Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-03-2017
durchgeführt von Princhi (08-03-2017 17:32:27)
Gestartet von C:\Users\Princhi\Downloads
Windows 10 Pro Version 1607 (X64) (2016-09-05 15:59:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-88799701-2343346839-193955109-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-88799701-2343346839-193955109-503 - Limited - Disabled)
Gast (S-1-5-21-88799701-2343346839-193955109-501 - Limited - Disabled)
Princhi (S-1-5-21-88799701-2343346839-193955109-1001 - Administrator - Enabled) => C:\Users\Princhi
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
amulesw (HKLM-x32\...\{57C598F7-B9E0-401E-8BAC-D171EB8A01A8}) (Version: 1.0.5 - amules)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BikaQ Rss (HKLM-x32\...\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}) (Version: 2.0.16 - BikaQ) <==== ACHTUNG
Black and White (HKLM-x32\...\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}) (Version: - )
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.5 - Daum Games EU)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG6600 series Benutzerregistrierung (HKLM-x32\...\Canon MG6600 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG6600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6600_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.04.0000 - CASIO COMPUTER CO., LTD.)
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.3.02039 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.3.02039 - Cisco Systems, Inc.) Hidden
CodeBlocks (HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\CodeBlocks) (Version: 16.01 - The Code::Blocks Team)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.27.80.1020 - Electronic Arts Inc.)
Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
Dropbox (HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Duke Nukem Forever (HKLM\...\Steam App 57900) (Version: - Gearbox Software)
Euro Truck Simulator 2 Demo (HKLM\...\Steam App 231120) (Version: - SCS Software)
Evernote v. 5.8.4 (HKLM-x32\...\{C15841A6-C20A-11E4-977D-00163E98E7D6}) (Version: 5.8.4.6870 - Evernote Corp.)
Fable Anniversary (HKLM-x32\...\Steam App 288470) (Version: - Lionhead Studios)
Fallout 4 MULTi2 1.1.30 (HKLM-x32\...\Fallout 4 MULTi2 1.1.30) (Version: - )
FINAL FANTASY X/X-2 HD Remaster (HKLM\...\Steam App 359870) (Version: - SQUARE ENIX)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
fx-Manager PLUS (90-Day Trial) (HKLM-x32\...\{80447814-A99C-415D-B019-7A825CEE064B}) (Version: 02.04.4100.0291 - CASIO COMPUTER CO., LTD.)
GameMaker: Player (HKLM-x32\...\GameMakerPlayer) (Version: 1.4.1242.41000 - YoYo Games Ltd.)
GameMaker-Studio 1.4 (HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\GameMaker-Studio14) (Version: - YoYo Games Ltd.)
Gametree Launcher (HKLM-x32\...\GTL) (Version: 3.0.26.0 - NtreevSoft)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GRID (HKLM\...\Steam App 12750) (Version: - Codemasters Studios)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HMA! Pro VPN 3.2.13.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 3.2.13.0 - Privax Ltd)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Microsoft OneDrive (HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MouseRecorder v1.0.51 (HKLM-x32\...\MouseRecorder_is1) (Version: 1.0.51 - Bartels Media GmbH)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 352.86 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.25153 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{180b9d5a-5197-4326-bcb0-fe448086015b}) (Version: latest - ppy Pty Ltd)
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PC Wizard 2015.2.14 (HKLM-x32\...\PC Wizard 2015_is1) (Version: - CPUID)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
SABnzbd 0.7.19 (HKLM-x32\...\SABnzbd) (Version: 0.7.19 - The SABnzbd Team)
Samsung Connection Manager (HKLM-x32\...\{F3F95061-0427-4386-AB03-1556CBE52927}) (Version: 112.6 - Samsung Electronics)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{6C8C4577-8E15-4C63-96ED-D40F2072FF74}) (Version: 6.0.19.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{9C926493-16C0-438E-8E51-BC3638E29ABB}) (Version: 6.1.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Trillian (HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\Trillian) (Version: - Cerulean Studios, LLC)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM-x32\...\{B5761811-28F3-4257-B537-815C5EEF472C}) (Version: 3.1.2.104 - Vodafone)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.14-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinRAR 5.20 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.2 - win.rar GmbH)
WinSnare (HKLM-x32\...\{6F28E3A8-BEC0-4CCD-A35F-7155729C7A88}) (Version: 4.2.6 - WinSnare) <==== ACHTUNG
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-88799701-2343346839-193955109-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Princhi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-88799701-2343346839-193955109-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Princhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-88799701-2343346839-193955109-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Princhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-88799701-2343346839-193955109-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Princhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-88799701-2343346839-193955109-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Princhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-88799701-2343346839-193955109-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Princhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-88799701-2343346839-193955109-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Princhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-88799701-2343346839-193955109-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Princhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-88799701-2343346839-193955109-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Princhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-88799701-2343346839-193955109-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Princhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {004C7BCF-DF05-463F-AE87-A9037EB33295} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {091E4F5D-850A-4359-A8B8-1EBF544D3458} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {0E524B03-1D26-41B6-ABD2-F29FB4F8B41D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-24] (Microsoft Corporation)
Task: {234468EA-8B43-4B63-B02F-48719C50B1D6} - System32\Tasks\{438F159D-A759-457B-A222-FD5013D632EC} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {2A144903-ADD3-4EDD-A7BC-CC01CE57DF84} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {339DDE55-629F-4266-B263-9F312E284E09} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {36FA50E1-D56E-483F-AEE3-3F296E349404} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {38261DF8-27F9-49FC-B90E-0716D33F9E03} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3CA17CED-0C4E-40A1-910C-F2ECB81E40A8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {4B9C0926-CF32-484A-A741-A6E2C89BC329} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {518C3D3C-C292-42AB-98EE-A7C53919E7BC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {59D17917-85E1-4E2E-959F-2F02B05AA878} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Princhi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {6400C925-1181-4AF3-92E4-BBCDB19DE50E} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Keine Datei <==== ACHTUNG
Task: {8B7D9CE6-6BF7-46D2-B30B-19120BEF004F} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Keine Datei <==== ACHTUNG
Task: {9343FC7C-B573-4742-BDF9-B58789B4F31C} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2016-12-28] ()
Task: {AE88677F-1C9A-4A68-918B-E1DBDB57FBEB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {B5BB4BD1-F18C-40B3-8925-0E98012E2F12} - System32\Tasks\{BAAF7A63-576A-4E4E-96F8-72A8EBB68660} => pcalua.exe -a "D:\Games\The Witcher 3 Wild Hunt\Uninstall.exe"
Task: {BC244B71-84EB-45F8-AC6A-6B2969879183} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {CCE2E5E1-F1F1-4AF8-A21C-2B15C00FCB0D} - System32\Tasks\{D07A19C7-CDC4-4BD3-B00B-C2829140E6CD} => pcalua.exe -a "C:\Users\Princhi\Downloads\skse_1_07_01_installer (1).exe" -d C:\Users\Princhi\Downloads
Task: {D533BD21-EC84-4A14-AEE8-FB6F0D3FAD3B} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {DDE677D5-0F3E-48FB-B0D1-BC1F907283F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E914FF3E-2FD3-4044-B9F0-21AB025188C3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {ED3BEF71-C902-4E64-B950-6C7472286B52} - System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel => C:\Program Files (x86)\BikaQRss\BikaQ.exe [2017-02-23] (IEC) <==== ACHTUNG
Task: {EDBB1ADE-5473-442F-805C-7DD1BECAAFB9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {EECBA783-C0A0-4E58-8DB0-58F0C1052B7C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Princhi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Footper\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Princhi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f1b9b70e37832c09\Google Chrome.lnk -> C:\Program Files (x86)\Footper\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Princhi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\83d1d964df0d5fea\Google Chrome.lnk -> C:\Program Files (x86)\Footper\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Princhi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Footper\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Footper\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Footper\Application\chrome.exe (Google Inc.)
