44E389 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys 11:50:06.0949 0x1f88 Microsoft_Bluetooth_AvrcpTransport - ok 11:50:06.0953 0x1f88 mlx4_bus - ok 11:50:06.0957 0x1f88 MMCSS - ok 11:50:06.0962 0x1f88 [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem C:\WINDOWS\system32\drivers\modem.sys 11:50:06.0976 0x1f88 Modem - ok 11:50:06.0982 0x1f88 [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor C:\WINDOWS\System32\drivers\monitor.sys 11:50:06.0993 0x1f88 monitor - ok 11:50:06.0996 0x1f88 mouclass - ok 11:50:06.0999 0x1f88 mouhid - ok 11:50:07.0002 0x1f88 mountmgr - ok 11:50:07.0010 0x1f88 [ 5FD8FEB002DCA919BA18F51C267BFFEB, E6F6F1A1C5C0299B9386AC8A97D4360936CBFC664B99452EE78AACA163673123 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 11:50:07.0020 0x1f88 MozillaMaintenance - ok 11:50:07.0025 0x1f88 mpsdrv - ok 11:50:07.0027 0x1f88 mpssvc - ok 11:50:07.0032 0x1f88 MRxDAV - ok 11:50:07.0034 0x1f88 mrxsmb - ok 11:50:07.0037 0x1f88 mrxsmb20 - ok 11:50:07.0044 0x1f88 [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys 11:50:07.0059 0x1f88 MsBridge - ok 11:50:07.0065 0x1f88 [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC C:\WINDOWS\System32\msdtc.exe 11:50:07.0088 0x1f88 MSDTC - ok 11:50:07.0093 0x1f88 Msfs - ok 11:50:07.0097 0x1f88 [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 11:50:07.0108 0x1f88 msgpiowin32 - ok 11:50:07.0112 0x1f88 mshidkmdf - ok 11:50:07.0115 0x1f88 [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 11:50:07.0127 0x1f88 mshidumdf - ok 11:50:07.0131 0x1f88 msisadrv - ok 11:50:07.0134 0x1f88 MSiSCSI - ok 11:50:07.0141 0x1f88 msiserver - ok 11:50:07.0144 0x1f88 MSKSSRV - ok 11:50:07.0151 0x1f88 [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys 11:50:07.0168 0x1f88 MsLldp - ok 11:50:07.0173 0x1f88 MSPCLOCK - ok 11:50:07.0177 0x1f88 MSPQM - ok 11:50:07.0181 0x1f88 MsRPC - ok 11:50:07.0186 0x1f88 mssmbios - ok 11:50:07.0191 0x1f88 MSTEE - ok 11:50:07.0195 0x1f88 MTConfig - ok 11:50:07.0199 0x1f88 Mup - ok 11:50:07.0203 0x1f88 mvumis - ok 11:50:07.0211 0x1f88 [ 808DEF96BB1E01490DC38520D22A05A3, C242E34A20FE765A8CC2D1314B13347005E266C39B3467661BC7FB1E4BB75ABE ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 11:50:07.0223 0x1f88 MyWiFiDHCPDNS - ok 11:50:07.0229 0x1f88 NativeWifiP - ok 11:50:07.0249 0x1f88 [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll 11:50:07.0292 0x1f88 NaturalAuthentication - ok 11:50:07.0299 0x1f88 [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 11:50:07.0319 0x1f88 NcaSvc - ok 11:50:07.0331 0x1f88 [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService C:\WINDOWS\System32\ncbservice.dll 11:50:07.0361 0x1f88 NcbService - ok 11:50:07.0367 0x1f88 [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 11:50:07.0383 0x1f88 NcdAutoSetup - ok 11:50:07.0386 0x1f88 ndfltr - ok 11:50:07.0390 0x1f88 NDIS - ok 11:50:07.0397 0x1f88 [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys 11:50:07.0410 0x1f88 NdisCap - ok 11:50:07.0416 0x1f88 [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys 11:50:07.0432 0x1f88 NdisImPlatform - ok 11:50:07.0435 0x1f88 NdisTapi - ok 11:50:07.0439 0x1f88 Ndisuio - ok 11:50:07.0442 0x1f88 NdisVirtualBus - ok 11:50:07.0444 0x1f88 NdisWan - ok 11:50:07.0448 0x1f88 ndiswanlegacy - ok 11:50:07.0452 0x1f88 ndproxy - ok 11:50:07.0459 0x1f88 [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 11:50:07.0476 0x1f88 Ndu - ok 11:50:07.0480 0x1f88 NetAdapterCx - ok 11:50:07.0483 0x1f88 NetBIOS - ok 11:50:07.0487 0x1f88 NetBT - ok 11:50:07.0491 0x1f88 Netlogon - ok 11:50:07.0496 0x1f88 Netman - ok 11:50:07.0509 0x1f88 [ E9931F57F05696CBF53A086449D97BF6, 986C99033AA10A258F0CC42727B14C5812BC76AB535CDF54FCA1B038C4BF9546 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 11:50:07.0539 0x1f88 netprofm - ok 11:50:07.0544 0x1f88 NetSetupSvc - ok 11:50:07.0553 0x1f88 [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:50:07.0567 0x1f88 NetTcpPortSharing - ok 11:50:07.0570 0x1f88 netvsc - ok 11:50:07.0695 0x1f88 [ 43A6FA571D6B06279B9CD30901957AA1, A3451C696FC5FBE2C3778D974CF28B429B6265178E5372239C205221E9BDB39E ] Netwtw04 C:\WINDOWS\system32\DRIVERS\Netwtw04.sys 11:50:07.0860 0x1f88 Netwtw04 - ok 11:50:07.0886 0x1f88 [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll 11:50:07.0928 0x1f88 NgcCtnrSvc - ok 11:50:07.0950 0x1f88 [ DB3589FF79F06EC1967EBA56C7249E3C, C3F1B4687F2AAE869C8566B38DCFE507F8E7201A2241BD5342AAC22A2370D5E4 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll 11:50:07.0993 0x1f88 NgcSvc - ok 11:50:07.0997 0x1f88 NlaSvc - ok 11:50:08.0001 0x1f88 Npfs - ok 11:50:08.0005 0x1f88 npsvctrig - ok 11:50:08.0009 0x1f88 nsi - ok 11:50:08.0013 0x1f88 nsiproxy - ok 11:50:08.0018 0x1f88 Ntfs - ok 11:50:08.0022 0x1f88 Null - ok 11:50:08.0026 0x1f88 nvdimm - ok 11:50:08.0030 0x1f88 nvraid - ok 11:50:08.0033 0x1f88 nvstor - ok 11:50:08.0045 0x1f88 [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll 11:50:08.0067 0x1f88 OneSyncSvc - ok 11:50:08.0112 0x1f88 [ F5989050C229483DA0C25E41BBAD310F, B4593F01F710C4A457686328CC88EFC904ED34D73AFF85DB4A722BA6A25E0B7C ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe 11:50:08.0166 0x1f88 Origin Client Service - ok 11:50:08.0229 0x1f88 [ 4A91DFB1F6B5DF14559DF9293EE2AC5F, 5E8ECB5797E11EDE3B57EA200A7103F772F687629BBCFD12F612BA8BC599F848 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe 11:50:08.0298 0x1f88 Origin Web Helper Service - ok 11:50:08.0308 0x1f88 [ 9FACCCBC44D65D7D41E88D8DAD365871, 5B215F7E0F2F15033ACAB40328265A224057E5FB4E8D3A3F2BB35D878F4CEFE4 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:50:08.0319 0x1f88 ose - ok 11:50:08.0331 0x1f88 [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 11:50:08.0356 0x1f88 p2pimsvc - ok 11:50:08.0368 0x1f88 [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 11:50:08.0394 0x1f88 p2psvc - ok 11:50:08.0398 0x1f88 Parport - ok 11:50:08.0401 0x1f88 partmgr - ok 11:50:08.0415 0x1f88 [ 0CF87FC2DA60940031D553F8FDF5066B, 95F8A15210D6F431B84C6E18643F93C9D16F53D3FF4873F9A327A77924B4B9F8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 11:50:08.0438 0x1f88 PcaSvc - ok 11:50:08.0443 0x1f88 pci - ok 11:50:08.0446 0x1f88 pciide - ok 11:50:08.0450 0x1f88 pcmcia - ok 11:50:08.0453 0x1f88 pcw - ok 11:50:08.0456 0x1f88 pdc - ok 11:50:08.0475 0x1f88 [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 11:50:08.0509 0x1f88 PEAUTH - ok 11:50:08.0513 0x1f88 [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN C:\Program Files (x86)\PHotkey\PEGAGFN.sys 11:50:08.0518 0x1f88 PEGAGFN - ok 11:50:08.0522 0x1f88 [ 753402F5B8C5B85AB60FCF53229FA072, 981D065EBE5A0BD5180974E9AE77E3307F97A0E66DE2A7A79FBE0888F6657B7D ] PegaRadioSwitch C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys 11:50:08.0538 0x1f88 PegaRadioSwitch - ok 11:50:08.0541 0x1f88 percsas2i - ok 11:50:08.0544 0x1f88 percsas3i - ok 11:50:08.0569 0x1f88 [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 11:50:08.0611 0x1f88 PerfHost - ok 11:50:08.0622 0x1f88 [ 9A7B272B8815093763B996C7EE5D001F, B0499C50D031B6BDED2365C105D0274B72D611C23CFD4B6AE58B1C7F84B30A00 ] PGFNEXSrv C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe 11:50:08.0632 0x1f88 PGFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 ) 11:50:08.0755 0x1f88 PGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning 11:50:08.0755 0x1f88 Force sending object to P2P due to detect: PGFNEXSrv 11:50:08.0874 0x1f88 Object send P2P result: true 11:50:08.0987 0x1f88 PhoneSvc - ok 11:50:08.0995 0x1f88 [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll 11:50:09.0023 0x1f88 PimIndexMaintenanceSvc - ok 11:50:09.0062 0x1f88 [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla C:\WINDOWS\system32\pla.dll 11:50:09.0131 0x1f88 pla - ok 11:50:09.0138 0x1f88 PlugPlay - ok 11:50:09.0142 0x1f88 pmem - ok 11:50:09.0147 0x1f88 [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys 11:50:09.0160 0x1f88 PNPMEM - ok 11:50:09.0164 0x1f88 [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 11:50:09.0180 0x1f88 PNRPAutoReg - ok 11:50:09.0190 0x1f88 [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 11:50:09.0212 0x1f88 PNRPsvc - ok 11:50:09.0216 0x1f88 PolicyAgent - ok 11:50:09.0221 0x1f88 Power - ok 11:50:09.0225 0x1f88 PptpMiniport - ok 11:50:09.0303 0x1f88 [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 11:50:09.0419 0x1f88 PrintNotify - ok 11:50:09.0429 0x1f88 [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll 11:50:09.0452 0x1f88 PrintWorkflowUserSvc - ok 11:50:09.0458 0x1f88 Processor - ok 11:50:09.0462 0x1f88 ProfSvc - ok 11:50:09.0469 0x1f88 [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched C:\WINDOWS\system32\drivers\pacer.sys 11:50:09.0480 0x1f88 Psched - ok 11:50:09.0489 0x1f88 [ 29F12CD3F77B65C7E37F8517395B13D2, 690517756A21B3DE4CF4A027AA712FC62DB6F5F2E89B4D2DE220A29C4A36878B ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll 11:50:09.0514 0x1f88 PushToInstall - ok 11:50:09.0523 0x1f88 [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE C:\WINDOWS\system32\qwave.dll 11:50:09.0550 0x1f88 QWAVE - ok 11:50:09.0555 0x1f88 [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 11:50:09.0567 0x1f88 QWAVEdrv - ok 11:50:09.0573 0x1f88 Ramdisk - ok 11:50:09.0576 0x1f88 RasAcd - ok 11:50:09.0579 0x1f88 RasAgileVpn - ok 11:50:09.0582 0x1f88 RasAuto - ok 11:50:09.0586 0x1f88 Rasl2tp - ok 11:50:09.0591 0x1f88 RasMan - ok 11:50:09.0595 0x1f88 RasPppoe - ok 11:50:09.0599 0x1f88 RasSstp - ok 11:50:09.0602 0x1f88 rdbss - ok 11:50:09.0608 0x1f88 [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 11:50:09.0620 0x1f88 rdpbus - ok 11:50:09.0628 0x1f88 [ 52A6CC99F5934CFAE88353C47B6193E7, 37F6991FA526036866E8CFC938A16750644AD764FA52BB102B11B5D594DB7E96 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 11:50:09.0655 0x1f88 RDPDR - ok 11:50:09.0664 0x1f88 [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 11:50:09.0673 0x1f88 RdpVideoMiniport - ok 11:50:09.0682 0x1f88 [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 11:50:09.0700 0x1f88 rdyboost - ok 11:50:09.0774 0x1f88 Redis - ok 11:50:09.0780 0x1f88 ReFS - ok 11:50:09.0785 0x1f88 ReFSv1 - ok 11:50:09.0794 0x1f88 [ 3B346EFB42F3D3FFAF775E9A5D84A2C8, 242BFB2836408728A6D8E721D3C25ABD29D83CEF2438724D7D663FD417F2979A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 11:50:09.0804 0x1f88 RegSrvc - ok 11:50:09.0817 0x1f88 [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 11:50:09.0846 0x1f88 RemoteAccess - ok 11:50:09.0853 0x1f88 [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 11:50:09.0878 0x1f88 RemoteRegistry - ok 11:50:09.0895 0x1f88 [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo C:\WINDOWS\system32\RDXService.dll 11:50:09.0937 0x1f88 RetailDemo - ok 11:50:09.0946 0x1f88 [ 59F600BDA5B6EE591802945F1D8388D5, A30593A0EC696DE21264969664261E7ADA12C9E1161445BD41E71B7E3232604F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 11:50:09.0965 0x1f88 RFCOMM - ok 11:50:09.0971 0x1f88 [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys 11:50:09.0983 0x1f88 rhproxy - ok 11:50:09.0991 0x1f88 [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc C:\WINDOWS\System32\RMapi.dll 11:50:10.0010 0x1f88 RmSvc - ok 11:50:10.0014 0x1f88 RpcEptMapper - ok 11:50:10.0018 0x1f88 [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator C:\WINDOWS\system32\locator.exe 11:50:10.0034 0x1f88 RpcLocator - ok 11:50:10.0038 0x1f88 RpcSs - ok 11:50:10.0042 0x1f88 [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys 11:50:10.0058 0x1f88 rspndr - ok 11:50:10.0080 0x1f88 [ E11A3F79475F9D019CD51ADCCC377909, CF14C494C4A969233C1D2B32A56C86C8636AC70004725B53447C42EB63C31BA9 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys 11:50:10.0118 0x1f88 rt640x64 - ok 11:50:10.0131 0x1f88 [ CD119D2452BCB3ED0803FAF8A24F74AE, 8FC84679AE0B682DD79FE3879F92F854430C724C22E4F1DCD1E2D01777103492 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys 11:50:10.0146 0x1f88 RTSUER - ok 11:50:10.0150 0x1f88 [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 11:50:10.0162 0x1f88 s3cap - ok 11:50:10.0166 0x1f88 SamSs - ok 11:50:10.0170 0x1f88 sbp2port - ok 11:50:10.0178 0x1f88 [ D48F36EA4B4E8237B24E33B18D76EB2A, 128E754F15FDB00D218FB23431BF0FBDC65D64EEF294D72535B0C07EB5472136 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 11:50:10.0205 0x1f88 SCardSvr - ok 11:50:10.0213 0x1f88 [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 11:50:10.0238 0x1f88 ScDeviceEnum - ok 11:50:10.0244 0x1f88 [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 11:50:10.0263 0x1f88 scfilter - ok 11:50:10.0283 0x1f88 [ 9D13410D7B4D76AA2EA73EC8CA0E0190, 7C46D202683F34F1C07D9D297E9A239376800DC8C84FE1585FE7FC723B6EBBA0 ] Schedule C:\WINDOWS\system32\schedsvc.dll 11:50:10.0328 0x1f88 Schedule - ok 11:50:10.0333 0x1f88 scmbus - ok 11:50:10.0341 0x1f88 [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 11:50:10.0359 0x1f88 SCPolicySvc - ok 11:50:10.0362 0x1f88 sdbus - ok 11:50:10.0367 0x1f88 [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys 11:50:10.0377 0x1f88 SDFRd - ok 11:50:10.0383 0x1f88 [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll 11:50:10.0402 0x1f88 SDRSVC - ok 11:50:10.0406 0x1f88 sdstor - ok 11:50:10.0411 0x1f88 [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon C:\WINDOWS\system32\seclogon.dll 11:50:10.0428 0x1f88 seclogon - ok 11:50:10.0455 0x1f88 [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll 11:50:10.0510 0x1f88 SEMgrSvc - ok 11:50:10.0516 0x1f88 [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS C:\WINDOWS\System32\sens.dll 11:50:10.0534 0x1f88 SENS - ok 11:50:10.0576 0x1f88 [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe 11:50:10.0643 0x1f88 SensorDataService - ok 11:50:10.0663 0x1f88 [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService C:\WINDOWS\system32\SensorService.dll 11:50:10.0708 0x1f88 SensorService - ok 11:50:10.0716 0x1f88 [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 11:50:10.0740 0x1f88 SensrSvc - ok 11:50:10.0743 0x1f88 SerCx - ok 11:50:10.0746 0x1f88 SerCx2 - ok 11:50:10.0749 0x1f88 Serenum - ok 11:50:10.0752 0x1f88 Serial - ok 