| Freazor91 | 22.11.2016 18:23 |
Addition: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2016 01
durchgeführt von Besitzer (22-11-2016 12:01:29)
Gestartet von C:\Users\Besitzer\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-26 15:41:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-837637057-831856249-3172674156-500 - Administrator - Disabled)
Besitzer (S-1-5-21-837637057-831856249-3172674156-1000 - Administrator - Enabled) => C:\Users\Besitzer
DefaultAccount (S-1-5-21-837637057-831856249-3172674156-503 - Limited - Disabled)
Gast (S-1-5-21-837637057-831856249-3172674156-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-837637057-831856249-3172674156-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Ansel (Version: 375.95 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - )
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG5500 series Benutzerregistrierung (HKLM-x32\...\Canon MG5500 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.01 - Canon Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version: - )
Elevated Installer (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
Garmin Communicator Plugin (HKLM-x32\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{AFA301E1-B410-4F1B-B1C0-2E92FDCD94AD}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{d74c733b-9216-49f5-ae3a-14bf3a3d66f5}) (Version: 4.2.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Geeks3D.com FurMark 1.10.3 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoPro App (x32 Version: 5.7.549 - GoPro, Inc.) Hidden
GoPro Studio 2.5.7 (HKLM-x32\...\{b996dca2-156c-4d2c-b9a3-59fac08cef33}) (Version: 2.5.7.549 - GoPro, Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.95 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.95 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.7.4 - Steganos Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF24 Creator 7.6.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Razer Lachesis (HKLM-x32\...\{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}) (Version: 1.00.0000 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
SAMSUNG Mobile Modem V2 Software (HKLM\...\SAMSUNG Mobile Modem V2) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM-x32\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Unity Web Player (HKU\S-1-5-21-837637057-831856249-3172674156-1000\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-837637057-831856249-3172674156-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05163006-1713-4662-9ECF-A289C25682FC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {056ABC7C-5510-4802-84C3-491898526578} - System32\Tasks\UnHackMe Task Scheduler => C:\Users\Besitzer\Downloads\unhackme\UnHackMe\hackmon.exe
Task: {05B93D9D-C20A-4CD7-8A84-C9FB2D4366D7} - System32\Tasks\{BAF4566D-623C-4A84-8C02-0D29C3B594AA} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {0C393234-3617-4076-B130-1BE4BD8A3256} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10C41A4A-DCC8-48A3-AA20-456F8F3B1B05} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18551047-874B-4EF4-A770-EFA96FBB64BA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {1A549595-0AA1-4AC3-B2A8-192FBA9CDF10} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1BF41312-AFA6-444A-A74B-F19F9BD44ABE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {2440B0DF-847D-41D3-83F9-0723AD76A37C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {3147D6C3-F5EB-4122-80A9-7D1E608B6638} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {316AFADB-1695-4E43-91B1-AFE552CC924D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {33297236-54E4-41F3-AA26-89BD90369DBA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {3A527B61-F9EB-4823-8F7B-D88845438842} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3B180863-34A4-4E7F-BB35-03EFC8E10D8C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3ECC7296-435D-4569-9EFE-515BF5303D8D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {472E3CB9-D46A-483B-B83F-80558A76169C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {4BAB933E-800C-429E-89FF-A0168544C6D4} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG
Task: {510B36D6-382B-478B-B1AA-D5D1455E3A74} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51CAFBF8-6C6E-4946-AB38-45D5AD02F433} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {570526D1-40B5-4399-B6F3-44718CA0783D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {58051736-2ABD-449F-B0F0-563A6F035338} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6553A9AA-230F-4EE5-A5B4-211F5ECC1F1D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {6D436F27-ACA2-4829-B611-9ECB95369765} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6F257B1F-1C15-416F-9EDF-959D0B388678} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {77F701EB-EB43-4659-8D08-9C9747E0B668} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7C33A0DF-B7F4-4440-9C04-4DD3DED2545E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {81776BD7-F93C-4E78-BCB5-6F45695ED1CE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {863D3DEE-5FDE-47CC-8E71-B894DD7550ED} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8FFDB8AB-076B-47F7-B20A-DF979713C320} - System32\Tasks\GarminUpdaterTask => E:\Garmin Express\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-10-25] ()
Task: {9B979401-AC10-43DF-A0A6-EED8F31B099A} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {9FB62280-61F6-4D96-BC82-65F056D64558} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {A093B5C9-8F64-47CD-BB66-D30DB7392577} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A225348E-AD2D-4A65-8BC6-35323C3EBB18} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {ACF90DCF-6B69-43A9-8C1D-FF5949F78A6C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B6AADBDA-D255-40A4-A4E2-C9D39CE9FF5B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {B9A3BF1E-03BB-45BC-B8EC-F0DB743C5E33} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B9FE4B24-1246-4120-B139-181C3F8EC526} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BF5BB204-0C22-421E-B9F8-56847688576A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1CEA9DE-D208-4E16-A042-A522D2A0874A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C4D8DF84-1186-4E3B-BC63-B0A6FF608A93} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C63C77B7-0D0C-473E-A2D7-077AB63A5D97} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CBC93D5F-3447-47AD-A4E9-9FD9A5505357} - System32\Tasks\{512D56E3-F360-492A-8377-1655BDC0E6CB} => pcalua.exe -a "F:\Die Siedler 3 Gold\s3new160.exe" -d "F:\Die Siedler 3 Gold"
Task: {CC54D319-77BE-4F3D-A8D2-8D9FE514D98E} - \Digital Sites -> Keine Datei <==== ACHTUNG
Task: {D4006CE8-1F43-43B8-8E70-289A7C359A8A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {D75666BD-99B9-4B61-8219-48BE1777AE7E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DBB35F96-4E9A-43B7-ADDE-C9307DC00BF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DCDC366E-3070-4F42-821B-A046398B17BF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E6A0AEC5-3FB1-4AF3-8172-8994259D0553} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {E6C43306-247C-4767-ADFD-DB37A29ECD32} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
Task: {F9D98F16-B99C-436F-9661-ABFAF62CFCF7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE41568A-8454-4921-B9D5-CE63307E7A02} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE666C86-5E93-4C2D-A8F6-F55C61C505FE} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-11-20 13:55 - 2016-11-22 11:51 - 00625272 _____ () C:\Windows\System32\NetUtils2016.dll
2016-07-16 11:42 - 2016-07-16 11:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 17:29 - 2016-09-15 17:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-02-26 21:51 - 2012-06-01 16:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-10-08 20:53 - 2016-10-25 20:21 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-08 20:53 - 2016-10-25 20:21 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-08 20:54 - 2016-10-25 20:21 - 00420408 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-15 03:24 - 2016-09-15 03:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-09-26 15:32 - 2016-11-17 01:03 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-29 17:29 - 2016-09-15 17:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-26 15:43 - 2016-09-26 15:43 - 01864384 _____ () C:\Users\Besitzer\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2013-01-02 10:15 - 2011-05-28 21:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2016-09-26 15:28 - 2016-09-26 15:28 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 18:08 - 2016-11-02 10:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 18:08 - 2016-11-02 10:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 18:08 - 2016-11-02 10:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-01-04 15:15 - 2007-09-12 10:52 - 00172032 _____ () E:\Razer\razerhid.exe
2016-11-17 12:14 - 2016-11-17 12:15 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 12:14 - 2016-11-17 12:15 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 12:14 - 2016-11-17 12:15 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2014-02-26 21:51 - 2016-11-22 11:51 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-02-26 21:51 - 2010-06-29 09:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-03-30 16:03 - 2016-10-25 20:21 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-08 20:54 - 2016-10-25 19:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-08 20:54 - 2016-10-25 19:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-08 20:53 - 2016-10-25 20:21 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-08 20:53 - 2016-10-25 20:21 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-08 20:54 - 2016-10-25 19:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-10-08 20:54 - 2016-10-25 20:20 - 60819000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2013-01-02 09:11 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-837637057-831856249-3172674156-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Besitzer\Desktop\Camera\20161015_113910.jpg
DNS Servers: 10.26.64.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: GarminExpressTrayApp => "E:\Garmin Express\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GoPro Studio Importer => E:\GoPro\Tools\Importer\GoPro Importer.exe
MSCONFIG\startupreg: icq => C:\Users\Besitzer\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PDFPrint => "E:\PDF24 Creator\PDF24\pdf24.exe"
MSCONFIG\startupreg: Steam => "G:\Steam\steam.exe" -silent