ShortcutWithArgument: C:\Users\Princhi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1488990052&z=169400fa2c9264492185c7ag4z3bbbdtft5eeedwdo&from=che0812&uid=ST1000DX001-1CM162_Z1DAK2HMXXXXZ1DAK2HM
ShortcutWithArgument: C:\Users\Princhi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1488990052&z=169400fa2c9264492185c7ag4z3bbbdtft5eeedwdo&from=che0812&uid=ST1000DX001-1CM162_Z1DAK2HMXXXXZ1DAK2HM
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 19:40 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-05 16:36 - 2016-12-29 13:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-06-07 17:29 - 2016-06-15 02:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-30 11:03 - 2016-06-15 02:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-06-07 17:29 - 2016-06-15 02:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-06-07 17:29 - 2016-06-15 02:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-12-14 19:40 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-01-18 19:06 - 2015-08-21 19:33 - 01347264 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2016-06-07 17:29 - 2016-06-15 02:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-06-07 17:29 - 2016-06-15 02:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-06-07 17:29 - 2016-06-15 02:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-30 11:03 - 2016-06-15 02:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-09-13 19:42 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 21:54 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-06-07 17:29 - 2016-06-15 02:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-06-07 17:29 - 2016-06-15 02:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2017-01-11 21:54 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 21:54 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-22 13:36 - 2017-02-22 13:41 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 13:36 - 2017-02-22 13:41 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 13:36 - 2017-02-22 13:47 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 12:47 - 2017-02-06 12:50 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-01 22:05 - 2013-10-29 13:49 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2015-04-01 22:05 - 2013-06-26 16:01 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2017-03-02 15:14 - 2017-03-02 15:14 - 04031440 _____ () C:\Users\Princhi\Desktop\Programme\adwcleaner_6.044.exe
2017-03-08 17:19 - 2017-03-08 03:02 - 00111104 _____ () C:\Users\Princhi\AppData\Roaming\Kyubey\Kyubey.exe
2016-08-12 13:20 - 2016-08-12 13:20 - 00073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-09-15 12:55 - 2017-02-14 01:06 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-10-18 14:22 - 2016-10-18 14:22 - 00274944 _____ () c:\program files (x86)\clerack\grshlp.dll
2015-04-14 16:46 - 2016-06-15 02:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-01 22:05 - 2013-01-15 16:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2015-04-01 22:05 - 2013-06-26 16:01 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2017-03-08 16:27 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Footper\Application\libglesv2.dll
2017-03-08 16:27 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Footper\Application\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [430]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2015-07-26 00:22 - 00450771 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15463 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-88799701-2343346839-193955109-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Princhi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-88799701-2343346839-193955109-1001\...\StartupApproved\Run: => "FlashUpdate"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AA3E9767-E958-417A-A42D-726122390FAD}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Grid\grid.exe
FirewallRules: [{9DBC18C7-BCBE-46C4-A427-BDA250B867F2}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Grid\grid.exe
FirewallRules: [{6DEBB90C-CDBD-4A91-8502-C7F80A6430B1}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Euro Truck Simulator 2 Demo\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C57876C6-1638-4EB6-AC10-66E7B954C768}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Euro Truck Simulator 2 Demo\bin\win_x86\eurotrucks2.exe
FirewallRules: [{79056620-9A6A-4615-87CA-1952B5F0300C}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Duke Nukem Forever\System\DukeForever.exe
FirewallRules: [{2E97D87D-468E-45A0-BCF8-A5292BF6DB27}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Duke Nukem Forever\System\DukeForever.exe
FirewallRules: [UDP Query User{433BC981-68D1-42AF-9A4B-EE5EAD217F90}C:\users\princhi\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\princhi\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DDD05808-227C-4EFB-9750-1CFF75C1B087}C:\users\princhi\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\princhi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{44B50A7B-D0BB-4589-934B-0A50786FD329}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{2E6858C8-C78D-4430-85A0-4CC367187DFE}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [UDP Query User{93B9A7BD-CD95-47AB-A845-A0DC9D227B5C}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe
FirewallRules: [TCP Query User{45ACAA61-9C29-4458-AEED-8AD523C8BE0D}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe
FirewallRules: [{D1075E74-50D5-4948-B9BA-0CD61CCD3112}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe
FirewallRules: [{D5722340-8B36-44C8-BA33-6B46C9C8D418}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe
FirewallRules: [{B87CFB00-E90F-4BA4-9A69-DF124CBCCF81}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{75F2513F-C16A-47CF-ABE8-44BEC6439C81}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [UDP Query User{EBE94ED2-5388-485A-88D5-5AEC2B99BA45}D:\games\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{9D2F75BC-24E5-415E-B648-D2E9C180C121}D:\games\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [{3723B19A-C31B-4A64-9CA2-35178CC85FB1}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{BD15B16E-4434-4885-B5F4-6F8689E33025}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{084A9FE6-758E-4E14-B85B-D06BBB0F0F61}] => (Allow) C:\Users\Princhi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{45415225-36B7-487B-94D7-57CC6F2F0258}] => (Allow) C:\Users\Princhi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C51ECC81-6245-4C53-BA05-7540AE344077}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{AC491E28-6FF0-41BF-958B-8233FE86210F}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [UDP Query User{602C1D83-C965-433E-85C6-D6C80C7F0637}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{920FB982-DFC7-4EF7-A3E8-976475666FCD}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe
FirewallRules: [{6B29DA1F-AFE4-494C-A452-C86FE3D3E47F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{20D9EE97-5F76-470F-B27E-B8F316BB4346}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{773BE211-A15B-4BB6-8FD9-3BB26A28F827}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{E8A2781B-27E2-4881-A1A7-6C43DE4B7486}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BF61E21F-F3A3-4C03-A833-DB22A0A36107}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{10919623-CA13-458D-848C-CD3B577B6D94}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0EF2103A-976E-4E84-BD25-93C433853B91}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E9F09AF6-CB52-4918-899F-52B0E6EF0DDD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{29502284-E5F5-4CE1-B81B-BF88C4798916}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{42A467C8-4C2A-4F98-86C7-C10B56BABD67}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F62BE5C8-A121-4BC2-85BF-B48E186D43A7}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2B11D43B-DE96-4337-9728-BD43F4CE5D33}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{FE56EA36-F948-4AC7-A957-E70694626A65}C:\users\princhi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\princhi\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7898A2A6-1A96-4797-8F93-30A5E35847BC}C:\users\princhi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\princhi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{87F70AAF-D857-482F-829A-335EE28F8FA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BE15A0E-F5C0-40DA-B916-7BD325ACC83F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6D60CCE8-D415-4436-91E9-40CE158E7294}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9F2B6253-1903-4759-81DF-37B642BA4C6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{65C95321-80CC-41A5-B393-63BA514E8FCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9377D7C5-5AED-41CC-A314-64FD930B695C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{85433D13-0C2F-4D9F-B62A-A03491046340}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{CEBEC4F5-0951-465D-8402-0003646DF432}D:\games\fallout 4\fallout4.exe] => (Allow) D:\games\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{59AFF884-B69B-4477-AAEB-B0298E8858C1}D:\games\fallout 4\fallout4.exe] => (Allow) D:\games\fallout 4\fallout4.exe
