Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 06.11.2016, 23:29   #1
Tommkin
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige.



Hallo,

mein Rechner startet seit einigen Tagen sehr langsam, in der Ereignisanzeige werden Dienste angezeigt die auch bei einer Suche im Netz keinen Hinweis bringen. Ein Trojaner mit der Bezeichnung Trojan.Zmutzy.32 wurde bereits mittels Bit Defender entfernt. Was kann ich sonst noch tun?

Hier die Ergebnisse der Scans:

FRST.TXT

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
durchgeführt von nc-be_000 (Administrator) auf THOMASPC (06-11-2016 23:26:29)
Gestartet von C:\Downloads
Geladene Profile: nc-be_000 (Verfügbare Profile: nc-be_000)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
() C:\Program Files (x86)\Android_USB_Driver_Z\Bin\MonServiceUDisk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Users\nc-be_000\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwtxapps.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxcr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\seccenter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\odslv.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1842624 2016-09-30] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-02-18] (Nero AG)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [Tilt] => C:\Users\nc-be_000\Documents\GIGABYTE\AIVIA GHOST\Tilt.exe [733184 2013-06-28] ()
HKLM-x32\...\Run: [ghost] => C:\Users\nc-be_000\Documents\GIGABYTE\AIVIA GHOST\ghostopen.exe [191488 2012-09-18] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Run: [Dropbox Update] => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-10-25] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29544576 2016-08-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\RunOnce: [Uninstall C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Policies\Explorer: [ForceCopyAclwithFile] 0
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\MountPoints2: {9c0b4dc4-630f-11e6-81dc-bc5ff4af5685} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL G:\autorun.exe /auto
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-10-25] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-06]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\nc-be_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bdagent.exe.lnk [2016-06-04]
ShortcutTarget: bdagent.exe.lnk -> C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe (Bitdefender)
BootExecute: autocheck autochk * ᄏȀ耀敓晬牆敥䵟汵楴瑓楲杮灁iPM
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyServer: [S-1-5-21-2909243537-4192776109-3153355720-1001] => www-proxy.netcologne.de:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b60d1878-7745-42ec-bc77-05bc18952306}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-11-06] (Bitdefender)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-16] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-16] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-11-06] (Bitdefender)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> D:\Program Files (x86)\Free Download Manager\iefdm2.dll [2014-04-22] (FreeDownloadManager.ORG)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-11-06] (Bitdefender)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-11-06] (Bitdefender)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Toolbar: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-11-06] (Bitdefender)

FireFox:
========
FF ProfilePath: C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default [2016-11-06]
FF NewTab: Mozilla\Firefox\Profiles\2990bsgg.default -> hxxps://www.google.de/
FF Homepage: Mozilla\Firefox\Profiles\2990bsgg.default -> hxxps://www.google.de
FF NetworkProxy: Mozilla\Firefox\Profiles\2990bsgg.default -> type", 0
FF Extension: (Firefox Hotfix) - C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (Google Translator for Firefox) - C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\Extensions\translator@zoli.bod.xpi [2016-04-29]
FF Extension: (Garmin Communicator) - C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-08-10] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-29]
FF Extension: (Tab Mix Plus) - C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-10-27]
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2016-05-12]
FF SearchPlugin: C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\searchplugins\google-images.xml [2014-09-28]
FF SearchPlugin: C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\searchplugins\google-maps.xml [2014-09-28]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-05-12] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-09-23] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-28] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT [2016-11-06]
CHR Extension: (Google Docs) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-18]
CHR Extension: (Google Drive) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-18]
CHR Extension: (YouTube) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18]
CHR Extension: (Google-Suche) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-18]
CHR Extension: (Bitdefender Wallet) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem [2016-05-29]
CHR Extension: (Google Tabellen) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-18]
CHR Extension: (Google Docs Offline) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-13]
CHR Extension: (Google Mail) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-23]
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1440264 2016-09-22] ()
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [344288 2015-03-20] (Futuremark)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [985616 2016-10-25] (Garmin Ltd. or its subsidiaries)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
S3 Microsoft Office Groove Audit Service; D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S3 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 Survarium Update Service; F:\Program Files (x86)\Survarium\game\binaries\x86\survarium_service.exe [98904 2016-10-08] ()
R2 UDisk Monitor Z5 Phone; C:\Program Files (x86)\Android_USB_Driver_Z\Bin\MonServiceUDisk.exe [585416 2013-11-18] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-11-06] (Bitdefender)
S3 vmicguestinterface; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicheartbeat; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmickvpexchange; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicshutdown; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmictimesync; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicvmsession; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-11-06] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [138664 2014-02-15] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-02-15] (SlySoft, Inc.)
S3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-12-12] (ASRock Incorporation)
R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2014-07-30] (ASRock Inc.)
R3 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-11-06] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-11-01] (BitDefender)
R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2016-02-16] (AVM Berlin)
S3 AxtuDrv; C:\WINDOWS\SysWOW64\Drivers\AxtuDrv.sys [21288 2015-10-17] (RW-Everything)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-07-04] (BitDefender LLC)
S4 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 bthav; C:\WINDOWS\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc) [Datei ist nicht signiert]
R3 com0com; C:\WINDOWS\System32\drivers\com0com.sys [76800 2011-01-25] (Vyacheslav Frolov)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 GeneralusbserialserZ52203; C:\WINDOWS\system32\DRIVERS\CT_U_USBSER_Z5.sys [250568 2013-11-18] (QUALCOMM Incorporated)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
S3 HCWF9BDA; C:\WINDOWS\System32\Drivers\hcwF9b64.sys [188376 2013-09-25] (ITE                      )
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2016-09-11] (REALiX(tm))
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [299816 2016-11-06] (Bitdefender)
S3 Kinonih; C:\WINDOWS\System32\drivers\kinonih.sys [32256 2016-03-11] (Kinoni)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 lgLowAudio; C:\WINDOWS\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 npusbio; C:\WINDOWS\System32\Drivers\npusbio_x64.sys [38400 2015-12-14] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4i.inf_amd64_9366b2f0469d5baf\nvlddmkm.sys [14159928 2016-10-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-09-02] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-02-19] (Realtek                                            )
S3 SaiHFF12; C:\WINDOWS\system32\DRIVERS\SaiHFF12.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF12; C:\WINDOWS\system32\DRIVERS\SaiIFF12.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S2 SPVVEngine; C:\WINDOWS\system32\Drivers\spvve.sys [246248 2015-10-29] ()
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [44184 2012-08-02] (STMicroelectronics)
R1 truecrypt; C:\Windows\SysWow64\drivers\truecrypt.sys [238784 2014-05-05] (TrueCrypt Foundation)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-07-04] (BitDefender S.R.L.)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-11-28] ()
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-11-28] ()
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700424 2014-11-28] ()
R1 Uim_VIM; C:\WINDOWS\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
S3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [45168 2015-01-05] (Shaul Eizikovich)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [42688 2016-07-16] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221376 2016-07-16] (Microsoft Corporation)
S3 igfx; \SystemRoot\system32\DRIVERS\igdkmd64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-06 23:25 - 2016-11-06 23:26 - 00000000 ____D C:\FRST
2016-11-06 20:54 - 2016-11-06 21:12 - 00001258 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001UA1d238679d8a6055.job
2016-11-06 20:54 - 2016-11-06 21:12 - 00001206 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001Core1d238679d87fdf3.job
2016-11-06 20:54 - 2016-11-06 20:54 - 00004416 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001UA1d238679d8a6055
2016-11-06 20:54 - 2016-11-06 20:54 - 00004040 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001Core1d238679d87fdf3
2016-11-06 09:57 - 2016-11-06 09:57 - 00001198 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-11-06 09:57 - 2016-11-06 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-11-06 09:57 - 2016-11-06 09:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-11-06 09:57 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-11-06 09:57 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-06 09:57 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-06 09:52 - 2016-11-06 09:52 - 00028194 _____ C:\ProgramData\agent.1478422350.bdinstall.bin
2016-11-06 00:59 - 2016-11-06 00:59 - 00299816 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-11-06 00:58 - 2016-11-06 00:58 - 01605376 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-11-06 00:58 - 2016-11-06 00:58 - 00028192 _____ C:\ProgramData\agent.1478390323.bdinstall.bin
2016-11-06 00:56 - 2016-11-06 00:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-06 00:36 - 2016-11-06 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-11-06 00:36 - 2016-11-06 00:36 - 00421489 _____ C:\ProgramData\1478388931.bdinstall.bin
2016-11-06 00:36 - 2016-11-06 00:36 - 00000684 ____H C:\bdr-cf03
2016-11-06 00:35 - 2016-11-06 00:36 - 00253404 ____H C:\bdr-ld03
2016-11-06 00:35 - 2016-11-06 00:36 - 00009216 ____H C:\bdr-ld03.mbr
2016-11-06 00:35 - 2016-07-04 19:44 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-11-06 00:35 - 2015-12-16 04:53 - 00182936 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-11-06 00:35 - 2015-12-15 21:35 - 49760229 ____H C:\bdr-im03.gz
2016-11-06 00:35 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz03
2016-11-06 00:07 - 2016-11-06 00:07 - 00003624 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2016-11-06 00:07 - 2016-11-06 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-11-06 00:04 - 2016-11-06 00:04 - 00528676 _____ C:\WINDOWS\Minidump\110616-14250-01.dmp
2016-11-02 07:31 - 2016-11-02 07:31 - 00028768 _____ C:\ProgramData\agent.1478068292.bdinstall.bin
2016-11-01 09:59 - 2016-11-01 09:59 - 00878072 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-10-31 18:09 - 2016-10-31 18:09 - 00000585 _____ C:\Users\nc-be_000\Desktop\simFFB.exe - Verknüpfung.lnk
2016-10-31 17:29 - 2016-10-31 17:29 - 00000644 _____ C:\Users\nc-be_000\Desktop\aceshigh.lnk
2016-10-31 09:31 - 2016-10-25 21:00 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-10-31 09:31 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-10-31 09:31 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-10-31 09:31 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-10-31 09:31 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-10-31 09:30 - 2016-10-31 09:30 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-10-31 09:29 - 2016-10-25 22:40 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 10782952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 10332664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 09120512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 08913512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 08723968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 03927288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 03468736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 02940352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 02574784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-10-30 12:36 - 2016-10-30 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-30 12:36 - 2016-10-30 12:36 - 00000000 ____D C:\Program Files\7-Zip
2016-10-29 23:27 - 2016-10-29 23:27 - 00002717 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elite Dangerous Market Connector.lnk
2016-10-29 07:55 - 2016-10-29 07:55 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-28 18:06 - 2016-10-15 10:01 - 00389400 __RSH C:\bootmgr
2016-10-28 18:06 - 2016-07-16 12:43 - 00000001 ___SH C:\BOOTNXT
2016-10-28 18:05 - 2016-10-28 18:05 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-28 16:45 - 2016-10-25 00:30 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-28 16:45 - 2016-10-25 00:30 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-28 15:46 - 2016-10-15 06:11 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-28 15:46 - 2016-10-15 05:51 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-28 15:46 - 2016-10-15 05:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 15:46 - 2016-10-15 05:48 - 07817568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-28 15:46 - 2016-10-15 05:48 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-28 15:46 - 2016-10-15 05:48 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-28 15:46 - 2016-10-15 05:48 - 00773712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-28 15:46 - 2016-10-15 05:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 15:46 - 2016-10-15 05:47 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-28 15:46 - 2016-10-15 05:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-28 15:46 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-28 15:46 - 2016-10-15 05:32 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-28 15:46 - 2016-10-15 05:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-28 15:46 - 2016-10-15 05:26 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-28 15:46 - 2016-10-15 05:22 - 01608896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-10-28 15:46 - 2016-10-15 05:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-28 15:46 - 2016-10-15 05:22 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-28 15:46 - 2016-10-15 05:22 - 00628040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-28 15:46 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-28 15:46 - 2016-10-15 05:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-28 15:46 - 2016-10-15 05:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-10-28 15:46 - 2016-10-15 05:15 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-28 15:46 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-28 15:46 - 2016-10-15 05:11 - 01424488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-10-28 15:46 - 2016-10-15 05:11 - 01263848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-28 15:46 - 2016-10-15 05:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 15:46 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 15:46 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-28 15:46 - 2016-10-15 04:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 15:46 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-28 15:46 - 2016-10-15 04:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-28 15:46 - 2016-10-15 04:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-28 15:46 - 2016-10-15 04:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-28 15:46 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-28 15:46 - 2016-10-15 04:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 15:46 - 2016-10-15 04:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-28 15:46 - 2016-10-15 04:55 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-10-28 15:46 - 2016-10-15 04:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 15:46 - 2016-10-15 04:55 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-28 15:46 - 2016-10-15 04:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 15:46 - 2016-10-15 04:54 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-28 15:46 - 2016-10-15 04:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-28 15:46 - 2016-10-15 04:54 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-28 15:46 - 2016-10-15 04:54 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-28 15:46 - 2016-10-15 04:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 15:46 - 2016-10-15 04:53 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-28 15:46 - 2016-10-15 04:53 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-10-28 15:46 - 2016-10-15 04:53 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-28 15:46 - 2016-10-15 04:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-10-28 15:46 - 2016-10-15 04:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-28 15:46 - 2016-10-15 04:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 15:46 - 2016-10-15 04:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-28 15:46 - 2016-10-15 04:52 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-10-28 15:46 - 2016-10-15 04:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-28 15:46 - 2016-10-15 04:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-10-28 15:46 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-28 15:46 - 2016-10-15 04:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 15:46 - 2016-10-15 04:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 15:46 - 2016-10-15 04:50 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-10-28 15:46 - 2016-10-15 04:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 15:46 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-28 15:46 - 2016-10-15 04:49 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-28 15:46 - 2016-10-15 04:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 15:46 - 2016-10-15 04:49 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-28 15:46 - 2016-10-15 04:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-28 15:46 - 2016-10-15 04:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 15:46 - 2016-10-15 04:48 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-28 15:46 - 2016-10-15 04:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-28 15:46 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-28 15:46 - 2016-10-15 04:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-28 15:46 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-28 15:46 - 2016-10-15 04:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-28 15:46 - 2016-10-15 04:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-28 15:46 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 15:46 - 2016-10-15 04:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 15:46 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-28 15:46 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 15:46 - 2016-10-15 04:44 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-10-28 15:46 - 2016-10-15 04:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-28 15:46 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-28 15:46 - 2016-10-15 04:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-28 15:46 - 2016-10-15 04:40 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-28 15:46 - 2016-10-15 04:40 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-10-28 15:46 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-28 15:46 - 2016-10-15 04:37 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-28 15:46 - 2016-10-15 04:37 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-10-28 15:46 - 2016-10-15 04:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-28 15:46 - 2016-10-15 04:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-28 15:46 - 2016-10-15 04:36 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-28 15:46 - 2016-10-15 04:36 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-28 15:46 - 2016-10-15 04:35 - 02999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-28 15:46 - 2016-10-15 04:35 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-28 15:46 - 2016-10-15 04:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 15:46 - 2016-10-15 04:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-28 15:46 - 2016-10-15 04:35 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-28 15:46 - 2016-10-15 04:34 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-28 15:46 - 2016-10-15 04:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-28 15:46 - 2016-09-10 14:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-28 15:46 - 2016-08-27 06:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-28 15:45 - 2016-10-15 05:51 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-28 15:45 - 2016-10-15 05:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-28 15:45 - 2016-10-15 05:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 15:45 - 2016-10-15 05:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-28 15:45 - 2016-10-15 05:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-28 15:45 - 2016-10-15 05:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-28 15:45 - 2016-10-15 05:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-28 15:45 - 2016-10-15 05:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-28 15:45 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-28 15:45 - 2016-10-15 05:32 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-28 15:45 - 2016-10-15 05:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-28 15:45 - 2016-10-15 05:31 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-28 15:45 - 2016-10-15 05:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-28 15:45 - 2016-10-15 05:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-28 15:45 - 2016-10-15 05:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-28 15:45 - 2016-10-15 05:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-28 15:45 - 2016-10-15 05:30 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-28 15:45 - 2016-10-15 05:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-28 15:45 - 2016-10-15 05:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-28 15:45 - 2016-10-15 05:30 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-10-28 15:45 - 2016-10-15 05:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-28 15:45 - 2016-10-15 05:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-28 15:45 - 2016-10-15 05:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-28 15:45 - 2016-10-15 05:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-28 15:45 - 2016-10-15 05:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-28 15:45 - 2016-10-15 05:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-28 15:45 - 2016-10-15 05:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-28 15:45 - 2016-10-15 05:26 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-10-28 15:45 - 2016-10-15 05:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-28 15:45 - 2016-10-15 05:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 15:45 - 2016-10-15 05:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-28 15:45 - 2016-10-15 05:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-28 15:45 - 2016-10-15 05:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-28 15:45 - 2016-10-15 05:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-28 15:45 - 2016-10-15 05:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-28 15:45 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-28 15:45 - 2016-10-15 05:19 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-28 15:45 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-28 15:45 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-28 15:45 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-28 15:45 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-28 15:45 - 2016-10-15 05:14 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-28 15:45 - 2016-10-15 05:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-28 15:45 - 2016-10-15 05:11 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-28 15:45 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-28 15:45 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-28 15:45 - 2016-10-15 05:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 15:45 - 2016-10-15 05:02 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-28 15:45 - 2016-10-15 05:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 15:45 - 2016-10-15 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-28 15:45 - 2016-10-15 04:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-28 15:45 - 2016-10-15 04:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-10-28 15:45 - 2016-10-15 04:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-10-28 15:45 - 2016-10-15 04:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-28 15:45 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-28 15:45 - 2016-10-15 04:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-10-28 15:45 - 2016-10-15 04:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-28 15:45 - 2016-10-15 04:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-28 15:45 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-28 15:45 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-28 15:45 - 2016-10-15 04:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-28 15:45 - 2016-10-15 04:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 15:45 - 2016-10-15 04:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 15:45 - 2016-10-15 04:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 15:45 - 2016-10-15 04:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 15:45 - 2016-10-15 04:55 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-10-28 15:45 - 2016-10-15 04:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-28 15:45 - 2016-10-15 04:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 15:45 - 2016-10-15 04:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-28 15:45 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-28 15:45 - 2016-10-15 04:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-28 15:45 - 2016-10-15 04:53 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-10-28 15:45 - 2016-10-15 04:53 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-10-28 15:45 - 2016-10-15 04:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-28 15:45 - 2016-10-15 04:53 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-28 15:45 - 2016-10-15 04:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 15:45 - 2016-10-15 04:51 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-28 15:45 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 15:45 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-28 15:45 - 2016-10-15 04:49 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-10-28 15:45 - 2016-10-15 04:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-10-28 15:45 - 2016-10-15 04:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 15:45 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-28 15:45 - 2016-10-15 04:48 - 23680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-28 15:45 - 2016-10-15 04:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-28 15:45 - 2016-10-15 04:47 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-28 15:45 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-28 15:45 - 2016-10-15 04:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 15:45 - 2016-10-15 04:47 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-10-28 15:45 - 2016-10-15 04:46 - 19418112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-28 15:45 - 2016-10-15 04:46 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-28 15:45 - 2016-10-15 04:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 15:45 - 2016-10-15 04:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-10-28 15:45 - 2016-10-15 04:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 15:45 - 2016-10-15 04:45 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-28 15:45 - 2016-10-15 04:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 15:45 - 2016-10-15 04:45 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-28 15:45 - 2016-10-15 04:44 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-28 15:45 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-28 15:45 - 2016-10-15 04:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-28 15:45 - 2016-10-15 04:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 15:45 - 2016-10-15 04:42 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-28 15:45 - 2016-10-15 04:42 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-28 15:45 - 2016-10-15 04:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-28 15:45 - 2016-10-15 04:42 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-10-28 15:45 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-28 15:45 - 2016-10-15 04:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-28 15:45 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-28 15:45 - 2016-10-15 04:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 15:45 - 2016-10-15 04:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 15:45 - 2016-10-15 04:40 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-10-28 15:45 - 2016-10-15 04:38 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-10-28 15:45 - 2016-10-15 04:38 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-28 15:45 - 2016-10-15 04:36 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 02670592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-28 15:45 - 2016-10-15 04:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-28 15:45 - 2016-10-15 04:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-28 15:45 - 2016-08-06 05:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-27 08:33 - 2016-10-27 08:33 - 00026276 _____ C:\ProgramData\agent.1477553607.bdinstall.bin
2016-10-27 01:07 - 2016-10-27 01:07 - 00611804 _____ C:\WINDOWS\Minidump\102716-39187-01.dmp
2016-10-24 23:01 - 2016-10-22 08:25 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437563.dll
2016-10-24 23:01 - 2016-10-22 08:25 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437563.dll
2016-10-23 12:19 - 2016-10-23 12:19 - 00000000 ____D C:\Program Files\ASRock Utility
2016-10-22 12:12 - 2016-11-06 00:03 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-10-21 19:01 - 2016-10-19 23:43 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-10-21 19:01 - 2016-10-19 23:43 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-10-21 19:01 - 2016-10-19 23:43 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-10-21 19:01 - 2016-10-18 22:27 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437557.dll
2016-10-21 19:01 - 2016-10-18 22:27 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437557.dll
2016-10-21 19:01 - 2016-10-18 22:27 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-10-21 19:01 - 2016-10-18 22:27 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-10-19 19:30 - 2016-11-06 00:04 - 706885211 ____N C:\WINDOWS\MEMORY.DMP
2016-10-19 19:30 - 2016-10-19 19:30 - 00484180 _____ C:\WINDOWS\Minidump\101916-18687-01.dmp
2016-10-19 11:06 - 2016-10-19 11:06 - 00000798 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-10-17 11:15 - 2016-10-17 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-10-17 11:15 - 2016-10-17 11:21 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-10-17 11:15 - 2016-10-17 11:15 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-10-16 13:26 - 2016-10-18 09:16 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\ED-IBE
2016-10-13 21:12 - 2016-10-13 21:12 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-12 13:40 - 2016-10-12 13:40 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\TeamViewer
2016-10-12 09:54 - 2016-10-12 09:54 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-10-11 21:21 - 2016-10-05 11:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-11 21:21 - 2016-10-05 11:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-11 21:21 - 2016-10-05 10:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 21:21 - 2016-10-05 10:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-11 21:21 - 2016-10-05 10:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-11 21:21 - 2016-10-05 10:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-11 21:21 - 2016-10-05 10:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-11 21:21 - 2016-10-05 10:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-11 21:21 - 2016-10-05 10:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-11 21:21 - 2016-10-05 10:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-11 21:21 - 2016-10-05 10:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-11 21:21 - 2016-10-05 10:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-11 21:21 - 2016-10-05 10:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-11 21:21 - 2016-10-05 10:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-11 21:21 - 2016-10-05 10:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-11 21:21 - 2016-10-05 10:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-11 21:21 - 2016-10-05 10:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-11 21:21 - 2016-10-05 10:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-11 21:21 - 2016-10-05 10:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-11 21:21 - 2016-10-05 10:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-11 21:21 - 2016-10-05 10:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-11 21:21 - 2016-10-05 10:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-11 21:21 - 2016-10-05 10:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-11 21:21 - 2016-10-05 10:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-11 21:21 - 2016-10-05 10:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-11 21:21 - 2016-10-05 10:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-11 21:21 - 2016-10-05 10:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-11 21:21 - 2016-10-05 10:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-11 21:21 - 2016-10-05 10:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-11 21:21 - 2016-10-05 10:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-11 21:21 - 2016-10-05 10:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-11 21:21 - 2016-10-05 10:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-11 21:20 - 2016-10-05 11:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-11 21:20 - 2016-10-05 11:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-11 21:20 - 2016-10-05 11:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-11 21:20 - 2016-10-05 11:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-11 21:20 - 2016-10-05 11:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-11 21:20 - 2016-10-05 11:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-11 21:20 - 2016-10-05 11:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-11 21:20 - 2016-10-05 11:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-11 21:20 - 2016-10-05 11:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-11 21:20 - 2016-10-05 11:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-11 21:20 - 2016-10-05 11:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-11 21:20 - 2016-10-05 11:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-11 21:20 - 2016-10-05 10:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-11 21:20 - 2016-10-05 10:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-11 21:20 - 2016-10-05 10:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-11 21:20 - 2016-10-05 10:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-11 21:20 - 2016-10-05 10:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-11 21:20 - 2016-10-05 10:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-11 21:20 - 2016-10-05 10:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-11 21:20 - 2016-10-05 10:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-11 21:20 - 2016-10-05 10:36 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-10-11 21:20 - 2016-10-05 10:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-11 21:20 - 2016-10-05 10:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-11 21:20 - 2016-10-05 10:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-11 21:20 - 2016-10-05 10:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-11 21:20 - 2016-10-05 10:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-11 21:20 - 2016-10-05 10:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-11 21:20 - 2016-10-05 10:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-11 21:20 - 2016-10-05 10:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-11 21:20 - 2016-10-05 10:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-11 21:20 - 2016-10-05 10:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-11 21:20 - 2016-10-05 10:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-11 21:20 - 2016-10-05 10:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-11 21:20 - 2016-10-05 10:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-11 21:20 - 2016-10-05 10:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-11 21:20 - 2016-10-05 10:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-11 21:20 - 2016-10-05 10:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-11 21:20 - 2016-10-05 10:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-11 21:20 - 2016-10-05 10:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-11 21:20 - 2016-10-05 10:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-11 21:20 - 2016-10-05 10:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-11 21:20 - 2016-10-05 10:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 21:20 - 2016-10-05 10:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-11 21:20 - 2016-10-05 10:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-11 21:20 - 2016-10-05 10:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-11 21:20 - 2016-10-05 10:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-11 21:20 - 2016-10-05 10:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-11 21:20 - 2016-10-05 10:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-11 21:20 - 2016-10-05 10:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-11 21:20 - 2016-10-05 10:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-11 21:20 - 2016-10-05 10:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-11 21:20 - 2016-10-05 10:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-11 21:20 - 2016-10-05 10:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-11 21:20 - 2016-10-05 10:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-11 21:20 - 2016-10-05 10:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-11 21:20 - 2016-10-05 10:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-11 21:20 - 2016-10-05 10:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-11 21:20 - 2016-10-05 10:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-11 21:20 - 2016-10-05 10:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-11 21:20 - 2016-10-05 10:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-11 21:20 - 2016-10-05 10:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-11 21:20 - 2016-10-05 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-11 21:20 - 2016-10-05 10:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-11 21:20 - 2016-10-05 10:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-11 21:20 - 2016-10-05 10:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-11 21:20 - 2016-10-05 10:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-11 21:20 - 2016-10-05 10:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-11 21:20 - 2016-10-05 10:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-11 21:20 - 2016-10-05 10:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-11 21:20 - 2016-10-05 10:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-11 21:20 - 2016-10-05 10:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-11 21:20 - 2016-10-05 10:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-11 21:20 - 2016-10-05 10:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-11 21:20 - 2016-10-05 10:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-11 21:20 - 2016-10-05 10:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-11 21:20 - 2016-10-05 10:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-11 21:20 - 2016-10-05 10:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-11 21:20 - 2016-10-05 10:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-11 21:20 - 2016-10-05 10:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-11 21:20 - 2016-10-05 10:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-11 21:20 - 2016-10-05 10:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-11 21:20 - 2016-10-05 10:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-11 21:20 - 2016-10-05 10:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-11 21:20 - 2016-10-05 10:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-11 21:20 - 2016-10-05 10:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-11 21:20 - 2016-10-05 10:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-11 21:20 - 2016-10-05 10:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-11 21:20 - 2016-10-05 10:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-11 21:20 - 2016-10-05 10:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-11 21:20 - 2016-10-05 10:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-11 21:20 - 2016-10-05 10:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-11 21:20 - 2016-10-05 10:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-11 21:20 - 2016-10-05 10:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-11 21:20 - 2016-10-05 01:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-11 21:20 - 2016-09-07 06:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-11 21:13 - 2016-10-11 21:13 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-11 21:13 - 2016-10-11 21:13 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-11 11:02 - 2016-10-11 11:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickGamma
2016-10-11 10:29 - 2016-10-11 10:29 - 00000000 ____D C:\WINDOWS\amlog
2016-10-11 10:12 - 2016-10-11 10:13 - 00000772 _____ C:\WINDOWS\ampa.ini
2016-10-11 10:05 - 2016-10-22 12:13 - 00001024 ____H C:\AMTAG.BIN
2016-10-11 10:05 - 2016-10-11 10:05 - 00001006 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant Standard Edition 6.0.lnk
2016-10-11 10:05 - 2016-10-11 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.0
2016-10-11 10:05 - 2015-12-11 08:57 - 01920624 _____ C:\WINDOWS\ampa.exe
2016-10-11 10:05 - 2015-11-10 08:36 - 00019568 _____ C:\WINDOWS\SysWOW64\ampa.sys
2016-10-11 10:05 - 2015-11-10 08:36 - 00019568 _____ C:\WINDOWS\system32\ampa.sys
2016-10-10 17:53 - 2016-10-10 17:54 - 00000431 ____N C:\Users\nc-be_000\medcd.ini
2016-10-10 17:53 - 2004-11-11 10:54 - 00008682 ____N C:\Users\nc-be_000\overlay.ini
2016-10-10 17:53 - 2004-11-03 11:34 - 00000000 ____N C:\Users\nc-be_000\vorlagen.ini
2016-10-09 10:48 - 2016-10-09 10:48 - 00000000 ____D C:\WINDOWS\Panther
2016-10-08 16:32 - 2016-10-08 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-10-08 16:32 - 2016-10-08 16:32 - 00000000 ____D C:\Program Files (x86)\Windows Kits

