Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Plötzliches abstürzen und sehr langsames hochfahren

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 26.09.2015, 17:23   #1
Dahaiz
 
Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren



Hallo erstmal

Ich habe seit geraumer Zeit ein problem, mein Computer fährt z.B. bei dem Spiel Dead Island nach ca 15 Minuten Spielzeit einfach so ohne Vorwahrnung runter und gleich wieder hoch. Dieses Problem findet aber nicht nur bei diesem Spiel statt sonder war vorher auch bei ARK Survivel Evolved ebenfalls so, aber mittlerweile nicht mehr.
Mein Computer braucht zwar bis zum Benutzeranmelden nicht lange aber danach dauert es mindestens 5 Minuten und wird zunehmend langsamer.
Neu aufgesetzt habe ich meinen PC ca vor 3 Monaten.
Danach habe ich einen Stick eingesteckt wo von meinem Vater war und meine Bewerbungsunterlagen darauf sind, seitdem Spinnt mein PC extrem. Ich habe auch rausgefunden das auf dem Stick diverse Viren drauf sind, ich aber keine ahnung habe was genau. Ich weiss nur das diese Viren mein Anti Viren Programm auf dem PC entfernen und wenn ich es erneut dauf mache auch nicht finden.
Vor 2-3 Tagen habe ich Anti Malware Malwarebytes durchlaufen lassen sogar 2 mal, den 2. Bericht werde ich hier anhängen, den 1. habe ich leider nicht mehr.

Danke schonmal im Voraus

Liebe Grüsse Dahaiz




Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 24.09.2015
Suchlaufzeit: 19:24
Protokolldatei: ergebniss 1 malware.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.24.04
Rootkit-Datenbank: v2015.09.22.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Jana

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 360495
Abgelaufene Zeit: 13 Min., 6 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [07add063543773c39f35ac00b74b18e8],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [07add063543773c39f35ac00b74b18e8],

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 5
PUP.Optional.FreeSearches, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.freesearches.info_0.localstorage, In Quarantäne, [b40049ea7f0c73c3037d1a84dc288f71],
PUP.Optional.FreeSearches, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.freesearches.info_0.localstorage-journal, In Quarantäne, [f2c20b284a411026bcc4d8c6f50f3cc4],
PUP.Optional.ShoppingGate, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage, In Quarantäne, [f3c17fb438530a2c65f8f2cbf212c13f],
PUP.Optional.ShoppingGate, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal, In Quarantäne, [862ef73ce0ab79bd44195469ab59b14f],
PUP.Optional.BDYahoo, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Schlecht: ("session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"startup_urls":["hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com","chrome://apps/"],"urls_to_restore_on_startup":["hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com"]},"software_reporter":{"prompt_reason":0,"prompt_version":"3.20.1"},"sync":{"remaining_rollback_tries":0}}), Ersetzt,[3a7a49eabecdc96d4fd0bef81aebfb05]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Alt 26.09.2015, 18:11   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 26.09.2015, 20:29   #3
Dahaiz
 
Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren



FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Jana (Administrator) auf JANA-PC (26-09-2015 21:19:49)
Gestartet von E:\Spiele\Heartstone
Geladene Profile: Jana (Verfügbare Profile: Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Spotify Ltd) C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Valve Corporation) E:\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Akamai Technologies, Inc.) C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.101.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.101.0\OverwolfHelper64.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.101.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.101.0\OverwolfBrowser.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Electronic Arts, Inc.) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
(Electronic Arts) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\Core\EACoreServer.exe
(Valve Corporation) E:\Steam\GameOverlayUI.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_encoder_server-99265.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3458728 2015-07-01] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-08-19] (Overwolf LTD)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Spotify Web Helper] => C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1381648 2015-07-08] (Lavasoft)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Steam] => E:\Steam\steam.exe [2901184 2015-09-25] (Valve Corporation)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Spotify] => C:\Users\Jana\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\MountPoints2: {3d27645d-1b2a-11e5-a202-50e549c7b351} - H:\setup.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-05-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-08] (Lavasoft Limited)
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{77B9BB4B-F4DF-48C1-853E-CD7BA6B6E655}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = 
SearchScopes: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000 -> {4B9DED45-1079-4489-A15A-968B4B8257C8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\meut138p.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/-bfr-is__alt__ddc_dsssyc_bd_com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2193431405-2545998550-1313679102-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-14] ()
FF Extension: Adblock Plus - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\meut138p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-02]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com","chrome://apps/"
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]
CHR Extension: (Google Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-14]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-14]
CHR Extension: (Adblock Plus) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-25]
CHR Extension: (Google-Suche) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-14]
CHR Extension: (Google Tabellen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]
CHR Extension: (Night Time In New York City) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek [2015-07-17]
CHR Extension: (Little Alchemy) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-07-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24]
CHR Extension: (Google Mail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-09-15] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-08-20] (EasyAntiCheat Ltd)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751792 2015-07-08] (Lavasoft Limited)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1740968 2015-07-01] (Micro-Star INT'L CO., LTD.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-30] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1006320 2015-08-19] (Overwolf LTD)
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [13312 2015-07-08] () [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2015-02-25] (AVG Technologies)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
U2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-06-24] ()
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-01-13] (TuneUp Software)
S3 ALSysIO; \??\C:\Users\Jana\AppData\Local\Temp\ALSysIO64.sys [X]
S3 MSICDSetup; \??\G:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-26 21:19 - 2015-09-26 21:19 - 00000000 ____D C:\FRST
2015-09-26 17:29 - 2015-09-26 17:29 - 00000561 _____ C:\Windows\wmsetup.log
2015-09-26 16:52 - 2015-09-26 16:52 - 00000000 ____D C:\Users\Jana\Documents\DeadIsland
2015-09-25 04:25 - 2015-09-25 04:46 - 00000000 ____D C:\ProgramData\PopCap Games
2015-09-25 04:25 - 2015-09-25 04:25 - 00000200 _____ C:\Users\Jana\Desktop\Escape Rosecliff Island.url
2015-09-25 04:25 - 2015-09-25 04:25 - 00000000 ____D C:\Users\Jana\AppData\Roaming\SteamPopCapv1002
2015-09-24 19:38 - 2015-09-24 19:38 - 00002946 _____ C:\Users\Jana\Documents\ergebniss 1 malware.txt
2015-09-23 22:24 - 2015-09-23 22:24 - 00000000 ____D C:\Users\Jana\AppData\Local\Blizzard
2015-09-23 22:20 - 2015-09-23 22:24 - 00001159 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-09-23 22:20 - 2015-09-23 22:24 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-23 22:20 - 2015-09-23 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-09-23 22:18 - 2015-09-23 22:18 - 00001100 _____ C:\Users\Jana\Desktop\Battle.net.lnk
2015-09-23 22:17 - 2015-09-23 22:17 - 03056696 _____ (Blizzard Entertainment) C:\Users\Jana\Downloads\Hearthstone-Setup-deDE.exe
2015-09-21 12:52 - 2015-09-21 12:52 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-21 12:52 - 2015-09-21 12:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-21 12:52 - 2015-09-21 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-18 21:20 - 2015-09-18 21:20 - 00000000 ____D C:\Users\Jana\AppData\Local\Risen2
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.mono
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\Users\Jana\AppData\Local\I Am Bread
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\ProgramData\.mono
2015-09-17 20:59 - 2015-09-17 20:59 - 00000000 ____D C:\Users\Jana\AppData\Local\Risen
2015-09-15 16:57 - 2015-09-15 17:06 - 00000000 ____D C:\Users\Jana\Documents\DayZ
2015-09-14 20:43 - 2015-09-14 20:43 - 00000000 ____D C:\Users\Jana\Documents\The Witcher 3
2015-09-14 00:29 - 2015-09-14 20:48 - 00000000 ____D C:\Program Files (x86)\The Witcher 3 Wild Hunt
2015-09-13 20:13 - 2015-09-13 20:13 - 00000552 _____ C:\Windows\KB893803v2.log
2015-09-13 20:11 - 2015-09-14 20:48 - 00000000 ____D C:\Users\Public\Documents\Tauschen
2015-09-13 16:33 - 2015-09-14 23:19 - 00000000 ____D C:\Users\Jana\Documents\gothic3
2015-09-11 13:32 - 2015-09-11 13:32 - 00000000 ____D C:\ProgramData\Ubisoft
2015-09-10 20:53 - 2015-09-10 20:53 - 00000000 ____D C:\Users\Jana\AppData\Local\Blizzard Entertainment
2015-09-10 20:52 - 2015-09-26 17:04 - 00000000 ____D C:\Users\Jana\AppData\Local\Battle.net
2015-09-10 20:52 - 2015-09-25 20:34 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-10 20:52 - 2015-09-23 22:20 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Battle.net
2015-09-10 20:52 - 2015-09-10 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-09-10 20:51 - 2015-09-10 20:52 - 00000000 ____D C:\ProgramData\Battle.net
2015-09-04 20:09 - 2015-09-04 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 15:00 - 2015-09-03 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-03 15:00 - 2015-09-03 15:00 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-08-28 00:38 - 2015-08-28 00:38 - 00000000 ____D C:\Users\Jana\AppData\Local\The Witcher 2

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-26 21:20 - 2015-05-14 14:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-26 20:57 - 2015-05-14 12:54 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2015-09-26 20:55 - 2015-06-26 10:41 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-26 19:05 - 2015-05-20 16:29 - 00000000 ____D C:\Users\Jana\Documents\My Games
2015-09-26 18:55 - 2015-05-13 21:44 - 00000000 ____D C:\Users\Jana\AppData\Local\VirtualStore
2015-09-26 18:54 - 2015-05-14 14:05 - 00619802 _____ C:\Windows\DirectX.log
2015-09-26 18:16 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-09-26 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-26 18:07 - 2009-07-14 06:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-26 18:07 - 2009-07-14 06:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-26 18:03 - 2015-05-13 21:39 - 02013567 _____ C:\Windows\WindowsUpdate.log
2015-09-26 18:02 - 2015-06-26 10:44 - 00000000 ___RD C:\Users\Jana\Dropbox
2015-09-26 18:02 - 2015-06-26 10:41 - 00000000 ____D C:\Users\Jana\AppData\Local\Dropbox
2015-09-26 18:01 - 2015-05-14 12:04 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Raptr
2015-09-26 17:58 - 2015-05-14 13:03 - 00000000 ____D C:\Users\Jana\AppData\Local\Overwolf
2015-09-26 17:57 - 2015-05-21 15:01 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Spotify
2015-09-26 17:56 - 2009-07-14 06:51 - 00059327 _____ C:\Windows\setupact.log
2015-09-26 17:55 - 2015-06-26 10:41 - 00001206 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-26 17:55 - 2015-05-21 15:02 - 00000000 ____D C:\Users\Jana\AppData\Local\Spotify
2015-09-26 17:54 - 2015-06-30 18:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-26 17:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-26 17:18 - 2015-05-13 21:44 - 00000000 ____D C:\Users\Jana
2015-09-26 14:52 - 2015-05-24 16:53 - 00000000 ____D C:\Users\Jana\AppData\Local\CrashDumps
2015-09-24 19:24 - 2015-08-25 13:09 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-23 22:15 - 2015-05-24 17:44 - 00000024 _____ C:\Users\Jana\AppData\Roaming\appdataFr25.bin
2015-09-23 20:25 - 2015-08-03 13:56 - 00000000 ____D C:\Users\Jana\AppData\Local\Akamai
2015-09-23 17:27 - 2015-06-24 18:09 - 00000000 ____D C:\Users\Jana\Documents\Electronic Arts
2015-09-23 17:20 - 2015-08-11 19:20 - 18819272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-09-23 17:20 - 2015-05-14 14:16 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-23 17:20 - 2015-05-14 14:16 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-23 17:20 - 2015-05-14 14:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 13:11 - 2015-06-03 13:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-21 13:10 - 2015-06-03 13:27 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-21 12:52 - 2015-05-14 12:54 - 00000000 ____D C:\ProgramData\Skype
2015-09-18 12:15 - 2015-06-30 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-18 12:15 - 2015-06-30 18:29 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-09-18 12:15 - 2015-06-30 18:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-14 20:47 - 2015-05-20 16:14 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-13 16:33 - 2015-07-01 10:42 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-11 13:41 - 2015-08-13 21:48 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Ubisoft
2015-09-10 02:33 - 2015-05-14 18:14 - 00000000 ____D C:\Users\Jana\AppData\Roaming\OBS
2015-09-09 17:50 - 2015-05-23 19:47 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.technic
2015-09-09 17:50 - 2015-05-23 19:46 - 04718800 _____ () C:\Users\Jana\Downloads\TechnicLauncher (2).exe
2015-09-05 05:50 - 2010-11-21 05:47 - 00946340 _____ C:\Windows\PFRO.log
2015-09-04 20:09 - 2015-06-26 10:41 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-02 10:50 - 2015-05-20 13:17 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.minecraft
2015-08-31 08:56 - 2015-05-14 13:03 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-08-27 19:26 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-21 14:30 - 2015-07-01 22:13 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-07-21 12:01 - 2015-08-08 13:11 - 0000020 _____ () C:\Users\Jana\AppData\Roaming\appdataFr2.bin
2015-05-24 17:44 - 2015-09-23 22:15 - 0000024 _____ () C:\Users\Jana\AppData\Roaming\appdataFr25.bin
2015-06-10 23:55 - 2015-08-25 00:55 - 0000245 _____ () C:\Users\Jana\AppData\Roaming\WB.CFG
2015-06-11 22:12 - 2015-06-11 22:12 - 0004981 _____ () C:\Users\Jana\AppData\Local\recently-used.xbel
2015-05-23 13:11 - 2015-05-23 13:12 - 0000000 _____ () C:\Users\Jana\AppData\Local\{B3CC0DD3-C94B-4AB2-8AE9-52BE8A34A777}
2015-05-22 16:10 - 2015-05-22 16:12 - 0000000 _____ () C:\Users\Jana\AppData\Local\{D4FE8BB4-D3BB-4CD1-8236-C9420B284809}

Einige Dateien in TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\11623b5826b25220f93ee9b2ca33e05c.dll
C:\Users\Jana\AppData\Local\Temp\31d6e07d87ca5eaf6b2447c07a6c1365.dll
C:\Users\Jana\AppData\Local\Temp\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe
C:\Users\Jana\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Jana\AppData\Local\Temp\AutoWifi.exe
C:\Users\Jana\AppData\Local\Temp\bdfilters.dll
C:\Users\Jana\AppData\Local\Temp\c9193eb49b719ceb9919577892aeb67e.dll
C:\Users\Jana\AppData\Local\Temp\C974.exe
C:\Users\Jana\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll
C:\Users\Jana\AppData\Local\Temp\devcon64.exe
C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplnxeij.dll
C:\Users\Jana\AppData\Local\Temp\InstallIMVU_518.0.exe
C:\Users\Jana\AppData\Local\Temp\InstStub.exe
C:\Users\Jana\AppData\Local\Temp\OnlineBackup.exe
C:\Users\Jana\AppData\Local\Temp\raptrpatch.exe
C:\Users\Jana\AppData\Local\Temp\raptr_stub.exe
C:\Users\Jana\AppData\Local\Temp\Second_Life_3_8_1_303130_i686_Setup.exe
C:\Users\Jana\AppData\Local\Temp\setacl.exe
C:\Users\Jana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jana\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Jana\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-23 18:12

==================== Ende von FRST.txt ============================
         


Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von Jana (2015-09-26 21:20:45)
Gestartet von E:\Spiele\Heartstone
Windows 7 Home Premium Service Pack 1 (X64) (2015-05-13 19:44:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2193431405-2545998550-1313679102-500 - Administrator - Disabled)
Gast (S-1-5-21-2193431405-2545998550-1313679102-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2193431405-2545998550-1313679102-1003 - Limited - Enabled)
Jana (S-1-5-21-2193431405-2545998550-1313679102-1000 - Administrator - Enabled) => C:\Users\Jana