HKU\S-1-5-21-837637057-831856249-3172674156-1000\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{5789BFCB-169E-464A-B933-D66FB9EC5C8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{34F0FDF7-1030-4E6F-9E62-E0566C616597}] => (Allow) LPort=2869
FirewallRules: [{EDA44A7C-8B13-4098-887A-8248D57097A7}] => (Allow) LPort=1900
FirewallRules: [{44443659-5755-4253-92A5-E64487F8A89F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D523A2AA-3805-44E6-A49C-6BE3152C80F8}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{D2544F73-F330-4C2D-BB90-9CDB1B540B84}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{2BBBB36C-08A7-48F3-9359-716DF6C1F226}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{121D68E7-DB37-47F2-B424-BC9408A23C32}G:\warcraft iii\war3.exe] => (Allow) G:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{0614F48B-E052-498F-8636-36F782C0AC2B}G:\warcraft iii\war3.exe] => (Allow) G:\warcraft iii\war3.exe
FirewallRules: [{7970B55F-6580-4478-8451-11FD890EA09B}] => (Allow) G:\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{06D11F40-A4EE-4619-B0CF-4E2D442562C4}] => (Allow) G:\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{4702517A-0ADF-4CCA-A7FC-6CEE469627D2}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{DB25B767-D436-4312-8FE5-39DD4C72F45E}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [TCP Query User{9A10335C-783B-4C86-8FB2-AC7E67983D83}G:\world_of_warplanes\wowplauncher.exe] => (Allow) G:\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{6B624F88-526D-4991-ABF7-79921DC290F3}G:\world_of_warplanes\wowplauncher.exe] => (Allow) G:\world_of_warplanes\wowplauncher.exe
FirewallRules: [{96D46E33-AFEB-4566-8E00-85BD05F11403}] => (Allow) LPort=80
FirewallRules: [{E8E4F516-4E3D-4776-9CC1-508F5AD9CBE7}] => (Allow) LPort=443
FirewallRules: [{836B6973-58BC-4261-A2DC-51AC9974222E}] => (Allow) LPort=20010
FirewallRules: [{C455F500-F553-4B45-AF34-F97354C0EBB0}] => (Allow) LPort=3478
FirewallRules: [{4283F6DD-6B42-43F2-BD3D-88FEDF8AC991}] => (Allow) LPort=7850
FirewallRules: [{FE75D79A-51F2-4F2E-9049-E2E5FDD10968}] => (Allow) LPort=27022
FirewallRules: [{5306BFCF-D2B9-4F4C-AD41-4D8763B7BDED}] => (Allow) LPort=6881
FirewallRules: [{4070EF40-DABC-44AB-A2DC-44BDA0825C58}] => (Allow) LPort=33333
FirewallRules: [{191C804A-11F8-4C95-819F-E5A9D7382305}] => (Allow) LPort=20443
FirewallRules: [{E0527434-8B09-47F7-8423-7891EF411AB5}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{24F63F12-1B69-41A7-ABD5-C90172F08C38}G:\wc3\warcraft iii\war3.exe] => (Allow) G:\wc3\warcraft iii\war3.exe
FirewallRules: [UDP Query User{CC76194F-2B92-4DB8-9B0C-ED3504072AB8}G:\wc3\warcraft iii\war3.exe] => (Allow) G:\wc3\warcraft iii\war3.exe
FirewallRules: [{F12A88BB-3240-4F31-BE01-FE799257E5E8}] => (Allow) G:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{280B3A55-7845-4E80-A8B4-863D614C3DBF}] => (Allow) G:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{E390CDFB-734B-4D0C-AD33-5DED3F4569D0}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{51DA4C23-01D7-4F20-944E-C2665ECB2BB5}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{DD415602-B56D-474F-9ED6-52DC8964100A}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A33D45B2-0236-41EC-8C0C-2EADE326305C}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{BEBE546E-BBDF-4EFA-B244-87A759D741AD}G:\world_of_tanks\wotlauncher.exe] => (Allow) G:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{967DAD35-6504-41A4-A008-3F0E111CEF41}G:\world_of_tanks\wotlauncher.exe] => (Allow) G:\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{B0E9CBD4-35B5-41F3-BDA1-212E27DC9FF7}G:\world_of_tanks\worldoftanks.exe] => (Allow) G:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{FD03265E-1590-4ECA-8095-3199F917B3EA}G:\world_of_tanks\worldoftanks.exe] => (Allow) G:\world_of_tanks\worldoftanks.exe
FirewallRules: [{48CE88A9-B6B2-4B12-8341-250B5C3D11BE}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4B5E1922-84C6-4261-8AEC-4B6FC0708349}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4432F9F0-E89F-4928-8947-F7C536DA92F9}] => (Allow) G:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{F8EB4EEA-5A89-4DB4-98AC-F299D406C132}] => (Allow) G:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{F0BF95A1-22E1-4EC4-B1F1-79927BDB3C0E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{40C36661-D47B-4C1B-92FC-F6F8E56AF769}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2EF67A2-C812-46BD-86F7-EE79E4E08944}] => (Allow) G:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{665A5F39-04E1-4314-B4AF-8A8BA8B83C67}] => (Allow) G:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [TCP Query User{66BD0279-67D8-4B85-8294-AA8B07E9218D}G:\steam\steam.exe] => (Allow) G:\steam\steam.exe
FirewallRules: [UDP Query User{D04AD17D-1AC6-4AA8-AF61-C98361703F68}G:\steam\steam.exe] => (Allow) G:\steam\steam.exe
FirewallRules: [{34DAB699-EBE6-46DA-86AB-2017F214EC98}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8FA034A7-EEE0-436A-A814-382C745E633E}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8E0BCF4F-8A8B-45E1-B301-7280E5126279}] => (Allow) F:\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{15AEAEBA-E2A1-40D4-8239-3525261F470F}] => (Allow) F:\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{03780365-FC7F-472C-BC6B-6B7568A62AE8}] => (Allow) E:\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{ECD76374-4FF2-4695-A74C-00BA9C0222A0}] => (Allow) E:\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{645EAE9E-CAE6-43B0-845C-7B751772DC6A}] => (Allow) E:\Mozilla Firefox\firefox.exe
FirewallRules: [{9E5AF418-7B50-48C5-B099-51C70197889E}] => (Allow) E:\Mozilla Firefox\firefox.exe
FirewallRules: [{A0CBB088-505D-41B8-B63E-577FDDA30C75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{41296DEB-D38F-4848-B681-35C8C795597E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C22D78CB-F323-4B7B-B2FA-69FCB0C48B22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7571E63B-7127-4A9C-9641-9C4387D71678}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5772FD3A-5B77-43EC-9F0A-6CBA43D758AC}] => (Allow) E:\Winamp\winamp.exe
FirewallRules: [{842589F6-EA4E-4C1F-8B80-327AAFD57B6C}] => (Allow) E:\Winamp\winamp.exe
FirewallRules: [{432A822D-28B2-40F0-B956-080CFB1D53E9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{44117B54-807A-49EB-8285-FED18472A486}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{18EAEEC0-1800-45D2-A24E-EBE9EF4B93AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2BABB2D7-A657-4514-8C64-7F2571413896}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D8D8855E-9E8A-4D53-8646-8B43E2D7082E}] => (Allow) G:\Steam\SteamApps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{184775FF-7E20-4694-9627-19DFF39D44B4}] => (Allow) G:\Steam\SteamApps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{33EACE3D-F976-4C20-A0B1-276EC5B142E9}] => (Allow) G:\War Thunder\WarThunder\launcher.exe
FirewallRules: [{BAF5AEAB-23AF-4F0E-B39B-C2541B4E9EAC}] => (Allow) G:\War Thunder\WarThunder\launcher.exe
FirewallRules: [{3C83C4B3-B94E-4A10-8275-D015856F9062}] => (Allow) LPort=7852
FirewallRules: [{607B1440-8C87-45C4-9F34-1D55879EF1E9}] => (Allow) LPort=7853
FirewallRules: [{6663C1AB-BE71-4FCD-B147-7690E41B0D0B}] => (Allow) G:\Ubisoft Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{B9FB389E-B3F5-4D49-92B1-EE8024696F85}] => (Allow) G:\Ubisoft Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{6A5C7112-03AA-43CA-9F4E-DC235794EA4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
==================== Wiederherstellungspunkte =========================
10-11-2016 01:23:12 Windows Update
18-11-2016 16:46:32 Geplanter Prüfpunkt
20-11-2016 14:04:53 Removed Online.io Application
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/20/2016 10:51:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Besitzer-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{832e3cfd-7668-4ed6-8842-01ad33d31eeb}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (11/20/2016 07:30:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Besitzer-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{67e79ae6-1727-4dc2-a67f-78d27f21059d}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (11/20/2016 07:26:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1f48
Startzeit: 01d24363dcd7651c
Beendigungszeit: 9
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: 40033c4d-af57-11e6-b561-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/20/2016 07:26:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.447, Zeitstempel: 0x5819bd75
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.447, Zeitstempel: 0x5819bc32
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a8aba
ID des fehlerhaften Prozesses: 0x5d0
Startzeit der fehlerhaften Anwendung: 0x01d2436402f8580e
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 3f4e4c15-6559-4961-bf63-ebcaae7ba792
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (11/20/2016 07:26:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2560
Startzeit: 01d243637880ed17
Beendigungszeit: 60000
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: 04725364-af57-11e6-b561-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/20/2016 07:03:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: a84
Startzeit: 01d2435fd6cb1728
Beendigungszeit: 56333
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: e5acb750-af53-11e6-b561-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/20/2016 07:03:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 189c
Startzeit: 01d24360a6991fcc
Beendigungszeit: 39
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: ff768e3e-af53-11e6-b561-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/20/2016 07:03:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.447, Zeitstempel: 0x5819bd75
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.447, Zeitstempel: 0x5819bc32
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a8aba
ID des fehlerhaften Prozesses: 0xd44
Startzeit der fehlerhaften Anwendung: 0x01d24360c24910a6
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: fd260796-d363-42e8-857e-859946f7369e
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (11/20/2016 06:57:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2b6c
Startzeit: 01d2435ef4976a9d
Beendigungszeit: 60000
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: fe74836f-af52-11e6-b561-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/20/2016 06:56:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Besitzer-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{ef5b1c15-d881-4549-aa5d-e1d8c2c63094}“ wurde beendet, da das Anhalten zu lange dauerte.