11:50:10.0757 0x1f88 sermouse - ok 11:50:10.0775 0x1f88 [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv C:\WINDOWS\system32\sessenv.dll 11:50:10.0801 0x1f88 SessionEnv - ok 11:50:10.0805 0x1f88 sfloppy - ok 11:50:10.0810 0x1f88 [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys 11:50:10.0819 0x1f88 SgrmAgent - ok 11:50:10.0827 0x1f88 [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe 11:50:10.0844 0x1f88 SgrmBroker - ok 11:50:10.0859 0x1f88 [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 11:50:10.0891 0x1f88 SharedAccess - ok 11:50:10.0911 0x1f88 [ 0BE15FDA358837ABD88DC72AA75C75CD, 3990FA051E7C280B446C8A749FCEE04E384230CC5E286B4E7080B1737E5730DD ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll 11:50:10.0953 0x1f88 SharedRealitySvc - ok 11:50:10.0969 0x1f88 [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 11:50:11.0011 0x1f88 ShellHWDetection - ok 11:50:11.0020 0x1f88 [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll 11:50:11.0044 0x1f88 shpamsvc - ok 11:50:11.0049 0x1f88 SiSRaid2 - ok 11:50:11.0053 0x1f88 SiSRaid4 - ok 11:50:11.0057 0x1f88 smphost - ok 11:50:11.0072 0x1f88 [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll 11:50:11.0107 0x1f88 SmsRouter - ok 11:50:11.0114 0x1f88 [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 11:50:11.0145 0x1f88 SNMPTRAP - ok 11:50:11.0149 0x1f88 spaceport - ok 11:50:11.0153 0x1f88 [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys 11:50:11.0165 0x1f88 SpatialGraphFilter - ok 11:50:11.0168 0x1f88 SpbCx - ok 11:50:11.0172 0x1f88 spectrum - ok 11:50:11.0191 0x1f88 [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler C:\WINDOWS\System32\spoolsv.exe 11:50:11.0230 0x1f88 Spooler - ok 11:50:11.0235 0x1f88 sppsvc - ok 11:50:11.0238 0x1f88 srv - ok 11:50:11.0241 0x1f88 srv2 - ok 11:50:11.0245 0x1f88 srvnet - ok 11:50:11.0254 0x1f88 [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 11:50:11.0280 0x1f88 SSDPSRV - ok 11:50:11.0293 0x1f88 [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe 11:50:11.0320 0x1f88 ssh-agent - ok 11:50:11.0325 0x1f88 SstpSvc - ok 11:50:11.0343 0x1f88 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe 11:50:11.0365 0x1f88 ss_conn_service - ok 11:50:11.0370 0x1f88 StateRepository - ok 11:50:11.0403 0x1f88 [ 3BCC3C334DF59EE4765B31730D7EA04C, BA193D484666BF5FFEEF715A74501F068E13F0330E5EFD4A9864175E313EAB63 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 11:50:11.0443 0x1f88 Steam Client Service - ok 11:50:11.0448 0x1f88 stexstor - ok 11:50:11.0463 0x1f88 [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc C:\WINDOWS\System32\wiaservc.dll 11:50:11.0498 0x1f88 stisvc - ok 11:50:11.0503 0x1f88 storahci - ok 11:50:11.0507 0x1f88 storflt - ok 11:50:11.0510 0x1f88 stornvme - ok 11:50:11.0513 0x1f88 storqosflt - ok 11:50:11.0516 0x1f88 StorSvc - ok 11:50:11.0519 0x1f88 storufs - ok 11:50:11.0523 0x1f88 storvsc - ok 11:50:11.0528 0x1f88 svsvc - ok 11:50:11.0549 0x1f88 swenum - ok 11:50:11.0553 0x1f88 swprv - ok 11:50:11.0559 0x1f88 [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys 11:50:11.0573 0x1f88 Synth3dVsc - ok 11:50:11.0609 0x1f88 [ 62492FAAC26223E8A21E79A2331A3F10, 164C2650EAD344B6DFF95B8275436231E7994B7F06ACB3DA19054849BED61FD2 ] SysMain C:\WINDOWS\system32\sysmain.dll 11:50:11.0655 0x1f88 SysMain - ok 11:50:11.0661 0x1f88 SystemEventsBroker - ok 11:50:11.0668 0x1f88 [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 11:50:11.0695 0x1f88 TabletInputService - ok 11:50:11.0699 0x1f88 [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys 11:50:11.0713 0x1f88 tap0901 - ok 11:50:11.0722 0x1f88 [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 11:50:11.0756 0x1f88 TapiSrv - ok 11:50:11.0762 0x1f88 [ 1960E9FD4082A0170FBA0231FD709113, D5854811787EBC979E9FAB02847F1E662F430A06AB2D3CB9F0EE4BB3A9EC56FE ] tapprotonvpn C:\WINDOWS\System32\drivers\tapprotonvpn.sys 11:50:11.0773 0x1f88 tapprotonvpn - ok 11:50:11.0778 0x1f88 [ 039CFEDBC0D1A751A1308228A72C1CCD, C451FA71353CB2D31AE4AA3F2B03D098A2C6156B687EC33E0AD2DFC766646647 ] tapwindscribe0901 C:\WINDOWS\System32\drivers\tapwindscribe0901.sys 11:50:11.0787 0x1f88 tapwindscribe0901 - ok 11:50:11.0792 0x1f88 Tcpip - ok 11:50:11.0795 0x1f88 Tcpip6 - ok 11:50:11.0802 0x1f88 [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 11:50:11.0817 0x1f88 tcpipreg - ok 11:50:11.0825 0x1f88 tdx - ok 11:50:11.0830 0x1f88 [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 11:50:11.0840 0x1f88 terminpt - ok 11:50:11.0864 0x1f88 [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService C:\WINDOWS\System32\termsrv.dll 11:50:11.0914 0x1f88 TermService - ok 11:50:11.0920 0x1f88 [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes C:\WINDOWS\system32\themeservice.dll 11:50:11.0948 0x1f88 Themes - ok 11:50:11.0957 0x1f88 [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe 11:50:11.0992 0x1f88 TieringEngineService - ok 11:50:11.0999 0x1f88 TimeBrokerSvc - ok 11:50:12.0003 0x1f88 TokenBroker - ok 11:50:12.0008 0x1f88 TPM - ok 11:50:12.0014 0x1f88 [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks C:\WINDOWS\System32\trkwks.dll 11:50:12.0038 0x1f88 TrkWks - ok 11:50:12.0041 0x1f88 TrustedInstaller - ok 11:50:12.0047 0x1f88 [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 11:50:12.0062 0x1f88 TsUsbFlt - ok 11:50:12.0067 0x1f88 [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 11:50:12.0078 0x1f88 TsUsbGD - ok 11:50:12.0084 0x1f88 [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys 11:50:12.0103 0x1f88 tunnel - ok 11:50:12.0108 0x1f88 [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll 11:50:12.0133 0x1f88 tzautoupdate - ok 11:50:12.0138 0x1f88 UASPStor - ok 11:50:12.0145 0x1f88 [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys 11:50:12.0162 0x1f88 UcmCx0101 - ok 11:50:12.0169 0x1f88 [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys 11:50:12.0186 0x1f88 UcmTcpciCx0101 - ok 11:50:12.0191 0x1f88 [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys 11:50:12.0206 0x1f88 UcmUcsi - ok 11:50:12.0209 0x1f88 Ucx01000 - ok 11:50:12.0212 0x1f88 UdeCx - ok 11:50:12.0215 0x1f88 udfs - ok 11:50:12.0218 0x1f88 UEFI - ok 11:50:12.0228 0x1f88 [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys 11:50:12.0243 0x1f88 Ufx01000 - ok 11:50:12.0247 0x1f88 UfxChipidea - ok 11:50:12.0250 0x1f88 ufxsynopsys - ok 11:50:12.0257 0x1f88 umbus - ok 11:50:12.0263 0x1f88 UmPass - ok 11:50:12.0273 0x1f88 [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 11:50:12.0298 0x1f88 UmRdpService - ok 11:50:12.0324 0x1f88 [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll 11:50:12.0381 0x1f88 UnistoreSvc - ok 11:50:12.0398 0x1f88 [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost C:\WINDOWS\System32\upnphost.dll 11:50:12.0433 0x1f88 upnphost - ok 11:50:12.0439 0x1f88 [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys 11:50:12.0448 0x1f88 UrsChipidea - ok 11:50:12.0454 0x1f88 [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys 11:50:12.0466 0x1f88 UrsCx01000 - ok 11:50:12.0472 0x1f88 [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys 11:50:12.0481 0x1f88 UrsSynopsys - ok 11:50:12.0484 0x1f88 usbccgp - ok 11:50:12.0491 0x1f88 [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 11:50:12.0505 0x1f88 usbcir - ok 11:50:12.0508 0x1f88 usbehci - ok 11:50:12.0512 0x1f88 usbhub - ok 11:50:12.0516 0x1f88 USBHUB3 - ok 11:50:12.0519 0x1f88 usbohci - ok 11:50:12.0526 0x1f88 [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 11:50:12.0537 0x1f88 usbprint - ok 11:50:12.0541 0x1f88 usbser - ok 11:50:12.0545 0x1f88 USBSTOR - ok 11:50:12.0548 0x1f88 usbuhci - ok 11:50:12.0558 0x1f88 [ 9431F7E997A8750139517709B04D8629, 250DE2A461DD3E6D40BD7A21041BF451D954D5BC14A9BC4D819955A135FC34F4 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 11:50:12.0577 0x1f88 usbvideo - ok 11:50:12.0581 0x1f88 USBXHCI - ok 11:50:12.0627 0x1f88 [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll 11:50:12.0758 0x1f88 UserDataSvc - ok 11:50:12.0765 0x1f88 UserManager - ok 11:50:12.0768 0x1f88 UsoSvc - ok 11:50:12.0781 0x1f88 [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc C:\WINDOWS\System32\vac.dll 11:50:12.0805 0x1f88 VacSvc - ok 11:50:12.0810 0x1f88 VaultSvc - ok 11:50:12.0814 0x1f88 [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone C:\WINDOWS\System32\drivers\VClone.sys 11:50:12.0826 0x1f88 VClone - ok 11:50:12.0830 0x1f88 vdrvroot - ok 11:50:12.0834 0x1f88 vds - ok 11:50:12.0838 0x1f88 VerifierExt - ok 11:50:12.0842 0x1f88 vhdmp - ok 11:50:12.0846 0x1f88 vhf - ok 11:50:12.0850 0x1f88 vmbus - ok 11:50:12.0854 0x1f88 VMBusHID - ok 11:50:12.0858 0x1f88 [ C9F69EBA06A703CE726CC6FC0AEFB5E9, 53E441D9D6017CC4BB75F41C6CB9DA79DE500CACBDDE58104D1857A2B749C373 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys 11:50:12.0870 0x1f88 vmgid - ok 11:50:12.0882 0x1f88 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll 11:50:12.0904 0x1f88 vmicguestinterface - ok 11:50:12.0914 0x1f88 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll 11:50:12.0935 0x1f88 vmicheartbeat - ok 11:50:12.0946 0x1f88 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll 11:50:12.0968 0x1f88 vmickvpexchange - ok 11:50:12.0979 0x1f88 [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll 11:50:13.0007 0x1f88 vmicrdv - ok 11:50:13.0017 0x1f88 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll 11:50:13.0036 0x1f88 vmicshutdown - ok 11:50:13.0044 0x1f88 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync C:\WINDOWS\System32\icsvc.dll 11:50:13.0062 0x1f88 vmictimesync - ok 11:50:13.0070 0x1f88 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll 11:50:13.0090 0x1f88 vmicvmsession - ok 11:50:13.0100 0x1f88 [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll 11:50:13.0122 0x1f88 vmicvss - ok 11:50:13.0125 0x1f88 volmgr - ok 11:50:13.0128 0x1f88 volmgrx - ok 11:50:13.0133 0x1f88 volsnap - ok 11:50:13.0138 0x1f88 volume - ok 11:50:13.0145 0x1f88 [ CB90DACF9194DD9D60A2C1DBFBC1E0D1, BE454495C79857FD8DF4ABAF5BDB7D076467BBC27B31E87FA9D920F2001B670D ] vpci C:\WINDOWS\System32\drivers\vpci.sys 11:50:13.0155 0x1f88 vpci - ok 11:50:13.0175 0x1f88 [ 7AE0B2F48B374DB0F423C9807BCC4F1F, 541D692295427CA3BF9AB66D7185AD4154D2618E5554D7E145B2ED8B1AA4AC98 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe 11:50:13.0198 0x1f88 vpnagent - ok 11:50:13.0205 0x1f88 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\WINDOWS\System32\drivers\vpnva64-6.sys 11:50:13.0212 0x1f88 vpnva - ok 11:50:13.0216 0x1f88 vsmraid - ok 11:50:13.0220 0x1f88 VSS - ok 11:50:13.0225 0x1f88 VSTXRAID - ok 11:50:13.0227 0x1f88 vwifibus - ok 11:50:13.0232 0x1f88 vwififlt - ok 11:50:13.0236 0x1f88 vwifimp - ok 11:50:13.0240 0x1f88 W32Time - ok 11:50:13.0250 0x1f88 [ 1C8447EFBC2B36B1CFE889E519F46A6E, 2601185B01909682FB921400C26BE6391AC93F72E84E70E2F49B4059987E191E ] WaaSMedicSvc C:\WINDOWS\System32\WaaSMedicSvc.dll 11:50:13.0282 0x1f88 WaaSMedicSvc - ok 11:50:13.0287 0x1f88 WacomPen - ok 11:50:13.0299 0x1f88 [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService C:\WINDOWS\system32\WalletService.dll 11:50:13.0331 0x1f88 WalletService - ok 11:50:13.0337 0x1f88 wanarp - ok 11:50:13.0341 0x1f88 wanarpv6 - ok 11:50:13.0346 0x1f88 [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll 11:50:13.0366 0x1f88 WarpJITSvc - ok 11:50:13.0371 0x1f88 wbengine - ok 11:50:13.0376 0x1f88 WbioSrvc - ok 11:50:13.0382 0x1f88 [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys 11:50:13.0394 0x1f88 wcifs - ok 11:50:13.0415 0x1f88 [ 2BCA9BABB5CEC329E604AE9C1DBA9D5B, 315C72B80A5E6278A725E7BD2DE0C8A2751C2A3F9B4D82F7A034B1ADDE687507 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 11:50:13.0463 0x1f88 Wcmsvc - ok 11:50:13.0468 0x1f88 wcncsvc - ok 11:50:13.0474 0x1f88 [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys 11:50:13.0490 0x1f88 wcnfs - ok 11:50:13.0495 0x1f88 [ 9BD1C97BAED4B916C95D4E107B3D9812, 722456319EBA63AC6EB21B6A99F4FC928F58AA972DF227EDF0982BC51F4DE86D ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 11:50:13.0506 0x1f88 WdBoot - ok 11:50:13.0510 0x1f88 Wdf01000 - ok 11:50:13.0521 0x1f88 [ D25D9930BFD78A09B8FD4A7504C6F57A, 9D94BC1368A73B06312ED9016482534EA64F7005C85AAB240ED619FDD19E7F4C ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 11:50:13.0536 0x1f88 WdFilter - ok 11:50:13.0544 0x1f88 [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 11:50:13.0564 0x1f88 WdiServiceHost - ok 11:50:13.0569 0x1f88 [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 11:50:13.0590 0x1f88 WdiSystemHost - ok 11:50:13.0594 0x1f88 wdiwifi - ok 11:50:13.0601 0x1f88 [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys 11:50:13.0610 0x1f88 WdmCompanionFilter - ok 11:50:13.0617 0x1f88 [ 8542EAE47D35CB658614C1813C7599A2, 67AEB01B5D4E6CA8C669EFB12A7876A378CEA4CAE2810DD790D2DAC5F07D6E52 ] wdm_usb C:\WINDOWS\system32\DRIVERS\usb2ser.sys 11:50:13.0633 0x1f88 wdm_usb - ok 11:50:13.0639 0x1f88 [ 54E97FEADEEFF973797EB878DC0D2850, A7ABD9E8B94DA19328BB9BF498D64603C6147BE998C40A6F0F8C2E0716CBFC95 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 11:50:13.0653 0x1f88 WdNisDrv - ok 11:50:13.0657 0x1f88 WdNisSvc - ok 11:50:13.0665 0x1f88 [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient C:\WINDOWS\System32\webclnt.dll 11:50:13.0689 0x1f88 WebClient - ok 11:50:13.0698 0x1f88 [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 11:50:13.0722 0x1f88 Wecsvc - ok 11:50:13.0727 0x1f88 [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 11:50:13.0747 0x1f88 WEPHOSTSVC - ok 11:50:13.0754 0x1f88 [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 11:50:13.0777 0x1f88 wercplsupport - ok 11:50:13.0781 0x1f88 WerSvc - ok 11:50:13.0796 0x1f88 [ 0427A785512BB39BEA530DC5367A9A03, 8ED29AE0FDB65D4E1D8CD3FA1783D74EF7B01AB30DD1090C917A74AC88FD4C3E ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll 11:50:13.0833 0x1f88 WFDSConMgrSvc - ok 11:50:13.0837 0x1f88 WFPLWFS - ok 11:50:13.0843 0x1f88 [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 11:50:13.0862 0x1f88 WiaRpc - ok 11:50:13.0867 0x1f88 WIMMount - ok 11:50:13.0876 0x1f88 [ EC7C1A7397988EFAF37BF685CA25525D, 