FirewallRules: [{CD901227-D724-4713-9106-EDF3FFF2D430}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{AA7E3856-7441-4365-B47F-1A567321B6E8}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [TCP Query User{52F347C0-C575-4240-8B60-E734F85FF1DB}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{A2BCDE7F-A756-4DE7-A8EE-3F3F8D9B869A}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe
FirewallRules: [{CAD7759B-35EE-4687-8B58-B7221A00B5F9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9EBA7F21-544A-4C04-8ABD-98AFFF92315D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DCB5CD2F-2853-429E-9D64-8931E1E4DAF1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F87FA9EB-2E3E-4C02-8C12-2E27949DB16F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{88F9AD83-5CB0-48CA-8A4E-43E5E549CC7C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{D728C369-1A3E-4F26-90A2-B5B81B9E284F}D:\games\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{C2E7C391-58C9-4215-BDB9-C0052C89A2C6}D:\games\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [{8E09CCD3-0A4A-4033-912F-571DDA7CD421}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{E60A3479-5B49-46A1-A0AB-9126C405B360}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [TCP Query User{16975BF0-EDDD-4E69-960D-2CE8FEE274D0}C:\program files (x86)\amulec\amule.exe] => (Block) C:\program files (x86)\amulec\amule.exe
FirewallRules: [UDP Query User{A555A009-B6B6-40C2-992E-8B739880ECA6}C:\program files (x86)\amulec\amule.exe] => (Block) C:\program files (x86)\amulec\amule.exe
FirewallRules: [TCP Query User{561856D7-33AF-4F8E-8423-161786F6E12C}D:\games\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AF2989E4-8158-4A75-9318-5592B5390B4D}D:\games\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{D559BD0F-157B-4B1D-897B-101FF24C9FAF}D:\games\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AAD4688C-EC79-4F47-A93B-DB47D97E8F2C}D:\games\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe
FirewallRules: [{8DA6395A-3C91-4FDF-9B40-671517F4B04A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D08F5069-B898-4AC7-B529-0E32F7084B8F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{21BFE8C9-800E-4279-89C6-680D499CBD0F}D:\games\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3BD88588-EDAF-4801-B8A0-0B3DB1EF528D}D:\games\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{739F3F8E-58BF-44BE-9397-00F9D58535D8}D:\games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3D5B546D-3B14-4270-8A71-2D68187C4B6B}D:\games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{ADC29A1A-E376-4D25-B2CC-0449D1C70396}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [UDP Query User{CD82B265-F91F-4F19-9AD3-AAB58697D21C}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [TCP Query User{10E4BF73-2B71-46A1-AF90-4D369746BBC1}C:\program files (x86)\battle.net\battle.net.8288\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8288\battle.net.exe
FirewallRules: [UDP Query User{725A9649-915C-499A-B583-F2C27323A02B}C:\program files (x86)\battle.net\battle.net.8288\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8288\battle.net.exe
FirewallRules: [TCP Query User{EA94FF22-B8DA-49C3-BBB2-722A193F6783}C:\program files (x86)\battle.net\battle.net.8293\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8293\battle.net.exe
FirewallRules: [UDP Query User{34717146-5DBD-4DD6-AD10-269D82BC0269}C:\program files (x86)\battle.net\battle.net.8293\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8293\battle.net.exe
FirewallRules: [TCP Query User{DECB5554-F262-4730-B569-8EBF6C40D6E4}C:\program files (x86)\battle.net\battle.net.8394\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8394\battle.net.exe
FirewallRules: [UDP Query User{5E89A617-F504-44CD-A8CF-240EB1BDEF38}C:\program files (x86)\battle.net\battle.net.8394\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8394\battle.net.exe
FirewallRules: [{809B46EC-D486-4F7B-9F0E-163B668FB2F9}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{D9EA1209-B43B-4A64-9705-B70D5C5DF3D6}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{08EE23F8-6E9A-4AAA-9AF1-43F3AE7C498D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{62F83E86-3CF3-4ABF-98C6-9EABDDD15136}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [TCP Query User{1CABAAA3-3DE8-46AC-A353-23987FE5ABD6}C:\program files (x86)\battle.net\battle.net.8423\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8423\battle.net.exe
FirewallRules: [UDP Query User{E778CA01-19B1-4097-8750-ECD5605ADAA6}C:\program files (x86)\battle.net\battle.net.8423\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8423\battle.net.exe
FirewallRules: [TCP Query User{4EA71E1E-324F-4D2D-A1C5-258E93A6D41C}D:\games\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F91FF794-A7C4-4A6E-919D-91A17BDACA86}D:\games\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe
FirewallRules: [{A86AE849-1D33-4C98-A14D-26AD51DEE466}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8E21FD9F-69D4-4436-8FE1-CB9B7D7C0FBE}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{E010336C-5C39-42AD-96B9-3F3A0DA25795}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{A68F9182-4AE3-4C44-8A93-1F0CB776EC93}] => (Allow) C:\Program Files (x86)\Footper\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
16-02-2017 14:18:49 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
22-02-2017 15:40:58 Windows Update
01-03-2017 18:18:03 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/08/2017 05:24:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 56.0.2924.87, Zeitstempel: 0x58916dcd
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000409
Fehleroffset: 0x71b5d473
ID des fehlerhaften Prozesses: 0x2524
Startzeit der fehlerhaften Anwendung: 0x01d298286de3e0f2
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Footper\Application\chrome.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: ea0e9d83-4a79-4b89-9395-04afee92afe5
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/08/2017 04:35:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 56.0.2924.87, Zeitstempel: 0x58916dcd
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000409
Fehleroffset: 0x6b18d473
ID des fehlerhaften Prozesses: 0x27f8
Startzeit der fehlerhaften Anwendung: 0x01d29821aa11ba98
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Footper\Application\chrome.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 343e9e7b-e84b-468b-b081-7d589bc94618
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/08/2017 04:30:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 56.0.2924.87, Zeitstempel: 0x58916dcd
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000409
Fehleroffset: 0x57d8d473
ID des fehlerhaften Prozesses: 0x17ac
Startzeit der fehlerhaften Anwendung: 0x01d29820f7d26211
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Footper\Application\chrome.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 727a4a2f-a316-4c02-bab7-c6a35bf5d385
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/08/2017 04:29:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: adwcleaner_6.044.exe, Version: 6.0.4.4, Zeitstempel: 0x58b5dbcb
Name des fehlerhaften Moduls: adwcleaner_6.044.exe, Version: 6.0.4.4, Zeitstempel: 0x58b5dbcb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022d82
ID des fehlerhaften Prozesses: 0x4fc
Startzeit der fehlerhaften Anwendung: 0x01d29820b442ed74