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version:  - Gameforge)
Akamai NetSession Interface (HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version:  - Spicy Horse Games)
AllCheappPPrice (HKLM-x32\...\{5A1D3F9E-73B5-95EC-1233-6646E1358965}) (Version:  - "") <==== ACHTUNG
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ARK Dev Kit (HKLM-x32\...\Steam App 376040) (Version:  - )
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Assassin's Creed (HKLM-x32\...\Steam App 15100) (Version:  - Ubisoft Montreal)
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.403 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.3.0.834 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version:  - )
Browser-Security (HKLM-x32\...\Browser-Security) (Version: 1.0.5.0 - )
CABAL2 (US) (HKLM-x32\...\CABAL2US) (Version:  - ESTsoft Corp.)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version:  - )
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Echo of Soul (HKLM-x32\...\Echo of Soul) (Version:  - )
Escape Rosecliff Island (HKLM-x32\...\Steam App 3600) (Version:  - SpinTop Games)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.118 - Etron Technology) Hidden
Evolve (HKLM-x32\...\Steam App 273350) (Version:  - Turtle Rock Studios)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Free YouTube to MP3 Converter version 3.12.59.616 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.616 - DVDVideoSoft Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google SketchUp 8 (HKLM-x32\...\{4BA6784F-3B10-473A-B9F5-33A36AC354D5}) (Version: 3.0.14358 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version:  - Piranha – Bytes)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
I am Bread (HKLM-x32\...\Steam App 327890) (Version:  - Bossa Studios)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Let the Cat In (HKLM-x32\...\Steam App 369400) (Version:  - Eforb)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 3.0.0.12 - MSI)
MSI Kombustor 2.5.9 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.024 - MSI)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.88.101.0 - Overwolf Ltd.)
PiriceaMinus (HKLM-x32\...\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}) (Version:  - ) <==== ACHTUNG
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Risen (HKLM-x32\...\Steam App 40300) (Version:  - Piranha – Bytes)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version:  - Piranha Bytes)
RoboSaovverr (HKLM-x32\...\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}) (Version:  - "") <==== ACHTUNG
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{98C7FE3F-886C-49FA-9C02-915B0EA801A8}) (Version: 6.1.6.0 - Husdawg, LLC)
TakeTHeCoupon (HKLM-x32\...\{53B21E29-3967-C332-57EB-C02631658584}) (Version:  - "") <==== ACHTUNG
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD PROJEKT RED)
The Witcher 3 Wild Hunt Collectors Edition Incl. Free DLCs and Updates MULTi2 1.08.2 (HKLM-x32\...\The Witcher 3 Wild Hunt Collectors Edition Incl. Free DLCs and Updates MULTi2 1.08.2) (Version:  - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Web Companion (HKLM-x32\...\{ae2078b5-ce58-4d47-b250-faf4b0cb78ec}) (Version: 2.0.1025.2130 - Lavasoft)
WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 4.0.0.12911 - Blizzard Entertainment)
XSplit Gamecaster (HKLM-x32\...\{7CBDC2CD-F5C7-4DD3-91C8-1E4D68924955}) (Version: 1.9.1409.2308 - SplitmediaLabs)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

26-09-2015 16:50:18 DirectX wurde installiert
26-09-2015 17:25:38 DirectX wurde installiert
26-09-2015 18:53:04 DirectX wurde installiert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-09-03 15:00 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1	mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {25A0EAB8-D533-4E42-BE35-006FB2F26DE3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-08-19] (Overwolf LTD)
Task: {3101F612-F237-451F-98A9-458DD9FDAA95} - \LaunchPreSignup -> Keine Datei <==== ACHTUNG
Task: {437C0C8E-100A-4328-A9BC-43B7D86B72E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-23] (Adobe Systems Incorporated)
Task: {95AEECC6-3364-42DC-AA87-E1EBEB11BCFB} - \Super Optimizer Schedule -> Keine Datei <==== ACHTUNG
Task: {9FCB676D-4770-4E37-B6DA-C80B1EE0283C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {AE129BCF-2B12-4C32-9E89-496F1297E482} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-02-25] (AVG Technologies)
Task: {AEE05D79-254E-4FD4-88C3-721325ECB64D} - \Dregol mimi -> Keine Datei <==== ACHTUNG
Task: {E0341E57-D2C8-4335-8D7C-37F2A4BCBEB2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-06-30 18:28 - 2015-02-05 21:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-17 22:23 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2015-08-19 15:51 - 2015-08-19 15:51 - 00025600 _____ () C:\Program Files (x86)\Overwolf\0.88.101.0\CoreAudioApi.dll
2015-08-19 15:51 - 2015-08-19 15:51 - 40555008 _____ () C:\Program Files (x86)\Overwolf\0.88.101.0\libcef.DLL
2015-07-08 21:41 - 2015-07-08 21:41 - 00072192 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00178176 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00040448 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00026624 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00009216 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00117248 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00032768 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2015-07-28 12:20 - 2015-09-21 22:01 - 00778240 _____ () E:\Steam\SDL2.dll
2015-07-28 12:20 - 2015-07-03 18:12 - 04962816 _____ () E:\Steam\v8.dll
2015-07-28 12:20 - 2015-07-03 18:12 - 01556992 _____ () E:\Steam\icui18n.dll
2015-07-28 12:20 - 2015-07-03 18:12 - 01187840 _____ () E:\Steam\icuuc.dll
2015-07-28 12:20 - 2015-09-25 01:36 - 02422464 _____ () E:\Steam\video.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 02549248 _____ () E:\Steam\libavcodec-56.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 00442880 _____ () E:\Steam\libavutil-54.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 00491008 _____ () E:\Steam\libavformat-56.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 00332800 _____ () E:\Steam\libavresample-2.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 00485888 _____ () E:\Steam\libswscale-3.dll
2015-07-28 12:20 - 2015-09-25 01:36 - 00704192 _____ () E:\Steam\bin\chromehtml.DLL
2015-07-28 12:19 - 2015-09-14 22:20 - 00193536 _____ () E:\Steam\bin\openvr_api.dll
2015-09-26 18:01 - 2015-09-26 18:01 - 00071168 _____ () c:\users\jana\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplnxeij.dll
2015-06-26 10:42 - 2015-08-05 07:26 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-26 10:42 - 2015-08-05 07:26 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 02:25 - 2015-08-05 07:26 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-26 10:42 - 2015-08-05 07:26 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 44931464 _____ () E:\Steam\bin\libcef.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2015-07-27 21:32 - 2015-07-27 21:32 - 02551040 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2014-08-14 02:37 - 2014-08-14 02:37 - 00027667 _____ () C:\Program Files (x86)\Raptr\plugins\audio_output\libdirectsound_plugin.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 00031251 _____ () C:\Program Files (x86)\Raptr\plugins\audio_output\libwaveout_plugin.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 00066579 _____ () C:\Program Files (x86)\Raptr\plugins\video_output\libdirectdraw_plugin.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-07-28 12:19 - 2015-09-25 01:56 - 00119208 _____ () E:\Steam\winh264.dll
2015-08-19 15:51 - 2015-08-19 15:51 - 00985088 _____ () C:\Program Files (x86)\Overwolf\0.88.101.0\ffmpegsumo.dll
2015-09-23 17:20 - 2015-09-23 17:20 - 17592008 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\webcompanion.com -> hxxp://webcompanion.com


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{8488A973-F327-46B3-AE83-296FEF9D5C20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD97A397-D4A7-4B2F-B72E-472CF50487E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ECF711A8-A6D5-4E2D-AB3A-CD33A3569D3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6B3AECC0-5C83-4ADE-BB3C-5FA32E66E039}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BAE0F400-ACDC-484D-BB73-960132C999DD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6C4CFF03-0F38-455A-BD2F-DB1A8B9D9255}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1F69BC31-C8FA-44D9-BB0C-FF381624F5F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{B9FF4890-4943-4E08-9E02-C4A1C4756580}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [TCP Query User{01167885-7FD9-43B7-8B75-01ACA8A7F318}C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [UDP Query User{247B46F5-C2EC-431C-A4A5-F5A86E20CAB8}C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{CC3FA7D3-6B9B-4C6D-A025-7DB49058DC0E}] => (Block) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{D71EBBEE-203C-4334-962C-984725CA0758}] => (Block) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{CF47FEFA-151B-4E05-A262-01851BE2735E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 3\tropico3.exe
FirewallRules: [{161D38A3-74A8-467D-BFB0-47132AB77D76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 3\tropico3.exe
FirewallRules: [{2FB96A09-864B-44C8-A6D6-0CA890DA85D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{EB6B0B3A-2371-4E47-B866-B1397EE1E7C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [TCP Query User{A4AE4492-34B8-4431-B054-6320F1E0F3DA}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2300C7B1-82C0-44BC-9BD3-172CCF0475FD}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{F10322C8-BA1D-475E-8B06-C1EB845F9B62}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{F2311507-7BE3-45EF-BF71-E870B070B36A}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{D8BB5BA7-1BF6-480F-995A-CD52729C6B16}C:\users\jana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{99D4B6C0-CD45-467B-8C8D-EC04A0C23075}C:\users\jana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jana\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{BE4B09A4-8A88-406F-9509-6BE474E67A32}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{6810985C-6B95-44C9-80CB-17CEE67F257D}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [{81E4A913-0343-4CD6-8431-2B13AD739D35}] => (Allow) C:\Users\Jana\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{C1E81C9E-C745-46BC-B12D-E3571FC2104A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{CEB4B246-0461-4915-AA39-CFFAF2664660}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{DDE24903-ADD7-4FB2-BEE0-12214968708E}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{9DA7C4F2-E2BA-4EF4-8906-123BD2529E62}C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{4061F835-7C0B-46EF-9951-47ADDC83EC3F}C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{20836AF1-54D7-4228-8A49-B45081A3DD34}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1DF1D83D-D8CD-4AEA-9ADA-DC79A39E99DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{51FF9908-CDB0-41FB-8B8B-6D271A50BE0A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E5CDE8C7-B5A3-4518-B38B-EEE4E7F76E1B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{63390C09-E196-4A45-A716-BC53CEA7EAC0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4C984F52-36F5-4364-A029-F61810B0B21F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C9A8F0F9-3C0F-4E61-B6D7-8173233C3D6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{04DA3E49-C184-4A0E-98D3-793D8A56B827}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCDCE570-86B8-4F32-8D05-51A67B439E38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9C392E3B-2BB3-4F86-A139-4224FAF3AD54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{349F5141-A798-4960-BE18-CDD2EE10A415}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{8CE5416A-8ACF-4299-ADDC-E50300B41799}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [{F29084E8-83EB-4026-BEC1-6F2EC78A2AD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{AA5DFA12-F9DF-489A-9F6C-E2AE384AF9F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{77FD7116-9F42-4A02-8EFB-D79A6A6B86DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{24D2F823-8373-43D5-9925-E1E333ABD1E3}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{847BF85F-457F-473F-96C8-18E080CF9F51}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{0DD6C5B6-26DE-4931-984A-990E671FB57B}] => (Allow) E:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{CBB37F2B-26C4-49A2-8340-6433524944F9}] => (Allow) E:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{CC7FDBC0-6C80-4B2C-B5F3-E164E544890E}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{26E5918E-FF5B-4278-BA72-44B37656DB06}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{C78193C2-58BB-45F6-A7E1-88BBA4454A06}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A92CE14A-932D-4CDE-B6BA-F8A0F28E90AC}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{960A6807-B3BE-45CE-9BCB-EFE05C0F6967}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F33B44C7-E0D5-49E3-837C-2B1CACF05CA4}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{60FF84CC-FDFB-420E-8CDF-69944F8040D5}] => (Allow) E:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{4F867B56-435A-4A05-A7CB-3B2FC4F7BB19}] => (Allow) E:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{9B4E4EC2-1058-471E-82A9-0DA7C4BA2D98}C:\users\jana\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jana\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{3B2C8059-AB49-4046-8FEB-8656841448BD}C:\users\jana\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jana\appdata\local\akamai\netsession_win.exe
FirewallRules: [{26F7D56C-22AF-4C56-A8C8-8EB6E269D832}] => (Allow) E:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{3EFE8283-1007-4C96-8268-1052689D40BA}] => (Allow) E:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{CDEFF3B3-1957-42BA-9788-83BA3CAA41E3}E:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) E:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{A9E7DB70-3642-43B9-9628-C97A607E6340}E:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) E:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{6F8C118E-95AA-4955-B248-D54513BC1B84}] => (Allow) E:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{6D72F81C-9AC0-44A8-8211-D9EE53EBF694}] => (Allow) E:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{8381A7F0-F668-46ED-8F97-D60AE664AA4E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{76FF1BD1-8D94-418E-BF7B-1F57FF3E9B4B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{FF444B21-EB65-47E0-92D0-1F6347209303}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{A1BB3872-6EDE-4DCA-A2A6-ED680C25E4D9}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{79753295-1DC4-48E7-8C1D-E168C094C1FF}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{76C4464E-456E-4389-8894-CEEC64D68DA5}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{5D845B3E-3984-4FAC-9A6D-C11B63590F10}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{ADCEAAD1-68C9-4780-BF76-8433DC733CDF}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{86B4022C-CA53-4476-8EA7-129C355C9E02}] => (Allow) E:\Spiele\FarCry 4\bin\FarCry4.exe
FirewallRules: [{DEE9FE1E-10A7-448E-BB33-BF30A47C6177}] => (Allow) E:\Spiele\FarCry 4\bin\FarCry4.exe
FirewallRules: [{4C48AC4F-28E4-4B58-8686-7A9ECC69EE90}] => (Allow) E:\Spiele\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{07BA8CC6-C3BF-458E-AAB8-498776D0B853}] => (Allow) E:\Spiele\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{BF25CB90-38DE-4A0E-908B-0ADB8A9B5146}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{40E94111-45E9-48C1-837C-5B810AA7A72A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{34A42307-CA4D-4DAE-81C2-816598F71B71}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AA293453-93A2-4DD9-A80D-E3E43A5BE11F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B5E33E4A-CC0A-4C2E-B350-55BFFFCEC688}] => (Allow) E:\Spiele\World of Warcraft\Launcher.exe
FirewallRules: [{AF460A19-4C0D-4005-9D04-DCFFF3B51DF8}] => (Allow) E:\Spiele\World of Warcraft\Launcher.exe
FirewallRules: [{0364FC8E-F191-4BFB-8D56-6C2F34CC3B88}] => (Allow) E:\Spiele\World of Warcraft\Launcher.patch.exe
FirewallRules: [{3B6FCA10-795D-4225-9F57-FBE66E8596D8}] => (Allow) E:\Spiele\World of Warcraft\Launcher.patch.exe
FirewallRules: [TCP Query User{4085BFDA-A0FB-449E-AD16-3CEEBC63B349}E:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Block) E:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [UDP Query User{921AA088-D935-4680-9222-060537D6627A}E:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Block) E:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [TCP Query User{EDAF84A6-8E50-44B1-A084-8B1A36296398}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{66E777C5-A3BC-4CFF-8BC8-CDA34F6A7FC1}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [TCP Query User{2DA351B0-938B-43DD-9A68-C75A9071D275}C:\users\jana\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jana\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D8D9F315-30C3-43B5-B721-7CF0ED1203D4}C:\users\jana\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jana\appdata\local\akamai\netsession_win.exe
FirewallRules: [{5DF8E7D1-87D4-41A5-B9BB-A91024E78CF6}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{B2D2E91B-B442-4908-A80E-CA5B70BF434B}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{92B63195-6AE6-4B90-B823-E37F6DA29509}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{9A8F5DE4-8297-4B33-92F4-E60A6AA5B881}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [TCP Query User{20DB8347-1E9C-4525-96C9-F95C434A937B}E:\spiele\cabal2 (us)\c2launcher.exe] => (Allow) E:\spiele\cabal2 (us)\c2launcher.exe
FirewallRules: [UDP Query User{4F15F78E-1873-4AEA-859A-573836E3538F}E:\spiele\cabal2 (us)\c2launcher.exe] => (Allow) E:\spiele\cabal2 (us)\c2launcher.exe
FirewallRules: [TCP Query User{111B6D20-3A57-402B-9BF8-83B783AB0698}C:\users\jana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DA4D875B-6944-45C1-9327-1B8BE37A6FF0}C:\users\jana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jana\appdata\roaming\spotify\spotify.exe
FirewallRules: [{77095D7C-A256-49D6-B9E0-EB203FEF5D6C}] => (Allow) E:\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{17E6E3A0-F04C-48BE-89AD-4B9A6434BEB0}] => (Allow) E:\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{FE34345F-0C2C-4A86-818A-5BC167128A15}] => (Allow) E:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{8F128984-286C-45A6-A150-28696E0E3A78}] => (Allow) E:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{95AEACB0-363F-4D77-A4B0-B6ECA8B1471F}E:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{5B142AA5-B930-459B-81C4-95E2C544A945}E:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{F72F6A48-72E7-4A5C-A688-EEEEA415ED74}C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{C8F7DDBC-15FB-43B6-A084-5BCF8E31BBAB}C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{50C5A1C6-F871-4352-B278-D291CF05DB4B}C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe
FirewallRules: [UDP Query User{7FFB03F7-C0E8-4C9B-91AE-E6AF34B271A4}C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe
FirewallRules: [{36318557-453B-43CC-B50B-1E703A5F1F48}] => (Allow) E:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{BFBBD722-9E1C-4B87-BB8C-BCCB5E7ED152}] => (Allow) E:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{C2F199C9-3C6F-4772-AA5A-685BD084DD20}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{A86A1DB7-BF6F-44DB-9508-5F7D1E1EE0FF}] => (Allow) E:\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{345BFB72-74C5-4C2C-B7B1-A795D351CE5C}] => (Allow) E:\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{C6E699CE-8139-46EC-B0DE-4A6118C3DFE1}] => (Allow) E:\Steam\steamapps\common\Gothic 3\Gothic3.exe
FirewallRules: [{0A577E64-ECC9-4A57-8214-FCF507B98DEE}] => (Allow) E:\Steam\steamapps\common\Gothic 3\Gothic3.exe
FirewallRules: [{B51D46EF-2335-46C7-867D-14DCC86E9C2A}] => (Allow) E:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{C06128B5-0874-438F-B244-5ABD571E0569}] => (Allow) E:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{64ED7D3E-5C54-4954-9D20-EEE76C57D992}] => (Allow) E:\Steam\steamapps\common\Let the Cat In\ltci_win.exe
FirewallRules: [{ACD1621F-8291-4E4C-93B4-FD660E9BE969}] => (Allow) E:\Steam\steamapps\common\Let the Cat In\ltci_win.exe
FirewallRules: [{5B3D1398-6EFB-4276-8957-F2FBBC5BD2B5}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{05ECEC53-88AD-4B65-A181-B07518236CFF}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{AEA64247-B303-4E47-9047-D33EEC62C08B}E:\steam\steamapps\common\dayz\dayz.exe] => (Block) E:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{2FD5F955-5BDD-4AC4-8C91-4210CF575FD9}E:\steam\steamapps\common\dayz\dayz.exe] => (Block) E:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{316B83AA-0633-4E99-8BF5-CE8F8B2B7F82}] => (Allow) E:\Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{9703F0EC-4492-4653-B37A-537E96F3FBD0}] => (Allow) E:\Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{55DCE7D0-E61A-4639-B848-BC1AD793D545}] => (Allow) E:\Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{157500BC-8EE0-4C43-BBC2-6770DEBEE014}] => (Allow) E:\Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{5F1CA52C-FE84-4B4E-AC73-6E29ECDEBDDA}] => (Allow) E:\Steam\steamapps\common\iambread\IamBread.exe
FirewallRules: [{59580046-B670-46CF-B176-FF3F9882E736}] => (Allow) E:\Steam\steamapps\common\iambread\IamBread.exe
FirewallRules: [{D935034A-7458-432D-9C46-0C2CD3198771}] => (Allow) E:\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{90148E15-26BD-470F-8A1B-4B7571A7B9F3}] => (Allow) E:\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{6443E3F4-2E78-472B-98BF-52B8CFE44AD6}E:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) E:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{86E96FC5-F070-4026-8B73-A6203B80FD5E}E:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) E:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{DF253B4C-4F3B-4DD0-A8C9-9F6EB925E5C2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D523A3BB-8AB7-4C09-A4BE-4E606FF48E1C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FEC042B1-A2F0-4C5D-933D-9E2E1C791335}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0837DE15-B060-4137-942C-4AA52AD10752}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CFB311C1-029A-40AB-8340-BE049658886E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{94B5C72C-881F-46F9-AF5A-D8B0C703E88A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E7BD7A2A-1E47-4518-A55F-430543480C10}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{79FDA872-F3E9-4ECF-BF1C-517B9CE8E6E0}] => (Allow) E:\Steam\steamapps\common\Escape Rosecliff Island\EscapeRosecliffIsland.exe
FirewallRules: [{930F4E29-D5FD-4242-8890-20970C44AE41}] => (Allow) E:\Steam\steamapps\common\Escape Rosecliff Island\EscapeRosecliffIsland.exe
FirewallRules: [{47436092-66B6-4C8A-AFEB-FB73B96BEA6A}] => (Allow) E:\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{7B10BBF8-7B3A-4F88-9F5B-FE6B70071D1E}] => (Allow) E:\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{7A5FDE66-FFF3-4C50-B899-93BCC4901690}] => (Allow) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{00E016C8-683D-422F-A602-CAE497AE6E5C}] => (Allow) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{BBD9DB68-2487-4384-BD40-E2C940D48DAB}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{9A433AA4-CE33-48CE-883C-C30B007FC8A4}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{12524152-A7CD-4BD3-8DC0-DC6BD63FADF2}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{C32C1267-5A6C-4191-8729-311B6A929FC7}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{3B035A69-0703-494D-AD54-804D79A86927}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{D7051E2F-4264-4F79-AAE7-417240FEF685}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: WAN-Miniport (PPPOE)
Description: WAN-Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN-Miniport (PPTP)
Description: WAN-Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/26/2015 06:03:56 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt

Error: (09/26/2015 06:03:56 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

Error: (09/26/2015 06:00:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/26/2015 05:28:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt

Error: (09/26/2015 05:28:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

Error: (09/26/2015 05:24:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/26/2015 02:51:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Crysis2.exe, Version: 1.9.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556363bc
Ausnahmecode: 0x40010006
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x209c
Startzeit der fehlerhaften Anwendung: 0xCrysis2.exe0
Pfad der fehlerhaften Anwendung: Crysis2.exe1
Pfad des fehlerhaften Moduls: Crysis2.exe2
Berichtskennung: Crysis2.exe3

Error: (09/26/2015 02:05:15 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (09/26/2015 01:34:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt

Error: (09/26/2015 01:34:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig


Systemfehler:
=============
Error: (09/26/2015 05:59:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/26/2015 05:57:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG PC TuneUp Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/26/2015 05:57:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVG PC TuneUp Service erreicht.

Error: (09/26/2015 05:56:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IE Search Set" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/26/2015 05:56:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst IE Search Set erreicht.

Error: (09/26/2015 05:55:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NVIDIA Network Service erreicht.

Error: (09/26/2015 05:54:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎26.‎09.‎2015 um 17:52:31 unerwartet heruntergefahren.

Error: (09/26/2015 05:25:22 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (09/26/2015 05:22:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/26/2015 05:20:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AVG PC TuneUp Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 16301.12 MB
Verfügbarer physikalischer RAM: 11544.63 MB
Summe virtueller Speicher: 32600.44 MB
Verfügbarer virtueller Speicher: 26508.39 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:227.1 GB) (Free:50.06 GB) NTFS
Drive d: () (Fixed) (Total:232.88 GB) (Free:232.52 GB) NTFS
Drive e: () (Fixed) (Total:698.63 GB) (Free:419 GB) NTFS
Drive f: (BOOTCAMP) (Fixed) (Total:5.68 GB) (Free:2.04 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: EF84348A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=227.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=5.7 GB) - (Type=0B)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 64069762)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F20F790F)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 27.09.2015, 13:52   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    AllCheappPPrice

    PiriceaMinus

    RoboSaovverr

    TakeTHeCoupon



  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.09.2015, 16:38   #5
Dahaiz
 
Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.09.27.04
  rootkit: v2015.09.22.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
Jana :: JANA-PC [administrator]