Systemfehler:
=============
Error: (11/22/2016 11:51:28 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/22/2016 11:51:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/20/2016 11:18:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/20/2016 11:18:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/20/2016 11:05:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/20/2016 11:05:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/20/2016 09:31:10 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/20/2016 09:31:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/20/2016 09:30:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst GDBackupSvc erreicht.
Error: (11/20/2016 09:29:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-11-22 12:00:44.924
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-22 12:00:42.811
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 22:51:25.795
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 15:40:04.790
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 15:40:00.454
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 15:39:53.781
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 14:17:06.319
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 14:16:56.222
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 14:16:53.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 14:03:14.916
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16336.51 MB
Verfügbarer physikalischer RAM: 13395.29 MB
Summe virtueller Speicher: 32720.51 MB
Verfügbarer virtueller Speicher: 29738.12 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:136.29 GB) (Free:50.74 GB) NTFS
Drive e: (Programme) (Fixed) (Total:24.42 GB) (Free:21.98 GB) NTFS
Drive f: (Games) (Fixed) (Total:72.08 GB) (Free:3.87 GB) NTFS
Drive g: (Spiele) (Fixed) (Total:863.02 GB) (Free:700.45 GB) NTFS
Drive h: (Daten) (Fixed) (Total:1000 GB) (Free:921.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: D28C1B57)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=136.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=24.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=72.1 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4102C964)
Partition 1: (Not Active) - (Size=863 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
TDSSKiller: Code:
12:12:30.0190 0x2068 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
12:12:33.0472 0x2068 ============================================================
12:12:33.0488 0x2068 Current date / time: 2016/11/22 12:12:33.0472
12:12:33.0488 0x2068 SystemInfo:
12:12:33.0488 0x2068
12:12:33.0488 0x2068 OS Version: 10.0.14393 ServicePack: 0.0
12:12:33.0488 0x2068 Product type: Workstation
12:12:33.0488 0x2068 ComputerName: BESITZER-PC
12:12:33.0488 0x2068 UserName: Besitzer
12:12:33.0488 0x2068 Windows directory: C:\WINDOWS
12:12:33.0488 0x2068 System windows directory: C:\WINDOWS
12:12:33.0488 0x2068 Running under WOW64
12:12:33.0488 0x2068 Processor architecture: Intel x64
12:12:33.0488 0x2068 Number of processors: 4
12:12:33.0488 0x2068 Page size: 0x1000
12:12:33.0488 0x2068 Boot type: Normal boot
12:12:33.0488 0x2068 CodeIntegrityOptions = 0x00000001
12:12:33.0488 0x2068 ============================================================
12:12:33.0597 0x2068 KLMD registered as C:\WINDOWS\system32\drivers\91722058.sys
12:12:33.0597 0x2068 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.447, osProperties = 0x19
12:12:33.0660 0x2068 System UUID: {1C3DE98F-EE0C-CECF-72EE-2832B3F5CE1A}
12:12:33.0847 0x2068 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:12:33.0847 0x2068 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:12:33.0847 0x2068 ============================================================
12:12:33.0847 0x2068 \Device\Harddisk0\DR0:
12:12:33.0847 0x2068 MBR partitions:
12:12:33.0847 0x2068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:12:33.0847 0x2068 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x11095800
12:12:33.0847 0x2068 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x110C8000, BlocksNum 0x30D4800
12:12:33.0847 0x2068 \Device\Harddisk1\DR1:
12:12:34.0066 0x2068 MBR partitions:
12:12:34.0066 0x2068 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6BE09000
12:12:34.0066 0x2068 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6BE09800, BlocksNum 0x7CFFE000
12:12:34.0066 0x2068 ============================================================
12:12:34.0066 0x2068 C: <-> \Device\Harddisk0\DR0\Partition2
12:12:34.0066 0x2068 E: <-> \Device\Harddisk0\DR0\Partition3
12:12:34.0066 0x2068 G: <-> \Device\Harddisk1\DR1\Partition1
12:12:34.0066 0x2068 H: <-> \Device\Harddisk1\DR1\Partition2
12:12:34.0066 0x2068 ============================================================
12:12:34.0066 0x2068 Initialize success
12:12:34.0066 0x2068 ============================================================
12:12:43.0758 0x16ec ============================================================
12:12:43.0758 0x16ec Scan started
12:12:43.0758 0x16ec Mode: Manual; SigCheck; TDLFS;
12:12:43.0758 0x16ec ============================================================
12:12:43.0758 0x16ec KSN ping started
12:12:43.0789 0x16ec KSN ping finished: true
12:12:44.0524 0x16ec ================ Scan system memory ========================
12:12:44.0524 0x16ec System memory - ok
12:12:44.0524 0x16ec ================ Scan services =============================
12:12:44.0555 0x16ec 1394ohci - ok
12:12:44.0555 0x16ec 3ware - ok
12:12:44.0555 0x16ec ACPI - ok
12:12:44.0571 0x16ec AcpiDev - ok
12:12:44.0571 0x16ec acpiex - ok
12:12:44.0571 0x16ec acpipagr - ok
12:12:44.0571 0x16ec AcpiPmi - ok
12:12:44.0571 0x16ec acpitime - ok
12:12:44.0571 0x16ec [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:12:44.0602 0x16ec AdobeARMservice - ok
12:12:44.0618 0x16ec ADP80XX - ok
12:12:44.0618 0x16ec AFD - ok
12:12:44.0618 0x16ec ahcache - ok
12:12:44.0618 0x16ec AJRouter - ok
12:12:44.0618 0x16ec ALG - ok
12:12:44.0633 0x16ec AmdK8 - ok
12:12:44.0633 0x16ec AmdPPM - ok
12:12:44.0633 0x16ec amdsata - ok
12:12:44.0633 0x16ec amdsbs - ok
12:12:44.0633 0x16ec amdxata - ok
12:12:44.0633 0x16ec AppHostSvc - ok
12:12:44.0633 0x16ec AppID - ok