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-06 23:13 - 2016-05-29 09:15 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-11-06 23:11 - 2015-08-16 13:30 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\ClassicShell
2016-11-06 23:05 - 2016-08-13 18:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-06 21:19 - 2016-07-16 23:51 - 02112242 _____ C:\WINDOWS\system32\perfh007.dat
2016-11-06 21:19 - 2016-07-16 23:51 - 00553694 _____ C:\WINDOWS\system32\perfc007.dat
2016-11-06 21:19 - 2015-08-08 08:58 - 04474350 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-06 21:12 - 2016-08-13 18:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-06 21:12 - 2016-08-13 18:03 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-06 21:12 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-06 21:12 - 2016-03-14 07:18 - 00000000 ____D C:\WINDOWS\pss
2016-11-06 21:12 - 2015-11-01 09:19 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-06 21:12 - 2014-05-04 20:57 - 00797155 _____ C:\bdlog.txt
2016-11-06 20:41 - 2015-11-01 13:40 - 00000000 ____D C:\AdwCleaner
2016-11-06 20:40 - 2015-11-01 09:19 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-06 20:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-06 09:57 - 2015-11-01 09:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-06 02:05 - 2016-08-13 18:04 - 00000000 ____D C:\Users\nc-be_000
2016-11-06 00:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-06 00:36 - 2016-05-29 09:26 - 00002291 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2016-11-06 00:35 - 2016-05-29 09:25 - 00000000 ____D C:\ProgramData\Bitdefender
2016-11-06 00:35 - 2014-05-04 17:53 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-11-06 00:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-06 00:10 - 2016-01-17 12:26 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2016-11-06 00:10 - 2014-08-11 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-11-06 00:07 - 2014-05-05 22:13 - 00000000 ____D C:\Program Files (x86)\Garmin
2016-11-06 00:07 - 2014-05-05 00:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-06 00:04 - 2016-08-25 19:21 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-06 00:03 - 2016-09-21 21:07 - 00000000 ____D C:\Users\OVRLibraryService
2016-11-06 00:03 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-06 00:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
2016-11-06 00:03 - 2016-02-16 12:12 - 00000000 ____D C:\Program Files (x86)\FRITZ!BoxPrint
2016-11-06 00:03 - 2016-02-16 12:12 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2016-11-06 00:03 - 2015-03-28 10:37 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-11-06 00:03 - 2014-10-02 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-11-06 00:03 - 2014-10-02 22:55 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-11-06 00:03 - 2014-08-31 13:26 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Google
2016-11-06 00:03 - 2014-05-05 20:46 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cuttermaran
2016-11-06 00:03 - 2014-05-04 23:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-06 00:03 - 2014-05-04 23:08 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\TeraCopy
2016-11-06 00:03 - 2014-05-04 23:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-11-06 00:03 - 2014-05-04 13:25 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Packages
2016-11-03 22:47 - 2014-07-28 16:56 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\ElevatedDiagnostics
2016-11-03 08:22 - 2014-10-02 22:55 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\Samsung
2016-11-02 20:23 - 2015-11-28 16:51 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\CrashDumps
2016-11-02 20:16 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-11-02 08:16 - 2014-05-05 16:39 - 00000000 ____D C:\Users\nc-be_000\Desktop\Tools
2016-11-01 13:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-01 13:28 - 2015-06-22 19:49 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\vlc
2016-10-31 09:31 - 2016-09-16 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-10-31 09:31 - 2016-08-13 18:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-31 09:31 - 2016-03-29 19:32 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-29 23:27 - 2016-01-01 19:29 - 00000000 ____D C:\Program Files (x86)\EDMarketConnector
2016-10-29 18:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-29 16:24 - 2015-12-13 13:50 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-29 07:55 - 2015-02-01 10:05 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\Dropbox
2016-10-28 19:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-28 19:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-28 19:07 - 2014-08-16 17:30 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Adobe
2016-10-28 18:06 - 2016-08-13 18:02 - 00616352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-28 18:06 - 2015-08-08 08:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-28 18:05 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-28 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-28 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-28 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-28 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-28 16:45 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-27 22:22 - 2016-01-01 19:30 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\EDMarketConnector
2016-10-27 22:21 - 2016-01-29 23:56 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Frontier_Developments
2016-10-25 21:17 - 2016-09-19 09:19 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-25 21:17 - 2016-09-19 09:19 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-25 21:17 - 2016-09-19 09:19 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-25 21:17 - 2016-09-19 09:19 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-25 21:17 - 2016-09-19 09:19 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-25 21:17 - 2016-09-16 11:42 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-25 21:17 - 2016-09-16 11:42 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-25 21:13 - 2016-09-16 07:34 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-10-24 07:31 - 2016-09-19 09:19 - 07507695 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-24 07:10 - 2015-10-17 18:24 - 00021288 _____ (RW-Everything) C:\WINDOWS\SysWOW64\Drivers\ArdDrv.sys
2016-10-23 09:00 - 2014-05-07 04:57 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Logitech
2016-10-22 22:41 - 2015-03-27 17:25 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\NVIDIA Corporation
2016-10-22 12:12 - 2015-03-20 17:45 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Downloaded Installations
2016-10-22 12:05 - 2014-05-04 17:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-22 12:03 - 2014-12-15 06:51 - 00000000 ____D C:\ProgramData\TEMP
2016-10-21 19:47 - 2015-12-18 18:32 - 00002273 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-21 19:47 - 2015-12-18 18:32 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-21 19:02 - 2016-08-13 18:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-21 19:02 - 2016-08-13 18:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-21 07:48 - 2015-12-25 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-19 19:31 - 2016-07-06 17:28 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\discord
2016-10-19 11:06 - 2016-04-24 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-10-18 20:15 - 2014-05-04 20:58 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\TS3Client
2016-10-18 18:40 - 2014-06-09 12:20 - 00171224 _____ C:\Users\nc-be_000\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-17 12:50 - 2014-09-18 19:53 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\DVDVideoSoft
2016-10-13 19:07 - 2015-06-14 08:41 - 00000000 ____D C:\Users\nc-be_000\Documents\Survarium
2016-10-12 13:40 - 2016-09-19 09:51 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-10-12 13:38 - 2014-09-09 05:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 13:38 - 2014-09-09 05:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 10:49 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 10:49 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-12 10:49 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-12 10:49 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-12 10:49 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-12 09:54 - 2014-05-04 13:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 09:51 - 2014-09-09 05:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-12 09:51 - 2014-05-04 13:44 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-11 09:11 - 2016-08-13 18:03 - 00067584 ____S C:\WINDOWS\bootstat2.dat
2016-10-11 08:53 - 2016-09-21 19:56 - 00000000 ____D C:\Program Files\OCPlugIn
2016-10-09 15:03 - 2014-05-07 05:02 - 01065984 _____ C:\Users\nc-be_000\AppData\Local\file__0.localstorage
2016-10-09 15:02 - 2014-05-07 05:02 - 00000000 ____D C:\Users\nc-be_000\Heaven
2016-10-08 23:04 - 2016-09-13 16:45 - 00000000 ____D C:\ProgramData\advlauncher
2016-10-08 13:09 - 2016-01-23 19:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-05 04:52 - 2015-05-05 04:52 - 0139608 _____ () C:\Users\nc-be_000\AppData\Roaming\icarus-dxdiag.xml
2014-05-07 05:02 - 2016-10-09 15:03 - 1065984 _____ () C:\Users\nc-be_000\AppData\Local\file__0.localstorage
2014-05-05 05:33 - 2014-07-04 19:33 - 0000083 ___SH () C:\ProgramData\.zreglib
2016-05-29 09:26 - 2016-05-29 09:26 - 0391335 _____ () C:\ProgramData\1464510323.bdinstall.bin
2016-06-04 18:23 - 2016-06-04 18:23 - 0421215 _____ () C:\ProgramData\1465060923.bdinstall.bin
2016-06-04 18:24 - 2016-06-04 18:24 - 0019315 _____ () C:\ProgramData\1465061034.bdinstall.bin
2016-06-14 17:55 - 2016-06-14 17:55 - 0026790 _____ () C:\ProgramData\1465923319.bdinstall.bin
2016-08-30 04:51 - 2016-08-30 04:51 - 0026212 _____ () C:\ProgramData\1472529071.bdinstall.bin
2016-11-06 00:36 - 2016-11-06 00:36 - 0421489 _____ () C:\ProgramData\1478388931.bdinstall.bin
2016-09-19 19:16 - 2016-09-19 19:16 - 0026853 _____ () C:\ProgramData\agent.1474308984.bdinstall.bin
2016-10-27 08:33 - 2016-10-27 08:33 - 0026276 _____ () C:\ProgramData\agent.1477553607.bdinstall.bin
2016-11-02 07:31 - 2016-11-02 07:31 - 0028768 _____ () C:\ProgramData\agent.1478068292.bdinstall.bin
2016-11-06 00:58 - 2016-11-06 00:58 - 0028192 _____ () C:\ProgramData\agent.1478390323.bdinstall.bin
2016-11-06 09:52 - 2016-11-06 09:52 - 0028194 _____ () C:\ProgramData\agent.1478422350.bdinstall.bin
2014-05-04 23:49 - 2014-05-04 23:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-06 15:23 - 2016-08-21 12:42 - 0002643 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\nc-be_000\AppData\Local\Temp\i4jdel0.exe
C:\Users\nc-be_000\AppData\Local\Temp\Nexus Mod Manager-0.63.1.exe
C:\Users\nc-be_000\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\nc-be_000\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-06 13:26