27.09.2015 16:59:11
mbar-log-2015-09-27 (16-59-11).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 362384
Time elapsed: 23 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
17:30:15.0122 0x2104  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:30:26.0505 0x2104  ============================================================
17:30:26.0505 0x2104  Current date / time: 2015/09/27 17:30:26.0505
17:30:26.0505 0x2104  SystemInfo:
17:30:26.0505 0x2104  
17:30:26.0505 0x2104  OS Version: 6.1.7601 ServicePack: 1.0
17:30:26.0505 0x2104  Product type: Workstation
17:30:26.0505 0x2104  ComputerName: JANA-PC
17:30:26.0505 0x2104  UserName: Jana
17:30:26.0505 0x2104  Windows directory: C:\Windows
17:30:26.0505 0x2104  System windows directory: C:\Windows
17:30:26.0505 0x2104  Running under WOW64
17:30:26.0505 0x2104  Processor architecture: Intel x64
17:30:26.0505 0x2104  Number of processors: 4
17:30:26.0505 0x2104  Page size: 0x1000
17:30:26.0505 0x2104  Boot type: Normal boot
17:30:26.0505 0x2104  ============================================================
17:30:28.0275 0x2104  KLMD registered as C:\Windows\system32\drivers\54904134.sys
17:30:28.0515 0x2104  System UUID: {AEF82811-9F6E-920C-E243-F6DB6F898275}
17:30:28.0865 0x2104  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:30:29.0153 0x2104  Drive \Device\Harddisk2\DR2 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x17A85, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:30:29.0172 0x2104  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:30:29.0185 0x2104  ============================================================
17:30:29.0185 0x2104  \Device\Harddisk0\DR0:
17:30:29.0185 0x2104  MBR partitions:
17:30:29.0185 0x2104  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:30:29.0185 0x2104  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1C632000
17:30:29.0186 0x2104  \Device\Harddisk0\DR0\Partition3: MBR, Type 0xB, StartLBA 0x1C664800, BlocksNum 0xB61000
17:30:29.0186 0x2104  \Device\Harddisk2\DR2:
17:30:29.0186 0x2104  MBR partitions:
17:30:29.0186 0x2104  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
17:30:29.0186 0x2104  \Device\Harddisk1\DR1:
17:30:29.0186 0x2104  MBR partitions:
17:30:29.0186 0x2104  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
17:30:29.0186 0x2104  ============================================================
17:30:29.0209 0x2104  C: <-> \Device\Harddisk0\DR0\Partition2
17:30:29.0214 0x2104  D: <-> \Device\Harddisk1\DR1\Partition1
17:30:29.0245 0x2104  E: <-> \Device\Harddisk2\DR2\Partition1
17:30:29.0276 0x2104  F: <-> \Device\Harddisk0\DR0\Partition3
17:30:29.0276 0x2104  ============================================================
17:30:29.0276 0x2104  Initialize success
17:30:29.0276 0x2104  ============================================================
17:30:41.0248 0x23a8  ============================================================
17:30:41.0248 0x23a8  Scan started
17:30:41.0248 0x23a8  Mode: Manual; SigCheck; TDLFS; 
17:30:41.0248 0x23a8  ============================================================
17:30:41.0248 0x23a8  KSN ping started
17:30:43.0605 0x23a8  KSN ping finished: true
17:30:44.0757 0x23a8  ================ Scan system memory ========================
17:30:44.0757 0x23a8  System memory - ok
17:30:44.0758 0x23a8  ================ Scan services =============================
17:30:44.0928 0x23a8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
17:30:44.0985 0x23a8  1394ohci - ok
17:30:45.0012 0x23a8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:30:45.0023 0x23a8  ACPI - ok
17:30:45.0039 0x23a8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:30:45.0065 0x23a8  AcpiPmi - ok
17:30:45.0198 0x23a8  [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:30:45.0214 0x23a8  AdobeFlashPlayerUpdateSvc - ok
17:30:45.0282 0x23a8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:30:45.0306 0x23a8  adp94xx - ok
17:30:45.0339 0x23a8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:30:45.0354 0x23a8  adpahci - ok
17:30:45.0383 0x23a8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:30:45.0394 0x23a8  adpu320 - ok
17:30:45.0418 0x23a8  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:30:45.0451 0x23a8  AeLookupSvc - ok
17:30:45.0538 0x23a8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
17:30:45.0591 0x23a8  AFD - ok
17:30:45.0638 0x23a8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:30:45.0650 0x23a8  agp440 - ok
17:30:45.0679 0x23a8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:30:45.0696 0x23a8  ALG - ok
17:30:45.0718 0x23a8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:30:45.0728 0x23a8  aliide - ok
17:30:45.0847 0x23a8  ALSysIO - ok
17:30:45.0911 0x23a8  [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:30:45.0957 0x23a8  AMD External Events Utility - ok
17:30:45.0985 0x23a8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:30:45.0993 0x23a8  amdide - ok
17:30:46.0049 0x23a8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:30:46.0086 0x23a8  AmdK8 - ok
17:30:46.0745 0x23a8  [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:30:47.0135 0x23a8  amdkmdag - ok
17:30:47.0238 0x23a8  [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:30:47.0288 0x23a8  amdkmdap - ok
17:30:47.0292 0x23a8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
17:30:47.0300 0x23a8  AmdPPM - ok
17:30:47.0353 0x23a8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:30:47.0366 0x23a8  amdsata - ok
17:30:47.0426 0x23a8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:30:47.0444 0x23a8  amdsbs - ok
17:30:47.0469 0x23a8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:30:47.0475 0x23a8  amdxata - ok
17:30:47.0536 0x23a8  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
17:30:47.0572 0x23a8  AppID - ok
17:30:47.0602 0x23a8  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:30:47.0639 0x23a8  AppIDSvc - ok
17:30:47.0691 0x23a8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
17:30:47.0724 0x23a8  Appinfo - ok
17:30:47.0763 0x23a8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
17:30:47.0775 0x23a8  arc - ok
17:30:47.0792 0x23a8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:30:47.0803 0x23a8  arcsas - ok
17:30:47.0927 0x23a8  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:30:47.0943 0x23a8  aspnet_state - ok
17:30:47.0982 0x23a8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:30:48.0042 0x23a8  AsyncMac - ok
17:30:48.0082 0x23a8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:30:48.0094 0x23a8  atapi - ok
17:30:48.0152 0x23a8  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:30:48.0194 0x23a8  AtiHDAudioService - ok
17:30:48.0274 0x23a8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:30:48.0343 0x23a8  AudioEndpointBuilder - ok
17:30:48.0402 0x23a8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:30:48.0423 0x23a8  AudioSrv - ok
17:30:48.0489 0x23a8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:30:48.0529 0x23a8  AxInstSV - ok
17:30:48.0604 0x23a8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:30:48.0630 0x23a8  b06bdrv - ok
17:30:48.0696 0x23a8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:30:48.0737 0x23a8  b57nd60a - ok
17:30:48.0787 0x23a8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:30:48.0821 0x23a8  BDESVC - ok
17:30:48.0851 0x23a8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:30:48.0913 0x23a8  Beep - ok
17:30:49.0040 0x23a8  [ 2EE42E7539BBF4252F7F47B288E61CEA, 2113A7C825AE2D222FD80D092BAA254AB3EFA8A2F58EC8325837A6BC611BC715 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
17:30:49.0064 0x23a8  BEService - ok
17:30:49.0145 0x23a8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:30:49.0192 0x23a8  BFE - ok
17:30:49.0259 0x23a8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:30:49.0343 0x23a8  BITS - ok
17:30:49.0389 0x23a8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:30:49.0426 0x23a8  blbdrive - ok
17:30:49.0483 0x23a8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:30:49.0515 0x23a8  bowser - ok
17:30:49.0557 0x23a8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:30:49.0597 0x23a8  BrFiltLo - ok
17:30:49.0618 0x23a8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:30:49.0640 0x23a8  BrFiltUp - ok
17:30:49.0689 0x23a8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:30:49.0701 0x23a8  Browser - ok
17:30:49.0726 0x23a8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:30:49.0764 0x23a8  Brserid - ok
17:30:49.0793 0x23a8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:30:49.0832 0x23a8  BrSerWdm - ok
17:30:49.0847 0x23a8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:30:49.0871 0x23a8  BrUsbMdm - ok
17:30:49.0891 0x23a8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:30:49.0900 0x23a8  BrUsbSer - ok
17:30:49.0930 0x23a8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:30:49.0964 0x23a8  BTHMODEM - ok
17:30:50.0029 0x23a8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:30:50.0066 0x23a8  bthserv - ok
17:30:50.0117 0x23a8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:30:50.0174 0x23a8  cdfs - ok
17:30:50.0223 0x23a8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:30:50.0263 0x23a8  cdrom - ok
17:30:50.0303 0x23a8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:30:50.0337 0x23a8  CertPropSvc - ok
17:30:50.0382 0x23a8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:30:50.0421 0x23a8  circlass - ok
17:30:50.0486 0x23a8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
17:30:50.0509 0x23a8  CLFS - ok
17:30:50.0566 0x23a8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:30:50.0580 0x23a8  clr_optimization_v2.0.50727_32 - ok
17:30:50.0627 0x23a8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:30:50.0640 0x23a8  clr_optimization_v2.0.50727_64 - ok
17:30:50.0727 0x23a8  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:30:50.0745 0x23a8  clr_optimization_v4.0.30319_32 - ok
17:30:50.0758 0x23a8  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:30:50.0767 0x23a8  clr_optimization_v4.0.30319_64 - ok
17:30:50.0818 0x23a8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:30:50.0850 0x23a8  CmBatt - ok
17:30:50.0880 0x23a8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:30:50.0887 0x23a8  cmdide - ok
17:30:50.0952 0x23a8  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
17:30:50.0969 0x23a8  CNG - ok
17:30:51.0010 0x23a8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:30:51.0016 0x23a8  Compbatt - ok
17:30:51.0064 0x23a8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:30:51.0072 0x23a8  CompositeBus - ok
17:30:51.0094 0x23a8  COMSysApp - ok
17:30:51.0198 0x23a8  [ B18D590BC5220FDB4A747BC16D78ABC7, D46F8B43BAC22E55DE9AFC19CF371B1C4E8D3707163598B2F9884BB31D730C09 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:30:51.0218 0x23a8  cphs - ok
17:30:51.0254 0x23a8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:30:51.0260 0x23a8  crcdisk - ok
17:30:51.0330 0x23a8  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:30:51.0371 0x23a8  CryptSvc - ok
17:30:51.0462 0x23a8  dbupdate - ok
17:30:51.0481 0x23a8  dbupdatem - ok
17:30:51.0543 0x23a8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:30:51.0623 0x23a8  DcomLaunch - ok
17:30:51.0710 0x23a8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:30:51.0769 0x23a8  defragsvc - ok
17:30:51.0816 0x23a8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:30:51.0837 0x23a8  DfsC - ok
17:30:51.0897 0x23a8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:30:51.0941 0x23a8  Dhcp - ok
17:30:52.0056 0x23a8  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
17:30:52.0110 0x23a8  DiagTrack - ok
17:30:52.0114 0x23a8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:30:52.0140 0x23a8  discache - ok
17:30:52.0196 0x23a8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
17:30:52.0209 0x23a8  Disk - ok
17:30:52.0249 0x23a8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:30:52.0288 0x23a8  Dnscache - ok
17:30:52.0330 0x23a8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:30:52.0386 0x23a8  dot3svc - ok
17:30:52.0414 0x23a8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:30:52.0463 0x23a8  DPS - ok
17:30:52.0516 0x23a8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:30:52.0549 0x23a8  drmkaud - ok
17:30:52.0625 0x23a8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:30:52.0658 0x23a8  DXGKrnl - ok
17:30:52.0674 0x23a8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:30:52.0702 0x23a8  EapHost - ok
17:30:52.0741 0x23a8  EasyAntiCheat - ok
17:30:52.0895 0x23a8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:30:52.0957 0x23a8  ebdrv - ok
17:30:52.0982 0x23a8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS             C:\Windows\System32\lsass.exe
17:30:52.0989 0x23a8  EFS - ok
17:30:53.0069 0x23a8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:30:53.0097 0x23a8  ehRecvr - ok
17:30:53.0103 0x23a8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:30:53.0133 0x23a8  ehSched - ok
17:30:53.0178 0x23a8  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
17:30:53.0185 0x23a8  ElbyCDIO - ok
17:30:53.0226 0x23a8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:30:53.0243 0x23a8  elxstor - ok
17:30:53.0272 0x23a8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:30:53.0295 0x23a8  ErrDev - ok
17:30:53.0348 0x23a8  [ FD291A75ECAF197F07BD2040C2A7322A, B4DE1B8A75928C8E6DF870A7B6F286EAA0B9A5D9443E99B66633F8B60013AC67 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
17:30:53.0361 0x23a8  EtronHub3 - ok
17:30:53.0416 0x23a8  [ DDE9068F9BAC0210195F217AA39B9276, 3AE8CE03B0F93EF6006B46F8DFD5523F6C1951D98FB9A411EA90261C368A453F ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
17:30:53.0454 0x23a8  EtronXHCI - ok
17:30:53.0506 0x23a8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:30:53.0573 0x23a8  EventSystem - ok
17:30:53.0635 0x23a8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:30:53.0695 0x23a8  exfat - ok
17:30:53.0743 0x23a8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:30:53.0779 0x23a8  fastfat - ok
17:30:53.0843 0x23a8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:30:53.0893 0x23a8  Fax - ok
17:30:53.0896 0x23a8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
17:30:53.0903 0x23a8  fdc - ok
17:30:53.0927 0x23a8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:30:53.0970 0x23a8  fdPHost - ok
17:30:54.0000 0x23a8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:30:54.0022 0x23a8  FDResPub - ok
17:30:54.0042 0x23a8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:30:54.0048 0x23a8  FileInfo - ok
17:30:54.0051 0x23a8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:30:54.0095 0x23a8  Filetrace - ok
17:30:54.0097 0x23a8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:30:54.0104 0x23a8  flpydisk - ok
17:30:54.0113 0x23a8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:30:54.0122 0x23a8  FltMgr - ok
17:30:54.0203 0x23a8  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
17:30:54.0251 0x23a8  FontCache - ok
17:30:54.0294 0x23a8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:30:54.0306 0x23a8  FontCache3.0.0.0 - ok
17:30:54.0313 0x23a8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:30:54.0324 0x23a8  FsDepends - ok
17:30:54.0346 0x23a8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:30:54.0354 0x23a8  Fs_Rec - ok
17:30:54.0421 0x23a8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:30:54.0441 0x23a8  fvevol - ok
17:30:54.0453 0x23a8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:30:54.0460 0x23a8  gagp30kx - ok
17:30:54.0508 0x23a8  [ 3EB903DA33CB9E11BDCD62F38430DB40, 14CA13E79FBB4EF8CCA530B7AD8F5B579C59F9589B86CABEFDA152359E3D52B6 ] GamingApp_Service C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
17:30:54.0518 0x23a8  GamingApp_Service - ok
17:30:54.0621 0x23a8  [ 024299B2B0E1C11320A4592570D8DE20, 16FB3982E718F2834D1272D400F92AD6319A0C197227C5D61AF87B3C8D2D4759 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
17:30:54.0645 0x23a8  GfExperienceService - ok
17:30:54.0704 0x23a8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:30:54.0762 0x23a8  gpsvc - ok
17:30:54.0817 0x23a8  gupdate - ok
17:30:54.0848 0x23a8  gupdatem - ok
17:30:54.0883 0x23a8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:30:54.0921 0x23a8  hcw85cir - ok
17:30:55.0026 0x23a8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:30:55.0052 0x23a8  HdAudAddService - ok
17:30:55.0107 0x23a8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:30:55.0128 0x23a8  HDAudBus - ok
17:30:55.0146 0x23a8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:30:55.0157 0x23a8  HidBatt - ok
17:30:55.0163 0x23a8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:30:55.0198 0x23a8  HidBth - ok
17:30:55.0216 0x23a8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:30:55.0247 0x23a8  HidIr - ok
17:30:55.0288 0x23a8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:30:55.0328 0x23a8  hidserv - ok
17:30:55.0393 0x23a8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:30:55.0404 0x23a8  HidUsb - ok
17:30:55.0417 0x23a8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:30:55.0474 0x23a8  hkmsvc - ok
17:30:55.0529 0x23a8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:30:55.0563 0x23a8  HomeGroupListener - ok
17:30:55.0607 0x23a8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:30:55.0644 0x23a8  HomeGroupProvider - ok
17:30:55.0683 0x23a8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:30:55.0691 0x23a8  HpSAMD - ok
17:30:55.0769 0x23a8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:30:55.0791 0x23a8  HTTP - ok
17:30:55.0801 0x23a8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:30:55.0806 0x23a8  hwpolicy - ok
17:30:55.0849 0x23a8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:30:55.0865 0x23a8  i8042prt - ok
17:30:55.0940 0x23a8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:30:55.0960 0x23a8  iaStorV - ok
17:30:55.0994 0x23a8  [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
17:30:56.0003 0x23a8  ICCS - ok
17:30:56.0074 0x23a8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:30:56.0102 0x23a8  idsvc - ok
17:30:56.0121 0x23a8  IEEtwCollectorService - ok
17:30:56.0325 0x23a8  [ 79AE3CC82CA1563A4B392207997ACE7C, A1E4A1DA95CA2FA197EF5975657822F0F813F6C33DA38E1FA5A840194034D071 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:30:56.0458 0x23a8  igfx - ok
17:30:56.0480 0x23a8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:30:56.0486 0x23a8  iirsp - ok
17:30:56.0521 0x23a8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:30:56.0543 0x23a8  IKEEXT - ok
17:30:56.0565 0x23a8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:30:56.0570 0x23a8  intelide - ok
17:30:56.0583 0x23a8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:30:56.0590 0x23a8  intelppm - ok
17:30:56.0617 0x23a8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:30:56.0662 0x23a8  IPBusEnum - ok
17:30:56.0693 0x23a8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:30:56.0756 0x23a8  IpFilterDriver - ok
17:30:56.0839 0x23a8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:30:56.0883 0x23a8  iphlpsvc - ok
17:30:56.0887 0x23a8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:30:56.0899 0x23a8  IPMIDRV - ok
17:30:56.0927 0x23a8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:30:56.0965 0x23a8  IPNAT - ok
17:30:56.0989 0x23a8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:30:57.0030 0x23a8  IRENUM - ok
17:30:57.0079 0x23a8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:30:57.0090 0x23a8  isapnp - ok
17:30:57.0135 0x23a8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:30:57.0151 0x23a8  iScsiPrt - ok
17:30:57.0176 0x23a8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:30:57.0186 0x23a8  kbdclass - ok
17:30:57.0230 0x23a8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:30:57.0271 0x23a8  kbdhid - ok
17:30:57.0339 0x23a8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\Windows\system32\lsass.exe
17:30:57.0352 0x23a8  KeyIso - ok
17:30:57.0417 0x23a8  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:30:57.0431 0x23a8  KSecDD - ok
17:30:57.0481 0x23a8  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:30:57.0498 0x23a8  KSecPkg - ok
17:30:57.0538 0x23a8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:30:57.0576 0x23a8  ksthunk - ok
17:30:57.0610 0x23a8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:30:57.0667 0x23a8  KtmRm - ok
17:30:57.0734 0x23a8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:30:57.0774 0x23a8  LanmanServer - ok
17:30:57.0801 0x23a8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:30:57.0849 0x23a8  LanmanWorkstation - ok
17:30:58.0027 0x23a8  [ FF7B65801373BEDD5A1530F6616CBF39, 80AD36DC0D12A7393E97576DE2012CD3E9C17231228862566CA1C9EEFB445667 ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
17:30:58.0078 0x23a8  LavasoftTcpService - ok
17:30:58.0132 0x23a8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:30:58.0196 0x23a8  lltdio - ok
17:30:58.0262 0x23a8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:30:58.0318 0x23a8  lltdsvc - ok
17:30:58.0371 0x23a8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:30:58.0407 0x23a8  lmhosts - ok
17:30:58.0467 0x23a8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:30:58.0482 0x23a8  LSI_FC - ok
17:30:58.0525 0x23a8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:30:58.0534 0x23a8  LSI_SAS - ok
17:30:58.0543 0x23a8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:30:58.0551 0x23a8  LSI_SAS2 - ok
17:30:58.0563 0x23a8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:30:58.0570 0x23a8  LSI_SCSI - ok
17:30:58.0590 0x23a8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:30:58.0612 0x23a8  luafv - ok
17:30:58.0832 0x23a8  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
17:30:58.0918 0x23a8  LVUVC64 - ok
17:30:58.0972 0x23a8  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:30:58.0982 0x23a8  MBAMProtector - ok
17:30:59.0066 0x23a8  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
17:30:59.0091 0x23a8  MBAMService - ok
17:30:59.0133 0x23a8  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
17:30:59.0144 0x23a8  MBAMWebAccessControl - ok
17:30:59.0294 0x23a8  [ D8DBCF7C20F3D39AA0037C64118A5FC4, B29CD8F9C3AFED9C55716A331496FC98F563BBB895BF7D36A5C54DCEA37A7366 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe
17:30:59.0312 0x23a8  McComponentHostService - ok
17:30:59.0343 0x23a8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:30:59.0357 0x23a8  Mcx2Svc - ok
17:30:59.0372 0x23a8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:30:59.0381 0x23a8  megasas - ok
17:30:59.0454 0x23a8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:30:59.0475 0x23a8  MegaSR - ok
17:30:59.0524 0x23a8  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
17:30:59.0534 0x23a8  MEIx64 - ok
17:30:59.0561 0x23a8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:30:59.0621 0x23a8  MMCSS - ok
17:30:59.0646 0x23a8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:30:59.0709 0x23a8  Modem - ok
17:30:59.0745 0x23a8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:30:59.0762 0x23a8  monitor - ok
17:30:59.0812 0x23a8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:30:59.0822 0x23a8  mouclass - ok
17:30:59.0866 0x23a8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:30:59.0905 0x23a8  mouhid - ok
17:30:59.0955 0x23a8  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:30:59.0967 0x23a8  mountmgr - ok
17:31:00.0045 0x23a8  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:31:00.0057 0x23a8  MozillaMaintenance - ok
17:31:00.0080 0x23a8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:31:00.0091 0x23a8  mpio - ok
17:31:00.0097 0x23a8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:31:00.0121 0x23a8  mpsdrv - ok
17:31:00.0175 0x23a8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:31:00.0209 0x23a8  MpsSvc - ok
17:31:00.0242 0x23a8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:31:00.0277 0x23a8  MRxDAV - ok
17:31:00.0315 0x23a8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:31:00.0349 0x23a8  mrxsmb - ok
17:31:00.0381 0x23a8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:31:00.0439 0x23a8  mrxsmb10 - ok
17:31:00.0479 0x23a8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:31:00.0492 0x23a8  mrxsmb20 - ok
17:31:00.0518 0x23a8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:31:00.0527 0x23a8  msahci - ok
17:31:00.0553 0x23a8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:31:00.0563 0x23a8  msdsm - ok
17:31:00.0575 0x23a8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:31:00.0612 0x23a8  MSDTC - ok
17:31:00.0642 0x23a8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:31:00.0679 0x23a8  Msfs - ok
17:31:00.0719 0x23a8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:31:00.0753 0x23a8  mshidkmdf - ok
17:31:00.0771 0x23a8  MSICDSetup - ok
17:31:00.0797 0x23a8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:31:00.0808 0x23a8  msisadrv - ok
17:31:00.0851 0x23a8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:31:00.0905 0x23a8  MSiSCSI - ok
17:31:00.0908 0x23a8  msiserver - ok
17:31:01.0028 0x23a8  [ 2095C98556A250D573B76C808AD2DA4B, FFF2E69BC05F57A0445373B058B632702365C196D4AB9DD01971636C717A4F72 ] MSI_LiveUpdate_Service C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
17:31:01.0065 0x23a8  MSI_LiveUpdate_Service - ok
17:31:01.0106 0x23a8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:31:01.0138 0x23a8  MSKSSRV - ok
17:31:01.0200 0x23a8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:31:01.0255 0x23a8  MSPCLOCK - ok
17:31:01.0289 0x23a8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:31:01.0325 0x23a8  MSPQM - ok
17:31:01.0361 0x23a8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:31:01.0372 0x23a8  MsRPC - ok
17:31:01.0382 0x23a8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:31:01.0388 0x23a8  mssmbios - ok
17:31:01.0419 0x23a8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:31:01.0440 0x23a8  MSTEE - ok
17:31:01.0462 0x23a8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:31:01.0487 0x23a8  MTConfig - ok
17:31:01.0491 0x23a8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:31:01.0497 0x23a8  Mup - ok
17:31:01.0552 0x23a8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:31:01.0594 0x23a8  napagent - ok
17:31:01.0650 0x23a8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:31:01.0674 0x23a8  NativeWifiP - ok
17:31:01.0774 0x23a8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:31:01.0801 0x23a8  NDIS - ok
17:31:01.0840 0x23a8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:31:01.0905 0x23a8  NdisCap - ok
17:31:01.0948 0x23a8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:31:01.0985 0x23a8  NdisTapi - ok
17:31:02.0010 0x23a8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:31:02.0055 0x23a8  Ndisuio - ok
17:31:02.0062 0x23a8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:31:02.0093 0x23a8  NdisWan - ok
17:31:02.0096 0x23a8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:31:02.0128 0x23a8  NDProxy - ok
17:31:02.0152 0x23a8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:31:02.0173 0x23a8  NetBIOS - ok
17:31:02.0181 0x23a8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:31:02.0220 0x23a8  NetBT - ok
17:31:02.0243 0x23a8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\Windows\system32\lsass.exe
17:31:02.0250 0x23a8  Netlogon - ok
17:31:02.0314 0x23a8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:31:02.0363 0x23a8  Netman - ok
17:31:02.0480 0x23a8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:02.0498 0x23a8  NetMsmqActivator - ok
17:31:02.0537 0x23a8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:02.0553 0x23a8  NetPipeActivator - ok
17:31:02.0583 0x23a8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:31:02.0641 0x23a8  netprofm - ok
17:31:02.0646 0x23a8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:02.0654 0x23a8  NetTcpActivator - ok
17:31:02.0659 0x23a8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:02.0668 0x23a8  NetTcpPortSharing - ok
17:31:02.0741 0x23a8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:31:02.0753 0x23a8  nfrd960 - ok
17:31:02.0783 0x23a8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:31:02.0852 0x23a8  NlaSvc - ok
17:31:02.0894 0x23a8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:31:02.0929 0x23a8  Npfs - ok
17:31:02.0954 0x23a8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:31:02.0992 0x23a8  nsi - ok