50DA7D63CDE618D6426649AED250CEBE229CBBAC718C4E3CD882D816839B4CE9 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys 11:50:13.0887 0x1f88 WindowsTrustedRT - ok 11:50:13.0891 0x1f88 [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys 11:50:13.0898 0x1f88 WindowsTrustedRTProxy - ok 11:50:13.0902 0x1f88 WinHttpAutoProxySvc - ok 11:50:13.0907 0x1f88 WinMad - ok 11:50:13.0916 0x1f88 Winmgmt - ok 11:50:13.0924 0x1f88 [ 48194110C410B335AC985D9194275A1C, 1CE64B9DD2DB4CCB3916AA4F4C5F8C71C647ABF7845D284019725761138B8A8B ] WinNat C:\WINDOWS\system32\drivers\winnat.sys 11:50:13.0946 0x1f88 WinNat - ok 11:50:13.0994 0x1f88 [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 11:50:14.0110 0x1f88 WinRM - ok 11:50:14.0122 0x1f88 [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS 11:50:14.0140 0x1f88 WINUSB - ok 11:50:14.0143 0x1f88 WinVerbs - ok 11:50:14.0148 0x1f88 wisvc - ok 11:50:14.0153 0x1f88 WlanSvc - ok 11:50:14.0157 0x1f88 wlidsvc - ok 11:50:14.0187 0x1f88 [ 59F6A50CD336D0ADD22E3F1FC0D73957, A62469B30325965735FE76AE7D83E5D829AE09D7F0996CC0B42604E68426B088 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll 11:50:14.0245 0x1f88 wlpasvc - ok 11:50:14.0251 0x1f88 WmiAcpi - ok 11:50:14.0257 0x1f88 wmiApSrv - ok 11:50:14.0259 0x1f88 WMPNetworkSvc - ok 11:50:14.0272 0x1f88 [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof C:\WINDOWS\system32\drivers\Wof.sys 11:50:14.0287 0x1f88 Wof - ok 11:50:14.0332 0x1f88 [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 11:50:14.0400 0x1f88 workfolderssvc - ok 11:50:14.0407 0x1f88 WpcMonSvc - ok 11:50:14.0414 0x1f88 [ 25180559693250D7B7FF16A6BE7AC9BE, 1872BC298C3ED6A204B3BA2AB13D08EB9DAE5B30B7F83CA7A67BFDECA8D043AD ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 11:50:14.0435 0x1f88 WPDBusEnum - ok 11:50:14.0439 0x1f88 [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 11:50:14.0450 0x1f88 WpdUpFltr - ok 11:50:14.0460 0x1f88 [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService C:\WINDOWS\system32\WpnService.dll 11:50:14.0489 0x1f88 WpnService - ok 11:50:14.0495 0x1f88 [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll 11:50:14.0516 0x1f88 WpnUserService - ok 11:50:14.0523 0x1f88 ws2ifsl - ok 11:50:14.0532 0x1f88 [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc C:\WINDOWS\System32\wscsvc.dll 11:50:14.0559 0x1f88 wscsvc - ok 11:50:14.0562 0x1f88 WSearch - ok 11:50:14.0571 0x1f88 [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 11:50:14.0590 0x1f88 WudfPf - ok 11:50:14.0600 0x1f88 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 11:50:14.0620 0x1f88 WUDFRd - ok 11:50:14.0629 0x1f88 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 11:50:14.0651 0x1f88 WUDFWpdFs - ok 11:50:14.0660 0x1f88 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 11:50:14.0677 0x1f88 WUDFWpdMtp - ok 11:50:14.0710 0x1f88 [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 11:50:14.0777 0x1f88 WwanSvc - ok 11:50:14.0784 0x1f88 [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe 11:50:14.0802 0x1f88 xbgm - ok 11:50:14.0827 0x1f88 [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll 11:50:14.0885 0x1f88 XblAuthManager - ok 11:50:14.0914 0x1f88 [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll 11:50:14.0975 0x1f88 XblGameSave - ok 11:50:14.0985 0x1f88 [ 0AA38B54EB292CB3EB13FFF948473DBA, C5256ABC0A4A2117EC6F1C88B5BFDBECAE673AD47639A274BFFF92A46452E9B0 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys 11:50:15.0008 0x1f88 xboxgip - ok 11:50:15.0014 0x1f88 [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll 11:50:15.0034 0x1f88 XboxGipSvc - ok 11:50:15.0060 0x1f88 [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll 11:50:15.0117 0x1f88 XboxNetApiSvc - ok 11:50:15.0127 0x1f88 [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys 11:50:15.0143 0x1f88 xinputhid - ok 11:50:15.0156 0x1f88 [ 3C68ADDE2437FB45CFE71FD8C33C4919, 7F19F51F3664BE5FDD79BCF216DF8D1D1BC3015D522E989DD592BFA1AB3DFE8B ] YSDrv C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys 11:50:15.0172 0x1f88 YSDrv - ok 11:50:15.0241 0x1f88 [ 1EBEA7CCAB778865336E4F6C79E807D6, A95FE0B9622E9390CB3482E18846C4EE8ECE67905F4CB6D239BCACC16679A5C4 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 11:50:15.0322 0x1f88 ZeroConfigService - ok 11:50:15.0325 0x1f88 ================ Scan global =============================== 11:50:15.0340 0x1f88 [ Global ] - ok 11:50:15.0341 0x1f88 ================ Scan MBR ================================== 11:50:15.0355 0x1f88 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 11:50:15.0444 0x1f88 \Device\Harddisk0\DR0 - ok 11:50:15.0447 0x1f88 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 11:50:15.0480 0x1f88 \Device\Harddisk1\DR1 - ok 11:50:15.0480 0x1f88 ================ Scan VBR ================================== 11:50:15.0494 0x1f88 [ DF911AD26D6AD77D910F0D2F6365A0E3 ] \Device\Harddisk0\DR0\Partition1 11:50:15.0507 0x1f88 \Device\Harddisk0\DR0\Partition1 - ok 11:50:15.0528 0x1f88 [ D797F3B4113DB4D8FE8B976E455F024C ] \Device\Harddisk0\DR0\Partition2 11:50:15.0551 0x1f88 \Device\Harddisk0\DR0\Partition2 - ok 11:50:15.0553 0x1f88 [ 5D4A449D7585BB685981813AA82E4778 ] \Device\Harddisk1\DR1\Partition1 11:50:15.0554 0x1f88 \Device\Harddisk1\DR1\Partition1 - ok 11:50:15.0558 0x1f88 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition2 11:50:15.0558 0x1f88 \Device\Harddisk1\DR1\Partition2 - ok 11:50:15.0562 0x1f88 [ 892200FF57E3E149C7E74953CAFED1ED ] \Device\Harddisk1\DR1\Partition3 11:50:15.0564 0x1f88 \Device\Harddisk1\DR1\Partition3 - ok 11:50:15.0567 0x1f88 [ E62DE48BB29D2CE86A1328B87EFAE779 ] \Device\Harddisk1\DR1\Partition4 11:50:15.0569 0x1f88 \Device\Harddisk1\DR1\Partition4 - ok 11:50:15.0572 0x1f88 [ B5FE3401605610FF0EB06614D298A41A ] \Device\Harddisk1\DR1\Partition5 11:50:15.0572 0x1f88 \Device\Harddisk1\DR1\Partition5 - ok 11:50:15.0573 0x1f88 ================ Scan generic autorun ====================== 11:50:15.0573 0x1f88 SecurityHealth - ok 11:50:15.0575 0x1f88 ETDCtrl - ok 11:50:15.0867 0x1f88 [ 8F16BC456BAA770C0FCC1CD7D3998A1B, 089AF447DC487F4B2D09E0F30E634C63EFD1913628219F3242E638536D922248 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 11:50:16.0240 0x1f88 RTHDVCPL - ok 11:50:16.0290 0x1f88 [ 59582ECA7AEC295A61BF79EC651BD89A, E086E8022F5363F9D6D94123854E8570E60C93D0AF84E0CCE4CD1602EB7863EB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 11:50:16.0331 0x1f88 RtHDVBg_Dolby - ok 11:50:16.0339 0x1f88 [ A8012BE61DC9CEFA5C41C2DA995812BD, 63D64926B700AD5378C7A719CD71906382EAAA1BE3CB2EE22D9A63D13E12C272 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe 11:50:16.0349 0x1f88 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 ) 11:50:16.0401 0x1f88 Detect skipped due to KSN trusted 11:50:16.0401 0x1f88 IAStorIcon - ok 11:50:16.0419 0x1f88 [ 5DB2D863BEECABABE5AFBD36AD055919, EDA57E210834275DD78650C55267F1EB55BB03964D0BCB8C87CCB5CCE290AE51 ] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe 11:50:16.0467 0x1f88 DAX2_APP - detected UnsignedFile.Multi.Generic ( 1 ) 11:50:16.0545 0x1f88 Detect skipped due to KSN trusted 11:50:16.0545 0x1f88 DAX2_APP - ok 11:50:16.0578 0x1f88 Discord - ok 11:50:16.0674 0x1f88 [ 4E4673BBCAE7B4A613236689C683C121, D400F5BC90C7776AE84C95B27E78532175750E14A3FA5E2ECBF5225E60D483B2 ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe 11:50:16.0771 0x1f88 Dropbox - ok 11:50:16.0802 0x1f88 [ 4FE439A1651F4E2F74022253ADD1C925, 8D855B05D3FF5C840A30A5E00CB0ED9D774C84C9BA11B7657CEB3CC2E3F4C145 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe 11:50:16.0835 0x1f88 Cisco AnyConnect Secure Mobility Agent for Windows - ok 11:50:17.0412 0x1f88 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe 11:50:17.0852 0x1f88 OneDriveSetup - ok 11:50:17.0880 0x1f88 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe 11:50:17.0910 0x1f88 WAB Migrate - ok 11:50:18.0272 0x1f88 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe 11:50:18.0669 0x1f88 OneDriveSetup - ok 11:50:18.0698 0x1f88 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe 11:50:18.0724 0x1f88 WAB Migrate - ok 11:50:18.0758 0x1f88 [ C84B6E5F646590F201E88F2C0955285A, 1785CC39A455F3ED3D0BAB97C03ED80D58CE24157E00C3AAECD31C2C98AA9806 ] C:\Users\staub\AppData\Local\Microsoft\OneDrive\OneDrive.exe 11:50:18.0798 0x1f88 OneDrive - ok 11:50:18.0862 0x1f88 [ 036D82DD70A5D8B7A29BCDDF3E5C243D, E54A465BF2D70C93B440B05612C8F11B7CA8C8AEECB822E65E518DD862A00700 ] C:\Program Files (x86)\Steam\steam.exe 11:50:18.0933 0x1f88 Steam - ok 11:50:18.0942 0x1f88 Spotify - ok 11:50:18.0976 0x1f88 [ 23686E6FA80E49F08715598A3EFF36BB, B7DC968ADB7DC2FCA1D67A3E6ECE0FF71DC5A909547249CB4A479093319BA7B5 ] C:\Program Files\CyberGhost 6\CyberGhost.exe 11:50:19.0020 0x1f88 CyberGhost - ok 11:50:19.0025 0x1f88 Discord - ok 11:50:19.0028 0x1f88 Windscribe - ok 11:50:19.0030 0x1f88 Windows Shutdown Assistant - ok 11:50:19.0445 0x1f88 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe 11:50:19.0830 0x1f88 OneDriveSetup - ok 11:50:19.0862 0x1f88 Discord - ok 11:50:19.0897 0x1f88 [ 10E204B6AEB476E50D07F22DFDFBF62D, AB189636BAB5020B671CBB763E245F27F60847405FC14BEA6E50285E60DC85ED ] C:\Users\enogh\AppData\Local\Microsoft\OneDrive\OneDrive.exe 11:50:19.0943 0x1f88 OneDrive - ok 11:50:19.0963 0x1f88 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe 11:50:20.0002 0x1f88 WAB Migrate - ok 11:50:20.0448 0x1f88 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe 11:50:20.0935 0x1f88 OneDriveSetup - ok 11:50:20.0984 0x1f88 [ 90029F7160037122DA12101C0C8850F7, DE4BFD8E60AC0222EACCA8BAC94562ED2B38CBEF569F8B927CCD197735655AC0 ] C:\Users\shima\AppData\Local\Microsoft\OneDrive\OneDrive.exe 11:50:21.0032 0x1f88 OneDrive - ok 11:50:21.0047 0x1f88 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe 11:50:21.0088 0x1f88 WAB Migrate - ok 11:50:21.0089 0x1f88 Waiting for KSN requests completion. In queue: 288 11:50:22.0170 0x1f88 AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x60100 ( disabled : updated ) 11:50:22.0200 0x1f88 Win FW state via NFP2: enabled ( trusted ) 11:50:22.0289 0x1f88 ============================================================ 11:50:22.0289 0x1f88 Scan finished 11:50:22.0289 0x1f88 ============================================================ 11:50:22.0301 0x16ec Detected object count: 1 11:50:22.0301 0x16ec Actual detected object count: 1 11:50:30.0209 0x16ec PGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user 11:50:30.0209 0x16ec PGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:50:53.0059 0x27ec Deinitialize success |
12.09.2018, 11:15 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht? Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! adwCleaner v7.x Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
__________________ Logfiles bitte immer in CODE-Tags posten |
16.09.2018, 14:25 | #12 | |
| Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht? Adwcleaner crasht bei einer grundlegenden Bereinigung. Findet bei der normalen nix. Ich meinte es crasht in der ersten Sekunde der grundlegenden Reparatur. Hier aber die Logs die ichbekommen hab. Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 7.2.3.1 # ------------------------------- # Build: 09-03-2018 # Database: 2018-09-14.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 09-16-2018 # Duration: 00:00:13 # OS: Windows 10 Home # Scanned: 41927 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## Zitat:
Geändert von Staub (16.09.2018 um 14:34 Uhr) |
16.09.2018, 19:47 | #13 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht? Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
16.09.2018, 20:11 | #14 |
| Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht? Windows Defender wollte das Programm blocken, habe einfach auf trotzdem ausführen geklickt. Hoffe es war nicht windows defender der den vorherigen Scan unterbrochen hat. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018 durchgeführt von staub (Administrator) auf DESKTOP-UKTCUI2 (16-09-2018 21:10:08) Gestartet von D:\Downloads Geladene Profile: staub (Verfügbare Profile: staub & enogh & shima) Platform: Windows 10 Home Version 1803 17134.112 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe () D:\NadekoBot\redis\redis-server.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe () C:\Program Files (x86)\PHotkey\PHotkey.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe () C:\Program Files (x86)\PHotkey\Atouch64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe () C:\Program Files (x86)\PHotkey\Dolbyosd.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe () C:\Program Files (x86)\PHotkey\GPMTray.exe () C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (ShareX Team) C:\Program Files\ShareX\ShareX.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Discord Inc.) C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe (Discord Inc.) C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe (Discord Inc.) C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe (Discord Inc.) C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Spotify Ltd) C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team) C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team) C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Farbar) D:\Downloads\FRST64 (1).exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2018-06-19] (Microsoft Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3352808 2015-11-06] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-06] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1429248 2016-05-06] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] () HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [54332920 2017-08-14] (Discord Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3753280 2018-09-11] (Dropbox, Inc.) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1226240 2017-09-20] (Cisco Systems, Inc.) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Spotify] => C:\Users\staub\AppData\Roaming\Spotify\Spotify.exe [24453008 2018-08-23] (Spotify Ltd) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1398352 2018-06-11] (CyberGhost S.A.) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Discord] => C:\Users\staub\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Run: [Windows Shutdown Assistant] => C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe /autoStart HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\MountPoints2: {985ca1c1-6f35-11e8-bfdf-b881983425c3} - "G:\Setup.exe" Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-08-05] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome.lnk [2017-09-09] ShortcutTarget: chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Startup: C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-06-26] ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{6de58bda-e014-4104-bd91-a8315218f1f1}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{8e27d8c5-8315-4adf-8c15-08fd74f18d9f}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{cf97e8a1-698d-47eb-9b5f-ca89d553a6b7}: [DhcpNameServer] 185.156.172.178 185.93.180.131 83.143.245.42 Internet Explorer: ================== HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-14] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-09-11] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-11] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-11] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-11] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-11] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 0w2ntjwv.default-1518458315710 FF ProfilePath: C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710 [2018-08-31] FF Extension: (uBlock Origin) - C:\Users\staub\AppData\Roaming\Mozilla\Firefox\Profiles\0w2ntjwv.default-1518458315710\Extensions\uBlock0@raymondhill.net.xpi [2018-02-12] FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-11] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: BYOND -> D:\BYOND\bin\npbyond.dll [2008-07-08] (BYOND) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://calendar.google.com/calendar/render#main_7 CHR StartupUrls: Default -> "hxxps://calendar.google.com/calendar/render#main_7","hxxps://keep.google.com/","hxxps://docs.google.com/spreadsheets/d/1ruUreFE1R4ZzGHA86bTj83pJTyTPeQboafg75hVvfFA/edit#gid=485674309" CHR NewTab: Default -> Active:"chrome-extension://mefhakmgclhhfbdadeojlkbllmecialg/public/index.html" CHR DefaultSearchKeyword: Default -> lp CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default [2018-09-16] CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14] CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-10] CHR Extension: (ColorZilla) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2018-05-09] CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-10] CHR Extension: (uBlock Origin) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-08-28] CHR Extension: (Share on Rabbit) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplabnbcafdgpcjmibgkekpaejlfhnkl [2018-07-07] CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2018-06-20] CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14] CHR Extension: (News Feed Eradicator for Facebook) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg [2017-11-17] CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17] CHR Extension: (LastPass: Free Password Manager) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-09-07] CHR Extension: (Voice to Text) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcdafhjjjfnkoeilnjmnadadaoehgdc [2018-03-21] CHR Extension: (StayFocusd) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2018-03-15] CHR Extension: (Tabby Cat) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mefhakmgclhhfbdadeojlkbllmecialg [2018-09-16] CHR Extension: (Milky Way Stars over Pine Valley, Utah) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\memcphligehabnghadofahejdodcfnnb [2017-08-11] CHR Extension: (Save to Pocket) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2018-08-05] CHR Extension: (Hotspot Shield VPN Free Proxy – Unblock Sites) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2018-07-31] CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-10] CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-13] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-08-26] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-08-24] CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28] CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28] CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28] CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28] CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-24] CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28] CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24] CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28] CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28] CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-24] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-08-07] CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28] CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28] CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28] CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28] CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28] CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28] CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-04] CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28] CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28] CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-08-05] CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28] CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28] CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28] CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28] CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28] CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28] CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-04] CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28] CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28] CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-07-29] CHR Extension: (Slides) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28] CHR Extension: (Docs) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28] CHR Extension: (Google Drive) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28] CHR Extension: (YouTube) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28] CHR Extension: (Avast SafePrice) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-28] CHR Extension: (Sheets) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28] CHR Extension: (Google Docs Offline) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-28] CHR Extension: (Avast Online Security) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28] CHR Extension: (Gmail) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28] CHR Extension: (Chrome Media Router) - C:\Users\staub\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-28] CHR Profile: C:\Users\staub\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-29] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-05] (BlueStack Systems, Inc.) R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost S.A.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation) S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [440304 2017-04-04] (Intel Corporation) R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163328 2016-01-27] () [Datei ist nicht signiert] S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-12] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-12] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-09-11] (Dropbox, Inc.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-09-07] (EasyAntiCheat Ltd) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-11-06] (ELAN Microelectronics Corp.) U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-11] (Hi-Rez Studios) [Datei ist nicht signiert] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515256 2017-08-10] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-04-04] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-08-03] () S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2213696 2018-08-20] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3084104 2018-08-20] (Electronic Arts) R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [135680 2014-08-07] () [Datei ist nicht signiert] R2 Redis; D:\NadekoBot\redis\redis-server.exe [1553408 2016-07-01] () [Datei ist nicht signiert] S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3756200 2017-08-03] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. ) R1 cgnetfilter1521; C:\WINDOWS\System32\drivers\cgnetfilter1521.sys [84768 2017-03-22] (Windows (R) Win 7 DDK provider) S3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation) R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [30808 2015-11-06] (ELAN Microelectronic Corp.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [245768 2017-08-10] (Intel Corporation) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [259360 2018-09-16] (Malwarebytes) R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation) R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7644672 2017-09-05] (Intel Corporation) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) R3 PegaRadioSwitch; C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys [34096 2015-11-18] (Windows (R) Win 7 DDK provider) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-07-17] (Realsil Semiconductor Corporation) S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (The OpenVPN Project) S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-06-19] (The OpenVPN Project) S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2017-09-20] (Cisco Systems, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2018-09-06] (BigNox Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-09-16 19:42 - 2018-09-16 19:42 - 000008821 _____ C:\Users\staub\AppData\Local\recently-used.xbel 2018-09-16 15:24 - 2018-09-16 15:24 - 000259360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-09-16 15:19 - 2018-09-16 15:21 - 000000000 ____D C:\AdwCleaner 2018-09-16 08:41 - 2018-09-16 08:41 - 000000000 ___HD C:\OneDriveTemp 2018-09-14 10:31 - 2018-09-14 10:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2018-09-12 13:41 - 2018-09-12 13:41 - 000203860 _____ C:\Users\staub\Desktop\WICHTIGES zeugs.pdf 2018-09-12 11:49 - 2018-09-12 11:50 - 000181106 _____ C:\TDSSKiller.3.1.0.17_12.09.2018_11.49.13_log.txt 2018-09-11 23:23 - 2018-09-11 23:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-09-11 22:32 - 2018-09-11 22:32 - 000179164 _____ C:\TDSSKiller.3.1.0.17_11.09.2018_22.32.15_log.txt 2018-09-11 22:28 - 2018-09-11 22:30 - 000349888 _____ C:\TDSSKiller.3.1.0.17_11.09.2018_22.28.58_log.txt 2018-09-11 13:54 - 2018-09-11 13:54 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2018-09-11 13:54 - 2018-09-11 13:54 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2018-09-11 13:54 - 2018-09-11 13:54 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2018-09-11 13:54 - 2018-09-11 13:54 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2018-09-11 09:56 - 2018-09-14 10:31 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2018-09-11 09:56 - 2018-09-11 09:56 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2018-09-10 10:49 - 2018-09-10 10:49 - 000001083 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2018-09-10 10:49 - 2018-09-10 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2018-09-10 10:49 - 2018-09-10 10:49 - 000000000 ____D C:\Program Files\VS Revo Group 2018-09-09 23:22 - 2018-09-16 21:10 - 000000000 ____D C:\FRST 2018-09-06 19:51 - 2018-09-06 19:51 - 000000000 ____D C:\Users\staub\AppData\Local\MultiPlayerManager 2018-09-06 11:47 - 2018-09-06 11:47 - 000000066 _____ C:\Users\staub\inittk.ini 2018-09-06 11:46 - 2018-09-06 11:46 - 000000045 _____ C:\Users\staub\nuuid.ini 2018-09-06 11:46 - 2018-09-06 11:46 - 000000041 _____ C:\Users\staub\inst.ini 2018-09-06 11:46 - 2018-09-06 11:46 - 000000000 ____D C:\Users\staub\Nox_share 2018-09-06 11:38 - 2018-09-16 20:17 - 000000000 ____D C:\Users\staub\AppData\Local\Nox 2018-09-06 11:38 - 2018-09-16 20:17 - 000000000 ____D C:\Users\staub\.BigNox 2018-09-06 11:38 - 2018-09-16 17:23 - 000000000 ____D C:\Users\staub\vmlogs 2018-09-06 11:38 - 2018-09-06 11:38 - 000000715 _____ C:\Users\staub\Desktop\Nox.lnk 2018-09-06 11:38 - 2018-09-06 11:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Nox 2018-09-06 11:38 - 2018-09-06 11:38 - 000000000 ____D C:\Program Files (x86)\Bignox 2018-09-06 11:13 - 2018-09-06 11:13 - 000000000 ____D C:\Users\staub\Downloads\MEmu Download 2018-09-04 18:03 - 2018-09-04 18:03 - 000000000 ____D C:\Users\staub\Documents\MeinSpore-Kreationen 2018-09-04 18:00 - 2018-09-04 18:00 - 000000000 ____D C:\ProgramData\Electronic Arts 2018-09-04 17:44 - 2018-09-04 17:44 - 000000000 ____D C:\Users\staub\Documents\My Spore Creations 2018-09-04 17:44 - 2018-09-04 17:44 - 000000000 ____D C:\Users\staub\AppData\Roaming\Spore 2018-09-03 21:09 - 2018-09-03 21:09 - 000000000 ____D C:\Users\staub\Desktop\Entspannung 2018-09-03 19:52 - 2018-09-03 19:52 - 000000000 ____D C:\Users\staub\.cache 2018-09-03 19:50 - 2018-09-09 23:30 - 000000000 ____D C:\Users\staub\AppData\Roaming\AllToMP3 2018-09-03 19:46 - 2018-09-03 19:46 - 000000000 ____D C:\Users\staub\AppData\Local\mbam 2018-08-27 23:26 - 2018-08-27 23:26 - 000675984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll 2018-08-27 23:26 - 2018-08-27 23:26 - 000457512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll 2018-08-27 23:26 - 2018-08-27 23:26 - 000386712 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll 2018-08-27 23:26 - 2018-08-27 23:26 - 000343192 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll 2018-08-27 23:26 - 2018-08-27 23:26 - 000274072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll 2018-08-27 23:26 - 2018-08-27 23:26 - 000248624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll 2018-08-27 23:26 - 2018-08-27 23:26 - 000089248 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll 2018-08-27 23:26 - 2018-08-27 