Pfad der fehlerhaften Anwendung: C:\Users\Princhi\Desktop\Programme\adwcleaner_6.044.exe
Pfad des fehlerhaften Moduls: C:\Users\Princhi\Desktop\Programme\adwcleaner_6.044.exe
Berichtskennung: 78ab6fc2-c0c0-477e-b4f2-9ccfde3eb5f7
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/08/2017 04:29:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ctfmon.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899148
Name des fehlerhaften Moduls: InputService.dll, Version: 10.0.14393.576, Zeitstempel: 0x584a76ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00057f66
ID des fehlerhaften Prozesses: 0x299c
Startzeit der fehlerhaften Anwendung: 0x01d298202054f832
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SysWOW64\ctfmon.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\InputService.dll
Berichtskennung: 47c5e0d9-2a3c-43f0-9675-168a0546cd7c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/07/2017 03:34:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: adwcleaner_6.044.exe, Version: 6.0.4.4, Zeitstempel: 0x58b5dbcb
Name des fehlerhaften Moduls: adwcleaner_6.044.exe, Version: 6.0.4.4, Zeitstempel: 0x58b5dbcb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022d82
ID des fehlerhaften Prozesses: 0x1c70
Startzeit der fehlerhaften Anwendung: 0x01d2974fcca9a7d9
Pfad der fehlerhaften Anwendung: C:\Users\Princhi\Downloads\adwcleaner_6.044.exe
Pfad des fehlerhaften Moduls: C:\Users\Princhi\Downloads\adwcleaner_6.044.exe
Berichtskennung: 46806284-5481-4e45-816c-d001346fcd0f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/07/2017 03:34:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ctfmon.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899148
Name des fehlerhaften Moduls: InputService.dll, Version: 10.0.14393.576, Zeitstempel: 0x584a76ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00057f66
ID des fehlerhaften Prozesses: 0x1e78
Startzeit der fehlerhaften Anwendung: 0x01d29746cd37eff9
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SysWOW64\ctfmon.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\InputService.dll
Berichtskennung: d8681e43-359f-46b4-91f2-0a1278495b3f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/07/2017 01:01:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 56.0.2924.87, Zeitstempel: 0x58916dcd
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000409
Fehleroffset: 0x693cd473
ID des fehlerhaften Prozesses: 0x2be8
Startzeit der fehlerhaften Anwendung: 0x01d2973a8451a751
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Stancine\Application\chrome.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: a26a94c4-b5fc-4c9b-a93b-e3b4490dad7c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/07/2017 02:00:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 56.0.2924.87, Zeitstempel: 0x58916dcd
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000409
Fehleroffset: 0x693cd473
ID des fehlerhaften Prozesses: 0x940
Startzeit der fehlerhaften Anwendung: 0x01d296de3bda30b8
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Stancine\Application\chrome.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: e8e0a402-3d5d-4656-a614-fa9a323e8b6e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/07/2017 12:54:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 56.0.2924.87, Zeitstempel: 0x58916dcd
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000409
Fehleroffset: 0x693cd473
ID des fehlerhaften Prozesses: 0x31a0
Startzeit der fehlerhaften Anwendung: 0x01d296d50a6abfe5
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Stancine\Application\chrome.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 77a84877-3de3-4fd8-b55c-3547793e7948
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (03/08/2017 05:25:02 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (03/08/2017 05:21:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Convxxxx" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (03/08/2017 05:21:11 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/08/2017 05:21:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Kyubey" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2017 05:21:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2017 05:21:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2017 05:21:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2017 05:21:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2017 05:21:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2017 05:21:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Ntp2NetSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2017-03-07 15:34:35.588
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-03-07 15:08:10.789
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-02-03 17:00:27.187
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-02-03 16:56:56.613
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-21 01:08:28.137
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-21 00:12:20.064
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-20 23:15:15.099
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-20 22:03:49.090
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-20 21:52:52.863
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-20 21:12:20.027
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8093.39 MB
Verfügbarer physikalischer RAM: 5906.85 MB
Summe virtueller Speicher: 9373.39 MB
Verfügbarer virtueller Speicher: 7099.04 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:390.16 GB) (Free:136.58 GB) NTFS
Drive d: (Volume) (Fixed) (Total:540.4 GB) (Free:152.65 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
Code:
17:41:13.0849 0x1830 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
17:41:13.0849 0x1830 UEFI system
17:48:26.0468 0x1830 ============================================================
17:48:26.0468 0x1830 Current date / time: 2017/03/08 17:48:26.0467
17:48:26.0468 0x1830 SystemInfo:
17:48:26.0468 0x1830
17:48:26.0468 0x1830 OS Version: 10.0.14393 ServicePack: 0.0
17:48:26.0468 0x1830 Product type: Workstation
17:48:26.0468 0x1830 ComputerName: EPONA
17:48:26.0468 0x1830 UserName: Princhi
17:48:26.0468 0x1830 Windows directory: C:\WINDOWS
17:48:26.0468 0x1830 System windows directory: C:\WINDOWS
17:48:26.0468 0x1830 Running under WOW64
17:48:26.0468 0x1830 Processor architecture: Intel x64
17:48:26.0468 0x1830 Number of processors: 8
17:48:26.0468 0x1830 Page size: 0x1000
17:48:26.0468 0x1830 Boot type: Normal boot
17:48:26.0468 0x1830 CodeIntegrityOptions = 0x00000001
17:48:26.0468 0x1830 ============================================================
17:48:26.0510 0x1830 KLMD registered as C:\WINDOWS\system32\drivers\55301967.sys
17:48:26.0511 0x1830 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
17:48:26.0626 0x1830 System UUID: {C94E5BFC-A34E-F76E-4230-0C2AA1032B50}
17:48:26.0853 0x1830 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:48:26.0859 0x1830 ============================================================
17:48:26.0859 0x1830 \Device\Harddisk0\DR0:
17:48:26.0859 0x1830 GPT partitions:
17:48:26.0867 0x1830 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2E07B7E2-BA6B-436F-89A9-52134F6D736A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
17:48:26.0867 0x1830 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {17569911-260F-48B6-AD50-40327C3D91F8}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x31800
17:48:26.0867 0x1830 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1E27707F-CED8-4213-9BE7-966A097D482D}, Name: Microsoft reserved partition, StartLBA 0xC8000, BlocksNum 0x40000
17:48:26.0867 0x1830 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {15700A44-E6E1-486E-96D3-30E273E518B8}, Name: Basic data partition, StartLBA 0x108000, BlocksNum 0x30C51000
17:48:26.0867 0x1830 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D4AE4C6B-00C2-4F38-8296-53C8864D766B}, Name: , StartLBA 0x30D59000, BlocksNum 0xE1000
17:48:26.0867 0x1830 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1B71F301-972F-456B-9B19-2B4FD61B702D}, Name: Basic data partition, StartLBA 0x30E3A000, BlocksNum 0x438CC000
17:48:26.0867 0x1830 MBR partitions:
17:48:26.0867 0x1830 ============================================================