17:31:03.0005 0x23a8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:31:03.0025 0x23a8  nsiproxy - ok
17:31:03.0113 0x23a8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:31:03.0146 0x23a8  Ntfs - ok
17:31:03.0149 0x23a8  NTIOLib_1_0_C - ok
17:31:03.0162 0x23a8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:31:03.0182 0x23a8  Null - ok
17:31:03.0246 0x23a8  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
17:31:03.0261 0x23a8  NVHDA - ok
17:31:03.0643 0x23a8  [ 3B99271224C43ADAB5A7F8D4B574AE3F, 931B011EA7796C61922D892C11D880BCC0383FCECABC4F4855AF89BA20B9B01B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:31:03.0819 0x23a8  nvlddmkm - ok
17:31:03.0976 0x23a8  [ D6A687B5E24257B5D3991C0D9BC45BBC, EFF23FD2C074A579CAF13C4846D1F0906D014F92517A4C6A359547F560CD296C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:31:04.0012 0x23a8  NvNetworkService - ok
17:31:04.0063 0x23a8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:31:04.0076 0x23a8  nvraid - ok
17:31:04.0120 0x23a8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:31:04.0132 0x23a8  nvstor - ok
17:31:04.0151 0x23a8  [ D6E22C63F1F2B2B5B5E95F70BEBDB2BC, 5BE351CB15218EBC7F0C9B5919A8949BD61FEC6182123B589DF50B44C8A3CA9E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:31:04.0158 0x23a8  NvStreamKms - ok
17:31:04.0790 0x23a8  [ C982FE172EA1C7B840C4243C5AB3F8BE, 7CC5BC1F9817E8E0910775FB1EC943345900829D4702538CA7A6138FDF0FAA7F ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
17:31:05.0213 0x23a8  NvStreamSvc - ok
17:31:05.0309 0x23a8  [ 97ADEBE576474D4CEC53F8E06590FFC8, 2CC8587AAB595D7621AA57A33D94789BD9DC6DBFB4FA9BDEFBB425B7ACCB65AB ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:31:05.0333 0x23a8  nvsvc - ok
17:31:05.0342 0x23a8  [ 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3, 4C3C36ADC9EC0FDED3E3FFC7918680B643652AD39458FAA8525392DAD0ABD845 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:31:05.0348 0x23a8  nvvad_WaveExtensible - ok
17:31:05.0398 0x23a8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:31:05.0413 0x23a8  nv_agp - ok
17:31:05.0419 0x23a8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:31:05.0454 0x23a8  ohci1394 - ok
17:31:05.0613 0x23a8  [ 29B093BA6759118DB14AF41026385E03, 660176D122344A79E52FFD9FE3D32D1967D9B22BC4AD76549D839B09693D0713 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
17:31:05.0661 0x23a8  Origin Client Service - ok
17:31:05.0752 0x23a8  [ 5DA721914AB0FA95177C088D6EE788AF, EBF3C3587DB6FA49ABB14C4FCC9E6BE2D43D7F068B1F32E2DC7C4F75467AA5B7 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
17:31:05.0773 0x23a8  OverwolfUpdater - ok
17:31:05.0808 0x23a8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:31:05.0833 0x23a8  p2pimsvc - ok
17:31:05.0857 0x23a8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:31:05.0896 0x23a8  p2psvc - ok
17:31:05.0935 0x23a8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
17:31:05.0978 0x23a8  Parport - ok
17:31:06.0023 0x23a8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:31:06.0036 0x23a8  partmgr - ok
17:31:06.0064 0x23a8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:31:06.0108 0x23a8  PcaSvc - ok
17:31:06.0142 0x23a8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:31:06.0159 0x23a8  pci - ok
17:31:06.0182 0x23a8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:31:06.0188 0x23a8  pciide - ok
17:31:06.0203 0x23a8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:31:06.0212 0x23a8  pcmcia - ok
17:31:06.0225 0x23a8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:31:06.0231 0x23a8  pcw - ok
17:31:06.0276 0x23a8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:31:06.0335 0x23a8  PEAUTH - ok
17:31:06.0422 0x23a8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:31:06.0437 0x23a8  PerfHost - ok
17:31:06.0512 0x23a8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:31:06.0560 0x23a8  pla - ok
17:31:06.0632 0x23a8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:31:06.0680 0x23a8  PlugPlay - ok
17:31:06.0741 0x23a8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:31:06.0780 0x23a8  PNRPAutoReg - ok
17:31:06.0821 0x23a8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:31:06.0843 0x23a8  PNRPsvc - ok
17:31:06.0890 0x23a8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:31:06.0952 0x23a8  PolicyAgent - ok
17:31:06.0992 0x23a8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:31:07.0057 0x23a8  Power - ok
17:31:07.0118 0x23a8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:31:07.0156 0x23a8  PptpMiniport - ok
17:31:07.0179 0x23a8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
17:31:07.0187 0x23a8  Processor - ok
17:31:07.0214 0x23a8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:31:07.0245 0x23a8  ProfSvc - ok
17:31:07.0274 0x23a8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
17:31:07.0287 0x23a8  ProtectedStorage - ok
17:31:07.0333 0x23a8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:31:07.0363 0x23a8  Psched - ok
17:31:07.0464 0x23a8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:31:07.0495 0x23a8  ql2300 - ok
17:31:07.0515 0x23a8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:31:07.0523 0x23a8  ql40xx - ok
17:31:07.0559 0x23a8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:31:07.0583 0x23a8  QWAVE - ok
17:31:07.0586 0x23a8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:31:07.0619 0x23a8  QWAVEdrv - ok
17:31:07.0642 0x23a8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:31:07.0688 0x23a8  RasAcd - ok
17:31:07.0734 0x23a8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:31:07.0768 0x23a8  RasAgileVpn - ok
17:31:07.0782 0x23a8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:31:07.0805 0x23a8  RasAuto - ok
17:31:07.0813 0x23a8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:31:07.0834 0x23a8  Rasl2tp - ok
17:31:07.0888 0x23a8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:31:07.0946 0x23a8  RasMan - ok
17:31:07.0951 0x23a8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:31:07.0983 0x23a8  RasPppoe - ok
17:31:08.0027 0x23a8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:31:08.0085 0x23a8  RasSstp - ok
17:31:08.0116 0x23a8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:31:08.0141 0x23a8  rdbss - ok
17:31:08.0154 0x23a8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
17:31:08.0186 0x23a8  rdpbus - ok
17:31:08.0229 0x23a8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:31:08.0289 0x23a8  RDPCDD - ok
17:31:08.0373 0x23a8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:31:08.0406 0x23a8  RDPENCDD - ok
17:31:08.0411 0x23a8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:31:08.0434 0x23a8  RDPREFMP - ok
17:31:08.0459 0x23a8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:31:08.0489 0x23a8  RDPWD - ok
17:31:08.0496 0x23a8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:31:08.0505 0x23a8  rdyboost - ok
17:31:08.0576 0x23a8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:31:08.0630 0x23a8  RemoteAccess - ok
17:31:08.0676 0x23a8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:31:08.0743 0x23a8  RemoteRegistry - ok
17:31:08.0771 0x23a8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:31:08.0836 0x23a8  RpcEptMapper - ok
17:31:08.0873 0x23a8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:31:08.0887 0x23a8  RpcLocator - ok
17:31:08.0917 0x23a8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:31:08.0952 0x23a8  RpcSs - ok
17:31:09.0001 0x23a8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:31:09.0066 0x23a8  rspndr - ok
17:31:09.0151 0x23a8  [ 439F755B450CF66B139742CA32AACF9F, DB047454CE026E71F7F5A0B4158D667D7E439A2B5A4F3CC008649FCDBA22A727 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:31:09.0179 0x23a8  RTL8167 - ok
17:31:09.0189 0x23a8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs           C:\Windows\system32\lsass.exe
17:31:09.0196 0x23a8  SamSs - ok
17:31:09.0208 0x23a8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:31:09.0214 0x23a8  sbp2port - ok
17:31:09.0229 0x23a8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:31:09.0254 0x23a8  SCardSvr - ok
17:31:09.0263 0x23a8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:31:09.0324 0x23a8  scfilter - ok
17:31:09.0392 0x23a8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:31:09.0435 0x23a8  Schedule - ok
17:31:09.0457 0x23a8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:31:09.0478 0x23a8  SCPolicySvc - ok
17:31:09.0493 0x23a8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:31:09.0502 0x23a8  SDRSVC - ok
17:31:09.0583 0x23a8  [ 284996D7CDD2AFDD4AD37EE58ADCB076, F5129DEAAF1AB479B0F16D35E6D1F974A73AFE1DDDEAE7A45F28917C72A1AD3A ] SearchProtectionService C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
17:31:09.0613 0x23a8  SearchProtectionService - detected UnsignedFile.Multi.Generic ( 1 )
17:31:11.0972 0x23a8  Detect skipped due to KSN trusted
17:31:11.0972 0x23a8  SearchProtectionService - ok
17:31:12.0027 0x23a8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:31:12.0086 0x23a8  secdrv - ok
17:31:12.0114 0x23a8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:31:12.0171 0x23a8  seclogon - ok
17:31:12.0217 0x23a8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:31:12.0274 0x23a8  SENS - ok
17:31:12.0304 0x23a8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:31:12.0315 0x23a8  SensrSvc - ok
17:31:12.0355 0x23a8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:31:12.0368 0x23a8  Serenum - ok
17:31:12.0437 0x23a8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:31:12.0469 0x23a8  Serial - ok
17:31:12.0512 0x23a8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:31:12.0548 0x23a8  sermouse - ok
17:31:12.0579 0x23a8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:31:12.0610 0x23a8  SessionEnv - ok
17:31:12.0640 0x23a8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:31:12.0670 0x23a8  sffdisk - ok
17:31:12.0689 0x23a8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:31:12.0716 0x23a8  sffp_mmc - ok
17:31:12.0730 0x23a8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:31:12.0739 0x23a8  sffp_sd - ok
17:31:12.0766 0x23a8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:31:12.0773 0x23a8  sfloppy - ok
17:31:12.0839 0x23a8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:31:12.0899 0x23a8  SharedAccess - ok
17:31:12.0936 0x23a8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:31:12.0963 0x23a8  ShellHWDetection - ok
17:31:12.0980 0x23a8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:31:12.0986 0x23a8  SiSRaid2 - ok
17:31:13.0002 0x23a8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:31:13.0008 0x23a8  SiSRaid4 - ok
17:31:13.0051 0x23a8  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:31:13.0072 0x23a8  SkypeUpdate - ok
17:31:13.0115 0x23a8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:31:13.0137 0x23a8  Smb - ok
17:31:13.0154 0x23a8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:31:13.0188 0x23a8  SNMPTRAP - ok
17:31:13.0216 0x23a8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:31:13.0225 0x23a8  spldr - ok
17:31:13.0273 0x23a8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:31:13.0320 0x23a8  Spooler - ok
17:31:13.0464 0x23a8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:31:13.0563 0x23a8  sppsvc - ok
17:31:13.0595 0x23a8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:31:13.0651 0x23a8  sppuinotify - ok
17:31:13.0711 0x23a8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:31:13.0734 0x23a8  srv - ok
17:31:13.0752 0x23a8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:31:13.0787 0x23a8  srv2 - ok
17:31:13.0828 0x23a8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:31:13.0836 0x23a8  srvnet - ok
17:31:13.0888 0x23a8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:31:13.0961 0x23a8  SSDPSRV - ok
17:31:13.0992 0x23a8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:31:14.0015 0x23a8  SstpSvc - ok
17:31:14.0235 0x23a8  [ CE21C361EAA587AC778AD7422FFC3E84, AE8DB90661E67BDAB1A6E75341DEF27DF0FDA1765576D1260EC1384419628CE5 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:31:14.0255 0x23a8  Steam Client Service - ok
17:31:14.0327 0x23a8  [ 49B1E5AF3AA400752A20BE169CB73DFA, D990BC79B289912EB07F3FD50F1236C593A45C5E9B7BD8162269687258E07CE2 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:31:14.0347 0x23a8  Stereo Service - ok
17:31:14.0364 0x23a8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:31:14.0373 0x23a8  stexstor - ok
17:31:14.0442 0x23a8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:31:14.0464 0x23a8  stisvc - ok
17:31:14.0469 0x23a8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:31:14.0475 0x23a8  swenum - ok
17:31:14.0510 0x23a8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:31:14.0541 0x23a8  swprv - ok
17:31:14.0611 0x23a8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
17:31:14.0651 0x23a8  SysMain - ok
17:31:14.0656 0x23a8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:31:14.0668 0x23a8  TabletInputService - ok
17:31:14.0677 0x23a8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:31:14.0726 0x23a8  TapiSrv - ok
17:31:14.0751 0x23a8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:31:14.0797 0x23a8  TBS - ok
17:31:14.0900 0x23a8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:31:14.0938 0x23a8  Tcpip - ok
17:31:15.0052 0x23a8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:31:15.0090 0x23a8  TCPIP6 - ok
17:31:15.0115 0x23a8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:31:15.0153 0x23a8  tcpipreg - ok
17:31:15.0196 0x23a8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:31:15.0208 0x23a8  TDPIPE - ok
17:31:15.0242 0x23a8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:31:15.0255 0x23a8  TDTCP - ok
17:31:15.0297 0x23a8  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:31:15.0309 0x23a8  tdx - ok
17:31:15.0564 0x23a8  [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
17:31:15.0666 0x23a8  TeamViewer - ok
17:31:15.0720 0x23a8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:31:15.0733 0x23a8  TermDD - ok
17:31:15.0789 0x23a8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
17:31:15.0837 0x23a8  TermService - ok
17:31:15.0872 0x23a8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:31:15.0918 0x23a8  Themes - ok
17:31:15.0947 0x23a8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:31:15.0985 0x23a8  THREADORDER - ok
17:31:15.0998 0x23a8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:31:16.0043 0x23a8  TrkWks - ok
17:31:16.0106 0x23a8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:31:16.0142 0x23a8  TrustedInstaller - ok
17:31:16.0166 0x23a8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:31:16.0199 0x23a8  tssecsrv - ok
17:31:16.0251 0x23a8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:31:16.0259 0x23a8  TsUsbFlt - ok
17:31:16.0263 0x23a8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:31:16.0291 0x23a8  TsUsbGD - ok
17:31:16.0429 0x23a8  [ DF07EC9240A4B7008D6C5E65C8ABB584, 80F430996F0A513773600E20F4EF915B5D98A7C58D52CDF672B6AEF5A001E1CD ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
17:31:16.0479 0x23a8  TuneUp.UtilitiesSvc - ok
17:31:16.0522 0x23a8  [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
17:31:16.0527 0x23a8  TuneUpUtilitiesDrv - ok
17:31:16.0581 0x23a8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:31:16.0603 0x23a8  tunnel - ok
17:31:16.0607 0x23a8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:31:16.0614 0x23a8  uagp35 - ok
17:31:16.0636 0x23a8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:31:16.0680 0x23a8  udfs - ok
17:31:16.0723 0x23a8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:31:16.0731 0x23a8  UI0Detect - ok
17:31:16.0770 0x23a8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:31:16.0776 0x23a8  uliagpkx - ok
17:31:16.0802 0x23a8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:31:16.0809 0x23a8  umbus - ok
17:31:16.0836 0x23a8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:31:16.0870 0x23a8  UmPass - ok
17:31:16.0941 0x23a8  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:31:16.0956 0x23a8  UMVPFSrv - ok
17:31:16.0989 0x23a8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:31:17.0017 0x23a8  upnphost - ok
17:31:17.0066 0x23a8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:31:17.0074 0x23a8  usbaudio - ok
17:31:17.0098 0x23a8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:31:17.0105 0x23a8  usbccgp - ok
17:31:17.0137 0x23a8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:31:17.0164 0x23a8  usbcir - ok
17:31:17.0220 0x23a8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:31:17.0254 0x23a8  usbehci - ok
17:31:17.0306 0x23a8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:31:17.0349 0x23a8  usbhub - ok
17:31:17.0381 0x23a8  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:31:17.0392 0x23a8  usbohci - ok
17:31:17.0407 0x23a8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
17:31:17.0419 0x23a8  usbprint - ok
17:31:17.0449 0x23a8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:31:17.0465 0x23a8  USBSTOR - ok
17:31:17.0470 0x23a8  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:31:17.0503 0x23a8  usbuhci - ok
17:31:17.0563 0x23a8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:31:17.0604 0x23a8  usbvideo - ok
17:31:17.0643 0x23a8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:31:17.0700 0x23a8  UxSms - ok
17:31:17.0726 0x23a8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\Windows\system32\lsass.exe
17:31:17.0735 0x23a8  VaultSvc - ok
17:31:17.0780 0x23a8  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
17:31:17.0792 0x23a8  VClone - ok
17:31:17.0824 0x23a8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:31:17.0836 0x23a8  vdrvroot - ok
17:31:17.0865 0x23a8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:31:17.0933 0x23a8  vds - ok
17:31:17.0973 0x23a8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:31:17.0981 0x23a8  vga - ok
17:31:17.0998 0x23a8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:31:18.0023 0x23a8  VgaSave - ok
17:31:18.0030 0x23a8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:31:18.0040 0x23a8  vhdmp - ok
17:31:18.0073 0x23a8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:31:18.0079 0x23a8  viaide - ok
17:31:18.0127 0x23a8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:31:18.0133 0x23a8  volmgr - ok
17:31:18.0144 0x23a8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:31:18.0155 0x23a8  volmgrx - ok
17:31:18.0173 0x23a8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:31:18.0184 0x23a8  volsnap - ok
17:31:18.0203 0x23a8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:31:18.0212 0x23a8  vsmraid - ok
17:31:18.0280 0x23a8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:31:18.0330 0x23a8  VSS - ok
17:31:18.0338 0x23a8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:31:18.0346 0x23a8  vwifibus - ok
17:31:18.0401 0x23a8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:31:18.0434 0x23a8  W32Time - ok
17:31:18.0447 0x23a8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:31:18.0454 0x23a8  WacomPen - ok
17:31:18.0485 0x23a8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:31:18.0507 0x23a8  WANARP - ok
17:31:18.0517 0x23a8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:31:18.0538 0x23a8  Wanarpv6 - ok
17:31:18.0603 0x23a8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:31:18.0654 0x23a8  wbengine - ok
17:31:18.0703 0x23a8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:31:18.0716 0x23a8  WbioSrvc - ok
17:31:18.0737 0x23a8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:31:18.0774 0x23a8  wcncsvc - ok
17:31:18.0797 0x23a8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:31:18.0831 0x23a8  WcsPlugInService - ok
17:31:18.0856 0x23a8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
17:31:18.0866 0x23a8  Wd - ok
17:31:18.0918 0x23a8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:31:18.0938 0x23a8  Wdf01000 - ok
17:31:18.0965 0x23a8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:31:18.0973 0x23a8  WdiServiceHost - ok
17:31:18.0977 0x23a8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:31:18.0985 0x23a8  WdiSystemHost - ok
17:31:19.0012 0x23a8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
17:31:19.0048 0x23a8  WebClient - ok
17:31:19.0083 0x23a8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:31:19.0133 0x23a8  Wecsvc - ok
17:31:19.0165 0x23a8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:31:19.0228 0x23a8  wercplsupport - ok
17:31:19.0269 0x23a8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:31:19.0306 0x23a8  WerSvc - ok
17:31:19.0356 0x23a8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:31:19.0382 0x23a8  WfpLwf - ok
17:31:19.0396 0x23a8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:31:19.0403 0x23a8  WIMMount - ok
17:31:19.0429 0x23a8  WinHttpAutoProxySvc - ok
17:31:19.0498 0x23a8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:31:19.0567 0x23a8  Winmgmt - ok
17:31:19.0681 0x23a8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
17:31:19.0722 0x23a8  WinRM - ok
17:31:19.0788 0x23a8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:31:19.0814 0x23a8  Wlansvc - ok
17:31:19.0857 0x23a8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:31:19.0894 0x23a8  WmiAcpi - ok
17:31:19.0937 0x23a8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:31:19.0954 0x23a8  wmiApSrv - ok
17:31:20.0001 0x23a8  WMPNetworkSvc - ok
17:31:20.0009 0x23a8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:31:20.0043 0x23a8  WPCSvc - ok
17:31:20.0080 0x23a8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:31:20.0098 0x23a8  WPDBusEnum - ok
17:31:20.0126 0x23a8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:31:20.0189 0x23a8  ws2ifsl - ok
17:31:20.0217 0x23a8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:31:20.0232 0x23a8  wscsvc - ok
17:31:20.0235 0x23a8  WSearch - ok
17:31:20.0347 0x23a8  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:31:20.0398 0x23a8  wuauserv - ok
17:31:20.0432 0x23a8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:31:20.0455 0x23a8  WudfPf - ok
17:31:20.0583 0x23a8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:31:20.0663 0x23a8  WUDFRd - ok
17:31:20.0706 0x23a8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:31:20.0723 0x23a8  wudfsvc - ok
17:31:20.0758 0x23a8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:31:20.0800 0x23a8  WwanSvc - ok
17:31:20.0828 0x23a8  xhunter1 - ok
17:31:20.0876 0x23a8  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
17:31:20.0889 0x23a8  xusb21 - ok
17:31:20.0892 0x23a8  ================ Scan global ===============================
17:31:20.0914 0x23a8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:31:20.0948 0x23a8  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
17:31:20.0973 0x23a8  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
17:31:21.0000 0x23a8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:31:21.0037 0x23a8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:31:21.0045 0x23a8  [ Global ] - ok
17:31:21.0045 0x23a8  ================ Scan MBR ==================================
17:31:21.0052 0x23a8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:31:21.0370 0x23a8  \Device\Harddisk0\DR0 - ok
17:31:21.0656 0x23a8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
17:31:21.0867 0x23a8  \Device\Harddisk2\DR2 - ok
17:31:21.0891 0x23a8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:31:21.0956 0x23a8  \Device\Harddisk1\DR1 - ok
17:31:21.0957 0x23a8  ================ Scan VBR ==================================
17:31:21.0960 0x23a8  [ 25A88FBFF7C46D2F389F9A39FB74A834 ] \Device\Harddisk0\DR0\Partition1
17:31:21.0961 0x23a8  \Device\Harddisk0\DR0\Partition1 - ok
17:31:21.0964 0x23a8  [ 493DBA0C0E1CD7CA7F7E3EC3090381D5 ] \Device\Harddisk0\DR0\Partition2
17:31:21.0966 0x23a8  \Device\Harddisk0\DR0\Partition2 - ok
17:31:21.0969 0x23a8  [ AE3E311AC12FEB6A621C13092EA47941 ] \Device\Harddisk0\DR0\Partition3
17:31:21.0970 0x23a8  \Device\Harddisk0\DR0\Partition3 - ok
17:31:21.0974 0x23a8  [ 395EF6F243FE19AF52B7995256146097 ] \Device\Harddisk2\DR2\Partition1
17:31:22.0010 0x23a8  \Device\Harddisk2\DR2\Partition1 - ok
17:31:22.0013 0x23a8  [ 9060DD9DED8A26E4829820C9152D093D ] \Device\Harddisk1\DR1\Partition1
17:31:22.0015 0x23a8  \Device\Harddisk1\DR1\Partition1 - ok
17:31:22.0016 0x23a8  ================ Scan generic autorun ======================
17:31:22.0159 0x23a8  [ 381474F8A4477CF4951553EF530B0ED5, 6C2CB69E072EC2BF8C4EBB93DB400CF9358CC7C4FDA24E3B9B422FFAD089462F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:31:22.0206 0x23a8  NvBackend - ok
17:31:22.0227 0x23a8  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
17:31:22.0262 0x23a8  ShadowPlay - ok
17:31:22.0306 0x23a8  [ 0C3154D0620F974AD5C4E8D87626C8CF, 4E6B751F9C0D5D4833A12166BC5142E0A7402E98D00F570926ED9CA0936A8007 ] C:\Windows\system32\igfxtray.exe
17:31:22.0319 0x23a8  IgfxTray - ok
17:31:22.0342 0x23a8  [ E4AA3D28753EF9DB333FE40079993B09, ECC60BAA7D21EF97CDA17F45277FBFE52B2169155DDB157E34A7AE2EC1BEC185 ] C:\Windows\system32\hkcmd.exe
17:31:22.0357 0x23a8  HotKeysCmds - ok
17:31:22.0380 0x23a8  [ CF40080765D6F66FA93318C0DB6C7D1F, 015EE5BE439DAC6D3F7C7471EEF554C11F28947492E3F7AA14BB72622C327DCD ] C:\Windows\system32\igfxpers.exe
17:31:22.0394 0x23a8  Persistence - ok
17:31:22.0485 0x23a8  [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
17:31:22.0508 0x23a8  StartCCC - ok
17:31:22.0557 0x23a8  [ 299EDE8BBC229B7FA0BC0369BAE8CA2E, 788C06C7EDDDC0687A4137BDA00D320146425768960066FCBE0391BE7DBC2280 ] C:\Program Files (x86)\Raptr\raptrstub.exe
17:31:22.0568 0x23a8  Raptr - ok
17:31:22.0633 0x23a8  Dropbox - ok
17:31:22.0675 0x23a8  [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
17:31:22.0687 0x23a8  VirtualCloneDrive - ok
17:31:22.0720 0x23a8  [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:31:22.0735 0x23a8  SunJavaUpdateSched - ok
17:31:22.0896 0x23a8  [ 05FB3EEC0F9AF4C4ACD949F57A631ED7, C543CF9C5B03D7B3172A2EB9E6A14B22524F0EF9478E646E2A8537E2CAB4B5B3 ] C:\Program Files (x86)\MSI\Live Update\Live Update.exe
17:31:22.0958 0x23a8  Live Update - ok
17:31:23.0062 0x23a8  [ 80086ED442941DE2CA18CB6DAE8C1422, F7BE958F2E8E17970C238E3806F4A742B12DA09EB21093BD6371CF4B580C5BE4 ] C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
17:31:23.0098 0x23a8  Aeria Ignite - ok
17:31:23.0183 0x23a8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:31:23.0230 0x23a8  Sidebar - ok
17:31:23.0272 0x23a8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:31:23.0318 0x23a8  mctadmin - ok
17:31:23.0392 0x23a8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:31:23.0418 0x23a8  Sidebar - ok
17:31:23.0423 0x23a8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:31:23.0434 0x23a8  mctadmin - ok
17:31:23.0481 0x23a8  [ C7040C9D5D38A420DD8787523FAD48E6, 524BF82A91E1F41A4BBC995F36F575DEE23B55933E90AB874FB014BFF6EE716F ] C:\Program Files (x86)\Overwolf\Overwolf.exe
17:31:23.0490 0x23a8  Overwolf - ok
17:31:23.0665 0x23a8  [ DC6BA936E1DE11E648FB85A817C5182F, F1C27C08F84EEAC9DC5C26E57B9559F6006870E540CB2968494A3D34BAD109A7 ] C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe
17:31:23.0703 0x23a8  Spotify Web Helper - ok
17:31:23.0788 0x23a8  [ E6CF06D33D41DE759EF3A3D9BB9DE716, C022D059E0FE7F882E33CB3054E31AA8ACA9277D7D455C10ADB8AC5898C1DD10 ] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
17:31:23.0823 0x23a8  Web Companion - ok
17:31:24.0302 0x23a8  [ F955139D76E71B8604E927A854C58489, 24B8B6D6DEDB7CB128644EC2558C172B9F68FB1AF541E5C2F4FE6DB9D100E721 ] E:\Steam\steam.exe
17:31:24.0353 0x23a8  Steam - ok
17:31:24.0549 0x23a8  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe
17:31:24.0631 0x23a8  Akamai NetSession Interface - ok
17:31:24.0884 0x23a8  [ 5E6E816F8F5B454329F8C013A70391B9, E7A9121EFA89FB5DF6EFCEDA9418B49511036DB40D6E631032665F80929FC3A0 ] C:\Users\Jana\AppData\Roaming\Spotify\Spotify.exe
17:31:25.0012 0x23a8  Spotify - ok
17:31:25.0031 0x23a8  Skype - ok
17:31:25.0032 0x23a8  Waiting for KSN requests completion. In queue: 94
17:31:26.0032 0x23a8  Waiting for KSN requests completion. In queue: 94
17:31:27.0032 0x23a8  Waiting for KSN requests completion. In queue: 94
17:31:28.0046 0x23a8  Win FW state via NFP2: enabled ( trusted )
17:31:30.0425 0x23a8  ============================================================
17:31:30.0425 0x23a8  Scan finished
17:31:30.0425 0x23a8  ============================================================
17:31:30.0436 0x1e1c  Detected object count: 0
17:31:30.0436 0x1e1c  Actual detected object count: 0
         