12:12:44.0649 0x16ec AppIDSvc - ok
12:12:44.0649 0x16ec Appinfo - ok
12:12:44.0649 0x16ec applockerfltr - ok
12:12:44.0649 0x16ec AppMgmt - ok
12:12:44.0649 0x16ec AppReadiness - ok
12:12:44.0649 0x16ec AppVClient - ok
12:12:44.0665 0x16ec AppvStrm - ok
12:12:44.0665 0x16ec AppvVemgr - ok
12:12:44.0665 0x16ec AppvVfs - ok
12:12:44.0665 0x16ec AppXSvc - ok
12:12:44.0665 0x16ec arcsas - ok
12:12:44.0680 0x16ec [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
12:12:44.0711 0x16ec asComSvc - ok
12:12:44.0727 0x16ec [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
12:12:44.0743 0x16ec asHmComSvc - ok
12:12:44.0758 0x16ec [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
12:12:44.0758 0x16ec AsIO - ok
12:12:44.0774 0x16ec aspnet_state - ok
12:12:44.0774 0x16ec [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
12:12:44.0790 0x16ec AsSysCtrlService - ok
12:12:44.0790 0x16ec [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO C:\WINDOWS\syswow64\drivers\AsUpIO.sys
12:12:44.0790 0x16ec AsUpIO - ok
12:12:44.0821 0x16ec [ D0B202843B8ADE504EB304DC1E889A3C, B4E30B218A11B32CCB07FD2B37CD85C582721B7321862566593558E059A2047B ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
12:12:44.0868 0x16ec AsusFanControlService - detected UnsignedFile.Multi.Generic ( 1 )
12:12:44.0993 0x16ec Detect skipped due to KSN trusted
12:12:44.0993 0x16ec AsusFanControlService - ok
12:12:44.0993 0x16ec [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER C:\WINDOWS\syswow64\drivers\ASUSFILTER.sys
12:12:45.0008 0x16ec ASUSFILTER - ok
12:12:45.0008 0x16ec AsyncMac - ok
12:12:45.0008 0x16ec atapi - ok
12:12:45.0008 0x16ec AudioEndpointBuilder - ok
12:12:45.0008 0x16ec Audiosrv - ok
12:12:45.0086 0x16ec [ F6C322B06ABB622B32115BF32EEE253B, F06D265DDD56A052ACFBB46DD057E246FCF3F65457133D98C1EA130E0DDFEAFE ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
12:12:45.0165 0x16ec AVKProxy - ok
12:12:45.0196 0x16ec [ 98DAE6FDBEF58BF07E9650DF3B729C8A, F5B81DA51AE357A6EB094561AC4ECC4E1263FBC7D111579A888BDD6DC51C7C76 ] AVKService E:\G Data\InternetSecurity\AVK\AVKService.exe
12:12:45.0211 0x16ec AVKService - ok
12:12:45.0258 0x16ec [ 580D451B3F20565634D048D7B229EE40, 36CD7EA285F908BEA1E8E68C6CC29CD5A70E23DB38C5E2D1A41684A62FF17AEA ] AVKWCtl E:\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
12:12:45.0321 0x16ec AVKWCtl - ok
12:12:45.0321 0x16ec AxInstSV - ok
12:12:45.0321 0x16ec b06bdrv - ok
12:12:45.0321 0x16ec BasicDisplay - ok
12:12:45.0321 0x16ec BasicRender - ok
12:12:45.0336 0x16ec bcmfn - ok
12:12:45.0336 0x16ec bcmfn2 - ok
12:12:45.0336 0x16ec BDESVC - ok
12:12:45.0336 0x16ec Beep - ok
12:12:45.0336 0x16ec BFE - ok
12:12:45.0336 0x16ec BITS - ok
12:12:45.0352 0x16ec bowser - ok
12:12:45.0352 0x16ec BrokerInfrastructure - ok
12:12:45.0352 0x16ec Browser - ok
12:12:45.0352 0x16ec BthAvrcpTg - ok
12:12:45.0352 0x16ec BthHFEnum - ok
12:12:45.0352 0x16ec bthhfhid - ok
12:12:45.0352 0x16ec BthHFSrv - ok
12:12:45.0368 0x16ec BTHMODEM - ok
12:12:45.0368 0x16ec bthserv - ok
12:12:45.0368 0x16ec buttonconverter - ok
12:12:45.0368 0x16ec CapImg - ok
12:12:45.0368 0x16ec cdfs - ok
12:12:45.0368 0x16ec CDPSvc - ok
12:12:45.0383 0x16ec CDPUserSvc - ok
12:12:45.0383 0x16ec cdrom - ok
12:12:45.0383 0x16ec CertPropSvc - ok
12:12:45.0383 0x16ec cht4iscsi - ok
12:12:45.0383 0x16ec cht4vbd - ok
12:12:45.0383 0x16ec circlass - ok
12:12:45.0399 0x16ec CLFS - ok
12:12:45.0399 0x16ec ClipSVC - ok
12:12:45.0399 0x16ec clreg - ok
12:12:45.0399 0x16ec CmBatt - ok
12:12:45.0399 0x16ec CNG - ok
12:12:45.0415 0x16ec cnghwassist - ok
12:12:45.0415 0x16ec CompositeBus - ok
12:12:45.0415 0x16ec COMSysApp - ok
12:12:45.0415 0x16ec condrv - ok
12:12:45.0430 0x16ec CoreMessagingRegistrar - ok
12:12:45.0430 0x16ec CryptSvc - ok
12:12:45.0430 0x16ec CSC - ok
12:12:45.0430 0x16ec CscService - ok
12:12:45.0430 0x16ec dam - ok
12:12:45.0446 0x16ec DcomLaunch - ok
12:12:45.0446 0x16ec DcpSvc - ok
12:12:45.0446 0x16ec defragsvc - ok
12:12:45.0446 0x16ec DeviceAssociationService - ok
12:12:45.0446 0x16ec DeviceInstall - ok
12:12:45.0446 0x16ec DevQueryBroker - ok
12:12:45.0446 0x16ec Dfsc - ok
12:12:45.0461 0x16ec [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:12:45.0461 0x16ec dg_ssudbus - ok
12:12:45.0461 0x16ec Dhcp - ok
12:12:45.0477 0x16ec diagnosticshub.standardcollector.service - ok
12:12:45.0477 0x16ec DiagTrack - ok
12:12:45.0477 0x16ec disk - ok
12:12:45.0477 0x16ec DmEnrollmentSvc - ok
12:12:45.0477 0x16ec dmvsc - ok
12:12:45.0477 0x16ec dmwappushservice - ok
12:12:45.0493 0x16ec Dnscache - ok
12:12:45.0493 0x16ec dot3svc - ok
12:12:45.0493 0x16ec DPS - ok
12:12:45.0493 0x16ec drmkaud - ok
12:12:45.0493 0x16ec DsmSvc - ok
12:12:45.0493 0x16ec DsSvc - ok
12:12:45.0493 0x16ec DXGKrnl - ok
12:12:45.0508 0x16ec EapHost - ok
12:12:45.0508 0x16ec ebdrv - ok
12:12:45.0508 0x16ec EFS - ok
12:12:45.0508 0x16ec EhStorClass - ok
12:12:45.0508 0x16ec EhStorTcgDrv - ok
12:12:45.0508 0x16ec embeddedmode - ok
12:12:45.0508 0x16ec EntAppSvc - ok
12:12:45.0524 0x16ec ErrDev - ok
12:12:45.0524 0x16ec EventSystem - ok
12:12:45.0524 0x16ec exfat - ok
12:12:45.0524 0x16ec fastfat - ok
12:12:45.0524 0x16ec Fax - ok
12:12:45.0524 0x16ec fdc - ok
12:12:45.0524 0x16ec fdPHost - ok
12:12:45.0540 0x16ec FDResPub - ok
12:12:45.0540 0x16ec fhsvc - ok
12:12:45.0540 0x16ec FileCrypt - ok
12:12:45.0540 0x16ec FileInfo - ok
12:12:45.0540 0x16ec Filetrace - ok
12:12:45.0555 0x16ec flpydisk - ok
12:12:45.0555 0x16ec FltMgr - ok
12:12:45.0555 0x16ec FontCache - ok
12:12:45.0555 0x16ec FontCache3.0.0.0 - ok
12:12:45.0555 0x16ec FrameServer - ok
12:12:45.0555 0x16ec FsDepends - ok
12:12:45.0555 0x16ec Fs_Rec - ok
12:12:45.0571 0x16ec fvevol - ok
12:12:45.0586 0x16ec [ 13B46C5D8AC698E7E5C46620516F03AC, D9756699B7F9701F2EF70E3DB2C3DED25D12478C4831F9F0621C542998CBD03D ] Garmin Device Interaction Service E:\Garmin Express\Garmin\Device Interaction Service\GarminService.exe
12:12:45.0602 0x16ec Garmin Device Interaction Service - ok
12:12:45.0665 0x16ec [ 5B687E80548998161B11E093150A3215, 7C29D725B69FBFD2A1C762D4567E8252A03246F36551389E98D4AF6F516B6100 ] GDBackupSvc E:\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe
12:12:45.0727 0x16ec GDBackupSvc - ok
12:12:45.0743 0x16ec [ 3F24DCB0037A0121C220CB8EAF9A340D, 6F1EED1A2FE31D03EF2050D6B124BD5782020B7B7A6862FE6FCA0F4C2481BFAF ] GDBehave C:\WINDOWS\system32\drivers\GDBehave.sys
12:12:45.0743 0x16ec GDBehave - ok
12:12:45.0743 0x16ec [ 1314062567B9ED86BFFDE5D8C48C52AE, 01DE02308E478F50DBFE4C6EAE9D0C052C1575283F2C182388E2028F3BF2E756 ] GDElam C:\WINDOWS\system32\DRIVERS\GDElam.sys
12:12:45.0758 0x16ec GDElam - ok
12:12:45.0805 0x16ec [ EC7C7AEE53383D2FABB98B05F63514FF, 149633A96E9803F168D3EF0A3182529D0247FFB748021F262F1D19F2C993FCF8 ] GDFwSvc E:\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
12:12:45.0868 0x16ec GDFwSvc - ok
12:12:45.0868 0x16ec [ DD7D5196EB9C4321EA57B668AF873840, 0E934032911203A22BC84519F303061703DF503F19382ACDE37AAD53FCBEDF1A ] GDKBB C:\Windows\system32\drivers\GDKBB64.sys
12:12:45.0883 0x16ec GDKBB - ok
12:12:45.0883 0x16ec [ 4A9000A1B02C394CD2C5E6450A04002D, E979C07888C4E20D3037E60A1A48501A0B3EC905C407781B6D437314851E1C32 ] GDKBFlt C:\Windows\system32\drivers\GDKBFlt64.sys
12:12:45.0883 0x16ec GDKBFlt - ok
12:12:45.0899 0x16ec [ EE1927F18C9298D96A47017272D591E8, 6D880B43969B41636D520962BD77DD3FA59374903F6E72354610DFC01306E7EE ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
12:12:45.0899 0x16ec GDMnIcpt - ok
12:12:45.0915 0x16ec [ DC5200C3055D6EB5355F8975FB38E9EE, 6E1E059DDEF04F1B0761570B75BF2914256243F1398E682BF4DF00AF3CE44585 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
12:12:45.0915 0x16ec GDPkIcpt - ok
12:12:45.0930 0x16ec [ 1FCEE46DEFDF64DC7E1939E3F9E56718, CED8A28472AF234DED48AE0EB38CC697F50B7D9BF0BDBDE2F9D29CEE9DF0454E ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
12:12:45.0946 0x16ec GDScan - ok
12:12:45.0946 0x16ec [ 4E294DB229885177DA056A3471476A19, CEC297E50B96650CB822C5D6BD89FF9DD96311A2A07692935C101F39F6A89BBA ] gdwfpcd C:\WINDOWS\system32\drivers\gdwfpcd64.sys
12:12:45.0962 0x16ec gdwfpcd - ok
12:12:45.0962 0x16ec gencounter - ok
12:12:45.0962 0x16ec genericusbfn - ok
12:12:45.0962 0x16ec [ 5D4DF0BAC74E9AC62AF6BC99440B050B, 655110646BFF890C448C0951E11132DC3592BDA6E080696341B930D090224723 ] GPCIDrv E:\Gigabyte\GPCIDrv64.sys
12:12:45.0977 0x16ec GPCIDrv - ok
12:12:45.0977 0x16ec GPIOClx0101 - ok
12:12:45.0977 0x16ec gpsvc - ok
12:12:45.0977 0x16ec GpuEnergyDrv - ok
12:12:45.0977 0x16ec [ 6809BA27F97EAFC5C30F743E30DE1DB6, BAC1E0E4542B9917731FD50B1A646CFDA31679FDF2A5A875742AA88600847547 ] GRD C:\Windows\system32\drivers\GRD.sys
12:12:45.0993 0x16ec GRD - ok
12:12:45.0993 0x16ec HDAudBus - ok
12:12:45.0993 0x16ec HidBatt - ok
12:12:45.0993 0x16ec HidBth - ok
12:12:45.0993 0x16ec hidi2c - ok
12:12:46.0008 0x16ec hidinterrupt - ok
12:12:46.0008 0x16ec HidIr - ok
12:12:46.0008 0x16ec hidserv - ok
12:12:46.0008 0x16ec HidUsb - ok
12:12:46.0008 0x16ec HomeGroupListener - ok
12:12:46.0008 0x16ec HomeGroupProvider - ok
12:12:46.0024 0x16ec [ FEDBFAFC5BAD0AE52ADE4DF75DBFF69F, A16CED31C64EAA92FE1BB4194A5124476BD53459F4B758ED504F2CFB31D6A580 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
12:12:46.0024 0x16ec HookCentre - ok
12:12:46.0024 0x16ec HpSAMD - ok
12:12:46.0024 0x16ec HTTP - ok
12:12:46.0040 0x16ec HvHost - ok
12:12:46.0040 0x16ec hvservice - ok
12:12:46.0040 0x16ec hwpolicy - ok
12:12:46.0040 0x16ec hyperkbd - ok
12:12:46.0040 0x16ec i8042prt - ok
12:12:46.0040 0x16ec iagpio - ok
12:12:46.0040 0x16ec iai2c - ok
12:12:46.0055 0x16ec iaLPSS2i_GPIO2 - ok
12:12:46.0055 0x16ec iaLPSS2i_I2C - ok
12:12:46.0055 0x16ec iaLPSSi_GPIO - ok
12:12:46.0055 0x16ec iaLPSSi_I2C - ok
12:12:46.0055 0x16ec iaStorAV - ok
12:12:46.0055 0x16ec iaStorV - ok
12:12:46.0071 0x16ec ibbus - ok
12:12:46.0071 0x16ec [ 90D95B25F8413F937A2E155F196D892C, 5D08EE7BFEB000F2A06FA2F37729C29C2A71760A4BD6241330E6FF257CB8D8EE ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
12:12:46.0071 0x16ec ICCS - detected UnsignedFile.Multi.Generic ( 1 )
12:12:46.0368 0x16ec Detect skipped due to KSN trusted
12:12:46.0368 0x16ec ICCS - ok
12:12:46.0383 0x16ec [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT C:\WINDOWS\System32\drivers\ICCWDT.sys
12:12:46.0399 0x16ec ICCWDT - ok
12:12:46.0399 0x16ec icssvc - ok
12:12:46.0399 0x16ec [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:12:46.0415 0x16ec IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:12:46.0821 0x16ec Detect skipped due to KSN trusted
12:12:46.0821 0x16ec IDriverT - ok
12:12:46.0837 0x16ec IKEEXT - ok
12:12:46.0837 0x16ec IndirectKmd - ok
12:12:46.0915 0x16ec [ 7A93DBF7DD86A28C0B941F4D39B85A0E, DBA4AE976CD01C599B85933E9B8741D7F01FD88F5BEAF01DDA3BCCDD1550607A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:12:46.0977 0x16ec IntcAzAudAddService - ok
12:12:47.0008 0x16ec [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:12:47.0024 0x16ec Intel(R) Capability Licensing Service Interface - ok
12:12:47.0024 0x16ec intelide - ok
12:12:47.0024 0x16ec intelpep - ok
12:12:47.0024 0x16ec intelppm - ok
12:12:47.0024 0x16ec iorate - ok
12:12:47.0024 0x16ec IpFilterDriver - ok
12:12:47.0024 0x16ec iphlpsvc - ok
12:12:47.0040 0x16ec IPMIDRV - ok
12:12:47.0040 0x16ec IPNAT - ok
12:12:47.0040 0x16ec irda - ok
12:12:47.0040 0x16ec IRENUM - ok
12:12:47.0040 0x16ec irmon - ok
12:12:47.0040 0x16ec isapnp - ok
12:12:47.0040 0x16ec iScsiPrt - ok
12:12:47.0055 0x16ec [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:12:47.0055 0x16ec jhi_service - ok
12:12:47.0055 0x16ec kbdclass - ok
12:12:47.0071 0x16ec kbdhid - ok
12:12:47.0071 0x16ec kdnic - ok
12:12:47.0071 0x16ec KeyIso - ok
12:12:47.0071 0x16ec KSecDD - ok
12:12:47.0071 0x16ec KSecPkg - ok
12:12:47.0071 0x16ec ksthunk - ok
12:12:47.0071 0x16ec KtmRm - ok
12:12:47.0087 0x16ec LanmanServer - ok
12:12:47.0087 0x16ec LanmanWorkstation - ok
12:12:47.0087 0x16ec lfsvc - ok
12:12:47.0087 0x16ec [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
12:12:47.0087 0x16ec LGBusEnum - ok
12:12:47.0102 0x16ec [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys
12:12:47.0102 0x16ec LGVirHid - ok
12:12:47.0102 0x16ec LicenseManager - ok
12:12:47.0102 0x16ec lltdio - ok
12:12:47.0102 0x16ec lltdsvc - ok
12:12:47.0102 0x16ec lmhosts - ok
12:12:47.0118 0x16ec [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:12:47.0118 0x16ec LMS - ok