17:48:26.0872 0x1830 C: <-> \Device\Harddisk0\DR0\Partition4
17:48:26.0902 0x1830 D: <-> \Device\Harddisk0\DR0\Partition6
17:48:26.0902 0x1830 ============================================================
17:48:26.0902 0x1830 Initialize success
17:48:26.0902 0x1830 ============================================================
17:49:03.0792 0x0478 ============================================================
17:49:03.0792 0x0478 Scan started
17:49:03.0792 0x0478 Mode: Manual; SigCheck; TDLFS;
17:49:03.0792 0x0478 ============================================================
17:49:03.0792 0x0478 KSN ping started
17:49:03.0918 0x0478 KSN ping finished: true
17:49:04.0741 0x0478 ================ Scan system memory ========================
17:49:04.0741 0x0478 System memory - ok
17:49:04.0742 0x0478 ================ Scan services =============================
17:49:04.0950 0x0478 1394ohci - ok
17:49:04.0957 0x0478 3ware - ok
17:49:04.0963 0x0478 ACPI - ok
17:49:04.0969 0x0478 AcpiDev - ok
17:49:04.0974 0x0478 acpiex - ok
17:49:04.0979 0x0478 acpipagr - ok
17:49:05.0001 0x0478 AcpiPmi - ok
17:49:05.0003 0x0478 acpitime - ok
17:49:05.0011 0x0478 [ B598E1D166E92198948BA07888E196F6, DF8764F444020C271D00BCC36D7530CDDF1394035CABE7444625B75FBEF4D624 ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
17:49:05.0057 0x0478 acsock - ok
17:49:05.0064 0x0478 ADP80XX - ok
17:49:05.0071 0x0478 AFD - ok
17:49:05.0076 0x0478 ahcache - ok
17:49:05.0078 0x0478 AJRouter - ok
17:49:05.0080 0x0478 ALG - ok
17:49:05.0084 0x0478 AmdK8 - ok
17:49:05.0086 0x0478 AmdPPM - ok
17:49:05.0088 0x0478 amdsata - ok
17:49:05.0092 0x0478 amdsbs - ok
17:49:05.0094 0x0478 amdxata - ok
17:49:05.0096 0x0478 AppID - ok
17:49:05.0099 0x0478 AppIDSvc - ok
17:49:05.0101 0x0478 Appinfo - ok
17:49:05.0103 0x0478 applockerfltr - ok
17:49:05.0105 0x0478 AppMgmt - ok
17:49:05.0111 0x0478 AppReadiness - ok
17:49:05.0114 0x0478 AppVClient - ok
17:49:05.0116 0x0478 AppvStrm - ok
17:49:05.0133 0x0478 AppvVemgr - ok
17:49:05.0135 0x0478 AppvVfs - ok
17:49:05.0137 0x0478 AppXSvc - ok
17:49:05.0139 0x0478 arcsas - ok
17:49:05.0142 0x0478 AsyncMac - ok
17:49:05.0145 0x0478 atapi - ok
17:49:05.0147 0x0478 AudioEndpointBuilder - ok
17:49:05.0149 0x0478 Audiosrv - ok
17:49:05.0151 0x0478 AxInstSV - ok
17:49:05.0153 0x0478 b06bdrv - ok
17:49:05.0155 0x0478 BasicDisplay - ok
17:49:05.0157 0x0478 BasicRender - ok
17:49:05.0160 0x0478 bcmfn - ok
17:49:05.0162 0x0478 bcmfn2 - ok
17:49:05.0164 0x0478 BDESVC - ok
17:49:05.0166 0x0478 Beep - ok
17:49:05.0168 0x0478 BFE - ok
17:49:05.0170 0x0478 BITS - ok
17:49:05.0217 0x0478 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:49:05.0227 0x0478 Bonjour Service - ok
17:49:05.0230 0x0478 bowser - ok
17:49:05.0232 0x0478 BrokerInfrastructure - ok
17:49:05.0234 0x0478 Browser - ok
17:49:05.0236 0x0478 BthAvrcpTg - ok
17:49:05.0239 0x0478 BthHFEnum - ok
17:49:05.0241 0x0478 bthhfhid - ok
17:49:05.0243 0x0478 BthHFSrv - ok
17:49:05.0245 0x0478 BTHMODEM - ok
17:49:05.0251 0x0478 bthserv - ok
17:49:05.0253 0x0478 buttonconverter - ok
17:49:05.0266 0x0478 [ 6A50EAB6C21EF0886A0366E11AF10762, 39231BC53B2C61783F6C1BA8D21B51E1942E0F5CE63D651692530AD003AA4539 ] C2XXCOM C:\WINDOWS\system32\DRIVERS\C2XXCOM76.sys
17:49:05.0273 0x0478 C2XXCOM - ok
17:49:05.0296 0x0478 [ DA5363A532BA554483F5B1EC6ADE73BC, 6CBFA5FC862FE4E4B9317B423C21EBC3F2AF22C990A3982FA426F51D317A7A41 ] C2xxUSB C:\WINDOWS\system32\DRIVERS\C2xxUSB76.sys
17:49:05.0317 0x0478 C2xxUSB - ok
17:49:05.0323 0x0478 [ B8E6BE77C47F1FE2C9F696BCEAEAC6F1, 6B6F1211F4C8594D41AB0D137389B243C1DC7441180507CF4DED03A6968E7ACC ] C2xxUsbStorage C:\WINDOWS\system32\DRIVERS\C2xSTR76.sys
17:49:05.0334 0x0478 C2xxUsbStorage - ok
17:49:05.0338 0x0478 CapImg - ok
17:49:05.0343 0x0478 cdfs - ok
17:49:05.0345 0x0478 CDPSvc - ok
17:49:05.0348 0x0478 CDPUserSvc - ok
17:49:05.0364 0x0478 cdrom - ok
17:49:05.0367 0x0478 CertPropSvc - ok
17:49:05.0370 0x0478 cht4iscsi - ok
17:49:05.0372 0x0478 cht4vbd - ok
17:49:05.0376 0x0478 circlass - ok
17:49:05.0379 0x0478 CLFS - ok
17:49:05.0381 0x0478 ClipSVC - ok
17:49:05.0383 0x0478 clreg - ok
17:49:05.0390 0x0478 CmBatt - ok
17:49:05.0392 0x0478 CNG - ok
17:49:05.0395 0x0478 cnghwassist - ok
17:49:05.0431 0x0478 CompositeBus - ok
17:49:05.0433 0x0478 COMSysApp - ok
17:49:05.0435 0x0478 condrv - ok
17:49:05.0468 0x0478 Convxxxx - ok
17:49:05.0483 0x0478 CoreMessagingRegistrar - ok
17:49:05.0515 0x0478 [ 5212E0957468D3F94D90FA7A0F06B58F, 955DAC77A0148E9F9ED744F5D341CB9C9118261E52FE622AC6213965F2BC4CAD ] cpuz137 C:\Program Files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys
17:49:05.0518 0x0478 cpuz137 - ok
17:49:05.0522 0x0478 CryptSvc - ok
17:49:05.0524 0x0478 CSC - ok
17:49:05.0526 0x0478 CscService - ok
17:49:05.0528 0x0478 dam - ok
17:49:05.0531 0x0478 DcomLaunch - ok
17:49:05.0533 0x0478 DcpSvc - ok
17:49:05.0536 0x0478 defragsvc - ok
17:49:05.0538 0x0478 DeviceAssociationService - ok
17:49:05.0540 0x0478 DeviceInstall - ok
17:49:05.0542 0x0478 DevQueryBroker - ok
17:49:05.0544 0x0478 Dfsc - ok
17:49:05.0559 0x0478 Dhcp - ok
17:49:05.0562 0x0478 diagnosticshub.standardcollector.service - ok
17:49:05.0565 0x0478 DiagTrack - ok
17:49:05.0567 0x0478 disk - ok
17:49:05.0569 0x0478 DmEnrollmentSvc - ok
17:49:05.0571 0x0478 dmvsc - ok
17:49:05.0574 0x0478 dmwappushservice - ok
17:49:05.0576 0x0478 Dnscache - ok
17:49:05.0579 0x0478 dot3svc - ok
17:49:05.0581 0x0478 DPS - ok
17:49:05.0583 0x0478 drmkaud - ok
17:49:05.0585 0x0478 DsmSvc - ok
17:49:05.0587 0x0478 DsSvc - ok
17:49:05.0601 0x0478 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
17:49:05.0609 0x0478 dtsoftbus01 - ok
17:49:05.0630 0x0478 DXGKrnl - ok
17:49:05.0633 0x0478 EapHost - ok
17:49:05.0634 0x0478 ebdrv - ok
17:49:05.0637 0x0478 EFS - ok
17:49:05.0639 0x0478 EhStorClass - ok
17:49:05.0644 0x0478 EhStorTcgDrv - ok
17:49:05.0649 0x0478 embeddedmode - ok
17:49:05.0653 0x0478 EntAppSvc - ok
17:49:05.0657 0x0478 ErrDev - ok
17:49:05.0675 0x0478 EventSystem - ok
17:49:05.0677 0x0478 exfat - ok
17:49:05.0689 0x0478 fastfat - ok
17:49:05.0693 0x0478 Fax - ok
17:49:05.0695 0x0478 fdc - ok
17:49:05.0698 0x0478 fdPHost - ok
17:49:05.0700 0x0478 FDResPub - ok
17:49:05.0703 0x0478 fhsvc - ok
17:49:05.0705 0x0478 FileCrypt - ok
17:49:05.0707 0x0478 FileInfo - ok
17:49:05.0710 0x0478 Filetrace - ok
17:49:05.0712 0x0478 flpydisk - ok
17:49:05.0715 0x0478 FltMgr - ok
17:49:05.0718 0x0478 FontCache - ok
17:49:05.0729 0x0478 FontCache3.0.0.0 - ok
17:49:05.0731 0x0478 FrameServer - ok
17:49:05.0733 0x0478 FsDepends - ok
17:49:05.0737 0x0478 Fs_Rec - ok
17:49:05.0739 0x0478 fvevol - ok
17:49:05.0742 0x0478 gencounter - ok
17:49:05.0743 0x0478 genericusbfn - ok
17:49:05.0745 0x0478 GPIOClx0101 - ok
17:49:05.0747 0x0478 gpsvc - ok
17:49:05.0749 0x0478 GpuEnergyDrv - ok
17:49:05.0764 0x0478 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:49:05.0769 0x0478 gupdate - ok
17:49:05.0772 0x0478 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:49:05.0778 0x0478 gupdatem - ok
17:49:05.0780 0x0478 HDAudBus - ok
17:49:05.0782 0x0478 HidBatt - ok
17:49:05.0784 0x0478 HidBth - ok
17:49:05.0786 0x0478 hidi2c - ok
17:49:05.0788 0x0478 hidinterrupt - ok
17:49:05.0792 0x0478 HidIr - ok
17:49:05.0799 0x0478 [ C6AB0711E75F90B501F30260463CB026, B5CF27552A000D2BCE0C9B557F0FA2CE60FACAB596B262F07BED57D00422C388 ] hidkmdf C:\WINDOWS\System32\drivers\hidkmdf.sys
17:49:05.0802 0x0478 hidkmdf - ok
17:49:05.0806 0x0478 hidserv - ok
17:49:05.0818 0x0478 HidUsb - ok
17:49:05.0826 0x0478 [ E627AD9A64052C659704FAA979C225F1, 7630ADA53A43581A314386D43BF5582604AB4651E5E229C8D5C5551F09740542 ] HmaOpenVpnService D:\Programme\HMA! Pro VPN\bin\openvpnserv.exe
17:49:05.0831 0x0478 HmaOpenVpnService - ok
17:49:05.0849 0x0478 [ D7670FC8D023073F3A40CCBD93976F2F, 22054DC2DD524DC4CAECA23EDBCF7552A90C1082939FFBEC35708D1D02C81673 ] hmatap C:\WINDOWS\System32\drivers\hmatap.sys
17:49:05.0854 0x0478 hmatap - ok
17:49:05.0857 0x0478 HomeGroupListener - ok
17:49:05.0859 0x0478 HomeGroupProvider - ok
17:49:05.0863 0x0478 HpSAMD - ok
17:49:05.0865 0x0478 HTTP - ok
17:49:05.0878 0x0478 HvHost - ok
17:49:05.0880 0x0478 hvservice - ok
17:49:05.0882 0x0478 hwpolicy - ok
17:49:05.0884 0x0478 hyperkbd - ok
17:49:05.0887 0x0478 i8042prt - ok
17:49:05.0889 0x0478 iagpio - ok
17:49:05.0893 0x0478 iai2c - ok