==================== Ende von FRST.txt ============================
         

Geändert von Tommkin (06.11.2016 um 23:36 Uhr)

Alt 06.11.2016, 23:37   #2
Tommkin
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

n Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. Teil 2



Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-11-2016
durchgeführt von nc-be_000 (06-11-2016 23:26:54)
Gestartet von C:\Downloads
Windows 10 Pro Version 1607 (X64) (2016-08-13 17:26:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2909243537-4192776109-3153355720-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2909243537-4192776109-3153355720-503 - Limited - Disabled)
Gast (S-1-5-21-2909243537-4192776109-3153355720-501 - Limited - Disabled)
nc-be_000 (S-1-5-21-2909243537-4192776109-3153355720-1001 - Administrator - Enabled) => C:\Users\nc-be_000

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3DMark (HKLM-x32\...\{66847f67-7331-422f-bc6c-d961c453d7df}) (Version: 1.5.884.0 - Futuremark)
3DMark (Version: 1.5.884.0 - Futuremark) Hidden
4500_G510nz_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Aces High III (remove only) (HKLM-x32\...\Aces High III) (Version: Version 0.09 Patch 1 - Hitech Creations, Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AIVIA GHOST (HKLM-x32\...\{4E711815-5F4E-47F2-B1E1-C0B43A8D57F3}) (Version: 1.06.0000 - GIGABYTE)
Android USB Driver (HKLM-x32\...\Z5 Android USB Driver_is1) (Version:  - )
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.4.6.0 - SlySoft)
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Compatibility Toolkit (Version: 10.1.14393.0 - Microsoft) Hidden
Appman Sequencer on amd64 (Version: 10.1.14393.0 - Microsoft) Hidden
ASRock XFast RAM v2.0.29 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Assessments on Client (x32 Version: 10.1.14393.0 - Microsoft) Hidden
AusweisApp2 (HKLM-x32\...\{1C785E05-CFC7-43BE-9A52-9FB39C180CB8}) (Version: 1.2.2 - Governikus GmbH & Co. KG)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1436 - Bitdefender)
Bitdefender Internet Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.28.1478 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BQ Handset USB Driver 1.0 (HKLM-x32\...\USB Driver_is1) (Version:  - )
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
COMPUTER BILD Spionage-Stopper für Windows 10 (HKLM-x32\...\{F9565211-5480-408D-BC7C-1FE7B8366ACE}_is1) (Version: 1.0.0.1 - pXc-coding.com)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID CPU-Z OC Formula 1.76 (HKLM\...\CPUID CPU-Z OC Formula_is1) (Version: 1.76 - CPUID, Inc.)
CrystalDiskInfo 6.1.12 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)
CrystalDiskMark 3.0.3a (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3a - Crystal Dew World)
Dacia Media Nav Toolbox (HKLM-x32\...\Dacia Media Nav Toolbox) (Version: 3.18.4.502485 - NNG Llc.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Digital Camera Enhancer 1.3 (HKLM-x32\...\Digital Camera Enhancer 1.3_is1) (Version:  - )
Discord (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Driver Fusion (HKLM-x32\...\Driver Fusion) (Version: 3.3.0.0 - Treexy)
Dropbox (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Dropbox) (Version: 13.4.21 - Dropbox, Inc.)
Elevated Installer (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Elite Dangerous Launcher version 0.4.5499.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.5499.0 - Frontier Developments)
Elite Dangerous Market Connector (HKLM-x32\...\{374DFE82-C865-4AFD-B69A-1ABC16C9AD08}) (Version: 2.2.2.0 - Marginal)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FaceFilter v3.02 SE (HKLM-x32\...\{6020758E-57A9-41E3-AF20-8EE311EA6156}) (Version: 3.02.2713.1 - Reallusion Inc.)
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fractured Space (HKLM\...\Steam App 310380) (Version:  - Edge Case Games Ltd.)
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Futuremark SystemInfo (HKLM-x32\...\{79659071-4B68-4EC8-833C-49C97B68FCD0}) (Version: 4.36.512.0 - Futuremark)
Garmin Express (HKLM-x32\...\{d74c733b-9216-49f5-ae3a-14bf3a3d66f5}) (Version: 4.2.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Glamour Strip Poker Video Edition 1.1 (HKLM-x32\...\Glamour Strip Poker Video Edition_is1) (Version:  - )
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoogleClean (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510n-z 14.0 Rel. 6 (HKLM\...\{6B9B2E57-D988-4258-8A2C-6F3657A600BD}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HWiNFO64 Version 5.34 (HKLM\...\HWiNFO64_is1) (Version: 5.34 - Martin Malík - REALiX)
IL-2 Sturmovik Battle of Stalingrad (HKLM-x32\...\{66F649A9-0FA2-487E-BC0D-894BD7E89D5E}_is1) (Version:  - 1C Game Studios)
Imaging And Configuration Designer (x32 Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Designer (x32 Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Tools Support (x32 Version: 10.1.14393.0 - Microsoft) Hidden
Inno3D TunelT OverClock Utility version V6.0.0.1 (HKLM-x32\...\Inno3D TunelT OverClock Utility_is1) (Version: V6.0.0.1 - )
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.14393.0 - Microsoft) Hidden
K-Lite Codec Pack 10.3.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.5 - )
LAV Filters 0.61.2 (HKLM-x32\...\lavfilters_is1) (Version: 0.61.2 - Hendrik Leppkes)
LibreOffice 5.1.0.3 (HKLM-x32\...\{2F75F86D-8362-4F49-9536-D87DCBF6ABAE}) (Version: 5.1.0.3 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.0 - LOOT Development Team)
Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.29 - PasswdFinder)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6CE5BAE9-D3CA-4B99-891A-1DC6C118A5FC}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version:  - )
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version:  - )
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version:  - )
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version:  - )
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23829 (HKLM\...\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23829 (HKLM\...\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23829 (HKLM-x32\...\{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23829 (HKLM-x32\...\{8BE670DF-EA47-3A15-88CC-00FFCA1FFA12}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\{B0A5A6EE-F8BA-48B1-BB32-BAC17E96C2B4}) (Version: 2.0.50728 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 de)) (Version: 45.4.0 - Mozilla)
Mp3tag v2.63 (HKLM-x32\...\Mp3tag) (Version: v2.63 - Florian Heidenreich)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NaturalPoint USB Drivers x64 (HKLM\...\{533773B8-9AC1-4C0F-A2BF-57466A45C6F5}) (Version: 2.70.0000 - NaturalPoint)
Network Print Monitor for Windows (HKLM-x32\...\Network Print Monitor) (Version:  - )
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.1 - Black Tree Gaming)
Null-modem emulator (com0com) (HKLM-x32\...\com0com) (Version: 2.2.2.0 - Vyacheslav Frolov)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Paint Shop Pro 5.03 CD (HKLM-x32\...\Paint Shop Pro 5.03) (Version:  - )
Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Backup and Recovery™ 16 (HKLM\...\{DADAA9CF-36B6-11E6-B0B5-005056C00008}) (Version: 10.28.101 - Paragon Software)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Passbild-Generator v4.0a (HKLM-x32\...\Passbild-Generator_is1) (Version:  - Passbild-Generator)
PC-WELT-Windows-Service-Center 5.0 (HKLM\...\{E2D3B526-5BB7-4BC7-B8F9-8BE11F0FF978}}_is1) (Version:  - IDG Tech Media GmbH)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PNY Drive Utility (HKLM-x32\...\{6C87713B-BB39-4B18-9BE6-C87CBDB66371}) (Version: 1.0.3 - PNY Technologies)
QuickGamma 4.0.0.2 (HKLM-x32\...\QuickGamma_is1) (Version: 4.0.0.2 - Eberhard Werle)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.7.107.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recovery Media Builder™ (HKLM\...\{EC1AB719-E98B-532C-95D4-381FB69F5CD2}) (Version: 1.00.0000 - Paragon Software)
Registry Cleaner (HKLM-x32\...\Registry Cleaner_is1) (Version: 1.3 - Abelssoft)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
ROCCAT Power-Grid Version 0.461 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.461 - ROCCAT GmbH)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Schirmfoto (HKLM-x32\...\Schirmfoto_is1) (Version: 2014 - Abelssoft)
SCL011 Contactless Reader (HKLM-x32\...\{101A21B2-E102-4F64-A7FA-CEF7182D0E2D}) (Version: 1.01 - SCM Microsystems)
Serif DrawPlus X6 (HKLM\...\{8A8AB2D3-53DE-4A65-8D35-68A09AA1AD7A}) (Version: 13.0.3.26 - Serif (Europe) Ltd)
Serif PhotoPlus X7 (HKLM\...\{7B7344AA-B8E3-4A86-B499-517B7E2F6CB3}) (Version: 17.0.3.023 - Serif (Europe) Ltd)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.4.0 - )
SSD Fresh 2016 (HKLM-x32\...\{71149886-0AA3-4F31-81F9-CC90EA0D55EF}_is1) (Version: 5.0 - Abelssoft)
Star Citizen Launcher (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.44c - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
tax 2016 (HKLM-x32\...\{30E85B0C-57D8-4ECE-814B-264550A92FAB}) (Version: 23.00.1146 - Buhl Data Service GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Toolkit Documentation (x32 Version: 10.1.14393.0 - Microsoft) Hidden
TrackIR 5 (HKLM-x32\...\{c1ef3d1e-986d-400c-966a-8bdb6149fe02}) (Version: 5.4.1.0000 - NaturalPoint)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 6.0a - TrueCrypt Foundation)
UEV Tools on amd64 (Version: 10.1.14393.0 - Microsoft) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
USBGrabberDrv (HKLM-x32\...\{E34CEAA5-9537-4CCB-A54F-DB0D8F15EA80}) (Version: 1.00.0000 - NEWMI)
User State Migration Tool (x32 Version: 10.1.14393.0 - Microsoft) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
vReveal 3 (HKLM-x32\...\vReveal 3) (Version:  - MotionDSP)
VSDC Free Video Editor Version 4.0.1.475 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 4.0.1.475 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WPT Redistributables (x32 Version: 10.1.14393.0 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.14393.0 - Microsoft) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0047DB09-E400-4C2C-A90F-FB117171778D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {01A5FC92-AEE1-4421-A1B7-235A6135C836} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {04453E0A-84AA-4638-B539-32804810967B} - System32\Tasks\{0AECFAC2-CC14-4D55-BA2E-BFA970DFD241} => pcalua.exe -a "F:\G940_lights_1.1_by_MikkOwl\G940 Lights v1.1 by MikkOwl\G940 Lights v1.1 by MikkOwl.exe" -d "F:\G940_lights_1.1_by_MikkOwl\G940 Lights v1.1 by MikkOwl"
Task: {069035FF-1DC4-4E01-B424-97599DC08959} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {125CFFFC-4D7D-4AC0-8A8D-8A7F919D9A4A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-10-25] ()
Task: {131CD8D7-F098-413E-85EE-85BA39CBF701} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {21CB5035-8224-49FF-AA1E-052E370046B8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {3076D751-E142-4B8C-BB14-DE7FB5F5F0C3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {31363D01-DBD7-4879-BECF-5D74E810D195} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {32B52A04-2D05-4742-9430-5D8CA0207933} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {34176780-9572-4CDE-90F8-9CC0CFB4C8A2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3C5A0D04-64DE-4B93-9BFB-90641383FAC7} - System32\Tasks\{BEA97B43-5EBE-4758-BEB7-3C70031BB286} => pcalua.exe -a K:\SETUP.EXE -d K:\
Task: {3CF78C17-6B4B-4AEC-A7AA-CBD25073558B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
Task: {3EAC6888-1ED8-41E0-AD84-CACE3A4FD558} - System32\Tasks\{83E16EA3-ABAF-4FF5-8F6A-3D155AD08978} => pcalua.exe -a "C:\Windows\PokerGirls - LostGirls3-HD\uninstall.exe" -c "/U:C:\Program Files (x86)\PokerGirls.v.2\opponents\GirlsNextDoor2-HD\irunin.xml"
Task: {3EFE40E3-5E14-4D62-A235-088814720A14} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {40682253-1F5D-4DE4-837D-DB25795D70B5} - System32\Tasks\{8C3F4BEB-F4F5-47C8-87FD-C251D401B24A} => pcalua.exe -a "C:\Windows\PokerGirls Video Strip Poker v3\uninstall.exe" -c "/U:C:\Program Files (x86)\PokerGirls.v.2\irunin.xml"
Task: {476F64E4-D9E4-4A43-8D1E-4C273550D215} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {4DA22A8D-6500-4319-9CB1-183E790830E1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {4FBA0300-5DC6-4147-851E-5FFBE115913D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001Core1d238679d87fdf3 => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {5081C2A5-A109-40CC-B8BA-B79A68C9A49A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-18] (Google Inc.)
Task: {5B8B2D8F-2381-4548-ACC1-067857FD7744} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {61046984-C92A-488A-82C5-B154AA45E4D7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {6B51F5AC-A696-4354-8486-2516CCC6A7C6} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe
Task: {7345DBD8-B3D8-458A-BE5B-5B6C219C4432} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {82398961-46D1-45A6-AD3F-A01688F37F67} - System32\Tasks\{2D1A843A-803E-4F12-8FE2-095A4CF87C97} => pcalua.exe -a "C:\Windows\PokerGirls - DemoGirl-HD\uninstall.exe" -c "/U:C:\Program Files (x86)\PokerGirls.v.2\opponents\DemoGirl-HD\irunin.xml"
Task: {82429630-8B50-45DC-A412-B6F75634A4DF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {88173574-02D3-4720-8200-3F45337313BB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9C6968AF-18F1-4A5F-814A-085711E83FDE} - System32\Tasks\Schnellstart => Rundll32.exe powrprof.dll,SetSuspendState Hibernate
Task: {A1DB3F7C-5B9A-4EE5-A424-06141F51CD2B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001UA1d238679d8a6055 => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {ABE1C068-5705-4F18-BA17-83CAB04A4D3C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {B215EFB5-A8F4-4E7C-8F4A-F889D90A7AE5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-28] (Adobe Systems Incorporated)
Task: {B6F4960C-1F96-4096-99BD-758B84491F31} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {B84110B2-6B73-4869-9EF4-932A8EE6485F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-18] (Google Inc.)
Task: {C4FEEA47-E498-4F45-8389-F5DB8FA34D3B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E0B5E71A-DF79-44E6-820A-FDB3AAC83C0E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EDEEA298-8D2D-410A-A215-681DFE3EEA08} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {FAF419D8-0F61-4605-BEEC-76CB785FEA67} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001Core1d238679d87fdf3.job => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001UA1d238679d8a6055.job => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\nc-be_000\Documents\PC-WELT\pcwServiceCenter_2016\pcwServiceCenter_2016\Tools\pcwWinXMenuManager\64-Bit\Backup.original\Group5\02 - Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://start.qone8.com/?type=sc&ts=1398159831&from=smt&uid=TOSHIBAXDT01ACA200_X3SHT9LGSXXX3SHT9LGSX