23:26 - 000087352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll 2018-08-27 23:26 - 2018-08-27 23:26 - 000031896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_1.dll 2018-08-27 23:26 - 2018-08-27 23:26 - 000028472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_1.dll 2018-08-19 13:56 - 2018-08-19 13:56 - 000000000 ____D C:\Users\staub\.m2 ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-09-16 21:04 - 2018-06-04 08:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-09-16 21:04 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-09-16 19:40 - 2017-08-28 13:20 - 000000000 ____D C:\Users\staub\AppData\Local\gtk-2.0 2018-09-16 19:35 - 2017-08-28 12:56 - 000000000 ____D C:\Users\staub\.gimp-2.8 2018-09-16 19:00 - 2017-08-04 18:20 - 000000000 ____D C:\Users\staub\AppData\Roaming\Spotify 2018-09-16 17:23 - 2017-10-17 12:27 - 000000000 ____D C:\Users\staub\.android 2018-09-16 15:50 - 2017-08-04 18:20 - 000000000 ____D C:\Users\staub\AppData\Local\Spotify 2018-09-16 15:30 - 2018-06-04 08:14 - 001722010 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-09-16 15:30 - 2018-04-12 18:13 - 000744134 _____ C:\WINDOWS\system32\perfh007.dat 2018-09-16 15:30 - 2018-04-12 18:13 - 000150268 _____ C:\WINDOWS\system32\perfc007.dat 2018-09-16 15:30 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF 2018-09-16 15:25 - 2017-08-04 18:19 - 000000000 ____D C:\Program Files (x86)\Steam 2018-09-16 15:25 - 2017-08-04 12:24 - 000000000 ___RD C:\Users\staub\OneDrive 2018-09-16 15:24 - 2018-06-04 08:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-09-16 15:24 - 2018-04-11 23:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2018-09-16 15:24 - 2017-09-26 16:03 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2018-09-16 15:24 - 2017-09-07 18:44 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2018-09-16 15:24 - 2017-08-04 12:22 - 000000000 __SHD C:\Users\staub\IntelGraphicsProfiles 2018-09-16 15:22 - 2017-08-04 19:42 - 000000000 ____D C:\Users\staub\AppData\Local\CrashDumps 2018-09-15 09:25 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\WhatsApp 2018-09-14 10:31 - 2017-09-27 21:15 - 000002540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2018-09-14 10:31 - 2016-06-08 10:42 - 000002587 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2018-09-14 10:31 - 2016-06-08 10:42 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2018-09-14 10:31 - 2016-06-08 10:42 - 000002562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2018-09-14 10:31 - 2016-06-08 10:42 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2018-09-14 10:31 - 2016-06-08 10:42 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2018-09-14 10:31 - 2016-06-08 10:42 - 000002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2018-09-14 10:31 - 2016-06-08 10:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-09-13 00:58 - 2017-08-10 22:52 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-09-11 23:23 - 2017-08-12 10:02 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-09-11 09:56 - 2018-04-12 01:34 - 000002251 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-09-11 09:56 - 2018-04-12 01:34 - 000002251 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-09-10 00:24 - 2018-06-21 07:55 - 000000000 ____D C:\Users\staub\AppData\Local\AVAST Software 2018-09-10 00:24 - 2017-08-04 15:28 - 000000000 ____D C:\ProgramData\AVAST Software 2018-09-10 00:22 - 2017-08-26 15:18 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump 2018-09-09 23:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps 2018-09-09 23:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-09-09 23:50 - 2017-12-01 01:06 - 000000000 ____D C:\Users\staub\AppData\Local\Packages 2018-09-09 23:11 - 2018-07-16 10:41 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat 2018-09-09 22:26 - 2018-06-04 08:16 - 000003558 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-09-09 22:26 - 2018-06-04 08:16 - 000003334 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-09-09 22:26 - 2018-06-04 08:16 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2018-09-09 22:26 - 2018-06-04 08:16 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2089115426-2641811642-829515932-1002 2018-09-09 22:26 - 2018-06-04 08:16 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2089115426-2641811642-829515932-1001 2018-09-09 22:26 - 2018-06-04 08:16 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2018-09-09 22:26 - 2018-06-04 08:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2018-09-09 16:23 - 2017-08-14 17:28 - 000000000 ____D C:\Users\staub\AppData\Local\ElevatedDiagnostics 2018-09-06 11:47 - 2018-06-04 08:09 - 000000000 ____D C:\Users\staub 2018-09-06 11:44 - 2018-06-20 22:42 - 000000000 ____D C:\Program Files (x86)\Origin 2018-09-06 11:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration 2018-09-04 23:54 - 2018-06-20 22:41 - 000000000 ____D C:\Users\staub\AppData\Roaming\Origin 2018-09-04 17:54 - 2018-06-20 22:45 - 000000000 ____D C:\Program Files (x86)\Origin Games 2018-09-04 17:53 - 2018-06-20 22:41 - 000000000 ____D C:\ProgramData\Origin 2018-09-03 14:22 - 2017-08-05 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\vlc 2018-09-03 14:05 - 2018-06-23 08:47 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-09-01 12:49 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2018-09-01 12:49 - 2017-10-11 21:38 - 000000000 ____D C:\Users\staub\AppData\Local\WhatsApp 2018-09-01 12:49 - 2017-08-04 14:08 - 000000000 ____D C:\Users\staub\AppData\Local\SquirrelTemp 2018-09-01 12:40 - 2018-06-04 08:09 - 000002387 _____ C:\Users\staub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-08-30 22:20 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2018-08-29 15:08 - 2018-05-08 08:45 - 000000000 ____D C:\Users\staub\AppData\Local\Eclipse 2018-08-29 15:08 - 2017-08-15 11:16 - 000000000 ____D C:\Users\staub\.p2 2018-08-28 22:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-08-26 12:38 - 2018-07-29 23:46 - 000000000 ____D C:\Users\staub\Desktop\discord server stugg 2018-08-24 19:53 - 2017-09-11 16:01 - 000000000 ____D C:\Users\staub\AppData\Roaming\audacity 2018-08-23 11:15 - 2017-08-12 10:02 - 000001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2018-08-23 11:15 - 2017-08-12 10:02 - 000001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2018-08-23 10:38 - 2018-06-04 08:16 - 000004306 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2018-08-23 10:38 - 2018-06-04 08:16 - 000004074 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2018-03-18 19:44 - 2018-05-19 19:34 - 000007551 _____ () C:\Users\staub\AppData\Roaming\SpeedRunnersLog.txt 2017-08-04 18:47 - 2017-08-04 18:47 - 000000039 _____ () C:\Users\staub\AppData\Local\kritadisplayrc 2017-08-04 18:47 - 2017-08-04 18:47 - 000014964 _____ () C:\Users\staub\AppData\Local\kritarc 2018-09-16 19:42 - 2018-09-16 19:42 - 000008821 _____ () C:\Users\staub\AppData\Local\recently-used.xbel 2017-08-10 23:04 - 2017-08-10 23:04 - 000007628 _____ () C:\Users\staub\AppData\Local\Resmon.ResmonCfg Einige Dateien in TEMP: ==================== 2018-09-06 11:37 - 2017-12-08 04:44 - 000036152 _____ () C:\Users\staub\AppData\Local\Temp\clearRemnants.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2018-06-04 08:07 ==================== Ende von FRST.txt ============================ |
16.09.2018, 20:12 | #15 |
| Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15.09.2018 durchgeführt von staub (16-09-2018 21:10:44) Gestartet von D:\Downloads Windows 10 Home Version 1803 17134.112 (X64) (2018-06-04 06:17:08) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2089115426-2641811642-829515932-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2089115426-2641811642-829515932-503 - Limited - Disabled) enogh (S-1-5-21-2089115426-2641811642-829515932-1002 - Limited - Enabled) => C:\Users\enogh Gast (S-1-5-21-2089115426-2641811642-829515932-501 - Limited - Disabled) shima (S-1-5-21-2089115426-2641811642-829515932-1004 - Limited - Enabled) => C:\Users\shima staub (S-1-5-21-2089115426-2641811642-829515932-1001 - Administrator - Enabled) => C:\Users\staub WDAGUtilityAccount (S-1-5-21-2089115426-2641811642-829515932-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 4K Video Downloader 4.4 (HKLM-x32\...\{D04F9BA2-CF6F-41AD-8BD1-313ABD28FAF2}) (Version: 4.4.4.2275 - Open Media LLC) 7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov) Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.) Andy OS (HKLM\...\Andy OS) (Version: 46.16 - Andy OS, Inc) Anki (HKLM-x32\...\Anki) (Version: - ) Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BlueJ (HKLM-x32\...\{92FD2477-5855-4863-B4C1-405C7853FD9F}) (Version: 4.1.2 - BlueJ Team) BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.44.1625 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build and Shoot Launcher 1.2 (HKLM-x32\...\Build and Shoot Launcher) (Version: 1.2 - Buld Then Snip, LLC) BYOND (HKLM-x32\...\BYOND) (Version: 512.1404 - BYOND) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.5.02033 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{0C9580F0-95DC-4E64-BB4C-1091B660A64F}) (Version: 4.5.02033 - Cisco Systems, Inc.) Hidden Citra (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{385074ac-5fd7-4e2a-ba3e-cae92abf1372}) (Version: 1.0.0 - Citra Team) CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.) Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version: - ) Discord (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Discord) (Version: 0.0.301 - Discord Inc.) Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.6.3.44 - Dolby Laboratories, Inc.) Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 57.4.89 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.127.1 - Dropbox, Inc.) Hidden ELAN Touchpad 15.19.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.19.7.1 - ELAN Microelectronic Corp.) Epic Games Launcher (HKLM-x32\...\{42D23AAF-7D6F-48C7-A62C-8E02D6234156}) (Version: 1.1.147.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FileZilla Client 3.27.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.0.1 - Tim Kosse) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.) Frets On Fire (HKLM-x32\...\Frets on Fire) (Version: 1.3.110-win32 - ) GÉANTLink 1.0a x64 (HKLM\...\{89C31957-7751-419E-A873-03C71B757195}) (Version: 1.0.28 - GÉANT) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.92 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod) Hero Lab 8.4 (HKLM-x32\...\{760AA190-82DF-4A80-BE05-B9FEEC88946D}_is1) (Version: 8.4 - LWD Technology, Inc.) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1178 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4390 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{601DFCAC-FCC1-4779-9095-D69D82904A5A}) (Version: 18.1.1607.3129 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{fefa9370-e735-4821-9cbc-48bd843e7ac3}) (Version: 19.80.0 - Intel Corporation) Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - ) Krita (x64) 3.1.4.0 (HKLM\...\Krita_x64) (Version: 3.1.4.0 - Krita Foundation) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) LIMBO (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Limbo) (Version: - ) Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.10730.20102 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0006 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual Studio 2017 (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.11.33287.817 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org) Mozilla Firefox 60.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.2 (x64 en-US)) (Version: 60.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla) MusicBee 3.1 (HKLM-x32\...\MusicBee) (Version: 3.1 - Steven Mayall) NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team) Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.2.0 - Duodian Technology Co. Ltd.) NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd) Ondesoft Spotify Converter version 2.1.0 (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{4E9A8CA6-50D7-4A86-8086-37DDE546D429}_is1) (Version: 2.1.0 - Ondesoft, Inc.) OpenRCT2 0.2.0 (HKLM-x32\...\OpenRCT2) (Version: 0.2.0 - OpenRCT2) Origin (HKLM-x32\...\Origin) (Version: 10.5.26.8488 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{49281fb0-b08b-40c3-a0e1-f228f2cd6982}) (Version: latest - ppy Pty Ltd) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0127 - Pegatron Corporation) ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG) PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham) Python 3.6.0 (32-bit) (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\{8ba65a8c-cb48-4716-bc24-47c148808015}) (Version: 3.6.150.0 - Python Software Foundation) Python 3.6.0 Add to Path (32-bit) (HKLM-x32\...\{D4C8360E-C73A-46B9-AF8E-672684048BF0}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Core Interpreter (32-bit) (HKLM-x32\...\{FC638B75-E969-4496-A546-9D78EA7D8F35}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Development Libraries (32-bit) (HKLM-x32\...\{F2A430F2-A7AC-4B46-808A-FC6E8419ABDE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Documentation (32-bit) (HKLM-x32\...\{A66771E3-430A-40A7-B00C-94A239396BEE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Executables (32-bit) (HKLM-x32\...\{3C182441-3C75-4113-A28D-D3AEAD85B320}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 pip Bootstrap (32-bit) (HKLM-x32\...\{1D427483-31FE-4ED4-AD39-AB78BBF7D22D}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Standard Library (32-bit) (HKLM-x32\...\{4CB36E4F-EC00-479B-AA25-0B9EC5385B0C}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C7D63030-7738-499A-A0D2-8549174D2B70}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Test Suite (32-bit) (HKLM-x32\...\{6EAD5F85-97EC-4AFB-84D2-D52AC41D3C66}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python 3.6.0 Utility Scripts (32-bit) (HKLM-x32\...