Code:
ATTFilter
17:28:43.0700 0x258c  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:28:47.0764 0x258c  ============================================================
17:28:47.0764 0x258c  Current date / time: 2015/09/27 17:28:47.0764
17:28:47.0764 0x258c  SystemInfo:
17:28:47.0764 0x258c  
17:28:47.0764 0x258c  OS Version: 6.1.7601 ServicePack: 1.0
17:28:47.0764 0x258c  Product type: Workstation
17:28:47.0764 0x258c  ComputerName: JANA-PC
17:28:47.0764 0x258c  UserName: Jana
17:28:47.0764 0x258c  Windows directory: C:\Windows
17:28:47.0764 0x258c  System windows directory: C:\Windows
17:28:47.0764 0x258c  Running under WOW64
17:28:47.0765 0x258c  Processor architecture: Intel x64
17:28:47.0765 0x258c  Number of processors: 4
17:28:47.0765 0x258c  Page size: 0x1000
17:28:47.0765 0x258c  Boot type: Normal boot
17:28:47.0765 0x258c  ============================================================
17:28:49.0948 0x258c  KLMD registered as C:\Windows\system32\drivers\02591482.sys
17:28:50.0193 0x258c  System UUID: {AEF82811-9F6E-920C-E243-F6DB6F898275}
17:28:50.0589 0x258c  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:28:50.0626 0x258c  Drive \Device\Harddisk2\DR2 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x17A85, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:28:54.0250 0x258c  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:28:54.0263 0x258c  ============================================================
17:28:54.0263 0x258c  \Device\Harddisk0\DR0:
17:28:54.0263 0x258c  MBR partitions:
17:28:54.0263 0x258c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:28:54.0263 0x258c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1C632000
17:28:54.0263 0x258c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0xB, StartLBA 0x1C664800, BlocksNum 0xB61000
17:28:54.0263 0x258c  \Device\Harddisk2\DR2:
17:28:54.0264 0x258c  MBR partitions:
17:28:54.0264 0x258c  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
17:28:54.0264 0x258c  \Device\Harddisk1\DR1:
17:28:54.0264 0x258c  MBR partitions:
17:28:54.0264 0x258c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
17:28:54.0264 0x258c  ============================================================
17:28:54.0300 0x258c  C: <-> \Device\Harddisk0\DR0\Partition2
17:28:54.0334 0x258c  D: <-> \Device\Harddisk1\DR1\Partition1
17:28:54.0385 0x258c  E: <-> \Device\Harddisk2\DR2\Partition1
17:28:54.0407 0x258c  F: <-> \Device\Harddisk0\DR0\Partition3
17:28:54.0407 0x258c  ============================================================
17:28:54.0407 0x258c  Initialize success
17:28:54.0407 0x258c  ============================================================
17:29:51.0537 0x20a4  Deinitialize success
         