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-04 07:51 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-06 00:36 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-11-06 00:36 - 2016-05-09 11:29 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2016-11-06 00:36 - 2016-05-09 11:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2016-11-06 00:36 - 2016-05-09 11:29 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2016-11-06 00:36 - 2016-05-09 11:29 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2016-09-16 07:34 - 2016-09-30 05:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-16 07:34 - 2016-09-30 05:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-16 07:35 - 2016-09-30 05:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-08-16 22:30 - 2013-11-18 10:44 - 00585416 _____ () C:\Program Files (x86)\Android_USB_Driver_Z\Bin\MonServiceUDisk.exe
2016-09-16 11:42 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-04 07:51 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-13 18:28 - 2016-08-13 18:28 - 00959168 _____ () C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-15 19:40 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-11 21:20 - 2016-10-05 10:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-28 15:46 - 2016-10-15 04:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-28 15:46 - 2016-10-15 04:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-28 15:46 - 2016-10-15 04:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-30 16:51 - 2016-08-30 16:51 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-30 16:51 - 2016-08-30 16:51 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-30 16:51 - 2016-08-30 16:51 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-01-06 20:43 - 2016-01-06 20:43 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-01-06 20:43 - 2016-01-06 20:43 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2012-09-18 15:41 - 2012-09-18 15:41 - 00191488 _____ () C:\Users\nc-be_000\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe
2016-11-06 00:58 - 2016-11-06 00:58 - 00521112 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\intermsec.dll
2016-11-06 00:36 - 2016-04-05 16:31 - 00159232 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\ui\ltr\intermsec.ui
2016-11-06 00:36 - 2016-05-12 17:48 - 00032256 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\intermsec.txtui
2016-11-06 00:36 - 2016-05-12 17:48 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\bdaphconp.txtui
2016-11-06 00:58 - 2016-11-06 00:58 - 00061392 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bddpsp.dll
2016-10-25 11:36 - 2016-10-25 11:36 - 00073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2016-10-17 11:15 - 2016-08-31 18:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-17 11:21 - 2016-08-31 18:55 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-17 11:21 - 2016-08-31 18:55 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-17 11:21 - 2016-08-31 18:55 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-09-16 07:34 - 2016-09-29 18:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-16 07:34 - 2016-09-29 18:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-19 09:21 - 2016-09-30 05:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-22 14:45 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [146]
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [248]
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9 [362]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\127.0.0.1 -> hxxp://127.0.0.1
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\facebook.com -> hxxps://staticxx.facebook.com
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\facebook.net -> hxxps://connect.facebook.net
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\fbcdn.net -> hxxps://static.xx.fbcdn.net
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\google-analytics.com -> hxxps://www.google-analytics.com
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\paragon-software.com -> hxxps://bo4-fe.paragon-software.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2016-11-06 23:12 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Piplay"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "NBKeyScan"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "Tilt"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\StartupFolder: => "DesktopVideoPlayer.lnk"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "Uninstall C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AE6C659B-9C22-4EF4-B91C-F97048754A0D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{6B9B2E57-D988-4258-8A2C-6F3657A600BD}\setup\hpznui40.exe
FirewallRules: [{39D238F3-BA73-4B8D-86FE-18876CD2BCE1}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{E9D044A3-259F-417B-9724-C49D476BD27B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{AC6C63BB-A5E5-4F5A-AC34-0D855550CAFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{19030A2A-E0E7-43C6-99BB-CBDF2A581A79}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{28934A3E-E97F-4071-A17F-2C61ECEDD839}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{BFBB2BD9-58A6-4281-A373-F8F4C071AC77}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{7BC9AEB6-445E-49A5-A890-CFEB55F3CDEE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{556315F3-3A89-4266-B381-757222C0F1F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5DC24A07-F98B-4DB7-85D6-52F4B4F13840}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{2E806F86-7015-4C45-AE1C-822E5F78C4ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DADECCC1-28A0-4622-BB54-E8C2B808A625}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{408D8040-F157-4009-88E0-8453880C41D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{C3AF2C30-3537-44D9-A044-32BE7551B6F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{4D5655E4-8DE4-43A4-8E83-9FEB300AE5C4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{2322A395-9B52-4E43-9A80-9E6F36522C40}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{75ADD192-CE1D-464B-A7E4-52D25E0577F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{000807E8-706F-4348-ABBA-E8ADA73E1D59}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [UDP Query User{98906EB1-BB28-4779-863A-6A902FEE8F26}F:\program files (x86)\survarium\game\binaries\x86\survarium.exe] => (Allow) F:\program files (x86)\survarium\game\binaries\x86\survarium.exe
FirewallRules: [TCP Query User{2FBCAE20-E7B1-45C5-A146-BA845C86237B}F:\program files (x86)\survarium\game\binaries\x86\survarium.exe] => (Allow) F:\program files (x86)\survarium\game\binaries\x86\survarium.exe
FirewallRules: [UDP Query User{F3386FFA-F5E6-4076-922B-ABA6314586B6}F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [TCP Query User{474B055D-5F85-4534-BD00-7BC2968F878E}F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [{76F55B24-B467-4AB7-94D4-701245DF3691}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{88906E6C-9549-4D69-81C1-E1263E98C383}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{57327234-4496-4FBD-B8E4-6A763A08CA49}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{4DDC699A-A716-4BD7-B9F5-AC4695DDC747}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{59E10A62-1449-4940-852B-6FF142BD18FF}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{681EC210-4504-4494-91FF-C8200080D495}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{C4A3EC6B-89FF-440E-BF59-0C30AD0E8057}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{A35DA6C4-E80E-45AE-AE04-22B3929D6C5B}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [{86CF56DF-4D51-4AE5-93BA-4224ED8AA093}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [UDP Query User{93734F32-8C0A-42D1-B62F-4A606528B9D5}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [TCP Query User{D5C65DA4-EECC-4DD4-91A6-7AA84D96B34D}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{D30904E8-FCC4-4983-A0BE-D3DC792CB7E2}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{CD8FF397-62E0-47E1-B36D-D4D137423BD8}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{6F7D13CB-B5A6-49AE-9FB3-BAD9F1DB04ED}C:\program files (x86)\edmarketconnector\edmarketconnector.exe] => (Allow) C:\program files (x86)\edmarketconnector\edmarketconnector.exe
FirewallRules: [TCP Query User{95857AA5-B264-42BD-B03C-BDE60BF7BFAB}C:\program files (x86)\edmarketconnector\edmarketconnector.exe] => (Allow) C:\program files (x86)\edmarketconnector\edmarketconnector.exe
FirewallRules: [{4D7ACAAD-9A81-47ED-8992-D6C48E7BF595}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{FB04A857-443D-487D-8F5E-E5B54773DFF3}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{C8B530B7-3A85-497B-8080-A436E68E85AB}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{1DBFBF35-ACF0-445F-B9A3-E15176F0EF38}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{2CA43E2A-6790-41F0-AF08-F8E580CE7E2B}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{6A341E16-241F-4D7C-A374-1BAD64136CF9}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{233A25E0-488B-47CC-A7E8-D82B37D7F095}] => (Allow) D:\Games\World_of_Tanks\WOTLauncher.exe
FirewallRules: [{E15E27B9-299E-43BB-BB2E-FA6343C44FB1}] => (Allow) D:\Games\World_of_Tanks\WOTLauncher.exe
FirewallRules: [{AC78B970-4479-449F-867E-D53A241D1C58}] => (Allow) K:\fsetup.exe
FirewallRules: [{B25BE4D3-7960-4BF0-848C-0BB7C5593772}] => (Allow) K:\fsetup.exe
FirewallRules: [{95D39A74-BBC9-4206-A384-EE60B414CD20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E45B2A7E-C363-4DD9-A4BF-D27B995AF4DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EC0FC526-69C3-4280-96B3-C3B818A9D52A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC24BEB1-C840-4F4A-ADB3-4A9271789BC3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{960E656E-3944-48AC-B329-772BAFCB2FE9}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{7F2D7F63-F40B-4F34-8BB1-DA4F8C3E5628}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{0764916E-B3C2-46A1-90CB-ACFD6897CC34}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{151C647C-94AB-4448-A393-EE837E09ACC7}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{8CFD4370-00E6-4EDF-9CA3-535B40B2AE55}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{8412CD0C-6464-46AA-84E8-678E9D7BAB03}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{5267BC9D-0E2B-43A8-8D8A-371093D5CB55}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_launcher.exe
FirewallRules: [UDP Query User{5E8889CF-4140-4F8A-8A24-D567CCAD5589}D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [TCP Query User{794F5AF2-E311-47A5-A378-4D2556910A19}D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [UDP Query User{D5850BDD-396A-4C31-8B0E-0CF356858821}F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [TCP Query User{E9B98FAF-293C-4F03-A421-34DBC6967E79}F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [UDP Query User{B57A4FCA-07D4-4834-8543-938C197D9443}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe
FirewallRules: [TCP Query User{8E041B79-F618-4C93-BF86-A114F8B738AD}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe
FirewallRules: [UDP Query User{0DEA9964-A719-488B-BEE2-06374E077363}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe
FirewallRules: [TCP Query User{E6288314-AD24-4C60-9008-BA9A8827B033}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe
FirewallRules: [{12BB10E0-1453-461C-923B-ADEBDEEC448E}] => (Allow) C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3369A231-4E3E-4B00-9F04-F1FC134910A7}] => (Allow) C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A5501480-27EE-43F3-A7FD-F14C19B1E3D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B521A10-9C90-4767-A5E1-85E7874974B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB0A91F2-72F2-4D57-8CA0-912C9CF07138}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{42EF87EE-A4C8-4856-978F-D662B226EAC2}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{FDF952CF-5890-40B6-950F-81DFF651C938}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{8DDECFED-D00A-43B9-8CFC-7817C06B7BD3}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{B8E59A75-C4C6-4438-8B41-9A343F7E1136}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{B55735BD-D987-49A8-82FF-BAD589E4939F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{C09EACAC-C352-47BA-8A00-FAE7D3154A0A}] => (Allow) LPort=1900
FirewallRules: [{FA31A1DE-CDDE-4196-AD01-AFDEB894C244}] => (Allow) LPort=2869
FirewallRules: [{57BE9907-5536-47D2-8D7E-BFA79A5B4526}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{05D7FFA3-E0E6-480A-846F-9045E9EEF0C9}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\IL-2 Sturmovik Cliffs of Dover\Launcher.exe
FirewallRules: [{E7247C92-F9DA-4B9D-A5AC-3B1FC0C48AF3}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\IL-2 Sturmovik Cliffs of Dover\Launcher.exe
FirewallRules: [{6AB19740-F0EC-42B9-A4D4-67C2D7286C0E}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D4400AAC-BA51-497A-8CD9-F75B0A20568B}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{355E7556-05C5-4D9F-B0F8-C16E1CFC5AB1}] => (Block) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [{90500F81-B705-48AB-AB8F-8FBE6E5E61D7}] => (Block) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [UDP Query User{9A58EBC4-CD8F-4BE7-BAC6-85C3E54DA5FF}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [TCP Query User{DD4EB6CA-88F8-411E-A3C5-093667EB689D}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.2.2\AusweisApp2.exe
FirewallRules: [{A213B923-CA6F-401E-82F0-0E34402AEFCA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8B34EAE-8DAB-4497-9658-F16BA6D99080}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2A46827-E6D3-4326-BA58-A1615457D9FF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{1C4A4442-440F-4ADE-BFC0-D63786A84F0C}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{3524F0A9-6F7E-4A6C-B6A3-2BFF7B71F686}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{124894AE-D52E-45BB-8782-040810F01B22}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{89BA1B81-C263-4620-8977-310C88B55A30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0A276127-2D54-4BAD-9CC5-1DD08A379D6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{F3237A89-850D-478A-A0B5-0DE1575AE1F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{17761D45-6795-4446-8EED-CB351594D6EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{64803FFB-FC94-4667-B9E6-5969D6D94CF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9F41279A-CC24-488B-A2DF-4445A75523A8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8E6DAE37-9665-4F69-A01F-65A386455AF2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D4250D0A-0117-40BF-8506-7EED949D06A5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{6B82F515-CB4F-4A02-B226-11350078987F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [TCP Query User{D413E93E-8D02-4130-8F18-FA627B4466DE}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{6652D262-56CB-49A2-A3ED-66DDAA0485B9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

==================== Wiederherstellungspunkte =========================

27-10-2016 22:22:32 Installed Elite Dangerous Market Connector
29-10-2016 23:27:02 Installed Elite Dangerous Market Connector
02-11-2016 19:20:21 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
02-11-2016 19:20:27 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
03-11-2016 08:18:27 chip 1-click download service wurde entfernt.
03-11-2016 08:18:49 Removed Cuttermaran 1.70
05-11-2016 08:58:13 Garmin Express

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/06/2016 08:47:06 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 3056. Meldungs-ID: [0x2509].


Systemfehler:
=============
Error: (11/06/2016 09:12:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/06/2016 09:12:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "UI0Detect" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (11/06/2016 09:12:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/06/2016 09:12:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/06/2016 09:12:47 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/06/2016 09:12:47 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/06/2016 09:12:46 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "SPVVEngine" ist von folgendem Dienst abhängig: SPVDPort. Dieser Dienst ist möglicherweise nicht installiert.


CodeIntegrity:
===================================
  Date: 2016-09-21 20:19:43.421
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 16337.71 MB
Verfügbarer physikalischer RAM: 13547.73 MB
Summe virtueller Speicher: 18769.71 MB
Verfügbarer virtueller Speicher: 15848.05 MB

==================== Laufwerke ================================

Drive c: (DISK1_C) (Fixed) (Total:223.13 GB) (Free:149.06 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (DISK2_D) (Fixed) (Total:467.46 GB) (Free:225.96 GB) NTFS
Drive e: (DISK2_E) (Fixed) (Total:464.04 GB) (Free:384.4 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (DISK3_F) (Fixed) (Total:223.57 GB) (Free:77.69 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 223.6 GB) (Disk ID: 903CC57B)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 223.6 GB) (Disk ID: 4EFA3136)
Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2F8692B5)
Partition 1: (Not Active) - (Size=467.5 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=464 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Adware Cleaner

Code:
ATTFilter
# AdwCleaner v6.030 - Logfile created 06/11/2016 at 10:07:27
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-05.1 [Server]
# Operating System : Windows 10 Pro  (X64)
# Username : nc-be_000 - THOMASPC
# Running from : C:\Downloads\adwcleaner_6.030.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

Folder Found:  C:\Users\nc-be_000\AppData\Roaming\Browser-Security


***** [ Files ] *****

File Found:  C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\extensions\firefox@browser-security.de.xpi


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found:  HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Software\Brothersoft
Key Found:  HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Software\PRODUCTSETUP
Key Found:  HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Software\csastats
Key Found:  HKCU\Software\Brothersoft
Key Found:  HKCU\Software\PRODUCTSETUP
Key Found:  HKCU\Software\csastats
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser-Security
Key Found:  [x64] HKCU\Software\Brothersoft
Key Found:  [x64] HKCU\Software\PRODUCTSETUP
Key Found:  [x64] HKCU\Software\csastats
Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Value Found:  HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
Value Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
Value Found:  [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [8647 Bytes] - [01/11/2015 13:42:45]
C:\AdwCleaner\AdwCleaner[S1].txt - [8590 Bytes] - [01/11/2015 13:40:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [2448 Bytes] - [06/11/2016 10:07:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2521 Bytes] ##########
         
Anti malware

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 06.11.2016
Suchlaufzeit: 09:58
Protokolldatei: Anti Malware.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.11.06.04
Rootkit-Datenbank: v2016.10.31.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: nc-be_000

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 407364
Abgelaufene Zeit: 5 Min., 35 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 3
PUP.Optional.Vondos, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Browser-Security, Keine Aktion durch Benutzer, [c64614a93c5e05312191bf5c53b28d73], 
PUP.Optional.InstallCore, HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\SOFTWARE\csastats, Keine Aktion durch Benutzer, [96769b22ebaf5dd988b402f88d764eb2], 
PUP.Optional.ProductSetup, HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\SOFTWARE\PRODUCTSETUP, Keine Aktion durch Benutzer, [06069c2147531e18198b357bdd26659b], 

Registrierungswerte: 2
PUP.Optional.DownloadProtect, HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|safe_urls768, "C:\Users\nc-be_000\AppData\Roaming\Browser-Security\s768.exe", Keine Aktion durch Benutzer, [a963bffee0ba3afc3964cd450df8649c]
PUP.Optional.ProductSetup, HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\SOFTWARE\PRODUCTSETUP|tb, 0K2Y1J1E2T1S2X0X0Z1S1N1C2S1G, Keine Aktion durch Benutzer, [06069c2147531e18198b357bdd26659b]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.BrowserSecurity, C:\Users\nc-be_000\AppData\Roaming\Browser-Security, Keine Aktion durch Benutzer, [1cf0a617435793a3a29f2c962bd7dc24], 
PUP.Optional.DesktopTool, C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache\DesktopToolMini_global__4_, In Quarantäne, [b656e7d60595fb3b4052873fa2603dc3], 

Dateien: 7
PUP.Optional.Vondos, C:\Users\nc-be_000\AppData\Roaming\Browser-Security\uninstall.exe, Keine Aktion durch Benutzer, [c64614a93c5e05312191bf5c53b28d73], 
PUP.Optional.FusionCore, C:\Downloads\FreeYouTubeToMP3Converter_4.1.28.831_d.exe, Keine Aktion durch Benutzer, [9d6ff1cce3b777bf5a1942ceb74e7b85], 
PUP.Optional.BrowserSecurity, C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\extensions\FIREFOX@BROWSER-SECURITY.DE.XPI, Keine Aktion durch Benutzer, [57b5a31a2d6dd95d6b76c4ffa06308f8], 
PUP.Optional.BrowserSecurity, C:\Users\nc-be_000\AppData\Roaming\Browser-Security\data, Keine Aktion durch Benutzer, [1cf0a617435793a3a29f2c962bd7dc24], 
PUP.Optional.BrowserSecurity, C:\Users\nc-be_000\AppData\Roaming\Browser-Security\license.rtf, Keine Aktion durch Benutzer, [1cf0a617435793a3a29f2c962bd7dc24], 
PUM.Optional.FireFoxSecurityOverride, C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\user.js, Keine Aktion durch Benutzer, [8785c7f699015fd720d4e5b61ee60df3], 
PUP.Optional.DesktopTool, C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache\DesktopToolMini_global__4_\6672755256af10d0, In Quarantäne, [b656e7d60595fb3b4052873fa2603dc3], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
und noch Bit Defender

Code:
ATTFilter
<?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/xsl" href="C:\Program Files\Bitdefender\Bitdefender 2016\ondemand.xsl"?>
<ScanSession creator="Bitdefender Internet Security 2016" name="System-Scan" installPath="C:\Program Files\Bitdefender\Bitdefender 2016\" creationDate="Sonntag, 6. November 2016 19:16:26" originalPath="C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\dcf483c4-26d0-4e6f-ba28-6a53a00adae1\1478424301_1_02.xml" >
	<ScanSettings 
		statisticsRefreshInterval="1000"
		scanSpeed="1.000000"
		lowPriority="0"
		enableExclusions="1"
		enableTaskExclusions="0"
		scanAdware="1"
		scanSpyware="1"
		scanApplications="1"
		scanDialers="1"
		scanKeyloggers="1"
		scanFiles="1"
		scanAllFiles="1"
		scanProgramsOnly="0"
		useCustomPrograms="0"
		customPrograms=""
		scanUserDefined="0"
		scanPacked="1"
		scanArchives="1"
		useSmartScan="1"
		scanEmails="1"
		scanRootkits="0"
		scanAllRootkits="1"
		scanBoot="1"
		scanMemory="1"
		scanRegistry="1"
		quickScan="1"
		quickScanMemory="0"
		quickScanAutoruns="0"
		quickScanPlugins="1"
		scanCookies="1"
		shutdownAfter="0"
		passwordPrompt="0"
		onlyAllowedActions="1"
		deepArchiveScan="1"
		maxArchiveLevel="15"
		maxArchiveSize="0"
		infectedAction1="3"
		infectedAction2="7"
		suspectAction1="7"
		suspectAction2="1"
		rootkitAction="3"
		userDefinedExtensions=""
		scanPua="-1"
	>

		<ScanPaths>
			<path>C:\</path>
			<path>D:\</path>
			<path>E:\</path>
			<path>F:\</path>
		</ScanPaths>

		<ExcludedPaths>
		</ExcludedPaths>

		<ExcludedExtensions>
		</ExcludedExtensions>

	</ScanSettings>

	<EngineSummary
		totalSignatures="7552077"
		/>

	<ScanSummary
		scannedArchives="1237"
		scannedPacked="414"
		startTime="1478424301"
		duration="11060391"
	>

		<TypeSummary type="1"
			scanned="34"
			infected="0"
			suspicious="0"
			disinfected="0"
			deleted="0"
			moved="0"
			moved_reboot="0"
			delete_reboot="0"
			renamed="0"
			hidden="0"
		/>

		<TypeSummary type="4"
			scanned="0"
			infected="0"
			suspicious="0"
			disinfected="0"
			deleted="0"
			moved="0"
			moved_reboot="0"
			delete_reboot="0"
			renamed="0"
			hidden="0"
		/>

		<TypeSummary type="0"
			scanned="5812420"
			infected="2"
			suspicious="0"
			disinfected="0"
			deleted="2"
			moved="0"
			moved_reboot="0"
			delete_reboot="0"
			renamed="0"
			hidden="0"
		/>

		<TypeSummary type="5"
			scanned="0"
			infected="0"
			suspicious="0"
			disinfected="0"
			deleted="0"
			moved="0"
			moved_reboot="0"
			delete_reboot="0"
			renamed="0"
			hidden="0"
		/>

		<TypeSummary type="2"
			scanned="7233"
			infected="0"
			suspicious="0"
			disinfected="0"
			deleted="0"
			moved="0"
			moved_reboot="0"
			delete_reboot="0"
			renamed="0"
			hidden="0"
		/>

		<TypeSummary type="3"
			scanned="5022"
			infected="0"
			suspicious="0"
			disinfected="0"
			deleted="0"
			moved="0"
			moved_reboot="0"
			delete_reboot="0"
			renamed="0"
			hidden="0"
		/>

		<TypeSummary type="6"
			scanned="0"
			infected="0"
			suspicious="0"
			disinfected="0"
			deleted="0"
			moved="0"
			moved_reboot="0"
			delete_reboot="0"
			renamed="0"
			hidden="0"
		/>

	</ScanSummary>

	<ScanDetails>
		<UnresolvedDetails>
		</UnresolvedDetails>

		<ResolvedDetails>
			<Item type="0" objectType="0" path="C:\Users\nc-be_000\AppData\Roaming\Thunderbird\Profiles\8ba7qkeq.default\Mail\Local Folders\Trash=&gt;(message 47)=&gt;[Subject: Re: Quotation for November][Date: Thu, 3 Nov 2016 20:45:22 +0600]=&gt;Purchase order #01123 forNovember 2016.zip=&gt;Purchase order #01123 for November 2016.exe" threatType="0" threatName="Trojan.Zmutzy.32" action="5" allActions="3 7 1 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
			<Item type="0" objectType="0" path="C:\Users\nc-be_000\AppData\Roaming\Thunderbird\Profiles\8ba7qkeq.default\Mail\Local Folders\Inbox=&gt;(message 123)=&gt;[Subject: Re: Quotation for November][Date: Thu, 3 Nov 2016 20:45:22 +0600]=&gt;Purchase order #01123 forNovember 2016.zip=&gt;Purchase order #01123 for November 2016.exe" threatType="0" threatName="Trojan.Zmutzy.32" action="5" allActions="3 7 1 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
		</ResolvedDetails>

		<IgnoredDetails>
		</IgnoredDetails>

		<QuickScanDetails>
		</QuickScanDetails>
		<NotScannedDetails
			skipped="78528"
			ioerrors="1"
			archiveBombs="0"
			passwordProtected="84"
		>

			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;tab2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;arrow1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt51.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt33.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt21.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\Treiber\ASRock Z77Pro4-M\PW_XFastUSB(v3.02.38).rar" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt42.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="E:\pagefile.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;glyph4.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt11.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;arrow2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt52.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;glyph5.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt12.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bck1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bck2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;preview.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt31.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;glyph6.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt13.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;checkbox2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt21.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;checkbox3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt22.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;sprite1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;checkbox4.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt41.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt23.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt32.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;glyph7.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt61.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt43.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt53.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;bt62.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;checkbox1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;default.skn" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;defbtn1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;main.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;defbtn2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;defbtn3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;glyph1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;glyph2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;glyph3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;sprite1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;tab1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=&gt;wise0023=&gt;tab2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt51.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt33.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;arrow1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt52.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;arrow2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bck1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bck2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt11.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt12.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt31.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt13.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt22.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt41.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt23.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt32.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt42.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt61.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt43.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt53.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;bt62.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;checkbox1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;checkbox2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;checkbox3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;checkbox4.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;default.skn" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;defbtn1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;defbtn2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;defbtn3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;glyph1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;glyph2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;glyph3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;glyph4.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;glyph5.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;glyph6.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;glyph7.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;main.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;preview.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=&gt;wise0023=&gt;tab1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
			<Item type="0" objectType="0" path="C:\Users\nc-be_000\AppData\Local\Abelssoft\.data=&gt;ui.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
		</NotScannedDetails>
	</ScanDetails>

</ScanSession>
         
Ich hoffe ich habe die Anleitung richtig verstanden und nicht nur Müll gepostet.