\{7C3DAC9E-E229-415C-A600-5974B5D9DE7F}) (Version: 3.6.150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{2636F1E4-2BC5-4B19-BFFD-A08F72598309}) (Version: 3.6.6032.0 - Python Software Foundation) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10163.31215 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7811 - Realtek Semiconductor Corp.) Redis on Windows (HKLM\...\{6E927557-4447-4348-AE9C-4B2EA64BDA17}) (Version: 3.0.504 - MSOpenTech) Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.) RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\RollerCoaster Tycoon 2 Triple Thrill Pack_is1) (Version: - GOG.com) RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\GOGPACKRCT3_is1) (Version: 2.0.0.13 - GOG.com) Rückkehr Nach Krondor (HKLM-x32\...\Rückkehr nach Krondor) (Version: - ) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.) ScreenToGif (HKLM-x32\...\{B46AB504-140F-4E7D-833C-C6CA1A4FAAD7}) (Version: 2.9.0 - Nicke Manarin) Secret World Legends (HKLM-x32\...\Secret World Legends_is1) (Version: 1.0.0 - Funcom) ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.2.0 - ShareX Team) Sierra-Dienstprogramme (HKLM-x32\...\Sierra-Dienstprogramme) (Version: - ) Sims 4 Tray Importer (S4TI) 1.6.7.9 (HKLM-x32\...\{8665A9CC-9652-4F31-907A-DE2E7A8E8E97}_is1) (Version: 1.6.7.9 - TeameeVo) Spore™ (HKLM-x32\...\{4BDCC41C-FFE7-40a4-BCB6-B558916868F7}) (Version: 1.7.0.0 - Electronic Arts) Spotify (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\Spotify) (Version: 1.0.88.353.g15c26ea1 - Spotify AB) Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.3.0.5 - GOG.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sublime Text Build 3126 (HKLM-x32\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Terraria (HKLM-x32\...\1207665503_is1) (Version: 1.3.5.3 - GOG.com) The Sims 3 Complete Collection version 1.67.2 (HKLM-x32\...\The Sims 3 Complete Collection_is1) (Version: 1.67.2 - Mr DJ) The Sims 4 (HKLM\...\The Sims 4_is1) (Version: 1.41.38.1020 - ) Unity (HKLM-x32\...\Unity) (Version: 2017.1.1f1 - Unity Technologies ApS) VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN) vs_communitymsi (HKLM-x32\...\{52100697-9C66-44F3-BA20-68F8148CDF9B}) (Version: 15.0.26711 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{5297D80E-CD92-48D8-9DB0-301AB3205772}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{DDEF2BD0-F728-4D04-A085-B5ACC9ADC311}) (Version: 15.0.26711 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{2512A3CE-E1E4-46D5-8B40-28DA3AE2261E}) (Version: 15.0.26711 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{384F31FB-B99D-48A7-9D72-E1FEBEC2201A}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{D0772A03-7FC2-4B20-AC1F-B278299AA9C7}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{0F2742A7-6A64-46A2-94AE-22F19808BE2F}) (Version: 15.0.26711 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{0D3A6730-43CE-4AF6-BDF7-4D0660296C60}) (Version: 15.0.26621 - Microsoft Corporation) Hidden WhatsApp (HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2089115426-2641811642-829515932-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] () ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-04] (Intel Corporation) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01FB79BC-CA58-4136-912A-D660CC3A9A3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-14] (Microsoft Corporation) Task: {05DC23A8-71D2-4B2B-B5B5-2FCFDD1525B9} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-09-14] (Microsoft Corporation) Task: {0739CA7F-9BB7-46BC-B3D5-E4F0A443FB6A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation) Task: {15B5210C-333E-4806-BCFD-D940C6453BF9} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe Task: {17345D61-1E0E-4BCD-A526-EA31CDE23096} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-15] (AVAST Software) Task: {19555B0A-D775-47E3-A9A6-22C29A5B6A57} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe Task: {249A68DE-FE74-40EA-971F-9C25F5C235AC} - System32\Tasks\MICROSOFT\WINDOWS\APPLICATION EXPERIENCE\STARTUPCHECKLIBRARY => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary Task: {2B6B3B70-2DDB-4FC6-830C-F7EA866AC6D3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-12] (Dropbox, Inc.) Task: {353753FC-B0FC-4EA1-A232-3200F1CB243F} - System32\Tasks\S-1-5-21-2089115426-2641811642-829515932-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation) Task: {43C662DC-B631-492D-8A53-46E64C97345C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-10] (Google Inc.) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6673BC26-F155-4B3D-A62C-4F9AADEA5D14} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe Task: {8D5B0EC7-553E-41E2-8E77-FEFDEB03CFCC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe Task: {995639CA-448D-445D-B4AE-E32C7742ED09} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation) Task: {A76FC8F2-D656-4678-BE6B-74FB88C68005} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-10] (Google Inc.) Task: {A8E7BDD8-B578-4B0F-A612-3C34C5C36A9C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-09-14] (Microsoft Corporation) Task: {D8588FA1-8A99-48DD-AB01-D7E743E48622} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-14] (Microsoft Corporation) Task: {E5D5A6A1-3D14-49E3-AD2C-58E33168E83B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-14] (Microsoft Corporation) Task: {E7BB11BE-5672-4FC3-8839-68AE3B442547} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-12] (Dropbox, Inc.) Task: {F446AD86-BC1A-4688-AD40-5ECA69BC6BFC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-14] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\staub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Reee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-06-09 10:30 - 2014-08-07 12:45 - 000135680 _____ () C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-07-19 18:18 - 2017-07-19 18:18 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2017-08-29 02:43 - 2017-08-29 02:43 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2016-01-27 05:04 - 2016-01-27 05:04 - 000163328 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe 2018-06-23 08:47 - 2018-09-03 14:05 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2016-07-01 16:55 - 2016-07-01 16:55 - 001553408 _____ () D:\NadekoBot\redis\redis-server.exe 2017-04-04 16:36 - 2017-04-04 16:36 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe 2018-06-13 19:01 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-05-23 13:41 - 2018-05-23 13:42 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-05-23 13:41 - 2018-05-23 13:42 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-05-23 13:41 - 2018-05-23 13:42 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-05-23 13:41 - 2018-05-23 13:42 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll 2018-05-23 13:41 - 2018-05-23 13:42 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2016-06-09 10:30 - 2016-03-29 15:56 - 002409472 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe 2016-06-09 10:30 - 2010-01-12 19:36 - 000117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe 2016-06-09 10:30 - 2010-01-12 19:36 - 000121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe 2016-06-09 10:30 - 2010-12-17 16:04 - 000449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe 2016-06-09 10:30 - 2014-03-18 23:54 - 005644800 _____ () C:\Program Files (x86)\PHotkey\Dolbyosd.exe 2016-06-09 10:30 - 2016-04-13 18:23 - 009054720 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe 2016-06-09 10:30 - 2015-10-06 15:52 - 000331776 _____ () C:\Program Files (x86)\PHotkey\Keyboardmonitortool.exe 2018-05-26 14:43 - 2018-05-26 14:43 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-05-26 14:43 - 2018-05-26 14:43 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-09-26 08:54 - 2017-09-26 08:54 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 009358848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntPlat.dll 2015-06-16 03:53 - 2015-06-16 03:53 - 000628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe 2018-09-13 00:58 - 2018-09-11 01:50 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.92\libglesv2.dll 2018-09-13 00:58 - 2018-09-11 01:50 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.92\libegl.dll 2018-06-08 21:59 - 2018-06-08 21:59 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-06-08 21:59 - 2018-06-08 21:59 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-10-05 17:02 - 2017-10-05 17:02 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-05-04 20:37 - 2018-05-04 20:37 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-03-30 08:42 - 2018-03-30 08:42 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-06-08 21:59 - 2018-06-08 21:59 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-06-08 21:59 - 2018-06-08 21:59 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-06-08 21:59 - 2018-06-08 21:59 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll 2018-05-26 14:43 - 2018-05-26 14:43 - 000103424 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\BendRealityNode.dll 2018-03-30 08:42 - 2018-03-30 08:42 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2018-05-19 12:21 - 2018-05-19 12:21 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll 2018-05-08 15:52 - 2018-05-08 15:52 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-08-28 12:36 - 2017-05-10 17:41 - 000042232 _____ () C:\Program Files\GIMP 2\bin\libgimpmodule-2.0-0.dll 2017-08-28 12:36 - 2017-05-10 17:41 - 000058672 _____ () C:\Program Files\GIMP 2\bin\libgimpthumb-2.0-0.dll 2017-08-28 12:36 - 2017-05-10 17:41 - 001249752 _____ () C:\Program Files\GIMP 2\bin\libgimpwidgets-2.0-0.dll 2017-08-28 12:36 - 2017-05-10 17:40 - 000107928 _____ () C:\Program Files\GIMP 2\bin\libgimpbase-2.0-0.dll 2017-08-28 12:36 - 2017-05-10 17:40 - 000075216 _____ () C:\Program Files\GIMP 2\bin\libgimpcolor-2.0-0.dll 2017-08-28 12:36 - 2017-05-10 17:40 - 000084928 _____ () C:\Program Files\GIMP 2\bin\libgimpconfig-2.0-0.dll 2017-08-28 12:36 - 2017-05-10 17:41 - 000047000 _____ () C:\Program Files\GIMP 2\bin\libgimpmath-2.0-0.dll 2017-08-28 12:36 - 2017-05-10 00:43 - 000290240 _____ () C:\Program Files\GIMP 2\bin\libfontconfig-1.dll 2017-08-28 12:36 - 2017-05-06 19:56 - 000130244 _____ () C:\Program Files\GIMP 2\bin\libbabl-0.1-0.dll 2017-08-28 12:36 - 2017-05-06 19:41 - 000516190 _____ () C:\Program Files\GIMP 2\bin\libfreetype-6.dll 2017-08-28 12:36 - 2017-05-06 19:54 - 000900199 _____ () C:\Program Files\GIMP 2\bin\libcairo-2.dll 2017-08-28 12:36 - 2017-05-06 20:50 - 000425279 _____ () C:\Program Files\GIMP 2\bin\libgegl-0.2-0.dll 2017-08-28 12:36 - 2017-05-06 20:16 - 000082221 _____ () C:\Program Files\GIMP 2\bin\libgcc_s_seh-1.dll 2017-08-28 12:36 - 2017-05-06 19:39 - 000091289 _____ () C:\Program Files\GIMP 2\bin\zlib1.dll 2017-08-28 12:36 - 2017-05-06 19:42 - 001253806 _____ () C:\Program Files\GIMP 2\bin\libxml2-2.dll 2017-08-28 12:36 - 2017-05-06 19:41 - 000219806 _____ () C:\Program Files\GIMP 2\bin\libpng16-16.dll 2017-08-28 12:36 - 2017-05-06 19:39 - 000344118 _____ () C:\Program Files\GIMP 2\bin\libjpeg-8.dll 2017-08-28 12:36 - 2017-05-06 19:50 - 000435601 _____ () C:\Program Files\GIMP 2\bin\libtiff-5.dll 2017-08-28 12:36 - 2017-05-06 20:36 - 000384957 _____ () C:\Program Files\GIMP 2\bin\libharfbuzz-0.dll 2017-08-28 12:36 - 2017-05-06 19:39 - 000662600 _____ () C:\Program Files\GIMP 2\bin\libpixman-1-0.dll 2017-08-28 12:36 - 2017-05-06 19:41 - 000304869 _____ () C:\Program Files\GIMP 2\bin\libjasper-4.dll 2017-08-28 12:36 - 2017-05-06 19:40 - 000032655 _____ () C:\Program Files\GIMP 2\bin\libffi-6.dll 2017-08-28 12:36 - 2017-05-06 20:43 - 000074543 _____ () C:\Program Files\GIMP 2\lib\gtk-2.0\2.10.0\engines\libwimp.dll 2017-08-28 12:36 - 2017-05-10 17:42 - 000043024 _____ () C:\Program Files\GIMP 2\lib\gimp\2.0\modules\libdisplay-filter-lcms.dll 2017-08-28 12:36 - 2017-05-06 19:53 - 000320117 _____ () C:\Program Files\GIMP 2\bin\liblcms2-2.dll 2017-08-28 12:36 - 2017-05-10 17:41 - 000153280 _____ () C:\Program Files\GIMP 2\bin\libgimpui-2.0-0.dll 2017-08-28 12:36 - 2017-05-10 17:40 - 000248800 _____ () C:\Program Files\GIMP 2\bin\libgimp-2.0-0.dll 2017-09-20 15:46 - 2017-09-20 15:46 - 000033792 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_system-vc140-mt-1_59.dll 2017-09-20 15:45 - 2017-09-20 15:45 - 000062976 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_date_time-vc140-mt-1_59.dll 2017-09-20 15:46 - 2017-09-20 15:46 - 000106496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_thread-vc140-mt-1_59.dll 2017-09-20 15:46 - 2017-09-20 15:46 - 000042496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_chrono-vc140-mt-1_59.dll 2017-09-20 15:46 - 2017-09-20 15:46 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll 2016-06-09 10:30 - 2009-12-18 17:36 - 000973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll 2016-06-09 10:30 - 2013-09-18 01:23 - 000108032 _____ () C:\Program Files (x86)\PHotkey\PGFNEX.dll 2018-09-11 23:23 - 2018-09-11 13:54 - 001113928 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2018-09-11 23:23 - 2018-09-11 13:54 - 002247496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2018-05-15 22:28 - 2018-09-11 13:57 - 000023888 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:55 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000142824 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:55 - 001958760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:55 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:54 - 000117272 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll 2018-05-15 22:28 - 2018-09-11 13:54 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:54 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll 2018-05-15 22:28 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000074584 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:55 - 000026312 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:57 - 000401608 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:58 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:54 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:58 - 000059744 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:58 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:58 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:55 