Alt 28.09.2015, 14:35   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Plötzliches abstürzen und sehr langsames hochfahren

Alt 28.09.2015, 17:48   #7
Dahaiz
 
Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren



ich kann die datei nicht finden, auch kann ich kaum noch etwas an meinem computer machen(bzw in dem ordner der rest geht). nach jedem mausklick friert alles ein (mausbewegen geht immer, aber klicken nichts mehr). Somit kann ich auch meinen computer kaum nach dem Logfile durchsuchen.

habe es mit viel zeit und viel geduld gefunden

Code:
ATTFilter
ComboFix 15-09-25.01 - Jana 28.09.2015  17:06:10.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16301.11997 [GMT 2:00]
ausgeführt von:: C:\Users\Jana\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))


C:\ProgramData\ntuser.pol
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile0.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile1.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile2.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile3.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile4.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile5.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile6.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile7.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile8.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile9.txt
C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9cloz3.dll
C:\Windows\SysWow64\X86
E:\install.exe


(((((((((((((((((((((((   Dateien erstellt von 2015-08-28 bis 2015-09-28  ))))))))))))))))))))))))))))))


2015-09-28 15:11:53 . 2015-09-28 15:11:53	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2015-09-27 21:59:46 . 2015-09-27 21:59:46	--------	d-----w-	C:\Users\Jana\AppData\Local\Apple Computer
2015-09-27 21:59:44 . 2015-09-27 22:00:24	--------	d-----w-	C:\Users\Jana\AppData\Roaming\Apple Computer
2015-09-27 21:59:36 . 2015-09-27 21:59:36	--------	d-----w-	C:\ProgramData\Apple Computer
2015-09-27 21:59:36 . 2015-09-27 21:59:36	--------	d-----w-	C:\Program Files\iPod
2015-09-27 21:58:56 . 2015-09-27 21:58:56	--------	d-----w-	C:\Users\Jana\AppData\Local\Apple
2015-09-27 21:58:56 . 2015-09-27 21:58:56	--------	d-----w-	C:\Program Files (x86)\Apple Software Update
2015-09-27 21:58:41 . 2015-09-27 21:58:42	--------	d-----w-	C:\Program Files\Bonjour
2015-09-27 21:58:41 . 2015-09-27 21:58:42	--------	d-----w-	C:\Program Files (x86)\Bonjour
2015-09-27 21:58:13 . 2015-09-27 21:59:36	--------	d-----w-	C:\Program Files\Common Files\Apple
2015-09-27 21:58:03 . 2015-09-27 21:58:54	--------	d-----w-	C:\ProgramData\Apple
2015-09-27 21:58:03 . 2015-09-27 21:58:48	--------	d-----w-	C:\Program Files (x86)\Common Files\Apple
2015-09-27 14:59:03 . 2015-09-27 15:27:43	--------	d-----w-	C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-26 19:19:32 . 2015-09-26 19:21:09	--------	d-----w-	C:\FRST
2015-09-23 20:24:13 . 2015-09-23 20:24:13	--------	d-----w-	C:\Users\Jana\AppData\Local\Blizzard
2015-09-23 20:20:28 . 2015-09-23 20:24:14	--------	d-----w-	C:\Program Files (x86)\Hearthstone
2015-09-21 10:52:21 . 2015-09-21 10:52:21	--------	d-----w-	C:\Program Files (x86)\Common Files\Skype
2015-09-18 12:16:48 . 2015-09-18 12:16:48	--------	d-----w-	C:\Users\Jana\AppData\Roaming\.mono
2015-09-18 12:16:48 . 2015-09-18 12:16:48	--------	d-----w-	C:\ProgramData\.mono
2015-09-18 12:16:45 . 2015-09-18 12:16:45	--------	d-----w-	C:\Users\Jana\AppData\Local\I Am Bread
2015-09-17 18:59:33 . 2015-09-17 18:59:51	--------	d-----w-	C:\Users\Jana\AppData\Local\Risen
2015-09-11 11:30:08 . 2015-09-11 11:30:08	--------	d-----w-	C:\Users\Jana\AppData\Local\Diagnostics
2015-09-10 18:53:06 . 2015-09-10 18:53:06	--------	d-----w-	C:\Users\Jana\AppData\Local\Blizzard Entertainment
2015-09-10 18:52:59 . 2015-09-28 15:04:03	--------	d-----w-	C:\Users\Jana\AppData\Local\Battle.net
2015-09-10 18:52:41 . 2015-09-25 18:34:40	--------	d-----w-	C:\Program Files (x86)\Battle.net
2015-09-10 18:51:54 . 2015-09-10 18:52:01	--------	d-----w-	C:\ProgramData\Battle.net
2015-09-03 13:00:39 . 2015-09-03 13:00:39	--------	d-----w-	C:\Program Files\McAfee Security Scan
.


((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
         

Alt 29.09.2015, 14:07   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.09.2015, 18:54   #9
Dahaiz
 
Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 29.09.2015
Suchlaufzeit: 18:43
Protokolldatei: 2.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.29.05
Rootkit-Datenbank: v2015.09.22.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Jana

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 366011
Abgelaufene Zeit: 13 Min., 36 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.BDYahoo, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Schlecht: ("session":{"restore_on_startup":4,"startup_urls":["hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com","chrome://apps/"]},"sync":{"remaining_rollback_tries":0}}), ,[29806acbfc8f64d2b8de2b91fa0b58a8]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v5.009 - Bericht erstellt am 29/09/2015 um 19:25:19
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-27.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Jana - JANA-PC
# Gestartet von : E:\Programme\AdwCleaner_5.009.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\afterguard
[-] Ordner Gelöscht : C:\Program Files (x86)\CouPEXteinssIon
[-] Ordner Gelöscht : C:\Program Files (x86)\FindBeesTDeaal
[-] Ordner Gelöscht : C:\Program Files (x86)\PrriiceMinus
[-] Ordner Gelöscht : C:\Program Files (x86)\RoboSaovverr
[-] Ordner Gelöscht : C:\Program Files (x86)\TakeeTheCoUUpoon
[-] Ordner Gelöscht : C:\ProgramData\{261ce825-af4c-01ec-261c-ce825af4a096}
[-] Ordner Gelöscht : C:\ProgramData\{41410481-bb56-3ee1-4141-10481bb51206}
[-] Ordner Gelöscht : C:\ProgramData\{5ab7f8cf-9c81-3cdd-5ab7-7f8cf9c8e33e}
[-] Ordner Gelöscht : C:\ProgramData\{b9f69079-958e-3afd-b9f6-6907995841e6}
[-] Ordner Gelöscht : C:\ProgramData\{bd4f358c-cbaa-2204-bd4f-f358ccbad633}
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
[-] Ordner Gelöscht : C:\Users\Jana\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\Users\Jana\AppData\Roaming\RPEng
[-] Ordner Gelöscht : C:\Users\Jana\AppData\Roaming\Browser-Security
[-] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_ihokndmjeombjojnfkmapfnjeghjohim_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_websearch.goodforsearch.info_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_websearch.goodforsearch.info_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.dregol.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_bandicam.en.softonic.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_bandicam.en.softonic.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.bitchcrawler.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.bitchcrawler.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[-] Task Gelöscht : Adobe Flash Player Updater

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P56695B2F_9AFD_4ED7_9927_777CAC1F766B_.P56695B2F_9AFD_4ED7_9927_777CAC1F766B_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P56695B2F_9AFD_4ED7_9927_777CAC1F766B_.P56695B2F_9AFD_4ED7_9927_777CAC1F766B_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\2715156d-e566-3a58-0771-624f23a7b8c5
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56695B2F-9AFD-4ED7-9927-777CAC1F766B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{96BB8E60-6EF9-47E0-9ED8-4AD477ECF427}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56695B2F-9AFD-4ED7-9927-777CAC1F766B}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{56695B2F-9AFD-4ED7-9927-777CAC1F766B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{56695B2F-9AFD-4ED7-9927-777CAC1F766B}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{56695B2F-9AFD-4ED7-9927-777CAC1F766B}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56695B2F-9AFD-4ED7-9927-777CAC1F766B}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser-Security
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\WEBAPP

***** [ Internetbrowser ] *****
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.3 (09.21.2015:1)
OS: Windows 7 Home Premium x64
Ran by Jana on 29.09.2015 at 19:48:24,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\TuneUp Undelete
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files

Successfully deleted: [File] C:\Users\Jana\AppData\Roaming\appdataFr2.bin
Successfully deleted: [File] C:\Users\Jana\AppData\Roaming\appdataFr25.bin