Gruß

Tomkin
__________________


Geändert von Tommkin (06.11.2016 um 23:39 Uhr) Grund: Rechtschreibung

Alt 07.11.2016, 10:19   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige.



Hallo und

+++ WICHTIGER HINWEIS +++


Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?




1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
__________________

Alt 07.11.2016, 19:05   #4
Tommkin
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

Rechner startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige Logs_1



Hier die Ergebnisse:

Mbar, ohne Befund:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.11.07.07
  rootkit: v2016.10.31.01

Windows 10 x64 NTFS
Internet Explorer 11.321.14393.0
nc-be_000 :: THOMASPC [administrator]

07.11.2016 18:00:11
mbar-log-2016-11-07 (18-00-11).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 409027
Time elapsed: 8 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
und TDSS mit 1 Fund:

Code:
ATTFilter
18:11:02.0310 0x25fc  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
18:11:09.0161 0x25fc  ============================================================
18:11:09.0161 0x25fc  Current date / time: 2016/11/07 18:11:09.0161
18:11:09.0161 0x25fc  SystemInfo:
18:11:09.0161 0x25fc  
18:11:09.0161 0x25fc  OS Version: 10.0.14393 ServicePack: 0.0
18:11:09.0361 0x25fc  Product type: Workstation
18:11:09.0361 0x25fc  ComputerName: THOMASPC
18:11:09.0361 0x25fc  UserName: nc-be_000
18:11:09.0361 0x25fc  Windows directory: C:\WINDOWS
18:11:09.0361 0x25fc  System windows directory: C:\WINDOWS
18:11:09.0361 0x25fc  Running under WOW64
18:11:09.0361 0x25fc  Processor architecture: Intel x64
18:11:09.0361 0x25fc  Number of processors: 4
18:11:09.0361 0x25fc  Page size: 0x1000
18:11:09.0361 0x25fc  Boot type: Normal boot
18:11:09.0361 0x25fc  CodeIntegrityOptions = 0x00000001
18:11:09.0361 0x25fc  ============================================================
18:11:09.0411 0x25fc  KLMD registered as C:\WINDOWS\system32\drivers\41585019.sys
18:11:09.0412 0x25fc  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.351, osProperties = 0x19
18:11:09.0540 0x25fc  System UUID: {DED72CCF-BEB6-B827-D699-97BFE01AB4E2}
18:11:09.0957 0x25fc  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:11:09.0961 0x25fc  Drive \Device\Harddisk1\DR1 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:11:10.0168 0x25fc  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:11:10.0207 0x25fc  ============================================================
18:11:10.0207 0x25fc  \Device\Harddisk0\DR0:
18:11:10.0210 0x25fc  MBR partitions:
18:11:10.0210 0x25fc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1BF23000
18:11:10.0210 0x25fc  \Device\Harddisk1\DR1:
18:11:10.0211 0x25fc  MBR partitions:
18:11:10.0211 0x25fc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1BE42000
18:11:10.0211 0x25fc  \Device\Harddisk2\DR2:
18:11:10.0211 0x25fc  MBR partitions:
18:11:10.0211 0x25fc  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x1000, BlocksNum 0x3A6EE000
18:11:10.0211 0x25fc  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x3A6F0000, BlocksNum 0x3A016800
18:11:10.0211 0x25fc  ============================================================
18:11:10.0218 0x25fc  D: <-> \Device\Harddisk2\DR2\Partition1
18:11:10.0261 0x25fc  E: <-> \Device\Harddisk2\DR2\Partition2
18:11:10.0262 0x25fc  F: <-> \Device\Harddisk0\DR0\Partition1
18:11:10.0263 0x25fc  C: <-> \Device\Harddisk1\DR1\Partition1
18:11:10.0263 0x25fc  ============================================================
18:11:10.0263 0x25fc  Initialize success
18:11:10.0263 0x25fc  ============================================================
18:12:04.0093 0x2b70  ============================================================
18:12:04.0093 0x2b70  Scan started
18:12:04.0093 0x2b70  Mode: Manual; SigCheck; TDLFS; 
18:12:04.0093 0x2b70  ============================================================
18:12:04.0093 0x2b70  KSN ping started
18:12:04.0171 0x2b70  KSN ping finished: true
18:12:05.0526 0x2b70  ================ Scan system memory ========================
18:12:05.0526 0x2b70  System memory - ok
18:12:05.0526 0x2b70  ================ Scan services =============================
18:12:05.0572 0x2b70  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
18:12:05.0614 0x2b70  1394ohci - ok
18:12:05.0625 0x2b70  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
18:12:05.0636 0x2b70  3ware - ok
18:12:05.0648 0x2b70  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
18:12:05.0668 0x2b70  ACPI - ok
18:12:05.0672 0x2b70  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
18:12:05.0684 0x2b70  AcpiDev - ok
18:12:05.0688 0x2b70  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
18:12:05.0699 0x2b70  acpiex - ok
18:12:05.0702 0x2b70  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
18:12:05.0714 0x2b70  acpipagr - ok
18:12:05.0717 0x2b70  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
18:12:05.0731 0x2b70  AcpiPmi - ok
18:12:05.0733 0x2b70  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
18:12:05.0743 0x2b70  acpitime - ok
18:12:05.0750 0x2b70  [ DC00FD73505DAEDD99CAF4533B0C05BD, 2863D1F0587B79254FBE093C191C73892768CF2AC59BEF97745EE66CEE3473AF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:12:05.0757 0x2b70  AdobeARMservice - ok
18:12:05.0784 0x2b70  [ 16D11D2CA3F2078F553E0C3A70A4F050, 51EEA7EFBE122D3FEB2F8487F5A45166A0C4963314B28840C3C404479B4E1849 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:12:05.0794 0x2b70  AdobeFlashPlayerUpdateSvc - ok
18:12:05.0812 0x2b70  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:12:05.0839 0x2b70  ADP80XX - ok
18:12:05.0851 0x2b70  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
18:12:05.0870 0x2b70  AFD - ok
18:12:05.0876 0x2b70  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:12:05.0894 0x2b70  ahcache - ok
18:12:05.0896 0x2b70  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
18:12:05.0911 0x2b70  AJRouter - ok
18:12:05.0915 0x2b70  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
18:12:05.0930 0x2b70  ALG - ok
18:12:05.0935 0x2b70  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
18:12:05.0949 0x2b70  AmdK8 - ok
18:12:05.0953 0x2b70  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
18:12:05.0967 0x2b70  AmdPPM - ok
18:12:05.0970 0x2b70  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
18:12:05.0979 0x2b70  amdsata - ok
18:12:05.0985 0x2b70  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
18:12:05.0998 0x2b70  amdsbs - ok
18:12:06.0001 0x2b70  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
18:12:06.0009 0x2b70  amdxata - ok
18:12:06.0012 0x2b70  [ 39B6FAE7DFE1B70034F253AB0BB96E2F, 477D9788BB1717F966E8E4F776CE52425BB76288A99FF34AE7A24D4221EA5D05 ] ampa            C:\WINDOWS\system32\ampa.sys
18:12:06.0027 0x2b70  ampa - detected UnsignedFile.Multi.Generic ( 1 )
18:12:06.0087 0x2b70  Detect skipped due to KSN trusted
18:12:06.0087 0x2b70  ampa - ok
18:12:06.0093 0x2b70  [ 915AB605A83496793E1BC465490C9F23, B70BFE1763AFA089DB4B21433FC086447AD3CCB4FE6DBFF372E6FD3667962A84 ] AnyDVD          C:\WINDOWS\system32\Drivers\AnyDVD.sys
18:12:06.0103 0x2b70  AnyDVD - ok
18:12:06.0107 0x2b70  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
18:12:06.0119 0x2b70  AppID - ok
18:12:06.0122 0x2b70  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
18:12:06.0142 0x2b70  AppIDSvc - ok
18:12:06.0145 0x2b70  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
18:12:06.0160 0x2b70  Appinfo - ok
18:12:06.0162 0x2b70  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
18:12:06.0181 0x2b70  applockerfltr - ok
18:12:06.0186 0x2b70  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:12:06.0203 0x2b70  AppMgmt - ok
18:12:06.0213 0x2b70  [ 21DC11DA29484AE026E536F2EA7E79E5, 6E17B679494CB293DE13DFA18F79A9DFAFEEBAAE41943F95B5E1AE0720A5CA26 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
18:12:06.0240 0x2b70  AppReadiness - ok
18:12:06.0253 0x2b70  [ 6010A920FDE5BFE4EA056F9736FBDC06, F55F68D5AD1F272BC285E716E02090C62FC87476DD6CE7ABA6BE7EF8EF6178DE ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
18:12:06.0275 0x2b70  AppVClient - ok
18:12:06.0279 0x2b70  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
18:12:06.0291 0x2b70  AppvStrm - ok
18:12:06.0295 0x2b70  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
18:12:06.0305 0x2b70  AppvVemgr - ok
18:12:06.0309 0x2b70  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
18:12:06.0320 0x2b70  AppvVfs - ok
18:12:06.0351 0x2b70  [ 8FF9C45D01C50D6C1F2A9D149624E240, 1F1998D76E2F0B49820498ECF2B17F43590828B621545AF311487D03542DFEED ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
18:12:06.0414 0x2b70  AppXSvc - ok
18:12:06.0419 0x2b70  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
18:12:06.0429 0x2b70  arcsas - ok
18:12:06.0433 0x2b70  [ 1A234F4643F5658BAB07BFA611282267, F40435488389B4FB3B945CA21A8325A51E1B5F80F045AB019748D0EC66056A8B ] AsrDrv101       C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys
18:12:06.0440 0x2b70  AsrDrv101 - ok
18:12:06.0443 0x2b70  [ 54432330034E441B0D4E98334F350933, 76C08ED95C5E07787F38EB306A1EBBB1513CD7AF41E8A2B8CD6A200274368A87 ] AsrRamDisk      C:\WINDOWS\system32\drivers\AsrRamDisk.sys
18:12:06.0451 0x2b70  AsrRamDisk - ok
18:12:06.0454 0x2b70  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
18:12:06.0467 0x2b70  AsyncMac - ok
18:12:06.0470 0x2b70  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
18:12:06.0478 0x2b70  atapi - ok
18:12:06.0485 0x2b70  [ 30A8C6FAA572A020F373DA089AD9A603, 7828AE582FF5D99A94663AFB5A163BAD49611EE680ED63C548288F684906EDD8 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:12:06.0504 0x2b70  AudioEndpointBuilder - ok
18:12:06.0518 0x2b70  [ 59E69B38FBB892BED6F373AE428FB256, 1E729C19686A1785FCDD260661953E0BBF095D0D746C580581E536CD2642C2F3 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
18:12:06.0550 0x2b70  Audiosrv - ok
18:12:06.0575 0x2b70  [ DA978AB6E0AAEA82235C943DEED3484C, 42A3ADB76B9E5F7309992C9737956CBE1706DD0FEC9565F493EDD104D8E64C97 ] avc3            C:\WINDOWS\system32\DRIVERS\avc3.sys
18:12:06.0607 0x2b70  avc3 - ok
18:12:06.0622 0x2b70  [ 09A3015AEA14CF9A4ECDE1CEA6AFE0AA, 77A58DE0961F1C2BD9627A975EF661A63EA5E4A3361433353408EABCE6869317 ] avckf           C:\WINDOWS\system32\DRIVERS\avckf.sys
18:12:06.0643 0x2b70  avckf - ok
18:12:06.0647 0x2b70  [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura         C:\WINDOWS\System32\drivers\avmaura.sys
18:12:06.0662 0x2b70  avmaura - ok
18:12:06.0666 0x2b70  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
18:12:06.0680 0x2b70  AxInstSV - ok
18:12:06.0683 0x2b70  [ 969F1D19449DC5C2535DD5786093F651, 2BF29A2DF52110ED463D51376562AFCEAC0E80FBB1033284CF50EDD86C406B14 ] AxtuDrv         C:\WINDOWS\SysWOW64\Drivers\AxtuDrv.sys
18:12:06.0690 0x2b70  AxtuDrv - ok
18:12:06.0699 0x2b70  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
18:12:06.0716 0x2b70  b06bdrv - ok
18:12:06.0720 0x2b70  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:12:06.0734 0x2b70  BasicDisplay - ok
18:12:06.0737 0x2b70  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
18:12:06.0748 0x2b70  BasicRender - ok
18:12:06.0751 0x2b70  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
18:12:06.0762 0x2b70  bcmfn - ok
18:12:06.0765 0x2b70  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
18:12:06.0775 0x2b70  bcmfn2 - ok
18:12:06.0778 0x2b70  [ 3701D3BF4AC12EAACB1F58847C1D32FC, 29F3DA7E4C1706934BE92D03CB6F633C47D0251E5580958E823B6148DA5E5E73 ] bdelam          C:\WINDOWS\system32\drivers\bdelam.sys
18:12:06.0789 0x2b70  bdelam - ok
18:12:06.0795 0x2b70  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
18:12:06.0815 0x2b70  BDESVC - ok
18:12:06.0821 0x2b70  [ 14F686FA27C2914128031504B70D2B5E, BED77F4A6DC8B30ADB698FBCC00153D924310188EFBE22ADD2BAA3321C746556 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
18:12:06.0830 0x2b70  bdfwfpf - ok
18:12:06.0834 0x2b70  [ D8FAF7CFBC81E5E15CA7A7EC8EE1B409, 75E60DF2147DFB109E628FDF80EB1BFA5360E5935BB9237B67053588F906E1B1 ] BDVEDISK        C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
18:12:06.0842 0x2b70  BDVEDISK - ok
18:12:06.0845 0x2b70  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:12:06.0857 0x2b70  Beep - ok
18:12:06.0880 0x2b70  [ DBF7BEDEDEAD1E524C0E066B4AFCF61F, B9D38AF4A61E478EADA15578416E4A8806188A5DDF04DD0AFCC118A5A5B4AC1D ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
18:12:06.0909 0x2b70  BEService - ok
18:12:06.0923 0x2b70  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
18:12:06.0953 0x2b70  BFE - ok
18:12:06.0969 0x2b70  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
18:12:07.0007 0x2b70  BITS - ok
18:12:07.0016 0x2b70  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:12:07.0028 0x2b70  Bonjour Service - ok
18:12:07.0031 0x2b70  [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
18:12:07.0045 0x2b70  bowser - ok
18:12:07.0058 0x2b70  [ BD33624B1F5C35F519E87B53DBC30B34, 3EFE680D7E9FCD89492DCF4E53980D01FC92DC1F63935DF16429B66DCA2AA865 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:12:07.0087 0x2b70  BrokerInfrastructure - ok
18:12:07.0092 0x2b70  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
18:12:07.0107 0x2b70  Browser - ok
18:12:07.0110 0x2b70  [ 0B2EE8B36081C1039EA3D20B952A8DDC, 4849F424B15CBF2342811D944A599D762D206E33D284429483D9769FD07C3BE7 ] bthav           C:\WINDOWS\system32\drivers\bthav.sys
18:12:07.0118 0x2b70  bthav - detected UnsignedFile.Multi.Generic ( 1 )
18:12:07.0165 0x2b70  Detect skipped due to KSN trusted
18:12:07.0165 0x2b70  bthav - ok
18:12:07.0168 0x2b70  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:12:07.0180 0x2b70  BthAvrcpTg - ok
18:12:07.0185 0x2b70  [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
18:12:07.0199 0x2b70  BthEnum - ok
18:12:07.0203 0x2b70  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
18:12:07.0215 0x2b70  BthHFEnum - ok
18:12:07.0218 0x2b70  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
18:12:07.0229 0x2b70  bthhfhid - ok
18:12:07.0236 0x2b70  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
18:12:07.0254 0x2b70  BthHFSrv - ok
18:12:07.0257 0x2b70  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
18:12:07.0269 0x2b70  BTHMODEM - ok
18:12:07.0274 0x2b70  [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
18:12:07.0288 0x2b70  BthPan - ok
18:12:07.0303 0x2b70  [ E6D5762958A839B119C041256149AAD6, 8FB489F6771C392347E333935E00024309A19F1D3143F365A039A9D2DE0A639C ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
18:12:07.0337 0x2b70  BTHPORT - ok
18:12:07.0343 0x2b70  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
18:12:07.0360 0x2b70  bthserv - ok
18:12:07.0364 0x2b70  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
18:12:07.0377 0x2b70  BTHUSB - ok
18:12:07.0380 0x2b70  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
18:12:07.0398 0x2b70  buttonconverter - ok
18:12:07.0403 0x2b70  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
18:12:07.0418 0x2b70  CapImg - ok
18:12:07.0422 0x2b70  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:12:07.0439 0x2b70  cdfs - ok
18:12:07.0449 0x2b70  [ B737F6FB33A6F79BCBC293A5B32C1C4E, B2EAF621052A4CBEE78208ECF1AC9286BD1EB431019372254E442319308112F8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
18:12:07.0471 0x2b70  CDPSvc - ok
18:12:07.0479 0x2b70  [ 2531EF3423A9FE1692005A41907E3BE3, 4E7D3E216937305B73CBCC5031F513CEC38F4FEFE3F2291DED5F37641221CCA0 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
18:12:07.0504 0x2b70  CDPUserSvc - ok
18:12:07.0512 0x2b70  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
18:12:07.0527 0x2b70  cdrom - ok
18:12:07.0532 0x2b70  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
18:12:07.0549 0x2b70  CertPropSvc - ok
18:12:07.0557 0x2b70  [ CF3FFDA7B06A62DC018AFF75B4749FF4, B9ECE0A37CA4A389114737EADF68334DBF6A77214E8794ADFC6F83AD42F90D56 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
18:12:07.0573 0x2b70  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
18:12:07.0659 0x2b70  chip1click ( UnsignedFile.Multi.Generic ) - warning
18:12:07.0771 0x2b70  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
18:12:07.0784 0x2b70  cht4iscsi - ok
18:12:07.0824 0x2b70  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
18:12:07.0869 0x2b70  cht4vbd - ok
         