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000032736 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:57 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 001779024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000519504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000052424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 003822784 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:58 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd 2018-07-31 20:16 - 2018-09-11 13:58 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:58 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:58 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:55 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:54 - 000494048 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:58 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:54 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2018-09-11 23:23 - 2018-09-11 13:56 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:54 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2018-05-15 22:28 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:55 - 000441672 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2018-05-15 22:28 - 2018-09-11 13:58 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2018-09-11 23:23 - 2018-09-11 13:56 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2018-05-15 22:28 - 2018-09-11 13:58 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd 2018-05-15 22:28 - 2018-09-11 13:58 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000531280 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000354128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd 2018-09-11 23:23 - 2018-09-11 13:56 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd 2018-05-01 19:01 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\staub\AppData\Local\Discord\app-0.0.301\ffmpeg.dll 2018-05-01 19:01 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\staub\AppData\Local\Discord\app-0.0.301\libglesv2.dll 2018-05-01 19:01 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\staub\AppData\Local\Discord\app-0.0.301\libegl.dll 2018-05-03 17:27 - 2018-09-08 19:31 - 011321176 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node 2018-05-03 17:27 - 2018-09-13 09:43 - 001615704 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node 2018-05-03 17:27 - 2018-05-03 17:27 - 001910104 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node 2018-05-03 17:27 - 2018-05-03 17:27 - 000422744 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node 2018-05-03 17:27 - 2018-05-03 17:27 - 000145240 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node 2018-05-03 17:27 - 2018-05-03 17:27 - 000512856 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node 2018-05-03 17:27 - 2018-08-19 11:58 - 001641304 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node 2018-05-03 17:27 - 2018-09-08 19:31 - 001743704 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node 2018-05-03 17:27 - 2018-05-03 17:27 - 002722648 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node 2018-08-19 11:59 - 2018-09-13 09:43 - 001257816 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node 2018-08-19 11:59 - 2018-09-13 09:43 - 022420824 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node 2018-05-03 17:27 - 2018-05-03 17:27 - 002760536 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node 2018-05-03 17:27 - 2018-05-03 17:27 - 001249112 _____ () \\?\C:\Users\staub\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node 2017-08-04 18:20 - 2018-08-23 19:54 - 085627280 _____ () C:\Users\staub\AppData\Roaming\Spotify\libcef.dll 2017-08-04 18:20 - 2018-08-23 19:54 - 003867536 _____ () C:\Users\staub\AppData\Roaming\Spotify\libglesv2.dll 2017-08-04 18:20 - 2018-08-23 19:54 - 000088464 _____ () C:\Users\staub\AppData\Roaming\Spotify\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\sharepoint.com -> hxxps://studiumunihamburgde-files.sharepoint.com ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2018-07-25 12:00 - 2018-07-25 12:00 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2089115426-2641811642-829515932-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\staub\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == HKLM\...\StartupApproved\Run32: => "Discord" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "CyberGhost" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2089115426-2641811642-829515932-1001\...\StartupApproved\Run: => "Windows Shutdown Assistant" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{AE92B345-3199-4EEF-9586-97639356C346}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe FirewallRules: [{8B34D625-C8B6-4877-96C0-CBCDD25DF20E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe FirewallRules: [{813C34EB-FF58-4882-A370-435EEBAAD5F1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe FirewallRules: [{AD48AB42-02A1-4FE2-BB61-BD91FEFE0D9C}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe FirewallRules: [UDP Query User{BB52AE73-447A-4875-B1C4-489FF54D13A8}D:\uni\eclipse\eclipse\eclipse.exe] => (Allow) D:\uni\eclipse\eclipse\eclipse.exe FirewallRules: [TCP Query User{1E018F34-2790-4BE2-807C-9FB190602EB2}D:\uni\eclipse\eclipse\eclipse.exe] => (Allow) D:\uni\eclipse\eclipse\eclipse.exe FirewallRules: [{E442D729-9F1B-4991-A07D-4C1E4FD64E88}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe FirewallRules: [{D36A68D1-D6AD-4B68-828E-A3713C4B7EB6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe FirewallRules: [{02690E20-A6C1-4E8C-8966-FA878327C8B5}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe FirewallRules: [{BE7832E1-7140-4C30-9357-0DADB4691F1B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe FirewallRules: [{B701D663-0DA5-46ED-BC2A-1B8DAED27117}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm5.exe FirewallRules: [{5099E323-58A7-4AE2-B9DF-58E9B847BE54}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm5.exe FirewallRules: [{AA81E785-EBF6-4061-8C89-D657823E747E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm7.exe FirewallRules: [{1AA2BFDC-78DD-4234-A48C-B28BF93C25FD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Princess Remedy\remedy_gm7.exe FirewallRules: [UDP Query User{4587EEC4-7F5C-425E-95F0-56F7EDD9ABBB}D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{BF443098-73E6-40A2-BE2F-A9909D946A26}D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{8DBDCE7E-3EF9-4E8A-9728-EAE711DB58A7}D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{49AFF02A-296E-45A6-A287-C7B93A122D77}D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\downloads\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [{75D97824-3462-4A75-A6EA-A53E9A467964}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe FirewallRules: [{970633DC-A219-44EA-AB6F-E056362A63AD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe FirewallRules: [{E9F6A44A-0025-4C41-819C-1492EE4FF631}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{81728671-EFB2-44AF-88C9-7DCC094E4A78}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{067362FD-864A-4B84-87C3-62A7F329B816}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cinderella Phenomenon - OtomeVisual Novel\CinderellaPhenomenon.exe FirewallRules: [{BFA943BE-A0BC-4E1F-B0C2-C4443C530327}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cinderella Phenomenon - OtomeVisual Novel\CinderellaPhenomenon.exe FirewallRules: [{A38F2385-F440-4350-A7F8-FAC4503DA5F3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [{4FA6104E-157C-4834-8C8E-07A57325397A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [{887FCE58-5341-419B-8FA8-EAE86E02568D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\nmrih\sdk\hl2.exe FirewallRules: [{1DDB75C1-8E0D-4E64-BD1C-723A14398428}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\nmrih\sdk\hl2.exe FirewallRules: [{F150B6E4-4396-4D0A-B297-7E34A47C6BFB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [{BAC971B4-6F80-4D24-AEF2-F60E59859263}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [{FE34D1ED-A649-455D-8C5C-9611625CC50F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{1194BA1C-D046-45B9-91FB-19614B796F77}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{697E94D7-838B-4464-AA45-724365922964}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\Launcher.exe FirewallRules: [{3742AD2F-428F-438F-A781-CC5FCE95139F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\Launcher.exe FirewallRules: [{122944A9-A5C3-4EC4-8167-2F0BC5BE1442}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\aamfp.exe FirewallRules: [{35A07696-EDD7-481D-9634-01842C72BCE2}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Machine for Pigs\aamfp.exe FirewallRules: [{C536E400-CED9-4690-A95C-180258A5D957}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe FirewallRules: [{DCA1F6DE-8A77-4407-A12A-5690EA77A60B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe FirewallRules: [{0129324A-6372-4E23-9157-77101112E2BF}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe FirewallRules: [{ED9C52F2-03DD-4A4C-8DD3-F3F95F10E880}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe FirewallRules: [{6B1E3FBE-15B0-4297-8542-B3BAF3B497C6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Air Brawl\Air Brawl.exe FirewallRules: [{8E52E0D5-830E-42F3-ACF1-C2A2E535FDC4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Air Brawl\Air Brawl.exe FirewallRules: [{29298C02-98D6-4A46-AB0D-B58363A92EFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{AE199B30-E14B-4564-926F-9DACC52886BB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{94884D5E-85EF-49C6-9EA6-D7B317BBF8DA}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{2F881564-4C2D-4BB6-8E47-B9132B8FFA0E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{7E226AB7-0100-4197-872C-2AB1CC4D8B9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{55F4FA45-21B1-4548-BCA7-A1A7C7A6FFA0}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [{A336D929-61D4-4E0C-A7C8-E8AD81F539BB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{A640F38C-B29C-44DC-BB89-A9FFA8AF66CB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [{ACEB7411-E162-4759-BE40-C44B6ABF669B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{4F03E168-2919-449B-AC05-DAE9A6B21996}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{427ED94D-6264-4AED-BA42-9FC02B13B0BC}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{23B15E30-8A99-43B1-B072-CAF17BD69B98}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [{527A802B-180B-4961-BF4D-4EEB6AE80E8F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{4C1A8BB0-F72C-4A84-8B61-51E4D38FB137}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [UDP Query User{43402D6D-559D-483A-8A3E-1501E082F775}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe FirewallRules: [TCP Query User{9FA38818-BA1F-4D00-91E1-C543E1590AB1}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe FirewallRules: [UDP Query User{2D572ADD-B1F2-4007-848A-7D4D60A569CB}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe FirewallRules: [TCP Query User{8D15F317-AE12-4092-80F5-B1AE2E886579}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe FirewallRules: [{31E08BA8-8D52-42FB-9532-DF4775B6D61E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shank Demo\bin\Shank.exe FirewallRules: [{76B8CDEB-2B3F-48E5-B570-A305BEA01FAD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shank Demo\bin\Shank.exe FirewallRules: [{416C241D-31D6-4DCB-9327-60A2984E6995}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{5F04DE88-8E60-41D3-81DF-7D60C6FFE1E3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{ECB14AF4-EB93-4A0A-82D4-662100C71B61}] => (Allow) D:\Downloads\Games\Secret World Legends\ClientPatcher.exe FirewallRules: [{45915F72-F805-49BA-B0BB-F51067D81FE0}] => (Allow) D:\Downloads\Games\Secret World Legends\ClientPatcher.exe FirewallRules: [{C29F60A8-53B2-4C11-AF24-F05D3E6E3C0D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Monaco\MONACO.exe FirewallRules: [{198FB835-EE23-4C23-AA0F-80BAC447CAB9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Monaco\MONACO.exe FirewallRules: [{1EAC6018-3CFE-4058-B9AB-44EE537FB950}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe FirewallRules: [{2A792BEF-ABE7-470E-B56B-AF0776C2B61F}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe FirewallRules: [{A211B133-CD1C-49ED-A262-AD21FF2F7439}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe FirewallRules: [{F0275489-326F-44DF-AF5D-712804F2A1E8}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe FirewallRules: [{9E09F80C-F2E5-4C26-A2DE-2A66603F5974}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe FirewallRules: [{63B0CC1C-10BB-4A3C-AEA4-0CD1977FC8FF}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe FirewallRules: [{EFEF078B-A97A-4138-9BAA-EAF1C428BFD9}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{5EA019D5-000B-4243-9437-64CBC5E87A45}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{DCA8E089-302C-4D2A-9E19-8F3AAEC06363}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{4D1A2EE0-7A50-4B78-B6E0-E2E9076A84CF}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{3BE4A387-D647-4D2D-A7CB-78D8F8A6275C}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{362E2A26-F57D-41D8-B27B-9DF48D79ACD5}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{21164AE7-EE79-4ADB-9E5E-66EC15C6B459}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{35BAD61C-063A-410D-8B18-8F9FCE0980B4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D57D6DA3-A095-4DE1-8C1E-589D249E08AD}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{A5A95D36-0D43-4B02-B89F-60E813862599}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{1D693746-6BF1-46DA-AB36-FE75BF3D448C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{CEDEB133-B392-4829-A5F5-C97C75CEBA55}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{F2232837-6AFF-4411-980A-0CF014F3A76D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{671F6F13-5D7F-4F0B-8176-3132F0DF76EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{D3DBA6DE-89D0-40AD-955B-14792C40333A}C:\users\staub\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\staub\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{7701EC30-F28C-4A01-ABD3-06DF31B5D166}C:\users\staub\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\staub\appdata\roaming\spotify\spotify.exe