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\lavasoft\web companion
Successfully deleted: [Folder] C:\ProgramData\lavasoft\web companion
Successfully deleted: [Folder] C:\Users\Jana\AppData\Roaming\lavasoft\web companion
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\Windows\SysWOW64\amd64



~~~ FireFox

Successfully deleted the following from C:\Users\Jana\AppData\Roaming\mozilla\firefox\profiles\meut138p.default\prefs.js

user_pref(extensions.QWYG1qQFK1RSZTm9.url, hxxp://secure-school.net/sync2/?q=hfZ9oeZ4AchEAen0rTw9qihTB6lKDzt4okmxtNtVh7n0rjkEqjsFrTaGqTa9tMFHhd9Fqja8rTwGrdrHrdnMDMlGojUMAe4
Emptied folder: C:\Users\Jana\AppData\Roaming\mozilla\firefox\profiles\meut138p.default\minidumps [12 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo

[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.09.2015 at 19:50:57,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 30.09.2015, 19:20   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.10.2015, 11:53   #11
Dahaiz
 
Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a6b225b7528f10469a05f9bc8df7155b
# end=init
# utc_time=2015-10-01 08:47:55
# local_time=2015-10-01 10:47:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26027
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a6b225b7528f10469a05f9bc8df7155b
# end=updated
# utc_time=2015-10-01 08:50:23
# local_time=2015-10-01 10:50:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a6b225b7528f10469a05f9bc8df7155b
# engine=26027
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-01 10:34:30
# local_time=2015-10-01 12:34:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 87253 195325520 0 0
# scanned=317069
# found=5
# cleaned=5
# scan_time=6246
sh=DD13D71018AFFA929F44BA5E31E82F06394CE855 ft=1 fh=eb7ac0f2de57af61 vn="Variante von Win32/ExtenBro.BK Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Google\Chrome\Application\GoogleCrashHandler.dll"
sh=D68AAD901279D2AA90E6CAD0E5BC26A378122315 ft=1 fh=4a398636e8a58b00 vn="Variante von Win32/ExtenBro.BK Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Google\Chrome\Application\GoogleUpdateHelper.dll"
sh=2659F8EEAFCB7FC6E69F3294EBED4E6E3BCFFC5E ft=1 fh=0b1950bd3b944403 vn="Variante von Win32/Adware.AdInstaller.F Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Jana\Desktop\Desktop\light_image_resizer4_setup_CB-DL-Manager.exe"
sh=9F18A3C6BDD28757B18B7EDFF284AA2542F1634C ft=1 fh=9814a936ce365e8b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Jana\Downloads\CPU Control - CHIP-Installer.exe"
sh=AFF4B41C48C27A18E689E249EBA7C8D60C3E38B8 ft=1 fh=40d0cd7a4899b2c7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Jana\Downloads\Virtual CloneDrive - CHIP-Installer.exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.008  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 AVG PC TuneUp 2015  
 AVG PC TuneUp 2015 (de-DE) 
 AVG PC TuneUp 2015  
 Java 8 Update 45  
 Java version 32-bit out of Date! 
 Adobe Flash Player 19.0.0.185  
 Mozilla Firefox 38.0.1 Firefox out of Date!  
 Google Chrome (43.0.2357.134) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Jana (Administrator) auf JANA-PC (01-10-2015 12:49:45)
Gestartet von E:\Spiele\Heartstone
Geladene Profile: Jana (Verfügbare Profile: Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) E:\Programme\ITunes\iTunesHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\old_Overwolf.exe
(Spotify Ltd) C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Akamai Technologies, Inc.) C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Akamai Technologies, Inc.) C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.101.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.101.0\OverwolfHelper64.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.101.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.101.0\OverwolfBrowser.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Valve Corporation) E:\Steam\Steam.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Related Designs) E:\Steam\steamapps\common\Anno 1404\Addon.exe
() E:\Steam\steamapps\common\Anno 1404\tools\AddonWeb.exe
(Valve Corporation) E:\Steam\GameOverlayUI.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => E:\Programme\ITunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3458728 2015-07-01] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [43760 2015-09-16] (Overwolf LTD)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Spotify Web Helper] => C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Steam] => E:\Steam\steam.exe [2901184 2015-09-30] (Valve Corporation)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Spotify] => C:\Users\Jana\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-05-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{77B9BB4B-F4DF-48C1-853E-CD7BA6B6E655}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = 
SearchScopes: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000 -> {4B9DED45-1079-4489-A15A-968B4B8257C8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default

FireFox:
========
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\meut138p.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/-bfr-is__alt__ddc_dsssyc_bd_com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2193431405-2545998550-1313679102-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-14] ()
FF Extension: Adblock Plus - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\meut138p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-02]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com","chrome://apps/"
CHR DefaultSearchURL: Default -> hxxps://www.google.de/search?newwindow=1&site=&source=hp&q=hearthstone&oq=hear&gs_l=hp.3.0.0i131l4j0l6.15460.16334.0.18111.5.5.0.0.0.0.258.610.3j1j1.5.0....0...1c.1.64.hp..1.4.351.0.5tLQIti7Q4g
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]
CHR Extension: (Google Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-14]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-14]
CHR Extension: (Adblock Plus) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-25]
CHR Extension: (Google-Suche) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-14]
CHR Extension: (Google Tabellen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]
CHR Extension: (Night Time In New York City) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek [2015-07-17]
CHR Extension: (Little Alchemy) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-07-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24]
CHR Extension: (Google Mail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-09-15] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-08-20] (EasyAntiCheat Ltd)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1740968 2015-07-01] (Micro-Star INT'L CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1006320 2015-09-16] (Overwolf LTD)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2015-02-25] (AVG Technologies)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [X]
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
U2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-06-24] ()
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-01-13] (TuneUp Software)
S3 ALSysIO; \??\C:\Users\Jana\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\G:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-29 23:18 - 2015-09-29 23:18 - 00000000 ____D C:\Users\Jana\Documents\Shiner
2015-09-29 23:18 - 2015-09-29 23:18 - 00000000 ____D C:\Users\Jana\Documents\Robot Entertainment
2015-09-29 23:18 - 2015-09-29 23:18 - 00000000 ____D C:\Users\Jana\AppData\Local\Robot Entertainment
2015-09-29 22:15 - 2015-09-29 22:15 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Day 1 Studios
2015-09-29 19:50 - 2015-09-29 19:50 - 00002450 _____ C:\Users\Jana\Desktop\JRT.txt
2015-09-29 19:48 - 2015-09-22 19:06 - 01800512 _____ (Malwarebytes) C:\Users\Jana\Desktop\JRT.exe
2015-09-29 19:24 - 2015-09-29 19:25 - 00000000 ____D C:\AdwCleaner
2015-09-29 19:18 - 2015-09-29 19:18 - 00000000 ____D C:\Users\Jana\Documents\Malware Logfile
2015-09-29 00:02 - 2015-09-29 00:02 - 00000202 _____ C:\Users\Jana\Desktop\Scribblenauts Unlimited.url
2015-09-28 17:04 - 2015-09-28 17:42 - 00000000 ____D C:\ComboFix
2015-09-28 17:04 - 2015-09-28 17:12 - 00000000 ____D C:\Windows\erdnt
2015-09-28 17:04 - 2015-09-28 17:11 - 00000000 ____D C:\Qoobox
2015-09-28 17:04 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-28 17:04 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-28 17:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-28 17:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-28 17:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-28 17:04 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-28 17:04 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-28 17:04 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-28 16:59 - 2015-09-28 16:59 - 05636489 ____R (Swearware) C:\Users\Jana\Desktop\ComboFix.exe
2015-09-28 16:00 - 2015-09-28 16:00 - 00000000 ____D C:\Users\Jana\Desktop\Hearth Ranger
2015-09-28 15:59 - 2015-09-28 15:59 - 08491264 ____R C:\Users\Jana\Desktop\Hearthranger_v.4.0.0.rar
2015-09-27 23:59 - 2015-09-28 00:00 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Apple Computer
2015-09-27 23:59 - 2015-09-27 23:59 - 00001538 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-27 23:59 - 2015-09-27 23:59 - 00000000 ____D C:\Users\Jana\AppData\Local\Apple Computer
2015-09-27 23:59 - 2015-09-27 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-27 23:59 - 2015-09-27 23:59 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-27 23:59 - 2015-09-27 23:59 - 00000000 ____D C:\Program Files\iPod
2015-09-27 23:59 - 2015-09-27 23:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-27 23:58 - 2015-09-27 23:59 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-27 23:58 - 2015-09-27 23:58 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\Users\Jana\AppData\Local\Apple
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\ProgramData\Apple
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\Program Files\Bonjour
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-27 16:59 - 2015-09-27 17:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-27 16:58 - 2015-09-27 17:27 - 00000000 ____D C:\Users\Jana\Desktop\mbar
2015-09-27 16:57 - 2015-09-27 16:57 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Jana\Downloads\mbar-1.09.3.1001.exe
2015-09-27 16:31 - 2015-09-27 16:31 - 00001268 _____ C:\Users\Jana\Desktop\Revo Uninstaller.lnk
2015-09-27 16:31 - 2015-09-27 16:31 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-27 16:30 - 2015-09-27 16:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jana\Downloads\revosetup95.exe
2015-09-27 02:15 - 2015-09-27 02:15 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Steam
2015-09-26 22:47 - 2015-09-26 22:47 - 00000636 _____ C:\Users\Public\Desktop\CPU-Control.lnk
2015-09-26 22:47 - 2015-09-26 22:47 - 00000000 ____D C:\Users\Jana\AppData\Roaming\CPUControl
2015-09-26 22:47 - 2015-09-26 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPU-Control
2015-09-26 22:44 - 2015-09-26 22:44 - 00000000 ____D C:\Users\Jana\Downloads\CPU_Control21
2015-09-26 22:41 - 2015-09-26 22:41 - 00674184 _____ C:\Users\Jana\Downloads\CPU_Control21.zip
2015-09-26 21:19 - 2015-10-01 12:49 - 00000000 ____D C:\FRST
2015-09-26 17:29 - 2015-09-26 17:29 - 00000561 _____ C:\Windows\wmsetup.log
2015-09-26 16:52 - 2015-09-26 16:52 - 00000000 ____D C:\Users\Jana\Documents\DeadIsland
2015-09-25 04:25 - 2015-09-25 04:46 - 00000000 ____D C:\ProgramData\PopCap Games
2015-09-25 04:25 - 2015-09-25 04:25 - 00000200 _____ C:\Users\Jana\Desktop\Escape Rosecliff Island.url
2015-09-25 04:25 - 2015-09-25 04:25 - 00000000 ____D C:\Users\Jana\AppData\Roaming\SteamPopCapv1002
2015-09-24 19:38 - 2015-09-24 19:38 - 00002946 _____ C:\Users\Jana\Documents\ergebniss 1 malware.txt
2015-09-23 22:24 - 2015-09-23 22:24 - 00000000 ____D C:\Users\Jana\AppData\Local\Blizzard
2015-09-23 22:20 - 2015-09-23 22:24 - 00001159 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-09-23 22:20 - 2015-09-23 22:24 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-23 22:20 - 2015-09-23 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-09-23 22:18 - 2015-09-23 22:18 - 00001100 _____ C:\Users\Jana\Desktop\Battle.net.lnk
2015-09-23 22:17 - 2015-09-23 22:17 - 03056696 _____ (Blizzard Entertainment) C:\Users\Jana\Downloads\Hearthstone-Setup-deDE.exe
2015-09-21 12:52 - 2015-09-21 12:52 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-21 12:52 - 2015-09-21 12:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-21 12:52 - 2015-09-21 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-18 21:20 - 2015-09-18 21:20 - 00000000 ____D C:\Users\Jana\AppData\Local\Risen2
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.mono
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\Users\Jana\AppData\Local\I Am Bread
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\ProgramData\.mono
2015-09-17 20:59 - 2015-09-17 20:59 - 00000000 ____D C:\Users\Jana\AppData\Local\Risen
2015-09-15 16:57 - 2015-09-15 17:06 - 00000000 ____D C:\Users\Jana\Documents\DayZ
2015-09-14 20:43 - 2015-09-14 20:43 - 00000000 ____D C:\Users\Jana\Documents\The Witcher 3
2015-09-14 00:29 - 2015-09-14 20:48 - 00000000 ____D C:\Program Files (x86)\The Witcher 3 Wild Hunt
2015-09-13 20:13 - 2015-09-13 20:13 - 00000552 _____ C:\Windows\KB893803v2.log
2015-09-13 20:11 - 2015-09-27 16:31 - 00000000 ____D C:\Users\Public\Documents\Tauschen
2015-09-13 16:33 - 2015-09-14 23:19 - 00000000 ____D C:\Users\Jana\Documents\gothic3
2015-09-11 13:32 - 2015-09-11 13:32 - 00000000 ____D C:\ProgramData\Ubisoft
2015-09-10 20:53 - 2015-09-10 20:53 - 00000000 ____D C:\Users\Jana\AppData\Local\Blizzard Entertainment
2015-09-10 20:52 - 2015-09-29 19:24 - 00000000 ____D C:\Users\Jana\AppData\Local\Battle.net
2015-09-10 20:52 - 2015-09-29 11:58 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-10 20:52 - 2015-09-23 22:20 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Battle.net
2015-09-10 20:52 - 2015-09-10 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-09-10 20:51 - 2015-09-10 20:52 - 00000000 ____D C:\ProgramData\Battle.net
2015-09-04 20:09 - 2015-09-04 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 15:00 - 2015-09-03 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-03 15:00 - 2015-09-03 15:00 - 00000000 ____D C:\Program Files\McAfee Security Scan

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-01 12:44 - 2015-08-13 21:48 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Ubisoft
2015-10-01 12:09 - 2015-05-14 13:03 - 00000000 ____D C:\Users\Jana\AppData\Local\Overwolf
2015-10-01 12:05 - 2015-05-14 12:04 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Raptr
2015-10-01 12:03 - 2015-05-14 12:54 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2015-10-01 11:56 - 2015-06-26 10:41 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-01 10:34 - 2009-07-14 06:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-01 10:34 - 2009-07-14 06:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-30 23:28 - 2015-06-26 10:41 - 00001206 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-30 18:12 - 2015-05-14 13:03 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-09-30 16:42 - 2015-05-13 21:39 - 02080205 _____ C:\Windows\WindowsUpdate.log
2015-09-30 14:00 - 2009-07-14 06:51 - 00062575 _____ C:\Windows\setupact.log
2015-09-30 12:10 - 2015-05-21 15:02 - 00000000 ____D C:\Users\Jana\AppData\Local\Spotify
2015-09-30 12:05 - 2015-06-26 10:44 - 00000000 ___RD C:\Users\Jana\Dropbox
2015-09-30 12:05 - 2015-06-26 10:41 - 00000000 ____D C:\Users\Jana\AppData\Local\Dropbox
2015-09-30 12:05 - 2015-05-21 15:01 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Spotify
2015-09-30 11:59 - 2015-05-14 12:59 - 00000000 ____D C:\Users\Jana\AppData\Local\Steam
2015-09-30 11:57 - 2015-06-30 18:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-30 11:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-29 23:18 - 2015-05-14 14:05 - 00637277 _____ C:\Windows\DirectX.log
2015-09-29 21:57 - 2015-05-14 12:57 - 00000000 ____D C:\ProgramData\Origin
2015-09-29 21:57 - 2015-05-14 12:56 - 00000000 ____D C:\Program Files (x86)\Origin
2015-09-29 19:49 - 2015-07-08 21:42 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Lavasoft
2015-09-29 19:49 - 2015-07-08 21:41 - 00000000 ____D C:\ProgramData\Lavasoft
2015-09-29 19:49 - 2015-07-08 21:41 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-09-29 18:43 - 2015-08-25 13:09 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-29 14:38 - 2015-05-20 13:17 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.minecraft
2015-09-29 11:27 - 2015-06-03 13:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-28 17:17 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-09-28 17:13 - 2010-11-21 05:47 - 00946892 _____ C:\Windows\PFRO.log
2015-09-27 22:24 - 2015-05-24 16:53 - 00000000 ____D C:\Users\Jana\AppData\Local\CrashDumps
2015-09-27 16:58 - 2015-08-25 13:09 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-27 02:15 - 2015-05-20 16:29 - 00000000 ____D C:\Users\Jana\Documents\My Games
2015-09-26 18:55 - 2015-05-13 21:44 - 00000000 ____D C:\Users\Jana\AppData\Local\VirtualStore
2015-09-26 18:16 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-09-26 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-26 17:18 - 2015-05-13 21:44 - 00000000 ____D C:\Users\Jana
2015-09-23 20:25 - 2015-08-03 13:56 - 00000000 ____D C:\Users\Jana\AppData\Local\Akamai
2015-09-23 17:27 - 2015-06-24 18:09 - 00000000 ____D C:\Users\Jana\Documents\Electronic Arts
2015-09-23 17:20 - 2015-08-11 19:20 - 18819272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-09-23 17:20 - 2015-05-14 14:16 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-23 17:20 - 2015-05-14 14:16 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-21 13:10 - 2015-06-03 13:27 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-21 12:52 - 2015-05-14 12:54 - 00000000 ____D C:\ProgramData\Skype
2015-09-18 12:15 - 2015-06-30 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-18 12:15 - 2015-06-30 18:29 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-09-18 12:15 - 2015-06-30 18:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-14 20:47 - 2015-05-20 16:14 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-13 16:33 - 2015-07-01 10:42 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-10 02:33 - 2015-05-14 18:14 - 00000000 ____D C:\Users\Jana\AppData\Roaming\OBS
2015-09-09 17:50 - 2015-05-23 19:47 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.technic
2015-09-09 17:50 - 2015-05-23 19:46 - 04718800 _____ () C:\Users\Jana\Downloads\TechnicLauncher (2).exe
2015-09-04 20:09 - 2015-06-26 10:41 - 00000000 ____D C:\Program Files (x86)\Dropbox

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-21 14:30 - 2015-07-01 22:13 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-06-10 23:55 - 2015-08-25 00:55 - 0000245 _____ () C:\Users\Jana\AppData\Roaming\WB.CFG
2015-06-11 22:12 - 2015-06-11 22:12 - 0004981 _____ () C:\Users\Jana\AppData\Local\recently-used.xbel
2015-05-23 13:11 - 2015-05-23 13:12 - 0000000 _____ () C:\Users\Jana\AppData\Local\{B3CC0DD3-C94B-4AB2-8AE9-52BE8A34A777}
2015-05-22 16:10 - 2015-05-22 16:12 - 0000000 _____ () C:\Users\Jana\AppData\Local\{D4FE8BB4-D3BB-4CD1-8236-C9420B284809}

Einige Dateien in TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5boifi.dll
C:\Users\Jana\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-23 18:12

==================== Ende von FRST.txt ============================
         

Alt 02.10.2015, 07:13   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliches abstürzen und sehr langsames hochfahren - Standard

Plötzliches abstürzen und sehr langsames hochfahren



Java und Firefox updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Program Files (x86)\Google\Chrome\Application\GoogleCrashHandler.dll

C:\Program Files (x86)\Google\Chrome\Application\GoogleUpdateHelper.dll

C:\Users\Jana\Desktop\Desktop\light_image_resizer4_setup_CB-DL-Manager.exe

C:\Users\Jana\Downloads\CPU Control - CHIP-Installer.exe

C:\Users\Jana\Downloads\Virtual CloneDrive - CHIP-Installer.exe
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Downloadverhalten überdenken:
CHIP-Installer - was ist das? - Anleitungen



Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Plötzliches abstürzen und sehr langsames hochfahren
abstürze, abstürzen, anti, appdata, bericht, computer, diverse, entfernen, erkannt, google, hochfahren, hängen, langsames hochfahren, malware, malwarebytes, problem, programm, quarantäne, rollback, secure, software, spinnt, stick, viren, websites, windows



Ähnliche Themen: Plötzliches abstürzen und sehr langsames hochfahren


  1. Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse+Langsames Hochfahren
    Alles rund um Windows - 23.06.2015 (17)
  2. Win 7 - Maleware Meldung von Avira und sehr langsames System direkt nach dem Hochfahren
    Plagegeister aller Art und deren Bekämpfung - 14.12.2014 (7)
  3. langsames Hochfahren, Herunterfahren des PCs
    Alles rund um Windows - 27.08.2014 (3)
  4. Langsames hochfahren und schlechte Performance Windows 7
    Plagegeister aller Art und deren Bekämpfung - 24.11.2013 (11)
  5. Langsames Hochfahren, Windows Firewall lässt sich nicht starten!
    Plagegeister aller Art und deren Bekämpfung - 23.11.2013 (7)
  6. Windows 7, langsames Hochfahren, hohe CPU-Auslastung (>60%) bereits bei Sitzungs-Start
    Log-Analyse und Auswertung - 07.11.2013 (9)
  7. BKA Trojaner erfolgreich entfernt ! Langsames Hochfahren und Spiel nicht mehr Spielbar!
    Plagegeister aller Art und deren Bekämpfung - 01.12.2012 (0)
  8. Computer - langsames Hochfahren
    Log-Analyse und Auswertung - 02.04.2012 (44)
  9. Langsames Hochfahren. Ziemlich langsamer AntiVir Guard Start.
    Log-Analyse und Auswertung - 10.11.2011 (22)
  10. langsames Hochfahren und plötzliche IE Popups
    Log-Analyse und Auswertung - 13.11.2010 (5)
  11. sehr langsames internet
    Log-Analyse und Auswertung - 01.01.2009 (10)
  12. Langsames Hochfahren
    Log-Analyse und Auswertung - 17.08.2007 (4)
  13. ständige neustarts und langsames hochfahren
    Log-Analyse und Auswertung - 16.04.2007 (8)
  14. Stop beim Hochfahren, langsames Internet
    Log-Analyse und Auswertung - 15.04.2007 (1)
  15. Langsames Hochfahren des PC´s
    Alles rund um Windows - 08.09.2005 (18)
  16. Langsames Hochfahren des PC´s
    Mülltonne - 25.08.2005 (0)
  17. Permanentes hochfahren und abstürzen,RECENT
    Plagegeister aller Art und deren Bekämpfung - 16.08.2005 (8)

Zum Thema Plötzliches abstürzen und sehr langsames hochfahren - Hallo erstmal Ich habe seit geraumer Zeit ein problem, mein Computer fährt z.B. bei dem Spiel Dead Island nach ca 15 Minuten Spielzeit einfach so ohne Vorwahrnung runter und gleich - Plötzliches abstürzen und sehr langsames hochfahren...
Archiv
Du betrachtest: Plötzliches abstürzen und sehr langsames hochfahren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.