Code:
ATTFilter
18:12:07.0875 0x2b70  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
18:12:07.0887 0x2b70  circlass - ok
18:12:07.0896 0x2b70  [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
18:12:07.0911 0x2b70  CLFS - ok
18:12:07.0927 0x2b70  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
18:12:07.0948 0x2b70  ClipSVC - ok
18:12:07.0952 0x2b70  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
18:12:07.0965 0x2b70  clreg - ok
18:12:07.0971 0x2b70  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
18:12:07.0982 0x2b70  CmBatt - ok
18:12:07.0993 0x2b70  [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
18:12:08.0012 0x2b70  CNG - ok
18:12:08.0015 0x2b70  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
18:12:08.0023 0x2b70  cnghwassist - ok
18:12:08.0026 0x2b70  [ 9F50DBE58A98F6B96331F4606CA3188E, BCA2C9F4CB587242470CF07EA2A7E0C33DE8C8026C06F37A181ACE1992D6108B ] com0com         C:\WINDOWS\System32\drivers\com0com.sys
18:12:08.0040 0x2b70  com0com - ok
18:12:08.0057 0x2b70  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
18:12:08.0068 0x2b70  CompositeBus - ok
18:12:08.0070 0x2b70  COMSysApp - ok
18:12:08.0073 0x2b70  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
18:12:08.0083 0x2b70  condrv - ok
18:12:08.0095 0x2b70  [ 03DCC01047713690E312B013C60881AE, B98174222DDFDA2A31BAC4795D99FA07D1D03107ABDB27BF5069FAFBBF00D278 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
18:12:08.0116 0x2b70  CoreMessagingRegistrar - ok
18:12:08.0121 0x2b70  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
18:12:08.0137 0x2b70  CryptSvc - ok
18:12:08.0147 0x2b70  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
18:12:08.0171 0x2b70  CSC - ok
18:12:08.0183 0x2b70  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
18:12:08.0210 0x2b70  CscService - ok
18:12:08.0214 0x2b70  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\WINDOWS\system32\drivers\dam.sys
18:12:08.0222 0x2b70  dam - ok
18:12:08.0238 0x2b70  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:12:08.0270 0x2b70  DcomLaunch - ok
18:12:08.0275 0x2b70  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
18:12:08.0293 0x2b70  DcpSvc - ok
18:12:08.0303 0x2b70  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
18:12:08.0327 0x2b70  defragsvc - ok
18:12:08.0336 0x2b70  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:12:08.0357 0x2b70  DeviceAssociationService - ok
18:12:08.0362 0x2b70  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
18:12:08.0379 0x2b70  DeviceInstall - ok
18:12:08.0430 0x2b70  [ 0B24043732807EE3AA25389356F4DE7C, 6A9A65B38968FF704C3938BEF5E6C1226447FF4F78997473B1694EA8D3D519DF ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
18:12:08.0489 0x2b70  DevoloNetworkService - ok
18:12:08.0494 0x2b70  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
18:12:08.0507 0x2b70  DevQueryBroker - ok
18:12:08.0511 0x2b70  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
18:12:08.0527 0x2b70  Dfsc - ok
18:12:08.0531 0x2b70  [ BC319C065335B10A5AA5938A677A60D5, 6F32AF2A440E763DC2ADD06F3422DCF3285BDFA9E69E5C3CD67A10F039B2830F ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:12:08.0539 0x2b70  dg_ssudbus - ok
18:12:08.0546 0x2b70  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
18:12:08.0568 0x2b70  Dhcp - ok
18:12:08.0573 0x2b70  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
18:12:08.0588 0x2b70  diagnosticshub.standardcollector.service - ok
18:12:08.0616 0x2b70  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
18:12:08.0673 0x2b70  DiagTrack - ok
18:12:08.0682 0x2b70  [ 3F67A20D02EF74C112A42FD7746C8E2E, 502FA3C7C5F1BC51CA51ECB9A29EFAFFB36867F76AACF51FA7BEE45674F2C278 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
18:12:08.0695 0x2b70  DigitalWave.Update.Service - ok
18:12:08.0699 0x2b70  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
18:12:08.0708 0x2b70  disk - ok
18:12:08.0717 0x2b70  [ 44A5CAF4E736BCD4360015BB3B841179, 8CD74620C3E163FF998CA8C09A999FED5C9EFDC88D07493192A57032D18CA973 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
18:12:08.0737 0x2b70  DmEnrollmentSvc - ok
18:12:08.0740 0x2b70  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
18:12:08.0752 0x2b70  dmvsc - ok
18:12:08.0756 0x2b70  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
18:12:08.0770 0x2b70  dmwappushservice - ok
18:12:08.0776 0x2b70  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:12:08.0794 0x2b70  Dnscache - ok
18:12:08.0800 0x2b70  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:12:08.0819 0x2b70  dot3svc - ok
18:12:08.0823 0x2b70  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
18:12:08.0830 0x2b70  dot4 - ok
18:12:08.0833 0x2b70  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\WINDOWS\System32\drivers\Dot4Prt.sys
18:12:08.0838 0x2b70  Dot4Print - ok
18:12:08.0841 0x2b70  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
18:12:08.0847 0x2b70  dot4usb - ok
18:12:08.0852 0x2b70  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
18:12:08.0867 0x2b70  DPS - ok
18:12:08.0870 0x2b70  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
18:12:08.0878 0x2b70  drmkaud - ok
18:12:08.0883 0x2b70  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
18:12:08.0904 0x2b70  DsmSvc - ok
18:12:08.0908 0x2b70  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
18:12:08.0923 0x2b70  DsSvc - ok
18:12:08.0954 0x2b70  [ 125C83C44EEE61E2ED5893F23AEF0FC9, D6599AFFA1A554124AEF6862C69027F9FF9B343362091439866641A1CFB0E76A ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:12:08.0999 0x2b70  DXGKrnl - ok
18:12:09.0004 0x2b70  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:12:09.0021 0x2b70  EapHost - ok
18:12:09.0067 0x2b70  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
18:12:09.0133 0x2b70  ebdrv - ok
18:12:09.0138 0x2b70  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
18:12:09.0148 0x2b70  EFS - ok
18:12:09.0152 0x2b70  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
18:12:09.0161 0x2b70  EhStorClass - ok
18:12:09.0165 0x2b70  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:12:09.0175 0x2b70  EhStorTcgDrv - ok
18:12:09.0178 0x2b70  [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL        C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
18:12:09.0185 0x2b70  ElbyCDFL - ok
18:12:09.0187 0x2b70  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
18:12:09.0194 0x2b70  ElbyCDIO - ok
18:12:09.0198 0x2b70  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
18:12:09.0214 0x2b70  embeddedmode - ok
18:12:09.0221 0x2b70  [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
18:12:09.0241 0x2b70  EntAppSvc - ok
18:12:09.0243 0x2b70  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
18:12:09.0255 0x2b70  ErrDev - ok
18:12:09.0265 0x2b70  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
18:12:09.0287 0x2b70  EventSystem - ok
18:12:09.0294 0x2b70  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
18:12:09.0312 0x2b70  exfat - ok
18:12:09.0318 0x2b70  [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
18:12:09.0332 0x2b70  fastfat - ok
18:12:09.0343 0x2b70  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:12:09.0369 0x2b70  Fax - ok
18:12:09.0372 0x2b70  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
18:12:09.0383 0x2b70  fdc - ok
18:12:09.0386 0x2b70  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
18:12:09.0399 0x2b70  fdPHost - ok
18:12:09.0401 0x2b70  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
18:12:09.0415 0x2b70  FDResPub - ok
18:12:09.0419 0x2b70  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
18:12:09.0433 0x2b70  fhsvc - ok
18:12:09.0437 0x2b70  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
18:12:09.0450 0x2b70  FileCrypt - ok
18:12:09.0454 0x2b70  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
18:12:09.0462 0x2b70  FileInfo - ok
18:12:09.0465 0x2b70  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
18:12:09.0478 0x2b70  Filetrace - ok
18:12:09.0481 0x2b70  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
18:12:09.0492 0x2b70  flpydisk - ok
18:12:09.0499 0x2b70  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:12:09.0513 0x2b70  FltMgr - ok
18:12:09.0539 0x2b70  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\WINDOWS\system32\FntCache.dll
18:12:09.0590 0x2b70  FontCache - ok
18:12:09.0596 0x2b70  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:12:09.0604 0x2b70  FontCache3.0.0.0 - ok
18:12:09.0617 0x2b70  [ 4816E166BD2C0E637DB183D24765684F, 69580B82DA9A5F4E54EE9604C6B717D0307A345F8FFB42515669F086CC4A88D1 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
18:12:09.0646 0x2b70  FrameServer - ok
18:12:09.0650 0x2b70  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
18:12:09.0659 0x2b70  FsDepends - ok
18:12:09.0661 0x2b70  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:12:09.0670 0x2b70  Fs_Rec - ok
18:12:09.0676 0x2b70  [ E58F8FD3DEF63069C698D63198F9D63B, 2FE372E95E4BF95564A1B5CDC4F8A538CCBA3FBA0C3937579D3B3C287899BBF9 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
18:12:09.0687 0x2b70  Futuremark SystemInfo Service - ok
18:12:09.0699 0x2b70  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:12:09.0718 0x2b70  fvevol - ok
18:12:09.0736 0x2b70  [ 13B46C5D8AC698E7E5C46620516F03AC, D9756699B7F9701F2EF70E3DB2C3DED25D12478C4831F9F0621C542998CBD03D ] Garmin Device Interaction Service C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
18:12:09.0756 0x2b70  Garmin Device Interaction Service - ok
18:12:09.0760 0x2b70  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
18:12:09.0772 0x2b70  gencounter - ok
18:12:09.0777 0x2b70  [ 7E7F9817B78056DE5E584084806CFE3A, E43CC0B7AA6B61CAFDE963CD3F9407953FFAAE40AC694F5D8BD07FB49E3B454A ] GeneralusbserialserZ52203 C:\WINDOWS\system32\DRIVERS\CT_U_USBSER_Z5.sys
18:12:09.0787 0x2b70  GeneralusbserialserZ52203 - ok
18:12:09.0790 0x2b70  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
18:12:09.0801 0x2b70  genericusbfn - ok
18:12:09.0805 0x2b70  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:12:09.0816 0x2b70  GPIOClx0101 - ok
18:12:09.0835 0x2b70  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
18:12:09.0874 0x2b70  gpsvc - ok
18:12:09.0878 0x2b70  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
18:12:09.0889 0x2b70  GpuEnergyDrv - ok
18:12:09.0893 0x2b70  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:12:09.0901 0x2b70  gupdate - ok
18:12:09.0904 0x2b70  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:12:09.0911 0x2b70  gupdatem - ok
18:12:09.0915 0x2b70  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:12:09.0922 0x2b70  gusvc - ok
18:12:09.0927 0x2b70  [ E4B7F2553A127E86E11343ED15320A99, A4EA52DF5D24EF8210192669934D3D0DD1A0E4CCAAD014D52F58D58A9D3C886A ] gzflt           C:\WINDOWS\system32\DRIVERS\gzflt.sys
18:12:09.0936 0x2b70  gzflt - ok
18:12:09.0941 0x2b70  [ 5BA6AEBB9B124D257A8BE9923837FDC3, 3495FACFE152773D82945D9C9E67F689CEFF34B0EC49E6ACE4FE29A10EDBC10C ] HCWF9BDA        C:\WINDOWS\System32\Drivers\hcwF9b64.sys
18:12:09.0949 0x2b70  HCWF9BDA - ok
18:12:09.0952 0x2b70  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
18:12:09.0966 0x2b70  HDAudBus - ok
18:12:09.0969 0x2b70  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
18:12:09.0977 0x2b70  HidBatt - ok
18:12:09.0981 0x2b70  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
18:12:09.0994 0x2b70  HidBth - ok
18:12:09.0997 0x2b70  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
18:12:10.0008 0x2b70  hidi2c - ok
18:12:10.0011 0x2b70  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
18:12:10.0020 0x2b70  hidinterrupt - ok
18:12:10.0023 0x2b70  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
18:12:10.0034 0x2b70  HidIr - ok
18:12:10.0037 0x2b70  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
18:12:10.0049 0x2b70  hidserv - ok
18:12:10.0052 0x2b70  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
18:12:10.0065 0x2b70  HidUsb - ok
18:12:10.0071 0x2b70  [ B3F963EBD55AEBA106342F5CBBCFEF5F, 316F6D94421EEF31CA87A6C54B819E9AA06994011244A3A75EB5DD09A6B79ECB ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:12:10.0089 0x2b70  HomeGroupListener - ok
18:12:10.0098 0x2b70  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:12:10.0120 0x2b70  HomeGroupProvider - ok
18:12:10.0128 0x2b70  [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
18:12:10.0137 0x2b70  hpqcxs08 - ok
18:12:10.0141 0x2b70  [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
18:12:10.0147 0x2b70  hpqddsvc - ok
18:12:10.0150 0x2b70  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
18:12:10.0159 0x2b70  HpSAMD - ok
18:12:10.0174 0x2b70  [ C995EA1C6915D897E06D41AF95B9312C, 65DE6599F1C735BBDCCE4728F7F98167BCA0BF1B8D4218BBF7546B025C9A38BD ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
18:12:10.0204 0x2b70  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
18:12:10.0250 0x2b70  Detect skipped due to KSN trusted
18:12:10.0250 0x2b70  HPSLPSVC - ok
18:12:10.0267 0x2b70  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
18:12:10.0294 0x2b70  HTTP - ok
18:12:10.0298 0x2b70  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
18:12:10.0313 0x2b70  HvHost - ok
18:12:10.0316 0x2b70  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
18:12:10.0325 0x2b70  hvservice - ok
18:12:10.0327 0x2b70  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\WINDOWS\system32\drivers\HWiNFO64A.SYS
18:12:10.0334 0x2b70  HWiNFO32 - ok
18:12:10.0337 0x2b70  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
18:12:10.0345 0x2b70  hwpolicy - ok
18:12:10.0349 0x2b70  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
18:12:10.0359 0x2b70  hyperkbd - ok
18:12:10.0363 0x2b70  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
18:12:10.0378 0x2b70  i8042prt - ok
18:12:10.0381 0x2b70  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
18:12:10.0394 0x2b70  iagpio - ok
18:12:10.0397 0x2b70  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
18:12:10.0408 0x2b70  iai2c - ok
18:12:10.0412 0x2b70  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
18:12:10.0423 0x2b70  iaLPSS2i_GPIO2 - ok
18:12:10.0428 0x2b70  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
18:12:10.0438 0x2b70  iaLPSS2i_I2C - ok
18:12:10.0440 0x2b70  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:12:10.0447 0x2b70  iaLPSSi_GPIO - ok
18:12:10.0451 0x2b70  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:12:10.0464 0x2b70  iaLPSSi_I2C - ok
18:12:10.0475 0x2b70  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
18:12:10.0494 0x2b70  iaStorAV - ok
18:12:10.0501 0x2b70  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
18:12:10.0516 0x2b70  iaStorV - ok
18:12:10.0525 0x2b70  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
18:12:10.0542 0x2b70  ibbus - ok
18:12:10.0548 0x2b70  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
18:12:10.0565 0x2b70  icssvc - ok