17:49:05.0895 0x0478 iaLPSS2i_GPIO2 - ok
17:49:05.0897 0x0478 iaLPSS2i_I2C - ok
17:49:05.0899 0x0478 iaLPSSi_GPIO - ok
17:49:05.0900 0x0478 iaLPSSi_I2C - ok
17:49:05.0902 0x0478 iaStorAV - ok
17:49:05.0904 0x0478 iaStorV - ok
17:49:05.0906 0x0478 ibbus - ok
17:49:05.0909 0x0478 icssvc - ok
17:49:05.0911 0x0478 IKEEXT - ok
17:49:05.0918 0x0478 IndirectKmd - ok
17:49:06.0042 0x0478 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:49:06.0108 0x0478 IntcAzAudAddService - ok
17:49:06.0127 0x0478 intelide - ok
17:49:06.0129 0x0478 intelpep - ok
17:49:06.0131 0x0478 intelppm - ok
17:49:06.0132 0x0478 iorate - ok
17:49:06.0134 0x0478 IpFilterDriver - ok
17:49:06.0137 0x0478 iphlpsvc - ok
17:49:06.0139 0x0478 IPMIDRV - ok
17:49:06.0142 0x0478 IPNAT - ok
17:49:06.0143 0x0478 irda - ok
17:49:06.0145 0x0478 IRENUM - ok
17:49:06.0147 0x0478 irmon - ok
17:49:06.0149 0x0478 isapnp - ok
17:49:06.0151 0x0478 iScsiPrt - ok
17:49:06.0153 0x0478 kbdclass - ok
17:49:06.0156 0x0478 kbdhid - ok
17:49:06.0158 0x0478 kdnic - ok
17:49:06.0160 0x0478 KeyIso - ok
17:49:06.0162 0x0478 KSecDD - ok
17:49:06.0164 0x0478 KSecPkg - ok
17:49:06.0166 0x0478 ksthunk - ok
17:49:06.0169 0x0478 KtmRm - ok
17:49:06.0186 0x0478 Kyubey - ok
17:49:06.0190 0x0478 LanmanServer - ok
17:49:06.0213 0x0478 LanmanWorkstation - ok
17:49:06.0227 0x0478 lfsvc - ok
17:49:06.0238 0x0478 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
17:49:06.0242 0x0478 LGBusEnum - ok
17:49:06.0251 0x0478 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys
17:49:06.0259 0x0478 LGVirHid - ok
17:49:06.0264 0x0478 LicenseManager - ok
17:49:06.0269 0x0478 lltdio - ok
17:49:06.0274 0x0478 lltdsvc - ok
17:49:06.0278 0x0478 lmhosts - ok
17:49:06.0284 0x0478 LSI_SAS - ok
17:49:06.0288 0x0478 LSI_SAS2i - ok
17:49:06.0293 0x0478 LSI_SAS3i - ok
17:49:06.0298 0x0478 LSI_SSS - ok
17:49:06.0303 0x0478 LSM - ok
17:49:06.0306 0x0478 luafv - ok
17:49:06.0309 0x0478 MapsBroker - ok
17:49:06.0312 0x0478 megasas - ok
17:49:06.0315 0x0478 megasas2i - ok
17:49:06.0318 0x0478 megasr - ok
17:49:06.0329 0x0478 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
17:49:06.0340 0x0478 MEIx64 - ok
17:49:06.0367 0x0478 MessagingService - ok
17:49:06.0370 0x0478 mlx4_bus - ok
17:49:06.0372 0x0478 MMCSS - ok
17:49:06.0374 0x0478 Modem - ok
17:49:06.0377 0x0478 monitor - ok
17:49:06.0379 0x0478 mouclass - ok
17:49:06.0381 0x0478 mouhid - ok
17:49:06.0382 0x0478 mountmgr - ok
17:49:06.0384 0x0478 mpsdrv - ok
17:49:06.0386 0x0478 MpsSvc - ok
17:49:06.0389 0x0478 MRxDAV - ok
17:49:06.0399 0x0478 mrxsmb - ok
17:49:06.0401 0x0478 mrxsmb10 - ok
17:49:06.0404 0x0478 mrxsmb20 - ok
17:49:06.0406 0x0478 MsBridge - ok
17:49:06.0409 0x0478 MSDTC - ok
17:49:06.0412 0x0478 Msfs - ok
17:49:06.0418 0x0478 msgpiowin32 - ok
17:49:06.0420 0x0478 mshidkmdf - ok
17:49:06.0422 0x0478 mshidumdf - ok
17:49:06.0424 0x0478 msisadrv - ok
17:49:06.0436 0x0478 MSiSCSI - ok
17:49:06.0438 0x0478 msiserver - ok
17:49:06.0440 0x0478 MSKSSRV - ok
17:49:06.0442 0x0478 MsLldp - ok
17:49:06.0444 0x0478 MSPCLOCK - ok
17:49:06.0445 0x0478 MSPQM - ok
17:49:06.0447 0x0478 MsRPC - ok
17:49:06.0450 0x0478 MsSecFlt - ok
17:49:06.0452 0x0478 mssmbios - ok
17:49:06.0454 0x0478 MSTEE - ok
17:49:06.0456 0x0478 MTConfig - ok
17:49:06.0458 0x0478 Mup - ok
17:49:06.0460 0x0478 mvumis - ok
17:49:06.0463 0x0478 NativeWifiP - ok
17:49:06.0465 0x0478 NcaSvc - ok
17:49:06.0467 0x0478 NcbService - ok
17:49:06.0469 0x0478 NcdAutoSetup - ok
17:49:06.0471 0x0478 ndfltr - ok
17:49:06.0474 0x0478 NDIS - ok
17:49:06.0478 0x0478 NdisCap - ok
17:49:06.0490 0x0478 NdisImPlatform - ok
17:49:06.0492 0x0478 NdisTapi - ok
17:49:06.0493 0x0478 Ndisuio - ok
17:49:06.0495 0x0478 NdisVirtualBus - ok
17:49:06.0497 0x0478 NdisWan - ok
17:49:06.0499 0x0478 ndiswanlegacy - ok
17:49:06.0501 0x0478 ndproxy - ok
17:49:06.0502 0x0478 Ndu - ok
17:49:06.0504 0x0478 NetAdapterCx - ok
17:49:06.0506 0x0478 NetBIOS - ok
17:49:06.0509 0x0478 NetBT - ok
17:49:06.0511 0x0478 Netlogon - ok
17:49:06.0513 0x0478 Netman - ok
17:49:06.0516 0x0478 netprofm - ok
17:49:06.0518 0x0478 NetSetupSvc - ok
17:49:06.0530 0x0478 NetTcpPortSharing - ok
17:49:06.0533 0x0478 NgcCtnrSvc - ok
17:49:06.0535 0x0478 NgcSvc - ok
17:49:06.0537 0x0478 NlaSvc - ok
17:49:06.0539 0x0478 Npfs - ok
17:49:06.0541 0x0478 npggsvc - ok
17:49:06.0551 0x0478 npsvctrig - ok
17:49:06.0553 0x0478 nsi - ok
17:49:06.0555 0x0478 nsiproxy - ok
17:49:06.0558 0x0478 NTFS - ok
17:49:06.0574 0x0478 Ntp2NetSvc - ok
17:49:06.0581 0x0478 Ntp2UpSvc - ok
17:49:06.0584 0x0478 Null - ok
17:49:06.0597 0x0478 [ 302A57479E9A2A95CE723521A7ED1BD0, CEF8E26DBCA2E840ED32378193127FDC321828D28941AE42C5AA800613A85E91 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
17:49:06.0604 0x0478 NVHDA - ok
17:49:06.0929 0x0478 [ E0854DA823FBC14F750BFD46E690F60F, BAACD13006B7EA377BC57CA502D342097E327486957F905DD720C870C1B4C67C ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys
17:49:07.0130 0x0478 nvlddmkm - ok
17:49:07.0142 0x0478 nvraid - ok
17:49:07.0144 0x0478 nvstor - ok
17:49:07.0208 0x0478 [ 99D42078C9596A20A7B3419159265A25, E9F5380E6597C79B26B2CBAAC534F31C5027F32AAA0FD5876CF7E9BB6658F30C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:49:07.0212 0x0478 NvStreamKms - ok
17:49:07.0300 0x0478 [ E6A64322EB213AEACBB61584AA6FB032, FA91C89B81DD7F3EC22DF71FFC3A506AD40AE76EC91F1115CCAB6ED39431369D ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
17:49:07.0355 0x0478 NvStreamNetworkSvc - ok
17:49:07.0412 0x0478 [ A8213BF32D2E75ADD362E118AD164749, 6F35210ED11088FE64F13DD63053FFDA4628A5F6397DA33A345970962AB83499 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
17:49:07.0452 0x0478 NvStreamSvc - ok
17:49:07.0468 0x0478 [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
17:49:07.0473 0x0478 nvvad_WaveExtensible - ok
17:49:07.0476 0x0478 OneSyncSvc - ok
17:49:07.0527 0x0478 [ 241B7F92346973C10195AD7861596709, E0972047D202F539A8367E50DE278AF6103FA72C8E61F6D5B0DC1EA8FD338355 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
17:49:07.0560 0x0478 Origin Client Service - ok
17:49:07.0613 0x0478 [ 685176200A9246175FB8EF95F6FF9EAF, 93A5F307B1DF545CA5334BBB81E5E388A3E7911A9FF6ECBC066A3A5E11300AE4 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
17:49:07.0646 0x0478 Origin Web Helper Service - ok
17:49:07.0650 0x0478 p2pimsvc - ok
17:49:07.0652 0x0478 p2psvc - ok
17:49:07.0653 0x0478 Parport - ok
17:49:07.0664 0x0478 partmgr - ok
17:49:07.0666 0x0478 PcaSvc - ok
17:49:07.0668 0x0478 pci - ok
17:49:07.0671 0x0478 pciide - ok
17:49:07.0674 0x0478 pcmcia - ok
17:49:07.0676 0x0478 pcw - ok
17:49:07.0678 0x0478 pdc - ok
17:49:07.0680 0x0478 PEAUTH - ok
17:49:07.0682 0x0478 PeerDistSvc - ok
17:49:07.0683 0x0478 percsas2i - ok
17:49:07.0685 0x0478 percsas3i - ok
17:49:07.0718 0x0478 PerfHost - ok
17:49:07.0729 0x0478 PhoneSvc - ok
17:49:07.0733 0x0478 PimIndexMaintenanceSvc - ok
17:49:07.0741 0x0478 pla - ok
17:49:07.0745 0x0478 PlugPlay - ok
17:49:07.0748 0x0478 PNRPAutoReg - ok
17:49:07.0750 0x0478 PNRPsvc - ok
17:49:07.0754 0x0478 PolicyAgent - ok
17:49:07.0758 0x0478 Power - ok
17:49:07.0761 0x0478 PptpMiniport - ok
17:49:07.0859 0x0478 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:49:07.0968 0x0478 PrintNotify - ok
17:49:07.0973 0x0478 Processor - ok
17:49:07.0975 0x0478 ProfSvc - ok
17:49:07.0987 0x0478 Psched - ok
17:49:07.0989 0x0478 QWAVE - ok
17:49:07.0992 0x0478 QWAVEdrv - ok
17:49:07.0994 0x0478 RasAcd - ok
17:49:08.0004 0x0478 RasAgileVpn - ok
17:49:08.0006 0x0478 RasAuto - ok
17:49:08.0008 0x0478 Rasl2tp - ok
17:49:08.0010 0x0478 RasMan - ok
17:49:08.0012 0x0478 RasPppoe - ok
17:49:08.0014 0x0478 RasSstp - ok
17:49:08.0016 0x0478 rdbss - ok
17:49:08.0021 0x0478 rdpbus - ok
17:49:08.0024 0x0478 RDPDR - ok
17:49:08.0028 0x0478 RdpVideoMiniport - ok
17:49:08.0030 0x0478 rdyboost - ok
17:49:08.0032 0x0478 ReFSv1 - ok
17:49:08.0052 0x0478 RemoteAccess - ok
17:49:08.0055 0x0478 RemoteRegistry - ok
17:49:08.0058 0x0478 RetailDemo - ok
17:49:08.0060 0x0478 RmSvc - ok
17:49:08.0062 0x0478 RpcEptMapper - ok
17:49:08.0064 0x0478 RpcLocator - ok
17:49:08.0066 0x0478 RpcSs - ok
17:49:08.0068 0x0478 rspndr - ok
17:49:08.0071 0x0478 rt640x64 - ok
17:49:08.0075 0x0478 s3cap - ok
17:49:08.0078 0x0478 SamSs - ok
17:49:08.0081 0x0478 sbp2port - ok