12:12:47.0133 0x16ec LSI_SAS - ok
12:12:47.0133 0x16ec LSI_SAS2i - ok
12:12:47.0133 0x16ec LSI_SAS3i - ok
12:12:47.0133 0x16ec LSI_SSS - ok
12:12:47.0133 0x16ec LSM - ok
12:12:47.0149 0x16ec luafv - ok
12:12:47.0149 0x16ec MapsBroker - ok
12:12:47.0149 0x16ec megasas - ok
12:12:47.0149 0x16ec megasas2i - ok
12:12:47.0149 0x16ec megasr - ok
12:12:47.0149 0x16ec [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
12:12:47.0165 0x16ec MEIx64 - ok
12:12:47.0165 0x16ec MessagingService - ok
12:12:47.0165 0x16ec mlx4_bus - ok
12:12:47.0165 0x16ec MMCSS - ok
12:12:47.0165 0x16ec Modem - ok
12:12:47.0180 0x16ec monitor - ok
12:12:47.0180 0x16ec mouclass - ok
12:12:47.0180 0x16ec mouhid - ok
12:12:47.0180 0x16ec mountmgr - ok
12:12:47.0180 0x16ec mpsdrv - ok
12:12:47.0180 0x16ec MpsSvc - ok
12:12:47.0180 0x16ec MQAC - ok
12:12:47.0196 0x16ec MRxDAV - ok
12:12:47.0196 0x16ec mrxsmb - ok
12:12:47.0196 0x16ec mrxsmb10 - ok
12:12:47.0196 0x16ec mrxsmb20 - ok
12:12:47.0196 0x16ec MsBridge - ok
12:12:47.0196 0x16ec MSDTC - ok
12:12:47.0213 0x16ec Msfs - ok
12:12:47.0213 0x16ec msgpiowin32 - ok
12:12:47.0213 0x16ec mshidkmdf - ok
12:12:47.0213 0x16ec mshidumdf - ok
12:12:47.0213 0x16ec msisadrv - ok
12:12:47.0213 0x16ec MSiSCSI - ok
12:12:47.0213 0x16ec msiserver - ok
12:12:47.0228 0x16ec MSKSSRV - ok
12:12:47.0228 0x16ec MsLldp - ok
12:12:47.0228 0x16ec MSMQ - ok
12:12:47.0228 0x16ec MSPCLOCK - ok
12:12:47.0228 0x16ec MSPQM - ok
12:12:47.0228 0x16ec MsRPC - ok
12:12:47.0228 0x16ec MsSecFlt - ok
12:12:47.0244 0x16ec mssmbios - ok
12:12:47.0244 0x16ec MSTEE - ok
12:12:47.0244 0x16ec MTConfig - ok
12:12:47.0244 0x16ec Mup - ok
12:12:47.0244 0x16ec mvumis - ok
12:12:47.0244 0x16ec NativeWifiP - ok
12:12:47.0260 0x16ec NcaSvc - ok
12:12:47.0260 0x16ec NcbService - ok
12:12:47.0260 0x16ec NcdAutoSetup - ok
12:12:47.0260 0x16ec ndfltr - ok
12:12:47.0260 0x16ec NDIS - ok
12:12:47.0260 0x16ec NdisCap - ok
12:12:47.0260 0x16ec NdisImPlatform - ok
12:12:47.0275 0x16ec NdisTapi - ok
12:12:47.0275 0x16ec Ndisuio - ok
12:12:47.0275 0x16ec NdisVirtualBus - ok
12:12:47.0275 0x16ec NdisWan - ok
12:12:47.0275 0x16ec ndiswanlegacy - ok
12:12:47.0275 0x16ec ndproxy - ok
12:12:47.0275 0x16ec Ndu - ok
12:12:47.0275 0x16ec NetAdapterCx - ok
12:12:47.0291 0x16ec NetBIOS - ok
12:12:47.0291 0x16ec NetBT - ok
12:12:47.0291 0x16ec Netlogon - ok
12:12:47.0291 0x16ec Netman - ok
12:12:47.0291 0x16ec NetMsmqActivator - ok
12:12:47.0307 0x16ec NetPipeActivator - ok
12:12:47.0307 0x16ec netprofm - ok
12:12:47.0307 0x16ec NetSetupSvc - ok
12:12:47.0307 0x16ec NetTcpActivator - ok
12:12:47.0307 0x16ec NetTcpPortSharing - ok
12:12:47.0322 0x16ec [ 9EE21F7D46BD2B0F128E0907BABC7D28, 158CE7A2D8FD23CDAB6DF8EF35F624DF85435D2DF273EABF128D46354E12238B ] NetUtils2016 C:\WINDOWS\system32\drivers\NetUtils2016.sys
12:12:47.0353 0x16ec NetUtils2016 - ok
12:12:47.0353 0x16ec NgcCtnrSvc - ok
12:12:47.0353 0x16ec NgcSvc - ok
12:12:47.0353 0x16ec NlaSvc - ok
12:12:47.0353 0x16ec Npfs - ok
12:12:47.0353 0x16ec npsvctrig - ok
12:12:47.0369 0x16ec nsi - ok
12:12:47.0369 0x16ec nsiproxy - ok
12:12:47.0369 0x16ec NTFS - ok
12:12:47.0369 0x16ec Null - ok
12:12:47.0385 0x16ec [ A6ED2E5E268D83B77D15348591CB8AE5, 12E2FE967AA46422393E82F112DA0153A2BC86F8B5034187FEF6D37FE51D6562 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
12:12:47.0385 0x16ec NvContainerLocalSystem - ok
12:12:47.0400 0x16ec [ A6ED2E5E268D83B77D15348591CB8AE5, 12E2FE967AA46422393E82F112DA0153A2BC86F8B5034187FEF6D37FE51D6562 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
12:12:47.0416 0x16ec NvContainerNetworkService - ok
12:12:47.0416 0x16ec [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
12:12:47.0432 0x16ec NVHDA - ok
12:12:47.0447 0x16ec [ 6AEBC7136C17478CBC9A772F1E60EB9E, D059A9134A6C7117B70302FF853485614E1E632C6F002F3D11C111C450B2F647 ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
12:12:47.0480 0x16ec NVIDIA Wireless Controller Service - ok
12:12:47.0685 0x16ec [ 70BC7D732B4AA50EC77D262A89E63E08, 781507DB55582F8BD367020DA844DA6A5D75005E416A2E843255E0F4CA8F896D ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_410e5247be0e5f00\nvlddmkm.sys
12:12:47.0904 0x16ec nvlddmkm - ok
12:12:47.0904 0x16ec nvraid - ok
12:12:47.0919 0x16ec nvstor - ok
12:12:47.0919 0x16ec [ 06C7DAD44F4B95AA02BE2107486274BC, DBCC2E29F1BEAEFEC5BBD767F71C30FBAA3425E4E88A5C6BAF626661C350CF11 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:12:47.0919 0x16ec NvStreamKms - ok
12:12:47.0919 0x16ec [ 9F3F8D255C2D1ED457487CF1FAD56399, 9C75677937D1930AB422EFD653D47034E83E02A10BF713C19CC1B8239CD1AC9C ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
12:12:47.0935 0x16ec nvvad_WaveExtensible - ok
12:12:47.0935 0x16ec [ 8906264B81BCD6EEB40050B6002A523E, 5E5586FA8CFFD110F302C84F873801F4BCAF2FC263A14D2D051CA8DB54753DAC ] OkayFreedom VPN Starter Service C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
12:12:47.0951 0x16ec OkayFreedom VPN Starter Service - ok
12:12:47.0951 0x16ec OneSyncSvc - ok
12:12:47.0951 0x16ec p2pimsvc - ok
12:12:47.0966 0x16ec p2psvc - ok
12:12:47.0966 0x16ec Parport - ok
12:12:47.0966 0x16ec Partizan - ok
12:12:47.0966 0x16ec partmgr - ok
12:12:47.0966 0x16ec PcaSvc - ok
12:12:47.0966 0x16ec pci - ok
12:12:47.0966 0x16ec pciide - ok
12:12:47.0982 0x16ec pcmcia - ok
12:12:47.0982 0x16ec pcw - ok
12:12:47.0982 0x16ec pdc - ok
12:12:47.0982 0x16ec PEAUTH - ok
12:12:47.0982 0x16ec PeerDistSvc - ok
12:12:47.0982 0x16ec percsas2i - ok
12:12:47.0997 0x16ec percsas3i - ok
12:12:48.0013 0x16ec PerfHost - ok
12:12:48.0013 0x16ec PhoneSvc - ok
12:12:48.0013 0x16ec PimIndexMaintenanceSvc - ok
12:12:48.0013 0x16ec pla - ok
12:12:48.0013 0x16ec PlugPlay - ok
12:12:48.0029 0x16ec PNRPAutoReg - ok
12:12:48.0029 0x16ec PNRPsvc - ok
12:12:48.0029 0x16ec PolicyAgent - ok
12:12:48.0029 0x16ec Power - ok
12:12:48.0029 0x16ec PptpMiniport - ok
12:12:48.0091 0x16ec [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:12:48.0169 0x16ec PrintNotify - ok
12:12:48.0169 0x16ec Processor - ok
12:12:48.0185 0x16ec ProfSvc - ok
12:12:48.0185 0x16ec Psched - ok
12:12:48.0185 0x16ec QWAVE - ok
12:12:48.0185 0x16ec QWAVEdrv - ok
12:12:48.0185 0x16ec RasAcd - ok