18:12:10.0567 0x2b70  igfx - ok
18:12:10.0574 0x2b70  [ 6A9C613D0F5F9676D128F39B63ACE45B, 027B9568C740E336C7CBBE952309E2719E8FFA14E7DFC2B85B49E0C0CE7D2149 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
18:12:10.0588 0x2b70  igfxCUIService1.0.0.0 - ok
18:12:10.0595 0x2b70  [ B69FBA64C0FF6C12A8D7E67A916469A8, 99ACE56DF40C541DD4FBF2D394C35B47F4F9FE5018E5C31C59513CB2E828E05C ] ignis           C:\WINDOWS\system32\DRIVERS\ignis.sys
18:12:10.0605 0x2b70  ignis - ok
18:12:10.0619 0x2b70  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
18:12:10.0650 0x2b70  IKEEXT - ok
18:12:10.0654 0x2b70  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
18:12:10.0666 0x2b70  IndirectKmd - ok
18:12:10.0670 0x2b70  [ 41CD73C13FCAEA4942F0CF7608B7530F, 835BF370E6624975E3CB7106D4835488D6F527C545E7B0ECD26A161D36CABABB ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
18:12:10.0678 0x2b70  intaud_WaveExtensible - ok
18:12:10.0690 0x2b70  [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:12:10.0705 0x2b70  Intel(R) Capability Licensing Service Interface - ok
18:12:10.0710 0x2b70  [ 125BED41A1AFDA9CAB2B6177553D5758, 00A6267AACC467FA09B49ECC6076F4C666BE98931C97D821E3225D68A3FF1BF1 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
18:12:10.0717 0x2b70  Intel(R) ME Service - ok
18:12:10.0720 0x2b70  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
18:12:10.0728 0x2b70  intelide - ok
18:12:10.0731 0x2b70  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
18:12:10.0739 0x2b70  intelpep - ok
18:12:10.0743 0x2b70  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
18:12:10.0756 0x2b70  intelppm - ok
18:12:10.0759 0x2b70  [ 4A922CAB4AB5F29F1BECC9D95B4B7F05, 7C1006799E26A0B4DF49373A4D0509748C602588CFB3C1CBB409E335F5DF9593 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
18:12:10.0768 0x2b70  iorate - ok
18:12:10.0771 0x2b70  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:12:10.0784 0x2b70  IpFilterDriver - ok
18:12:10.0799 0x2b70  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
18:12:10.0832 0x2b70  iphlpsvc - ok
18:12:10.0836 0x2b70  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:12:10.0845 0x2b70  IPMIDRV - ok
18:12:10.0850 0x2b70  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
18:12:10.0864 0x2b70  IPNAT - ok
18:12:10.0868 0x2b70  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
18:12:10.0881 0x2b70  irda - ok
18:12:10.0884 0x2b70  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
18:12:10.0895 0x2b70  IRENUM - ok
18:12:10.0898 0x2b70  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
18:12:10.0910 0x2b70  irmon - ok
18:12:10.0913 0x2b70  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
18:12:10.0920 0x2b70  isapnp - ok
18:12:10.0926 0x2b70  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
18:12:10.0938 0x2b70  iScsiPrt - ok
18:12:10.0941 0x2b70  [ 48B904D31F2369D7B0122617038D3F5B, 8A43CB37667929CCCC37B6E79E82509BBCA6C8884B44059DC87BCA7C21BE7FE1 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
18:12:10.0949 0x2b70  iwdbus - ok
18:12:10.0953 0x2b70  [ 5B14FDE79871F83A5E0DCDC01F78BECF, B3103D4671F7BD4843C62D6080894E068F7E794CB02D7A84AEFB5AC10EA23BDE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:12:10.0960 0x2b70  jhi_service - ok
18:12:10.0963 0x2b70  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
18:12:10.0972 0x2b70  kbdclass - ok
18:12:10.0975 0x2b70  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
18:12:10.0988 0x2b70  kbdhid - ok
18:12:10.0991 0x2b70  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
18:12:11.0002 0x2b70  kdnic - ok
18:12:11.0005 0x2b70  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
18:12:11.0014 0x2b70  KeyIso - ok
18:12:11.0017 0x2b70  [ 979D73298EAC28B4EE7A4333148FD358, 447D828D6AB0EFBC5A308C2485D4555AA947A0BC854E8EFB3167E9B0441603FA ] Kinonih         C:\WINDOWS\System32\drivers\kinonih.sys
18:12:11.0030 0x2b70  Kinonih - ok
18:12:11.0035 0x2b70  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
18:12:11.0044 0x2b70  KSecDD - ok
18:12:11.0049 0x2b70  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:12:11.0060 0x2b70  KSecPkg - ok
18:12:11.0063 0x2b70  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
18:12:11.0077 0x2b70  ksthunk - ok
18:12:11.0085 0x2b70  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
18:12:11.0105 0x2b70  KtmRm - ok
18:12:11.0113 0x2b70  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\WINDOWS\system32\DRIVERS\ladfGSCamd64.sys
18:12:11.0125 0x2b70  LADF_CaptureOnly - ok
18:12:11.0128 0x2b70  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\WINDOWS\system32\DRIVERS\ladfGSRamd64.sys
18:12:11.0135 0x2b70  LADF_RenderOnly - ok
18:12:11.0141 0x2b70  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
18:12:11.0160 0x2b70  LanmanServer - ok
18:12:11.0166 0x2b70  [ B581907FD94F1FF148BF695331F67612, 05D1FFA456557A291566D788B8DE2485552E361EC3C0F63EA1A710BE940A5398 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:12:11.0185 0x2b70  LanmanWorkstation - ok
18:12:11.0193 0x2b70  [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:12:11.0203 0x2b70  LBTServ - ok
18:12:11.0208 0x2b70  [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb         C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys
18:12:11.0214 0x2b70  LEqdUsb - ok
18:12:11.0217 0x2b70  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
18:12:11.0233 0x2b70  lfsvc - ok
18:12:11.0236 0x2b70  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
18:12:11.0245 0x2b70  LGBusEnum - ok
18:12:11.0248 0x2b70  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
18:12:11.0254 0x2b70  LGCoreTemp - ok
18:12:11.0258 0x2b70  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
18:12:11.0268 0x2b70  LGJoyXlCore - ok
18:12:11.0271 0x2b70  [ 07B1C1927BAE6431D3DFB1816DF05BBA, 9B296F6E801D14CE89F5E3EA9B3962EE99E1D3E22077D075F5B0EE4FE3CAB65E ] lgLowAudio      C:\WINDOWS\system32\drivers\lgLowAudio.sys
18:12:11.0276 0x2b70  lgLowAudio - ok
18:12:11.0280 0x2b70  [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
18:12:11.0288 0x2b70  LGVirHid - ok
18:12:11.0291 0x2b70  [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd         C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys
18:12:11.0296 0x2b70  LHidEqd - ok
18:12:11.0299 0x2b70  [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
18:12:11.0305 0x2b70  LHidFilt - ok
18:12:11.0308 0x2b70  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
18:12:11.0321 0x2b70  LicenseManager - ok
18:12:11.0324 0x2b70  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
18:12:11.0336 0x2b70  lltdio - ok
18:12:11.0342 0x2b70  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
18:12:11.0359 0x2b70  lltdsvc - ok
18:12:11.0361 0x2b70  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
18:12:11.0374 0x2b70  lmhosts - ok
18:12:11.0376 0x2b70  [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
18:12:11.0383 0x2b70  LMouFilt - ok
18:12:11.0388 0x2b70  [ 3974B7CE015A6EEF30DA4ADD5F1203D0, ED776F1C1B1834550F3D45591EB1F0829BBA07F9F7CB73F7FBB0AFDEF8F4411B ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:12:11.0397 0x2b70  LMS - ok
18:12:11.0402 0x2b70  [ 6A854F3F93AAE34005A3C2EB21B2256C, 71FF43EEFAB7FD9E79C75E5E78F813FEF6F4E906CC52A8A7EFEF3E64C3D96A1F ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
18:12:11.0410 0x2b70  LogiRegistryService - ok
18:12:11.0415 0x2b70  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
18:12:11.0424 0x2b70  LSI_SAS - ok
18:12:11.0427 0x2b70  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
18:12:11.0437 0x2b70  LSI_SAS2i - ok
18:12:11.0441 0x2b70  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
18:12:11.0450 0x2b70  LSI_SAS3i - ok
18:12:11.0453 0x2b70  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
18:12:11.0462 0x2b70  LSI_SSS - ok
18:12:11.0473 0x2b70  [ 06276381A0797FD417E7068C1210FA06, 204144E9792216F952CED869ECB6B26FB466BF730B8A73FA4799B1EBC1A630AB ] LSM             C:\WINDOWS\System32\lsm.dll
18:12:11.0502 0x2b70  LSM - ok
18:12:11.0507 0x2b70  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
18:12:11.0521 0x2b70  luafv - ok
18:12:11.0528 0x2b70  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64          C:\WINDOWS\system32\DRIVERS\lvrs64.sys
18:12:11.0538 0x2b70  LVRS64 - ok
18:12:11.0542 0x2b70  [ ED5B42D75F3DEE93040B3930DA9F3009, E919DA20E46FE1C81CB76090B799DD858DD4771DB0EBDE4545DB4681A0AFFE8E ] MapsBroker      C:\WINDOWS\System32\moshost.dll
18:12:11.0556 0x2b70  MapsBroker - ok
18:12:11.0560 0x2b70  [ 47701ECA633574E122687693B5C5D35C, 1DB12767462347504956450FAD0D90B6E682E2E8959A6C5DF3792C3C3DA289B1 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
18:12:11.0567 0x2b70  mbamchameleon - ok
18:12:11.0570 0x2b70  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
18:12:11.0578 0x2b70  megasas - ok
18:12:11.0582 0x2b70  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
18:12:11.0591 0x2b70  megasas2i - ok
18:12:11.0601 0x2b70  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
18:12:11.0619 0x2b70  megasr - ok
18:12:11.0623 0x2b70  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
18:12:11.0628 0x2b70  MEIx64 - ok
18:12:11.0632 0x2b70  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
18:12:11.0645 0x2b70  MessagingService - ok
18:12:11.0709 0x2b70  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:12:11.0717 0x2b70  Microsoft Office Groove Audit Service - ok
18:12:11.0730 0x2b70  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
18:12:11.0753 0x2b70  mlx4_bus - ok
18:12:11.0757 0x2b70  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
18:12:11.0769 0x2b70  MMCSS - ok
18:12:11.0772 0x2b70  [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem           C:\WINDOWS\system32\drivers\modem.sys
18:12:11.0784 0x2b70  Modem - ok
18:12:11.0787 0x2b70  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
18:12:11.0797 0x2b70  monitor - ok
18:12:11.0801 0x2b70  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
18:12:11.0810 0x2b70  mouclass - ok
18:12:11.0813 0x2b70  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
18:12:11.0825 0x2b70  mouhid - ok
18:12:11.0828 0x2b70  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
18:12:11.0838 0x2b70  mountmgr - ok
18:12:11.0842 0x2b70  [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:12:11.0851 0x2b70  MozillaMaintenance - ok
18:12:11.0854 0x2b70  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
18:12:11.0867 0x2b70  mpsdrv - ok
18:12:11.0881 0x2b70  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
18:12:11.0912 0x2b70  MpsSvc - ok
18:12:11.0918 0x2b70  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
18:12:11.0933 0x2b70  MRxDAV - ok
18:12:11.0941 0x2b70  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:12:11.0957 0x2b70  mrxsmb - ok
18:12:11.0963 0x2b70  [ 200E4A385F5F370D8866BAE25B0D9D32, 114AD45000A0C74EAE26C3075BBFEF80B9386C69D58CE4436CAFCF13613EAEFA ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:12:11.0981 0x2b70  mrxsmb10 - ok
18:12:11.0987 0x2b70  [ F7C22604CD8AFB9AF1C1E3CE39A5A09F, 3F7B39336F8A72525C667D45C9300CA6D017BDE17A6E23EF794BA59D2F3C78F3 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:12:12.0004 0x2b70  mrxsmb20 - ok
18:12:12.0008 0x2b70  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
18:12:12.0021 0x2b70  MsBridge - ok
18:12:12.0026 0x2b70  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:12:12.0039 0x2b70  MSDTC - ok
18:12:12.0044 0x2b70  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:12:12.0058 0x2b70  Msfs - ok
18:12:12.0061 0x2b70  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:12:12.0070 0x2b70  msgpiowin32 - ok
18:12:12.0072 0x2b70  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:12:12.0084 0x2b70  mshidkmdf - ok
18:12:12.0087 0x2b70  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
18:12:12.0098 0x2b70  mshidumdf - ok
18:12:12.0100 0x2b70  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
18:12:12.0108 0x2b70  msisadrv - ok
18:12:12.0112 0x2b70  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
18:12:12.0128 0x2b70  MSiSCSI - ok
18:12:12.0131 0x2b70  msiserver - ok
18:12:12.0133 0x2b70  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
18:12:12.0147 0x2b70  MSKSSRV - ok
18:12:12.0150 0x2b70  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
18:12:12.0163 0x2b70  MsLldp - ok
18:12:12.0165 0x2b70  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
18:12:12.0178 0x2b70  MSPCLOCK - ok
18:12:12.0181 0x2b70  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
18:12:12.0195 0x2b70  MSPQM - ok
18:12:12.0202 0x2b70  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
18:12:12.0217 0x2b70  MsRPC - ok
18:12:12.0223 0x2b70  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
18:12:12.0234 0x2b70  MsSecFlt - ok
18:12:12.0237 0x2b70  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
18:12:12.0245 0x2b70  mssmbios - ok
18:12:12.0248 0x2b70  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
18:12:12.0262 0x2b70  MSTEE - ok
18:12:12.0264 0x2b70  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
18:12:12.0276 0x2b70  MTConfig - ok
18:12:12.0280 0x2b70  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
18:12:12.0289 0x2b70  Mup - ok
18:12:12.0293 0x2b70  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
18:12:12.0301 0x2b70  mvumis - ok
18:12:12.0311 0x2b70  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:12:12.0337 0x2b70  NativeWifiP - ok
18:12:12.0342 0x2b70  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
18:12:12.0358 0x2b70  NcaSvc - ok
18:12:12.0365 0x2b70  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
18:12:12.0385 0x2b70  NcbService - ok
18:12:12.0388 0x2b70  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
18:12:12.0404 0x2b70  NcdAutoSetup - ok
18:12:12.0408 0x2b70  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
18:12:12.0418 0x2b70  ndfltr - ok
18:12:12.0436 0x2b70  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
18:12:12.0464 0x2b70  NDIS - ok
18:12:12.0468 0x2b70  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
18:12:12.0480 0x2b70  NdisCap - ok
18:12:12.0484 0x2b70  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
18:12:12.0500 0x2b70  NdisImPlatform - ok
18:12:12.0502 0x2b70  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:12:12.0516 0x2b70  NdisTapi - ok
18:12:12.0520 0x2b70  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
18:12:12.0532 0x2b70  Ndisuio - ok
18:12:12.0535 0x2b70  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:12:12.0550 0x2b70  NdisVirtualBus - ok
18:12:12.0557 0x2b70  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
18:12:12.0575 0x2b70  NdisWan - ok
18:12:12.0579 0x2b70  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:12:12.0597 0x2b70  ndiswanlegacy - ok
18:12:12.0600 0x2b70  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
18:12:12.0615 0x2b70  ndproxy - ok
         