17:49:08.0083 0x0478 SCardSvr - ok
17:49:08.0098 0x0478 ScDeviceEnum - ok
17:49:08.0101 0x0478 scfilter - ok
17:49:08.0103 0x0478 Schedule - ok
17:49:08.0105 0x0478 scmbus - ok
17:49:08.0107 0x0478 scmdisk0101 - ok
17:49:08.0110 0x0478 SCPolicySvc - ok
17:49:08.0112 0x0478 sdbus - ok
17:49:08.0133 0x0478 SDRSVC - ok
17:49:08.0135 0x0478 sdstor - ok
17:49:08.0137 0x0478 Secdrv - ok
17:49:08.0142 0x0478 seclogon - ok
17:49:08.0144 0x0478 SENS - ok
17:49:08.0161 0x0478 Sense - ok
17:49:08.0175 0x0478 SensorDataService - ok
17:49:08.0179 0x0478 SensorService - ok
17:49:08.0181 0x0478 SensrSvc - ok
17:49:08.0183 0x0478 SerCx - ok
17:49:08.0185 0x0478 SerCx2 - ok
17:49:08.0188 0x0478 Serenum - ok
17:49:08.0191 0x0478 Serial - ok
17:49:08.0193 0x0478 sermouse - ok
17:49:08.0198 0x0478 SessionEnv - ok
17:49:08.0201 0x0478 sfloppy - ok
17:49:08.0228 0x0478 SharedAccess - ok
17:49:08.0245 0x0478 ShellHWDetection - ok
17:49:08.0248 0x0478 shpamsvc - ok
17:49:08.0249 0x0478 SiSRaid2 - ok
17:49:08.0252 0x0478 SiSRaid4 - ok
17:49:08.0284 0x0478 [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:49:08.0295 0x0478 SkypeUpdate - ok
17:49:08.0304 0x0478 smphost - ok
17:49:08.0312 0x0478 SmsRouter - ok
17:49:08.0315 0x0478 SNMPTRAP - ok
17:49:08.0331 0x0478 spaceport - ok
17:49:08.0333 0x0478 SpbCx - ok
17:49:08.0335 0x0478 Spooler - ok
17:49:08.0338 0x0478 sppsvc - ok
17:49:08.0346 0x0478 srv - ok
17:49:08.0348 0x0478 srv2 - ok
17:49:08.0359 0x0478 srvnet - ok
17:49:08.0361 0x0478 SSDPSRV - ok
17:49:08.0363 0x0478 SstpSvc - ok
17:49:08.0365 0x0478 StateRepository - ok
17:49:08.0409 0x0478 [ 596DC69BB40A96FCA4B19D9D1E221E34, 3469D3B2E9A88E39C14AE2E3DD5EC3D91FBB88CA568D794555B397B50E64AB15 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:49:08.0434 0x0478 Steam Client Service - ok
17:49:08.0438 0x0478 stexstor - ok
17:49:08.0450 0x0478 stisvc - ok
17:49:08.0457 0x0478 storahci - ok
17:49:08.0461 0x0478 storflt - ok
17:49:08.0463 0x0478 stornvme - ok
17:49:08.0466 0x0478 storqosflt - ok
17:49:08.0468 0x0478 StorSvc - ok
17:49:08.0470 0x0478 storufs - ok
17:49:08.0471 0x0478 storvsc - ok
17:49:08.0474 0x0478 svsvc - ok
17:49:08.0476 0x0478 swenum - ok
17:49:08.0478 0x0478 swprv - ok
17:49:08.0481 0x0478 Synth3dVsc - ok
17:49:08.0483 0x0478 SysMain - ok
17:49:08.0486 0x0478 SystemEventsBroker - ok
17:49:08.0488 0x0478 TabletInputService - ok
17:49:08.0492 0x0478 TapiSrv - ok
17:49:08.0494 0x0478 Tcpip - ok
17:49:08.0496 0x0478 Tcpip6 - ok
17:49:08.0499 0x0478 tcpipreg - ok
17:49:08.0502 0x0478 tdx - ok
17:49:08.0677 0x0478 [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
17:49:08.0786 0x0478 TeamViewer - ok
17:49:08.0793 0x0478 terminpt - ok
17:49:08.0795 0x0478 TermService - ok
17:49:08.0797 0x0478 Themes - ok
17:49:08.0800 0x0478 TieringEngineService - ok
17:49:08.0803 0x0478 tiledatamodelsvc - ok
17:49:08.0806 0x0478 TimeBrokerSvc - ok
17:49:08.0818 0x0478 TPM - ok
17:49:08.0821 0x0478 TrkWks - ok
17:49:08.0826 0x0478 TrustedInstaller - ok
17:49:08.0828 0x0478 tsusbflt - ok
17:49:08.0831 0x0478 TsUsbGD - ok
17:49:08.0833 0x0478 tsusbhub - ok
17:49:08.0835 0x0478 tunnel - ok
17:49:08.0842 0x0478 tzautoupdate - ok
17:49:08.0845 0x0478 UASPStor - ok
17:49:08.0847 0x0478 UcmCx0101 - ok
17:49:08.0849 0x0478 UcmTcpciCx0101 - ok
17:49:08.0851 0x0478 UcmUcsi - ok
17:49:08.0853 0x0478 Ucx01000 - ok
17:49:08.0855 0x0478 UdeCx - ok
17:49:08.0859 0x0478 udfs - ok
17:49:08.0862 0x0478 UEFI - ok
17:49:08.0864 0x0478 UevAgentDriver - ok
17:49:08.0866 0x0478 UevAgentService - ok
17:49:08.0867 0x0478 Ufx01000 - ok
17:49:08.0870 0x0478 UfxChipidea - ok
17:49:08.0872 0x0478 ufxsynopsys - ok
17:49:08.0877 0x0478 UI0Detect - ok
17:49:08.0879 0x0478 umbus - ok
17:49:08.0881 0x0478 UmPass - ok
17:49:08.0883 0x0478 UmRdpService - ok
17:49:08.0886 0x0478 UnistoreSvc - ok
17:49:08.0890 0x0478 upnphost - ok
17:49:08.0892 0x0478 UrsChipidea - ok
17:49:08.0895 0x0478 UrsCx01000 - ok
17:49:08.0897 0x0478 UrsSynopsys - ok
17:49:08.0909 0x0478 usbaudio - ok
17:49:08.0912 0x0478 usbccgp - ok
17:49:08.0915 0x0478 usbcir - ok
17:49:08.0917 0x0478 usbehci - ok
17:49:08.0920 0x0478 usbhub - ok
17:49:08.0922 0x0478 USBHUB3 - ok
17:49:08.0925 0x0478 usbohci - ok
17:49:08.0927 0x0478 usbprint - ok
17:49:08.0929 0x0478 usbser - ok
17:49:08.0931 0x0478 USBSTOR - ok
17:49:08.0933 0x0478 usbuhci - ok
17:49:08.0944 0x0478 usbvideo - ok
17:49:08.0946 0x0478 USBXHCI - ok
17:49:08.0949 0x0478 UserDataSvc - ok
17:49:08.0965 0x0478 UserManager - ok
17:49:08.0967 0x0478 UsoSvc - ok
17:49:08.0969 0x0478 VaultSvc - ok
17:49:08.0971 0x0478 vdrvroot - ok
17:49:08.0973 0x0478 vds - ok
17:49:08.0975 0x0478 VerifierExt - ok
17:49:08.0977 0x0478 vhdmp - ok
17:49:08.0979 0x0478 vhf - ok
17:49:08.0982 0x0478 vmbus - ok
17:49:08.0984 0x0478 VMBusHID - ok
17:49:08.0986 0x0478 vmgid - ok
17:49:08.0988 0x0478 vmicguestinterface - ok
17:49:08.0992 0x0478 vmicheartbeat - ok
17:49:08.0993 0x0478 vmickvpexchange - ok
17:49:08.0996 0x0478 vmicrdv - ok
17:49:08.0998 0x0478 vmicshutdown - ok
17:49:09.0000 0x0478 vmictimesync - ok
17:49:09.0002 0x0478 vmicvmsession - ok
17:49:09.0004 0x0478 vmicvss - ok
17:49:09.0006 0x0478 volmgr - ok
17:49:09.0008 0x0478 volmgrx - ok
17:49:09.0010 0x0478 volsnap - ok
17:49:09.0013 0x0478 volume - ok
17:49:09.0015 0x0478 vpci - ok
17:49:09.0061 0x0478 [ 4C768463461D2C78E671EFB43AD3A267, 30FF18AD8C781A13091AA1D7413428C9FBA3525E44A359E90A16C3AD06F15D7D ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
17:49:09.0095 0x0478 vpnagent - ok
17:49:09.0104 0x0478 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\WINDOWS\System32\drivers\vpnva64-6.sys
17:49:09.0109 0x0478 vpnva - ok
17:49:09.0112 0x0478 vsmraid - ok
17:49:09.0114 0x0478 VSS - ok
17:49:09.0117 0x0478 VSTXRAID - ok
17:49:09.0119 0x0478 vwifibus - ok
17:49:09.0121 0x0478 vwififlt - ok
17:49:09.0124 0x0478 W32Time - ok
17:49:09.0141 0x0478 [ 90A7D70E48A69F6E4FFB49440674B3B8, 6C31BE40D9FF3C91B420AB2CFF17FA0D463BD97DF94B9CFCB8735A9EBC8FDFB0 ] WacHidRouter C:\WINDOWS\System32\drivers\wachidrouter.sys
17:49:09.0145 0x0478 WacHidRouter - ok
17:49:09.0148 0x0478 WacomPen - ok
17:49:09.0160 0x0478 [ A46EA18DFA3CB657732909570F021578, 36A87A8A3402BBD79367B6F0D9C59C3BAF18AAE154A273DA067D7F08A7B94CC8 ] wacomrouterfilter C:\WINDOWS\System32\drivers\wacomrouterfilter.sys
17:49:09.0164 0x0478 wacomrouterfilter - ok
17:49:09.0167 0x0478 WalletService - ok
17:49:09.0169 0x0478 wanarp - ok
17:49:09.0171 0x0478 wanarpv6 - ok
17:49:09.0174 0x0478 wbengine - ok
17:49:09.0177 0x0478 WbioSrvc - ok
17:49:09.0179 0x0478 wcifs - ok
17:49:09.0182 0x0478 Wcmsvc - ok
17:49:09.0184 0x0478 wcncsvc - ok
17:49:09.0186 0x0478 wcnfs - ok
17:49:09.0188 0x0478 WdBoot - ok
17:49:09.0191 0x0478 Wdf01000 - ok
17:49:09.0194 0x0478 WdFilter - ok
17:49:09.0196 0x0478 WdiServiceHost - ok
17:49:09.0198 0x0478 WdiSystemHost - ok
17:49:09.0200 0x0478 wdiwifi - ok
17:49:09.0202 0x0478 WdNisDrv - ok
17:49:09.0204 0x0478 WdNisSvc - ok
17:49:09.0207 0x0478 WebClient - ok
17:49:09.0209 0x0478 Wecsvc - ok
17:49:09.0212 0x0478 WEPHOSTSVC - ok
17:49:09.0215 0x0478 wercplsupport - ok
17:49:09.0217 0x0478 WerSvc - ok
17:49:09.0219 0x0478 WFPLWFS - ok
17:49:09.0222 0x0478 WiaRpc - ok
17:49:09.0224 0x0478 WIMMount - ok
17:49:09.0225 0x0478 WinDefend - ok
17:49:09.0231 0x0478 WindowsTrustedRT - ok
17:49:09.0233 0x0478 WindowsTrustedRTProxy - ok
17:49:09.0235 0x0478 WinHttpAutoProxySvc - ok
17:49:09.0238 0x0478 WinMad - ok
17:49:09.0256 0x0478 Winmgmt - ok
17:49:09.0262 0x0478 WinRM - ok
17:49:09.0334 0x0478 [ F18C9057490CC4082BDB86D64537F4EA, 4B72FCDE3E3A010573A6C147E36643B373A04F33526EE85269BF9A87D2E7FD27 ] WinSAPSvc C:\Users\Princhi\AppData\Roaming\WinSAPSvc\WinSAP.dll
17:49:09.0350 0x0478 WinSAPSvc - detected UnsignedFile.Multi.Generic ( 1 )
17:49:09.0498 0x0478 Detect turned to UDS exact due to KSN untrusted
17:49:09.0563 0x0478 WinSAPSvc ( UDS:DangerousObject.Multi.Generic ) - infected
17:49:09.0563 0x0478 Force sending object to P2P due to detect: WinSAPSvc
17:49:09.0761 0x0478 Object send P2P result: true
17:49:09.0913 0x0478 WINUSB - ok
17:49:09.0923 0x0478 WinVerbs - ok
17:49:09.0932 0x0478 wisvc - ok
17:49:09.0948 0x0478 WlanSvc - ok
17:49:09.0954 0x0478 wlidsvc - ok
17:49:09.0966 0x0478 [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