12:12:48.0185 0x16ec RasAgileVpn - ok
12:12:48.0185 0x16ec RasAuto - ok
12:12:48.0201 0x16ec Rasl2tp - ok
12:12:48.0201 0x16ec RasMan - ok
12:12:48.0201 0x16ec RasPppoe - ok
12:12:48.0201 0x16ec RasSstp - ok
12:12:48.0201 0x16ec rdbss - ok
12:12:48.0201 0x16ec rdpbus - ok
12:12:48.0216 0x16ec RDPDR - ok
12:12:48.0216 0x16ec RdpVideoMiniport - ok
12:12:48.0216 0x16ec rdyboost - ok
12:12:48.0216 0x16ec ReFSv1 - ok
12:12:48.0216 0x16ec RemoteAccess - ok
12:12:48.0232 0x16ec RemoteRegistry - ok
12:12:48.0232 0x16ec RetailDemo - ok
12:12:48.0232 0x16ec RmSvc - ok
12:12:48.0232 0x16ec RpcEptMapper - ok
12:12:48.0232 0x16ec RpcLocator - ok
12:12:48.0232 0x16ec RpcSs - ok
12:12:48.0232 0x16ec rspndr - ok
12:12:48.0248 0x16ec rt640x64 - ok
12:12:48.0248 0x16ec s3cap - ok
12:12:48.0248 0x16ec SamSs - ok
12:12:48.0248 0x16ec sbp2port - ok
12:12:48.0248 0x16ec SCardSvr - ok
12:12:48.0248 0x16ec ScDeviceEnum - ok
12:12:48.0248 0x16ec scfilter - ok
12:12:48.0263 0x16ec Schedule - ok
12:12:48.0263 0x16ec scmbus - ok
12:12:48.0263 0x16ec scmdisk0101 - ok
12:12:48.0263 0x16ec SCPolicySvc - ok
12:12:48.0263 0x16ec sdbus - ok
12:12:48.0263 0x16ec SDRSVC - ok
12:12:48.0263 0x16ec sdstor - ok
12:12:48.0279 0x16ec seclogon - ok
12:12:48.0279 0x16ec SENS - ok
12:12:48.0279 0x16ec Sense - ok
12:12:48.0279 0x16ec SensorDataService - ok
12:12:48.0279 0x16ec SensorService - ok
12:12:48.0279 0x16ec SensrSvc - ok
12:12:48.0294 0x16ec SerCx - ok
12:12:48.0294 0x16ec SerCx2 - ok
12:12:48.0294 0x16ec Serenum - ok
12:12:48.0294 0x16ec Serial - ok
12:12:48.0294 0x16ec sermouse - ok
12:12:48.0310 0x16ec SessionEnv - ok
12:12:48.0310 0x16ec sfloppy - ok
12:12:48.0310 0x16ec SharedAccess - ok
12:12:48.0310 0x16ec ShellHWDetection - ok
12:12:48.0310 0x16ec shpamsvc - ok
12:12:48.0310 0x16ec SiSRaid2 - ok
12:12:48.0326 0x16ec SiSRaid4 - ok
12:12:48.0326 0x16ec [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:12:48.0341 0x16ec SkypeUpdate - ok
12:12:48.0341 0x16ec smphost - ok
12:12:48.0341 0x16ec SmsRouter - ok
12:12:48.0341 0x16ec SNMPTRAP - ok
12:12:48.0357 0x16ec spaceport - ok
12:12:48.0357 0x16ec SpbCx - ok
12:12:48.0357 0x16ec Spooler - ok
12:12:48.0357 0x16ec sppsvc - ok
12:12:48.0357 0x16ec srv - ok
12:12:48.0357 0x16ec srv2 - ok
12:12:48.0357 0x16ec srvnet - ok
12:12:48.0373 0x16ec SSDPSRV - ok
12:12:48.0373 0x16ec SstpSvc - ok
12:12:48.0373 0x16ec [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:12:48.0388 0x16ec ssudmdm - ok
12:12:48.0388 0x16ec StateRepository - ok
12:12:48.0404 0x16ec [ 04F9B53224689BB3638CC2D3DA721E5C, D073C8D5CEFD59CC3D4834A6B92EA8FE113A73C400C27BB6B3D215522FAE17C3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:12:48.0435 0x16ec Steam Client Service - ok
12:12:48.0435 0x16ec stexstor - ok
12:12:48.0435 0x16ec stisvc - ok
12:12:48.0451 0x16ec storahci - ok
12:12:48.0451 0x16ec storflt - ok
12:12:48.0451 0x16ec stornvme - ok
12:12:48.0451 0x16ec storqosflt - ok
12:12:48.0451 0x16ec StorSvc - ok
12:12:48.0451 0x16ec storufs - ok
12:12:48.0451 0x16ec storvsc - ok
12:12:48.0466 0x16ec svsvc - ok
12:12:48.0466 0x16ec swenum - ok
12:12:48.0466 0x16ec swprv - ok
12:12:48.0466 0x16ec Synth3dVsc - ok
12:12:48.0466 0x16ec SysMain - ok
12:12:48.0466 0x16ec SystemEventsBroker - ok
12:12:48.0482 0x16ec TabletInputService - ok
12:12:48.0482 0x16ec [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
12:12:48.0482 0x16ec tap0901 - ok
12:12:48.0498 0x16ec TapiSrv - ok
12:12:48.0498 0x16ec Tcpip - ok
12:12:48.0498 0x16ec Tcpip6 - ok
12:12:48.0498 0x16ec tcpipreg - ok
12:12:48.0498 0x16ec tdx - ok
12:12:48.0498 0x16ec terminpt - ok
12:12:48.0513 0x16ec TermService - ok
12:12:48.0513 0x16ec [ CE4B6956E4E12492715A53076E58761F, 0D12934B8F7D18F5785A3EAEDEC2CBD1C3627F7D73C73E9329C73A3B99990D36 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
12:12:48.0513 0x16ec TFsExDisk - ok
12:12:48.0513 0x16ec Themes - ok
12:12:48.0513 0x16ec TieringEngineService - ok
12:12:48.0529 0x16ec tiledatamodelsvc - ok
12:12:48.0529 0x16ec TimeBrokerSvc - ok
12:12:48.0529 0x16ec TPM - ok
12:12:48.0529 0x16ec TrkWks - ok
12:12:48.0529 0x16ec TrustedInstaller - ok
12:12:48.0529 0x16ec tsusbflt - ok
12:12:48.0529 0x16ec TsUsbGD - ok
12:12:48.0544 0x16ec tsusbhub - ok
12:12:48.0544 0x16ec tunnel - ok
12:12:48.0544 0x16ec tzautoupdate - ok
12:12:48.0544 0x16ec UASPStor - ok
12:12:48.0544 0x16ec UcmCx0101 - ok
12:12:48.0544 0x16ec UcmTcpciCx0101 - ok
12:12:48.0560 0x16ec UcmUcsi - ok
12:12:48.0560 0x16ec Ucx01000 - ok
12:12:48.0560 0x16ec UdeCx - ok
12:12:48.0560 0x16ec udfs - ok
12:12:48.0560 0x16ec UEFI - ok
12:12:48.0560 0x16ec UevAgentDriver - ok
12:12:48.0576 0x16ec UevAgentService - ok
12:12:48.0576 0x16ec Ufx01000 - ok
12:12:48.0576 0x16ec UfxChipidea - ok
12:12:48.0576 0x16ec ufxsynopsys - ok
12:12:48.0576 0x16ec UI0Detect - ok
12:12:48.0576 0x16ec umbus - ok
12:12:48.0591 0x16ec UmPass - ok
12:12:48.0591 0x16ec UmRdpService - ok
12:12:48.0591 0x16ec UnistoreSvc - ok
12:12:48.0607 0x16ec [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:12:48.0607 0x16ec UNS - ok
12:12:48.0607 0x16ec upnphost - ok
12:12:48.0607 0x16ec UrsChipidea - ok
12:12:48.0623 0x16ec UrsCx01000 - ok
12:12:48.0623 0x16ec UrsSynopsys - ok
12:12:48.0623 0x16ec usbccgp - ok
12:12:48.0623 0x16ec usbcir - ok
12:12:48.0623 0x16ec usbehci - ok
12:12:48.0623 0x16ec usbhub - ok
12:12:48.0638 0x16ec USBHUB3 - ok
12:12:48.0638 0x16ec usbohci - ok
12:12:48.0638 0x16ec usbprint - ok
12:12:48.0638 0x16ec usbser - ok
12:12:48.0638 0x16ec USBSTOR - ok
12:12:48.0638 0x16ec usbuhci - ok
12:12:48.0638 0x16ec USBXHCI - ok
12:12:48.0654 0x16ec UserDataSvc - ok
12:12:48.0654 0x16ec UserManager - ok
12:12:48.0654 0x16ec UsoSvc - ok
12:12:48.0654 0x16ec VaultSvc - ok
12:12:48.0654 0x16ec vdrvroot - ok
12:12:48.0654 0x16ec vds - ok
12:12:48.0669 0x16ec VerifierExt - ok
12:12:48.0669 0x16ec vhdmp - ok
12:12:48.0669 0x16ec vhf - ok
12:12:48.0669 0x16ec vmbus - ok
12:12:48.0669 0x16ec VMBusHID - ok
12:12:48.0669 0x16ec vmgid - ok
12:12:48.0685 0x16ec vmicguestinterface - ok
12:12:48.0685 0x16ec vmicheartbeat - ok
12:12:48.0685 0x16ec vmickvpexchange - ok
12:12:48.0685 0x16ec vmicrdv - ok
12:12:48.0685 0x16ec vmicshutdown - ok
12:12:48.0685 0x16ec vmictimesync - ok