FirewallRules: [{8644FA34-D321-4D59-86A2-561EBF35856A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{E5E36995-E0FD-40B8-930D-6CE184D6FE04}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [TCP Query User{168DC41D-682B-4A4D-8F7D-F2FC547FC2F9}D:\downloads\games\hearthstone\hearthstone.exe] => (Allow) D:\downloads\games\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{384463DF-F7B6-4E60-B8B9-52FCE425C05A}D:\downloads\games\hearthstone\hearthstone.exe] => (Allow) D:\downloads\games\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{1C244ED8-2DC9-48BD-B4D1-AD98084AD126}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [UDP Query User{36A229D1-7399-4672-9074-A6FBC4AAD585}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [TCP Query User{9521923B-05DF-45E7-A686-A8773A27DBDF}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [UDP Query User{DC5D19DA-CE0C-4C6B-A7BF-69BE3C430748}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [TCP Query User{B8404964-6383-4E4B-B0E7-C96496718CE7}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe FirewallRules: [UDP Query User{BD187D00-F099-4950-B100-5C5951AC5451}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe FirewallRules: [{925DF980-0676-4BAA-914F-51A2F937A5A8}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe FirewallRules: [TCP Query User{0C740B5D-02C6-49E0-9C2B-A5620AF40E8D}D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{9931F919-BB93-464C-A62B-C8170CE39657}D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{7694F13F-9A65-48B8-8709-33DC69F2FAA4}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe FirewallRules: [UDP Query User{218C3FDB-A6FD-43D8-820E-C8C22CDEC01C}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe FirewallRules: [TCP Query User{24EC901C-C8C2-4903-AEFD-1F4FA957385D}C:\program files\unity\editor\data\tools\nodejs\node.exe] => (Allow) C:\program files\unity\editor\data\tools\nodejs\node.exe FirewallRules: [UDP Query User{8B57865E-A3B9-4E11-A9F1-0E9C133E3193}C:\program files\unity\editor\data\tools\nodejs\node.exe] => (Allow) C:\program files\unity\editor\data\tools\nodejs\node.exe FirewallRules: [{DBE2AD58-40B1-4605-8BCB-73B676437751}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{AF78346B-E0E8-469D-A252-0BEA47747C8A}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe FirewallRules: [{F62EDF43-547C-4D81-B21C-E3C6EB9DC38F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe FirewallRules: [TCP Query User{124E2B6A-96AF-4349-A9D7-E52BB0A9D41F}D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe FirewallRules: [UDP Query User{187F4ADD-3307-4BC1-9DA7-E8045316AC14}D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) D:\downloads\games\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe FirewallRules: [TCP Query User{BAB4A592-DC9F-4EB5-9978-0A1714BC10F0}D:\downloads\games\overwatch\overwatch.exe] => (Allow) D:\downloads\games\overwatch\overwatch.exe FirewallRules: [UDP Query User{EF225068-3D1B-4F51-BCD0-97FCC7A0F5E6}D:\downloads\games\overwatch\overwatch.exe] => (Allow) D:\downloads\games\overwatch\overwatch.exe FirewallRules: [{291A6A69-4A4A-430C-BD0B-8CF5DB781E2D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here.exe FirewallRules: [{62CC98E4-D3B0-4285-AE62-C1BE7CB95DA7}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here.exe FirewallRules: [{C7AD0CE5-A384-42EA-BA7D-FAAAC014F785}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here VR.exe FirewallRules: [{C54EB692-924F-488E-BEDD-06933478B2DF}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\We Were Here\We Were Here VR.exe FirewallRules: [{661875E2-6257-4000-9E2F-B3FD4458E48C}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{27203441-D992-4A21-B592-B6CE080FD0C1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [TCP Query User{5408F76E-7694-4FCA-B107-0BC6B397634E}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe FirewallRules: [UDP Query User{14BA8636-3BB6-41D4-9EF7-EDD8F63842BF}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe FirewallRules: [{BEE825D1-265A-43F4-90B7-A9C0911E7F6C}] => (Allow) D:\NadekoBot\redis\redis-server.exe FirewallRules: [{35FC2D14-20E9-425E-95C2-3AC6A6D6F551}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe FirewallRules: [{7121F1B0-D504-4E79-9EB2-5ACC08271B5E}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe FirewallRules: [{7437FCDA-29FB-4B9E-8584-0ED2D9FAEF59}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{AC23B224-E941-4006-98D2-2B21A052EEF9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{DF618C39-1EAD-4BAD-86D6-E0EB19FEA5E0}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout\FalloutLauncher.exe FirewallRules: [{EBE552B3-416D-492D-BC42-294F6E363E41}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout\FalloutLauncher.exe FirewallRules: [{CC39AFDC-E1C5-4822-B11D-0C782AF90C5E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe FirewallRules: [{FC99EDFE-0363-4D97-AC10-48E3E949FAAD}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe FirewallRules: [{88AE44BC-D3C5-4D5E-B3E6-2A3DA432A4A6}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dust An Elysian Tail\DustAET.exe FirewallRules: [{E18340FA-E27E-4116-AE58-6CA397489EBB}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dust An Elysian Tail\DustAET.exe FirewallRules: [{BE341F1B-27B9-40D5-BA38-B8578E5855B4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\IdleChampions\IdleDragons.exe FirewallRules: [{CC8ACDEA-E3BB-4B1D-95B6-24603D6A18C9}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\IdleChampions\IdleDragons.exe FirewallRules: [TCP Query User{AAD811C9-F772-44E0-8539-09E821447E18}D:\downloads\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\downloads\games\the sims 4\game\bin\ts4_x64.exe FirewallRules: [UDP Query User{D19A33BA-5E20-473B-862E-FA5DB916EC65}D:\downloads\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\downloads\games\the sims 4\game\bin\ts4_x64.exe FirewallRules: [{F113299F-E258-494B-A588-5521E55DC913}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Doki Doki Literature Club\DDLC.exe FirewallRules: [{CBF825E4-FFAF-4250-9D3F-979ED341EB9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Doki Doki Literature Club\DDLC.exe FirewallRules: [{3EC7FB21-9B2F-435B-8383-70F0C0C100B5}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\World of Warships\bin\clientrunner\clientrunner.exe FirewallRules: [{E0A3F8D8-AB5B-4D12-9741-4F5021721717}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\World of Warships\bin\clientrunner\clientrunner.exe FirewallRules: [{C3F8DCB9-7380-4150-BD24-187491F0EC25}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shadowrun Returns\Shadowrun.exe FirewallRules: [{A7EE2576-9CDD-4954-9841-C4E5370EEC47}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Shadowrun Returns\Shadowrun.exe FirewallRules: [{0FA6B34B-6FC2-4DFD-BDB9-53DB02EC6711}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe FirewallRules: [{64B03985-9C33-4EF8-9680-501C50F47C9E}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe FirewallRules: [{A5DAEA93-6179-42AB-A1FE-CB08FF73C5FE}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\VRChat\VRChat.exe FirewallRules: [{66AEFF59-0056-4556-A763-C7C25FA83463}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\VRChat\VRChat.exe FirewallRules: [{7026AF56-C7E9-47E5-8D6B-9114EDE30342}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe FirewallRules: [{34BED28F-3CDA-4A2E-AC9F-4DA0EBFA0095}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe FirewallRules: [{85F24101-D257-49FC-B184-E7E7971A9CC4}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\FlameInTheFlood\RiverGame.exe FirewallRules: [{463FAAAF-DA40-4C53-9830-FC5BD5CC0B54}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\FlameInTheFlood\RiverGame.exe FirewallRules: [TCP Query User{FE8ACD97-572B-4C4D-A4DC-C762589DF006}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe FirewallRules: [UDP Query User{05EDE794-953C-4C9B-B623-CDBE14CC8113}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe FirewallRules: [{1DBD8412-F824-4A71-B583-0B23B2AC5308}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{84431380-A50B-49FE-AF08-C97EA9133508}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{593A5877-36A3-48A3-B8A2-9BA1268428F9}] => (Allow) C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe FirewallRules: [{067171D3-CDA7-4E39-B569-0CB6C53C9088}] => (Allow) C:\Program Files (x86)\CompanyName\Windows Shutdown Assistant\Windows Shutdown Assistant.exe FirewallRules: [{1E412C8C-099F-4FA6-8D00-9FD8C1DB1C33}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{4ADA2929-08C1-41E7-A4B4-87129FDD103B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{DED97B08-41C0-484F-8FBA-0E312C8C8F9D}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [{C8096ADF-822D-46F4-88CD-ECD23961898F}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [{776F9125-BB9D-45E0-8FEF-F9C7C3355611}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{6C64D425-F60E-4DD4-9657-D277C9051029}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{76399528-22B3-4138-8998-530492ED64A1}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{1E34F3DD-D166-4DDB-91B2-71BA0CA6EB9B}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{87E6EEF0-2196-4408-ABEC-AB572A92DA68}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{12868E6F-7987-4627-A931-B1F09A150BBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{5397A3E5-A7A7-4890-BA7F-38119F27D5A6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{38E868AF-A069-4029-B6D3-F51EFE1FF59B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{E239E74A-C7FD-4E88-AD23-6824C0EF44C3}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{DA439718-6F8A-4778-85C9-6D021A6DE749}] => (Allow) D:\Downloads\Games\SteamLibrary\steamapps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{D5929615-6992-45F9-B441-251A293F4F79}] => (Allow) C:\Program Files (x86)\Origin Games\Spore\Sporebin\SporeApp.exe FirewallRules: [{7F0427C3-010A-4138-81D8-690FD10E1754}] => (Allow) C:\Program Files (x86)\Origin Games\Spore\Sporebin\SporeApp.exe FirewallRules: [{E8D63457-1175-4F88-9EB4-4A163E86BBB6}] => (Allow) D:\Program Files\Nox\bin\Nox.exe FirewallRules: [{7C7D0684-6420-420D-A67A-30F19FB6B64A}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe FirewallRules: [{08356CC1-09F1-4638-9B0F-87D4F79854B7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{CA1A809F-0C05-4CD4-8621-FDD186FAD5CD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{E283343C-AFC6-49D6-91F6-ACF0E0968860}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E7EFEDA1-897F-41AA-BD53-F86525E80BA2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{56C69B6F-1C38-4AD1-8706-8376696C05FA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (09/16/2018 08:00:11 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Error: (09/16/2018 08:00:10 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Error: (09/16/2018 07:51:37 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Error: (09/16/2018 07:49:18 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Error: (09/16/2018 07:49:07 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Error: (09/16/2018 07:18:32 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (09/16/2018 07:08:00 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Error: (09/16/2018 07:07:59 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UKTCUI2) Description: httphttp-2147467263 Systemfehler: ============= Error: (09/16/2018 03:50:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/16/2018 03:35:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/16/2018 03:25:24 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID Windows.SecurityCenter.WscCloudBackupProvider und der APPID Nicht verfügbar im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/16/2018 03:24:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/16/2018 03:24:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UKTCUI2) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-UKTCUI2\staub" (SID: S-1-5-21-2089115426-2641811642-829515932-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/16/2018 03:24:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/16/2018 03:24:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (09/16/2018 03:24:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll CodeIntegrity: =================================== Date: 2018-06-23 08:51:02.942 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-23 08:48:03.423 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-6267U CPU @ 2.90GHz Prozentuale Nutzung des RAM: 60% Installierter physikalischer RAM: 6062.59 MB Verfügbarer physikalischer RAM: 2384.28 MB Summe virtueller Speicher: 10670.59 MB Verfügbarer virtueller Speicher: 4970.03 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:117.22 GB) (Free:20.74 GB) NTFS Drive d: (Data) (Fixed) (Total:1337.26 GB) (Free:796.82 GB) NTFS Drive e: (Recover) (Fixed) (Total:60 GB) (Free:42.61 GB) NTFS \\?\Volume{469da7c1-3405-49e3-9966-c1579fc63c47}\ () (Fixed) (Total:0.9 GB) (Free:0.45 GB) NTFS \\?\Volume{37c984f9-d5e4-4a08-916b-06b97dddf7e8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 1397.3 GB) (Disk ID: BBB25831) Partition: GPT. ======================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: BBB2585A) Partition: GPT. ==================== Ende von Addition.txt ============================ |
Themen zu Avast meldet "StartUpLibrary.dll" als IDP.Generic, Malwarebytes nicht - Probleme Windows Update - Malware oder nicht? |
anderen, avast, beitrag, beiträge, bereich, coupons, dll meldung, falsch, fehlen, fehlercode, idp.generic, laptop, laufen, malwarebytes, melde, meldet, meldung, probleme, quarantäne, ublock origin, update, update fehler, updates, verschieben, wichtige, wiederherstellung, windows, windows update, windowsapps, woche, wochen |