17:49:09.0976 0x0478 WmBEnum - ok
17:49:09.0983 0x0478 [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
17:49:09.0992 0x0478 WmFilter - ok
17:49:09.0996 0x0478 [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo C:\WINDOWS\system32\drivers\WmHidLo.sys
17:49:10.0000 0x0478 WmHidLo - ok
17:49:10.0003 0x0478 WmiAcpi - ok
17:49:10.0008 0x0478 wmiApSrv - ok
17:49:10.0010 0x0478 WMPNetworkSvc - ok
17:49:10.0021 0x0478 [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
17:49:10.0026 0x0478 WmVirHid - ok
17:49:10.0032 0x0478 [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
17:49:10.0037 0x0478 WmXlCore - ok
17:49:10.0041 0x0478 Wof - ok
17:49:10.0045 0x0478 workfolderssvc - ok
17:49:10.0048 0x0478 WPDBusEnum - ok
17:49:10.0051 0x0478 WpdUpFltr - ok
17:49:10.0055 0x0478 WpnService - ok
17:49:10.0057 0x0478 WpnUserService - ok
17:49:10.0066 0x0478 ws2ifsl - ok
17:49:10.0068 0x0478 wscsvc - ok
17:49:10.0070 0x0478 WSDPrintDevice - ok
17:49:10.0073 0x0478 WSDScan - ok
17:49:10.0074 0x0478 WSearch - ok
17:49:10.0105 0x0478 [ F746E515661B69953030C6C7F2672821, AB454BE1EA00F7FB2655EEB429D0B1795E435E91D88E7C3F1288AE243D270989 ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
17:49:10.0124 0x0478 WTabletServicePro - ok
17:49:10.0130 0x0478 wuauserv - ok
17:49:10.0133 0x0478 WudfPf - ok
17:49:10.0138 0x0478 WUDFRd - ok
17:49:10.0142 0x0478 wudfsvc - ok
17:49:10.0145 0x0478 WUDFWpdFs - ok
17:49:10.0146 0x0478 WUDFWpdMtp - ok
17:49:10.0149 0x0478 WwanSvc - ok
17:49:10.0151 0x0478 XblAuthManager - ok
17:49:10.0155 0x0478 XblGameSave - ok
17:49:10.0157 0x0478 xboxgip - ok
17:49:10.0160 0x0478 XboxNetApiSvc - ok
17:49:10.0172 0x0478 [ 7439DCAF71314B1D85E452B3F2E1138A, DAAF67C90C35DC1839CEC6962AD001961EFDE00DDFCDC702882AFA234D71248B ] xhunter1 C:\WINDOWS\xhunter1.sys
17:49:10.0176 0x0478 xhunter1 - ok
17:49:10.0188 0x0478 xinputhid - ok
17:49:10.0205 0x0478 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\WINDOWS\system32\DRIVERS\xusb21.sys
17:49:10.0212 0x0478 xusb21 - ok
17:49:10.0215 0x0478 xusb22 - ok
17:49:10.0250 0x0478 [ 7B918284E375EC625973F193078EAA6A, DB8254AD2F25522BEDA3972B96B3874D122572F746AD0D6DAC1AA84198E32F0A ] Zerzitain C:\Program Files (x86)\Clerack\Grshlp.dll
17:49:10.0265 0x0478 Zerzitain - detected UnsignedFile.Multi.Generic ( 1 )
17:49:10.0407 0x0478 Detect turned to UDS exact due to KSN untrusted
17:49:10.0407 0x0478 Zerzitain ( UDS:DangerousObject.Multi.Generic ) - infected
17:49:10.0407 0x0478 Force sending object to P2P due to detect: Zerzitain
17:49:10.0569 0x0478 Object send P2P result: true
17:49:11.0391 0x0478 ================ Scan global ===============================
17:49:11.0428 0x0478 [ Global ] - ok
17:49:11.0429 0x0478 ================ Scan MBR ==================================
17:49:11.0440 0x0478 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:49:11.0529 0x0478 \Device\Harddisk0\DR0 - ok
17:49:11.0530 0x0478 ================ Scan VBR ==================================
17:49:11.0531 0x0478 [ 25E6C44901467F1AD46EB9F883CD0161 ] \Device\Harddisk0\DR0\Partition1
17:49:11.0534 0x0478 \Device\Harddisk0\DR0\Partition1 - ok
17:49:11.0535 0x0478 [ 1B7A554F4080B09FC0CECF2885F78B48 ] \Device\Harddisk0\DR0\Partition2
17:49:11.0536 0x0478 \Device\Harddisk0\DR0\Partition2 - ok
17:49:11.0538 0x0478 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:49:11.0538 0x0478 \Device\Harddisk0\DR0\Partition3 - ok
17:49:11.0540 0x0478 [ FB51C1F912C14BCC7FAAA8C26A1988F7 ] \Device\Harddisk0\DR0\Partition4
17:49:11.0542 0x0478 \Device\Harddisk0\DR0\Partition4 - ok
17:49:11.0543 0x0478 [ D67C0F154AA0CC2C803674166AAB840E ] \Device\Harddisk0\DR0\Partition5
17:49:11.0545 0x0478 \Device\Harddisk0\DR0\Partition5 - ok
17:49:11.0546 0x0478 [ 22E7F164060B7EB85A000F003BE40834 ] \Device\Harddisk0\DR0\Partition6
17:49:11.0548 0x0478 \Device\Harddisk0\DR0\Partition6 - ok
17:49:11.0548 0x0478 ================ Scan generic autorun ======================
17:49:11.0742 0x0478 [ 22EBD5AE3B3220D713E544D1D3AB3FEE, 9EF058B096DAA5C6242FBEB3DF509108180B1EB1EA252E63C437CF6C1B743BE0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:49:11.0933 0x0478 RTHDVCPL - ok
17:49:12.0005 0x0478 [ BE586B5D1D73E1F07ED5AADDEFBCAA47, 68D957EBE01DD369BF4E2D5D07A7EDF9408066E61056A1C4968DBF8CE5841BBE ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:49:12.0056 0x0478 NvBackend - ok
17:49:12.0302 0x0478 [ 19ECAAEA3CC248489FE987C10B688C0D, 967CB23A8176B3181EE2A55DFBB04A69988AB22105D4C450C5B5E729B91FAD5A ] C:\Program Files\Logitech Gaming Software\LCore.exe
17:49:12.0595 0x0478 Launch LCore - ok
17:49:12.0619 0x0478 [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
17:49:12.0631 0x0478 AdobeAAMUpdater-1.0 - ok
17:49:12.0641 0x0478 [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
17:49:12.0654 0x0478 Start WingMan Profiler - ok
17:49:12.0678 0x0478 [ 5E7601CCBC2A98A4457E50612E0AEE73, 3F5FDCF1BEC5B134433F62ADD5C2931F700F2B7CBEDB0A98EF1362BF6E9FAC03 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
17:49:12.0698 0x0478 GamingMouse - detected UnsignedFile.Multi.Generic ( 1 )
17:49:12.0919 0x0478 GamingMouse ( UnsignedFile.Multi.Generic ) - warning
17:49:13.0096 0x0478 [ F8A8125BF28F03D79CDEA5B0B69FF60B, 13E5DE36EB61384B0726447442F0CE4838C20E4F3F730B9B9BB84A2020A68A82 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
17:49:13.0123 0x0478 IJNetworkScannerSelectorEX - ok
17:49:13.0146 0x0478 [ 33BEA9023A6F47492889269E2C541D34, 7478C3F2653C0B07C981BA8B47A56595BE5910FDA63775AA91247B3DF947B89B ] C:\Program Files (x86)\Samsung Connection Manager\ModemPnPService.exe
17:49:13.0162 0x0478 Blackcomb - detected UnsignedFile.Multi.Generic ( 1 )
17:49:13.0307 0x0478 Blackcomb ( UnsignedFile.Multi.Generic ) - warning
17:49:13.0422 0x0478 OneDriveSetup - ok
17:49:13.0427 0x0478 OneDriveSetup - ok
17:49:13.0546 0x0478 [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
17:49:13.0624 0x0478 DAEMON Tools Lite - ok
17:49:13.0694 0x0478 [ DE664BEED7C0AFD37E78A8B44AE08112, ED1469112F43D0B91524281CB4DC19974D99515EEFFA095E9B9599739916C8B3 ] C:\Program Files (x86)\Origin\Origin.exe
17:49:13.0750 0x0478 EADM - ok
17:49:13.0789 0x0478 [ 131410FC40F1AC25ECA8EF7C321C5DEE, 77BF2476C38A059E93A53A0EADC3163AA545915B7D37039EAA43E33E17D64673 ] C:\Users\Princhi\AppData\Roaming\Spotify\SpotifyWebHelper.exe
17:49:13.0813 0x0478 Spotify Web Helper - ok
17:49:13.0878 0x0478 [ AAE92457F50F4DD74E2D502ADB9549EE, 70C8FBE410FE388D6B85334215EBE3393C16E8F8B19F5A8BA50DB6DF23196D50 ] C:\Users\Princhi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
17:49:13.0911 0x0478 OneDrive - ok
17:49:13.0938 0x0478 [ 1AF1360E070BD8EA402F793EF6FBAAEB, B20EDEFCFDEA5721A615E88F6B0448BEFEC79B76986A0065F20CEC1576D3C354 ] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
17:49:13.0945 0x0478 ISUSPM - ok
17:49:14.0139 0x0478 [ F81F345586F08409752FC89EE3C02B17, 64D6F5D290C53DA2867205B659C4EFFF245194E2ACA764CC88D32594A9EA5D56 ] C:\Program Files\CCleaner\CCleaner64.exe
17:49:14.0345 0x0478 CCleaner Monitoring - ok
17:49:14.0351 0x0478 Waiting for KSN requests completion. In queue: 24
17:49:15.0381 0x0478 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
17:49:15.0388 0x0478 Win FW state via NFP2: enabled ( trusted )
17:49:15.0496 0x0478 ============================================================
17:49:15.0496 0x0478 Scan finished
17:49:15.0496 0x0478 ============================================================
17:49:15.0512 0x1094 Detected object count: 4
17:49:15.0512 0x1094 Actual detected object count: 4
17:50:22.0749 0x1094 WinSAPSvc ( UDS:DangerousObject.Multi.Generic ) - skipped by user
17:50:22.0749 0x1094 WinSAPSvc ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
17:50:22.0749 0x1094 Zerzitain ( UDS:DangerousObject.Multi.Generic ) - skipped by user
17:50:22.0749 0x1094 Zerzitain ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
17:50:22.0750 0x1094 GamingMouse ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:22.0750 0x1094 GamingMouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:50:22.0750 0x1094 Blackcomb ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:22.0750 0x1094 Blackcomb ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
TDSSKiller.exe und speichere diese Datei auf dem Desktop
und 
und speichere die Logdatei auf Deinem Desktop.