12:12:48.0701 0x16ec vmicvmsession - ok
12:12:48.0701 0x16ec vmicvss - ok
12:12:48.0701 0x16ec volmgr - ok
12:12:48.0701 0x16ec volmgrx - ok
12:12:48.0701 0x16ec volsnap - ok
12:12:48.0701 0x16ec volume - ok
12:12:48.0716 0x16ec vpci - ok
12:12:48.0716 0x16ec vsmraid - ok
12:12:48.0716 0x16ec VSS - ok
12:12:48.0716 0x16ec VSTXRAID - ok
12:12:48.0716 0x16ec vwifibus - ok
12:12:48.0716 0x16ec vwififlt - ok
12:12:48.0732 0x16ec W32Time - ok
12:12:48.0732 0x16ec w3logsvc - ok
12:12:48.0732 0x16ec W3SVC - ok
12:12:48.0732 0x16ec WacomPen - ok
12:12:48.0732 0x16ec WalletService - ok
12:12:48.0732 0x16ec wanarp - ok
12:12:48.0748 0x16ec wanarpv6 - ok
12:12:48.0748 0x16ec WAS - ok
12:12:48.0748 0x16ec wbengine - ok
12:12:48.0748 0x16ec WbioSrvc - ok
12:12:48.0748 0x16ec wcifs - ok
12:12:48.0748 0x16ec Wcmsvc - ok
12:12:48.0748 0x16ec wcncsvc - ok
12:12:48.0763 0x16ec wcnfs - ok
12:12:48.0763 0x16ec WdBoot - ok
12:12:48.0763 0x16ec Wdf01000 - ok
12:12:48.0763 0x16ec WdFilter - ok
12:12:48.0763 0x16ec WdiServiceHost - ok
12:12:48.0763 0x16ec WdiSystemHost - ok
12:12:48.0779 0x16ec wdiwifi - ok
12:12:48.0779 0x16ec WdNisDrv - ok
12:12:48.0779 0x16ec WdNisSvc - ok
12:12:48.0779 0x16ec WebClient - ok
12:12:48.0779 0x16ec Wecsvc - ok
12:12:48.0779 0x16ec WEPHOSTSVC - ok
12:12:48.0794 0x16ec wercplsupport - ok
12:12:48.0794 0x16ec WerSvc - ok
12:12:48.0794 0x16ec WFPLWFS - ok
12:12:48.0794 0x16ec WiaRpc - ok
12:12:48.0794 0x16ec WIMMount - ok
12:12:48.0794 0x16ec WinDefend - ok
12:12:48.0810 0x16ec WindowsTrustedRT - ok
12:12:48.0810 0x16ec WindowsTrustedRTProxy - ok
12:12:48.0810 0x16ec WinHttpAutoProxySvc - ok
12:12:48.0810 0x16ec WinMad - ok
12:12:48.0826 0x16ec Winmgmt - ok
12:12:48.0826 0x16ec WinRM - ok
12:12:48.0826 0x16ec WINUSB - ok
12:12:48.0826 0x16ec WinVerbs - ok
12:12:48.0826 0x16ec wisvc - ok
12:12:48.0841 0x16ec WlanSvc - ok
12:12:48.0841 0x16ec wlidsvc - ok
12:12:48.0841 0x16ec WmiAcpi - ok
12:12:48.0841 0x16ec wmiApSrv - ok
12:12:48.0841 0x16ec WMPNetworkSvc - ok
12:12:48.0841 0x16ec Wof - ok
12:12:48.0857 0x16ec workfolderssvc - ok
12:12:48.0857 0x16ec WPDBusEnum - ok
12:12:48.0857 0x16ec WpdUpFltr - ok
12:12:48.0857 0x16ec WpnService - ok
12:12:48.0857 0x16ec WpnUserService - ok
12:12:48.0873 0x16ec ws2ifsl - ok
12:12:48.0873 0x16ec wscsvc - ok
12:12:48.0873 0x16ec WSearch - ok
12:12:48.0873 0x16ec wuauserv - ok
12:12:48.0873 0x16ec WudfPf - ok
12:12:48.0888 0x16ec WUDFRd - ok
12:12:48.0888 0x16ec wudfsvc - ok
12:12:48.0888 0x16ec WUDFWpdFs - ok
12:12:48.0888 0x16ec WUDFWpdMtp - ok
12:12:48.0888 0x16ec WwanSvc - ok
12:12:48.0888 0x16ec XblAuthManager - ok
12:12:48.0904 0x16ec XblGameSave - ok
12:12:48.0904 0x16ec xboxgip - ok
12:12:48.0904 0x16ec XboxNetApiSvc - ok
12:12:48.0904 0x16ec xinputhid - ok
12:12:48.0904 0x16ec ================ Scan global ===============================
12:12:48.0919 0x16ec [ Global ] - ok
12:12:48.0919 0x16ec ================ Scan MBR ==================================
12:12:48.0919 0x16ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:12:48.0966 0x16ec \Device\Harddisk0\DR0 - ok
12:12:48.0966 0x16ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:12:48.0998 0x16ec \Device\Harddisk1\DR1 - ok
12:12:48.0998 0x16ec ================ Scan VBR ==================================
12:12:48.0998 0x16ec [ C6B02068F7FA70E2CB1F1008DE35DBBB ] \Device\Harddisk0\DR0\Partition1
12:12:49.0013 0x16ec \Device\Harddisk0\DR0\Partition1 - ok
12:12:49.0013 0x16ec [ 7DE7055E050AFC274F06A6F356377253 ] \Device\Harddisk0\DR0\Partition2
12:12:49.0013 0x16ec \Device\Harddisk0\DR0\Partition2 - ok
12:12:49.0013 0x16ec [ 94E8C03F4FEB96E1BC4B9981D5DF282E ] \Device\Harddisk0\DR0\Partition3
12:12:49.0013 0x16ec \Device\Harddisk0\DR0\Partition3 - ok
12:12:49.0013 0x16ec [ 8D9B4F8A1EB8C7853C6ACDF5F1C3A70F ] \Device\Harddisk1\DR1\Partition1
12:12:49.0013 0x16ec \Device\Harddisk1\DR1\Partition1 - ok
12:12:49.0013 0x16ec [ A2237CDE1804A021EC0472F4845C8BE7 ] \Device\Harddisk1\DR1\Partition2
12:12:49.0013 0x16ec \Device\Harddisk1\DR1\Partition2 - ok
12:12:49.0013 0x16ec ================ Scan generic autorun ======================
12:12:49.0107 0x16ec [ B8E3F5B256CE5090D499A0824322288D, AFD5E2F60CF22CA457982406B646F80ECA219850E6EE066B15FB5159F5DF0D3B ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:12:49.0216 0x16ec RTHDVCPL - ok
12:12:49.0326 0x16ec [ 430FEA290AC80AB313D54AC5718219FB, 81254380E2C0E1AFEA0F447B6C19C2F2A7A87641CA81E2F55611E5E319730BFA ] C:\Program Files\Logitech Gaming Software\LCore.exe
12:12:49.0435 0x16ec Launch LCore - ok
12:12:49.0451 0x16ec ShadowPlay - ok
12:12:49.0451 0x16ec [ 8A7A87091274FA9BECFC94D02D4F250D, 1F84A37A85D844B9232DDA6D307DCEFAEAAF5484DCE121930A3937225C1E5BE7 ] E:\Razer\razerhid.exe
12:12:49.0451 0x16ec Lachesis - detected UnsignedFile.Multi.Generic ( 1 )
12:12:49.0670 0x16ec Detect skipped due to KSN trusted
12:12:49.0670 0x16ec Lachesis - ok
12:12:49.0748 0x16ec [ 1BD914390A9B15C1EA1F0A3607606A8A, 269F8000B3767CF3C174A1D0314242BD7D217CF72A4DE0C6DDAB9134AEF0B8AB ] C:\Program Files (x86)\OkayFreedom\Notifier.exe
12:12:49.0826 0x16ec OKAYFREEDOM Notifier - ok
12:12:49.0841 0x16ec OneDriveSetup - ok
12:12:49.0841 0x16ec OneDriveSetup - ok
12:12:49.0857 0x16ec [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Besitzer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:12:49.0873 0x16ec OneDrive - ok
12:12:49.0873 0x16ec Waiting for KSN requests completion. In queue: 53
12:12:50.0904 0x16ec AV detected via SS2: G DATA INTERNET SECURITY, E:\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
12:12:50.0904 0x16ec AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x62100 ( disabled : updated )
12:12:50.0904 0x16ec FW detected via SS2: G*DATA Personal Firewall, E:\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
12:12:50.0998 0x16ec ============================================================
12:12:50.0998 0x16ec Scan finished
12:12:50.0998 0x16ec ============================================================
12:12:50.0998 0x0a84 Detected object count: 0
12:12:50.0998 0x0a84 Actual detected object count: 0
Vielen Dank für eure Hilfe |
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Lesestoff:
AdwCleaner auf deinen Desktop.