Alt 07.11.2016, 19:07   #5
Tommkin
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige.



Code:
ATTFilter
18:12:12.0619 0x2b70  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
18:12:12.0635 0x2b70  Ndu - ok
18:12:12.0650 0x2b70  [ 40D7D0A208EE863BCA8D89E299216F15, 4686E416A80D883B7C6CBE21E8D8D6C814D16DC48495F8ACFE7B4664560CA5E3 ] Nero BackItUp Scheduler 3 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
18:12:12.0668 0x2b70  Nero BackItUp Scheduler 3 - ok
18:12:12.0672 0x2b70  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
18:12:12.0679 0x2b70  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:12:12.0741 0x2b70  Detect skipped due to KSN trusted
18:12:12.0741 0x2b70  Net Driver HPZ12 - ok
18:12:12.0744 0x2b70  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
18:12:12.0758 0x2b70  NetAdapterCx - ok
18:12:12.0761 0x2b70  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
18:12:12.0770 0x2b70  NetBIOS - ok
18:12:12.0777 0x2b70  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:12:12.0794 0x2b70  NetBT - ok
18:12:12.0797 0x2b70  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:12:12.0807 0x2b70  Netlogon - ok
18:12:12.0812 0x2b70  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
18:12:12.0829 0x2b70  Netman - ok
18:12:12.0838 0x2b70  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
18:12:12.0863 0x2b70  netprofm - ok
18:12:12.0869 0x2b70  [ 724EA060EF56BAB4DED8F731FA56279B, E07FFE11D7B5C94D6B56940C6423ACB85910F6E8789E788EC91EEEE1C02B247F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
18:12:12.0888 0x2b70  NetSetupSvc - ok
18:12:12.0894 0x2b70  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:12:12.0905 0x2b70  NetTcpPortSharing - ok
18:12:12.0913 0x2b70  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
18:12:12.0932 0x2b70  NgcCtnrSvc - ok
18:12:12.0947 0x2b70  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
18:12:12.0982 0x2b70  NgcSvc - ok
18:12:12.0989 0x2b70  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
18:12:13.0010 0x2b70  NlaSvc - ok
18:12:13.0020 0x2b70  [ EBA1B4BF2E2375ABDADEDB649F283541, 8B27AE794678C55791F95F34E67E12BAD5BE753F812C49D6511BB657CF453B52 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
18:12:13.0033 0x2b70  NMIndexingService - ok
18:12:13.0036 0x2b70  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\WINDOWS\system32\drivers\npf.sys
18:12:13.0042 0x2b70  NPF - ok
18:12:13.0046 0x2b70  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:12:13.0058 0x2b70  Npfs - ok
18:12:13.0081 0x2b70  [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo      C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys
18:12:13.0087 0x2b70  NPF_devolo - ok
18:12:13.0090 0x2b70  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
18:12:13.0103 0x2b70  npsvctrig - ok
18:12:13.0106 0x2b70  [ 7E5B0FED87F679CFE547B9CB784DE546, 84559C174E0664BEA8F3108157CEC266F8109D448D88A230A6050079ED9DF15E ] npusbio         C:\WINDOWS\System32\Drivers\npusbio_x64.sys
18:12:13.0117 0x2b70  npusbio - ok
18:12:13.0120 0x2b70  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
18:12:13.0133 0x2b70  nsi - ok
18:12:13.0136 0x2b70  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
18:12:13.0146 0x2b70  nsiproxy - ok
18:12:13.0179 0x2b70  [ 5DD8CB01C0394F8D052763D2E3C6E684, BF58C1586A2402576B91D7F862861974F7BDB38704E88F4974FF3F1D1B481386 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
18:12:13.0227 0x2b70  NTFS - ok
18:12:13.0231 0x2b70  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:12:13.0242 0x2b70  Null - ok
18:12:13.0252 0x2b70  [ EEA88C63F67A236097F02EEF0944152E, 1256BFAF5960D794DB9C6587B15E05BC681FD7AC159590F8E2C1250477AF95B7 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
18:12:13.0264 0x2b70  NvContainerLocalSystem - ok
18:12:13.0272 0x2b70  [ EEA88C63F67A236097F02EEF0944152E, 1256BFAF5960D794DB9C6587B15E05BC681FD7AC159590F8E2C1250477AF95B7 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
18:12:13.0283 0x2b70  NvContainerNetworkService - ok
18:12:13.0290 0x2b70  [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
18:12:13.0299 0x2b70  NVHDA - ok
18:12:13.0316 0x2b70  [ 2D6C4040310C274F93C7B35DF894EA16, E28E516EB3BF40FF27EBD3AE2B248D0AB3F10BD4F757C57423AE70D032C857A5 ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
18:12:13.0340 0x2b70  NVIDIA Wireless Controller Service - ok
18:12:13.0540 0x2b70  [ 76ECA562B95DB26C64BEC14BB188A3F6, B4DB40D391B227393EEC13659C64B03499632FD11A75E5183BE8A0C8F3C9688B ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4i.inf_amd64_9366b2f0469d5baf\nvlddmkm.sys
18:12:13.0768 0x2b70  nvlddmkm - ok
18:12:13.0782 0x2b70  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
18:12:13.0792 0x2b70  nvraid - ok
18:12:13.0797 0x2b70  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
18:12:13.0807 0x2b70  nvstor - ok
18:12:13.0811 0x2b70  [ 6DF7C9E4BF71EBA2CE838394D2EF55B4, 2F13422A2EB4AF6BFDADA9A2DB3BE6A3AFA0D7588645D24222D3A7D813721C7D ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:12:13.0817 0x2b70  NvStreamKms - ok
18:12:13.0819 0x2b70  [ A97A270805944FB7C77650FFFEE61773, B703A12C25379B16E955424C2FC07469D42078DCA3E5BF437C007036C7F93EA5 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
18:12:13.0826 0x2b70  nvvad_WaveExtensible - ok
18:12:13.0837 0x2b70  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:12:13.0849 0x2b70  odserv - ok
18:12:13.0856 0x2b70  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
18:12:13.0876 0x2b70  OneSyncSvc - ok
18:12:13.0882 0x2b70  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:12:13.0889 0x2b70  ose - ok
18:12:13.0897 0x2b70  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
18:12:13.0918 0x2b70  p2pimsvc - ok
18:12:13.0926 0x2b70  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
18:12:13.0946 0x2b70  p2psvc - ok
18:12:13.0951 0x2b70  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
18:12:13.0964 0x2b70  Parport - ok
18:12:13.0968 0x2b70  [ 9DB326B54C03EF2892E7551D8B354036, 64CD77E8A4425E80CFB61DEE33C1A677A4044C6FC0614D74B20BDDD7C5D5334D ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
18:12:13.0977 0x2b70  partmgr - ok
18:12:13.0986 0x2b70  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
18:12:14.0003 0x2b70  PcaSvc - ok
18:12:14.0010 0x2b70  [ 101CC1FD8D48ED1EF71F0840158D0E6D, A944D70DE230E3FBD8B371EF3BED1FCD12AAFD56945A8F5C44994AF13283FCCD ] pci             C:\WINDOWS\system32\drivers\pci.sys
18:12:14.0023 0x2b70  pci - ok
18:12:14.0026 0x2b70  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
18:12:14.0035 0x2b70  pciide - ok
18:12:14.0039 0x2b70  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
18:12:14.0048 0x2b70  pcmcia - ok
18:12:14.0052 0x2b70  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
18:12:14.0059 0x2b70  pcw - ok
18:12:14.0063 0x2b70  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
18:12:14.0073 0x2b70  pdc - ok
18:12:14.0085 0x2b70  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
18:12:14.0114 0x2b70  PEAUTH - ok
18:12:14.0141 0x2b70  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
18:12:14.0198 0x2b70  PeerDistSvc - ok
18:12:14.0203 0x2b70  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
18:12:14.0212 0x2b70  percsas2i - ok
18:12:14.0215 0x2b70  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
18:12:14.0224 0x2b70  percsas3i - ok
18:12:14.0248 0x2b70  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
18:12:14.0262 0x2b70  PerfHost - ok
18:12:14.0278 0x2b70  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
18:12:14.0306 0x2b70  PhoneSvc - ok
18:12:14.0311 0x2b70  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
18:12:14.0329 0x2b70  PimIndexMaintenanceSvc - ok
18:12:14.0353 0x2b70  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
18:12:14.0398 0x2b70  pla - ok
18:12:14.0402 0x2b70  [ 875E4E0661F3A5994DF9E5E3A0A4F96B, 7198C02935B3714C455EE94305D2A21D900D72AC67049C11A1E842572AD6C5E1 ] PLFlash DeviceIoControl Service C:\Windows\SysWOW64\IoctlSvc.exe
18:12:14.0411 0x2b70  PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic ( 1 )
18:12:14.0460 0x2b70  Detect skipped due to KSN trusted
18:12:14.0460 0x2b70  PLFlash DeviceIoControl Service - ok
18:12:14.0464 0x2b70  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
18:12:14.0481 0x2b70  PlugPlay - ok
18:12:14.0485 0x2b70  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
18:12:14.0494 0x2b70  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:12:14.0540 0x2b70  Detect skipped due to KSN trusted
18:12:14.0540 0x2b70  Pml Driver HPZ12 - ok
18:12:14.0543 0x2b70  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
18:12:14.0556 0x2b70  PNRPAutoReg - ok
18:12:14.0563 0x2b70  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
18:12:14.0581 0x2b70  PNRPsvc - ok
18:12:14.0588 0x2b70  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
18:12:14.0607 0x2b70  PolicyAgent - ok
18:12:14.0613 0x2b70  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
18:12:14.0628 0x2b70  Power - ok
18:12:14.0632 0x2b70  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
18:12:14.0647 0x2b70  PptpMiniport - ok
18:12:14.0694 0x2b70  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:12:14.0779 0x2b70  PrintNotify - ok
18:12:14.0785 0x2b70  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
18:12:14.0799 0x2b70  Processor - ok
18:12:14.0816 0x2b70  [ BA2DA685FB152180908C7D778B2BBD61, 335C81941855D3DE90443E47E42D44645BE2AB736334DB96C0890D82EEF03475 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
18:12:14.0840 0x2b70  ProductAgentService - ok
18:12:14.0847 0x2b70  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
18:12:14.0869 0x2b70  ProfSvc - ok
18:12:14.0873 0x2b70  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
18:12:14.0884 0x2b70  Psched - ok
18:12:14.0890 0x2b70  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
18:12:14.0910 0x2b70  QWAVE - ok
18:12:14.0913 0x2b70  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
18:12:14.0924 0x2b70  QWAVEdrv - ok
18:12:14.0927 0x2b70  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:12:14.0938 0x2b70  RasAcd - ok
18:12:14.0942 0x2b70  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
18:12:14.0957 0x2b70  RasAgileVpn - ok
18:12:14.0962 0x2b70  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:12:14.0975 0x2b70  RasAuto - ok
18:12:14.0979 0x2b70  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
18:12:14.0994 0x2b70  Rasl2tp - ok
18:12:15.0006 0x2b70  [ 3C0A10FFC3CB95D249CA64D62BC912EF, 8A75398EF3FF4BBE822031B3D1C63BFC75ABE11AB35BC0451DFF3B1D56477D97 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:12:15.0032 0x2b70  RasMan - ok
18:12:15.0036 0x2b70  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:12:15.0048 0x2b70  RasPppoe - ok
18:12:15.0052 0x2b70  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
18:12:15.0066 0x2b70  RasSstp - ok
18:12:15.0075 0x2b70  [ EDAF0E161BE98CCC4FC9671481600745, 50DB73C341086E346F6EF57E40A7C3A8F6279E5EBB53A67F9B71B7877EB75734 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:12:15.0090 0x2b70  rdbss - ok
18:12:15.0094 0x2b70  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
18:12:15.0106 0x2b70  rdpbus - ok
18:12:15.0110 0x2b70  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
18:12:15.0124 0x2b70  RDPDR - ok
18:12:15.0130 0x2b70  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:12:15.0138 0x2b70  RdpVideoMiniport - ok
18:12:15.0144 0x2b70  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
18:12:15.0156 0x2b70  rdyboost - ok
18:12:15.0170 0x2b70  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
18:12:15.0193 0x2b70  ReFSv1 - ok
18:12:15.0204 0x2b70  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:12:15.0228 0x2b70  RemoteAccess - ok
18:12:15.0233 0x2b70  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:12:15.0251 0x2b70  RemoteRegistry - ok
18:12:15.0262 0x2b70  [ FA62C4E1D753B489832DD0A7033665EE, BB0B59ABC79CEFA949632179239D711944C29E93EBCE60E629DE75AF2C3268B2 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
18:12:15.0289 0x2b70  RetailDemo - ok
18:12:15.0294 0x2b70  [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
18:12:15.0308 0x2b70  RFCOMM - ok
18:12:15.0313 0x2b70  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
18:12:15.0326 0x2b70  RmSvc - ok
18:12:15.0332 0x2b70  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
18:12:15.0338 0x2b70  rpcapd - ok
18:12:15.0342 0x2b70  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
18:12:15.0355 0x2b70  RpcEptMapper - ok
18:12:15.0358 0x2b70  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:12:15.0370 0x2b70  RpcLocator - ok
18:12:15.0383 0x2b70  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:12:15.0414 0x2b70  RpcSs - ok
18:12:15.0419 0x2b70  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
18:12:15.0430 0x2b70  rspndr - ok
18:12:15.0444 0x2b70  [ B7135C209BC23B77F411E6301F910888, 6D9C1C71CF89691E8EC6D46166CA315751F6AF5798076CFE8C93449BBE533207 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
18:12:15.0464 0x2b70  rt640x64 - ok
18:12:15.0468 0x2b70  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
18:12:15.0478 0x2b70  s3cap - ok
18:12:15.0483 0x2b70  [ 248ABD858FF7DCC966E5A54529DDD225, 54F68F207409855AAB90FB80C8B41F20E0DF783160232AA9A11789D428D575D8 ] SaiHFF12        C:\WINDOWS\system32\DRIVERS\SaiHFF12.sys
18:12:15.0491 0x2b70  SaiHFF12 - ok
18:12:15.0494 0x2b70  [ AB684D57240EF9E291A07094DF09C46E, 3B0ECD19E3B78CEFF36651028A73BAE5F046E18B4F2E04556653B8582D9F549B ] SaiIFF12        C:\WINDOWS\system32\DRIVERS\SaiIFF12.sys
18:12:15.0505 0x2b70  SaiIFF12 - ok
18:12:15.0508 0x2b70  [ B08581EDF3290210D3366CD2D992F6C2, FF1BE97B8F37FF39B784CAB254F2460B7F7A84C45BAD5CDB06FE5C29CF293BE5 ] SaiMini         C:\WINDOWS\System32\drivers\SaiMini.sys
18:12:15.0514 0x2b70  SaiMini - ok
18:12:15.0517 0x2b70  [ D086C2F45D328C2F63FC6B4CD79FCB66, BF3D27D95C83D2454AE62BAFE9297E08BB58EA4C7FBFBDEE075A4FFC6085735C ] SaiNtBus        C:\WINDOWS\system32\drivers\SaiBus.sys
18:12:15.0524 0x2b70  SaiNtBus - ok
18:12:15.0527 0x2b70  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:12:15.0536 0x2b70  SamSs - ok
18:12:15.0540 0x2b70  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
18:12:15.0550 0x2b70  sbp2port - ok
18:12:15.0556 0x2b70  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
18:12:15.0574 0x2b70  SCardSvr - ok
18:12:15.0579 0x2b70  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
18:12:15.0596 0x2b70  ScDeviceEnum - ok
18:12:15.0599 0x2b70  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:12:15.0611 0x2b70  scfilter - ok
18:12:15.0626 0x2b70  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:12:15.0661 0x2b70  Schedule - ok
18:12:15.0665 0x2b70  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
18:12:15.0674 0x2b70  scmbus - ok
18:12:15.0678 0x2b70  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
18:12:15.0692 0x2b70  scmdisk0101 - ok
18:12:15.0697 0x2b70  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
18:12:15.0712 0x2b70  SCPolicySvc - ok
18:12:15.0718 0x2b70  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
18:12:15.0731 0x2b70  sdbus - ok
18:12:15.0736 0x2b70  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
18:12:15.0752 0x2b70  SDRSVC - ok
18:12:15.0755 0x2b70  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
18:12:15.0765 0x2b70  sdstor - ok
18:12:15.0768 0x2b70  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
18:12:15.0782 0x2b70  seclogon - ok
18:12:15.0787 0x2b70  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
18:12:15.0800 0x2b70  SENS - ok
18:12:15.0802 0x2b70  Sense - ok
18:12:15.0823 0x2b70  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
18:12:15.0863 0x2b70  SensorDataService - ok
18:12:15.0872 0x2b70  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
18:12:15.0893 0x2b70  SensorService - ok
18:12:15.0899 0x2b70  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
18:12:15.0915 0x2b70  SensrSvc - ok
18:12:15.0919 0x2b70  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
18:12:15.0928 0x2b70  SerCx - ok
18:12:15.0932 0x2b70  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
18:12:15.0942 0x2b70  SerCx2 - ok
18:12:15.0945 0x2b70  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
18:12:15.0956 0x2b70  Serenum - ok
18:12:15.0960 0x2b70  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
18:12:15.0971 0x2b70  Serial - ok
18:12:15.0974 0x2b70  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
18:12:15.0985 0x2b70  sermouse - ok
18:12:15.0996 0x2b70  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
18:12:16.0016 0x2b70  SessionEnv - ok
18:12:16.0019 0x2b70  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
18:12:16.0030 0x2b70  sfloppy - ok
18:12:16.0040 0x2b70  [ 3D0069B8F0C2FB1B0F13DBDB57593DAD, 4CEC91BC45A51C4E445D2DD8A13AC97719D5AAC1DBA8EA9166D2A354E7857378 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:12:16.0065 0x2b70  SharedAccess - ok
18:12:16.0077 0x2b70  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:12:16.0105 0x2b70  ShellHWDetection - ok
18:12:16.0111 0x2b70  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
18:12:16.0126 0x2b70  shpamsvc - ok
18:12:16.0130 0x2b70  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:12:16.0138 0x2b70  SiSRaid2 - ok
18:12:16.0142 0x2b70  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
18:12:16.0151 0x2b70  SiSRaid4 - ok
18:12:16.0158 0x2b70  [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:12:16.0170 0x2b70  SkypeUpdate - ok
18:12:16.0174 0x2b70  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
18:12:16.0188 0x2b70  smphost - ok
18:12:16.0198 0x2b70  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
18:12:16.0228 0x2b70  SmsRouter - ok
18:12:16.0234 0x2b70  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
18:12:16.0246 0x2b70  SNMPTRAP - ok
18:12:16.0256 0x2b70  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
18:12:16.0273 0x2b70  spaceport - ok
18:12:16.0277 0x2b70  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
18:12:16.0286 0x2b70  SpbCx - ok
18:12:16.0299 0x2b70  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\WINDOWS\System32\spoolsv.exe
18:12:16.0329 0x2b70  Spooler - ok
18:12:16.0404 0x2b70  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
18:12:16.0516 0x2b70  sppsvc - ok
18:12:16.0526 0x2b70  [ 89B145E0458E09FBE51A295EF49A9D7A, D92A184BB82C09F253534413CA6B3B16A08C0C5E0CAC5B851634FE1DC1F8F586 ] SPVVEngine      C:\WINDOWS\system32\Drivers\spvve.sys
18:12:16.0536 0x2b70  SPVVEngine - ok
18:12:16.0544 0x2b70  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:12:16.0563 0x2b70  srv - ok
18:12:16.0576 0x2b70  [ 1312896CAE6AF0D4557DB7B37283C116, 9E3701DBBF0F45368A217549A7DFDA2543C4AB3AC9CCF65A73E1FE27CC4A278E ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
18:12:16.0603 0x2b70  srv2 - ok
18:12:16.0610 0x2b70  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:12:16.0626 0x2b70  srvnet - ok
18:12:16.0632 0x2b70  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:12:16.0650 0x2b70  SSDPSRV - ok
18:12:16.0655 0x2b70  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
18:12:16.0672 0x2b70  SstpSvc - ok
18:12:16.0677 0x2b70  [ 37680AECA1BF2D430719A297F68ECD49, 64E6A2C077316CE4807F2F480324F4011003686F698CCB0AA93C659DAAE1FAB5 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
18:12:16.0686 0x2b70  ssudmdm - ok
18:12:16.0698 0x2b70  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
18:12:16.0716 0x2b70  ss_conn_service - ok
18:12:16.0771 0x2b70  [ FD881B87C853EB2F0B8B7B5CC71D6FE3, 780038C203C9277C366794302D90BC0AE75568863F1FB7044197BA20D798E4BA ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
18:12:16.0874 0x2b70  StateRepository - ok
18:12:16.0899 0x2b70  [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:12:16.0926 0x2b70  Steam Client Service - ok
18:12:16.0931 0x2b70  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
18:12:16.0939 0x2b70  stexstor - ok
18:12:16.0950 0x2b70  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
18:12:16.0976 0x2b70  stisvc - ok
18:12:16.0981 0x2b70  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
18:12:17.0013 0x2b70  storahci - ok
18:12:17.0056 0x2b70  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
18:12:17.0073 0x2b70  storflt - ok
18:12:17.0077 0x2b70  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
18:12:17.0087 0x2b70  stornvme - ok
18:12:17.0090 0x2b70  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
18:12:17.0104 0x2b70  storqosflt - ok
18:12:17.0112 0x2b70  [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc         C:\WINDOWS\system32\storsvc.dll
18:12:17.0134 0x2b70  StorSvc - ok
18:12:17.0137 0x2b70  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
18:12:17.0144 0x2b70  storufs - ok
18:12:17.0148 0x2b70  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
18:12:17.0157 0x2b70  storvsc - ok
18:12:17.0160 0x2b70  [ EEE079126297D577CAA13D02F2710CF2, 4D7F2B9D235CEA72EFA4BE2E5A73B2CFFF811E282A6590A6A54624CA3E98C708 ] STTub30         C:\WINDOWS\System32\Drivers\STTub30.sys
18:12:17.0166 0x2b70  STTub30 - ok
18:12:17.0382 0x2b70  [ FF7C2F6F17E86BB606BACFBEF7D7AFBF, C26C8EABFC45C7F974C635C33D12FCB8CC368C8D08046E2833843EAD41D99570 ] Survarium Update Service F:\Program Files (x86)\Survarium\game\binaries\x86\survarium_service.exe
18:12:17.0391 0x2b70  Survarium Update Service - ok
18:12:17.0394 0x2b70  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
18:12:17.0408 0x2b70  svsvc - ok
18:12:17.0411 0x2b70  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
18:12:17.0419 0x2b70  swenum - ok
18:12:17.0428 0x2b70  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
18:12:17.0450 0x2b70  swprv - ok
18:12:17.0454 0x2b70  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
18:12:17.0467 0x2b70  Synth3dVsc - ok
18:12:17.0482 0x2b70  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
18:12:17.0518 0x2b70  SysMain - ok
18:12:17.0526 0x2b70  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:12:17.0546 0x2b70  SystemEventsBroker - ok
18:12:17.0551 0x2b70  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:12:17.0566 0x2b70  TabletInputService - ok
18:12:17.0572 0x2b70  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:12:17.0591 0x2b70  TapiSrv - ok
18:12:17.0626 0x2b70  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
18:12:17.0678 0x2b70  Tcpip - ok
18:12:17.0715 0x2b70  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
18:12:17.0768 0x2b70  Tcpip6 - ok
18:12:17.0774 0x2b70  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
18:12:17.0787 0x2b70  tcpipreg - ok
18:12:17.0792 0x2b70  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
18:12:17.0802 0x2b70  tdx - ok
18:12:17.0805 0x2b70  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
18:12:17.0814 0x2b70  terminpt - ok
18:12:17.0830 0x2b70  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
18:12:17.0864 0x2b70  TermService - ok
18:12:17.0869 0x2b70  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
18:12:17.0885 0x2b70  Themes - ok
18:12:17.0892 0x2b70  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
18:12:17.0911 0x2b70  TieringEngineService - ok
18:12:17.0922 0x2b70  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
18:12:17.0947 0x2b70  tiledatamodelsvc - ok
18:12:17.0952 0x2b70  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
18:12:17.0967 0x2b70  TimeBrokerSvc - ok
18:12:17.0974 0x2b70  [ 3D04046C468AD2868A093925B5E2AA0A, 44696259BEF49AC200DEE146DE0E4375B0CD09F9356CCFA22BD7AD8B53E48658 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
18:12:17.0985 0x2b70  TPM - ok
18:12:17.0989 0x2b70  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
18:12:18.0003 0x2b70  TrkWks - ok
18:12:18.0030 0x2b70  [ C1116702A680E6B424AF7EDA7CDA79F1, 8540D4EBADF8C8AF143A9AAC1DEE744CE62EE0FA4BCA81C8877CDE27F114818D ] truecrypt       C:\WINDOWS\syswow64\drivers\truecrypt.sys
18:12:18.0038 0x2b70  truecrypt - ok
18:12:18.0048 0x2b70  [ ADD8AFDAB539AF2B1FB75F6DB2CD7B71, 46BA69DA6114A167D6C467AB9BA583514475509184C6FF056460ADE76D0A76B1 ] trufos          C:\WINDOWS\system32\DRIVERS\trufos.sys
18:12:18.0061 0x2b70  trufos - ok
18:12:18.0066 0x2b70  [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:12:18.0081 0x2b70  TrustedInstaller - ok
18:12:18.0086 0x2b70  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
18:12:18.0099 0x2b70  tsusbflt - ok
18:12:18.0102 0x2b70  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:12:18.0113 0x2b70  TsUsbGD - ok
18:12:18.0117 0x2b70  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
18:12:18.0131 0x2b70  tsusbhub - ok
18:12:18.0136 0x2b70  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
18:12:18.0150 0x2b70  tzautoupdate - ok
18:12:18.0154 0x2b70  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
18:12:18.0163 0x2b70  UASPStor - ok
18:12:18.0167 0x2b70  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
18:12:18.0180 0x2b70  UcmCx0101 - ok
18:12:18.0184 0x2b70  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
18:12:18.0196 0x2b70  UcmTcpciCx0101 - ok
18:12:18.0200 0x2b70  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
18:12:18.0211 0x2b70  UcmUcsi - ok
18:12:18.0216 0x2b70  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
18:12:18.0228 0x2b70  Ucx01000 - ok
18:12:18.0232 0x2b70  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
18:12:18.0244 0x2b70  UdeCx - ok
18:12:18.0250 0x2b70  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
18:12:18.0270 0x2b70  udfs - ok
18:12:18.0282 0x2b70  [ 1B1DBB216597445AAB1DA6FA41B7E72F, AA907E19C3E6C9144BBD78351D11BC9EA1A090B53FDDC8183D4FF59781B4FDCA ] UDisk Monitor Z5 Phone C:\Program Files (x86)\Android_USB_Driver_Z\Bin\MonServiceUDisk.exe
18:12:18.0297 0x2b70  UDisk Monitor Z5 Phone - ok
18:12:18.0301 0x2b70  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
18:12:18.0309 0x2b70  UEFI - ok
18:12:18.0312 0x2b70  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
18:12:18.0320 0x2b70  UevAgentDriver - ok
18:12:18.0339 0x2b70  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
18:12:18.0377 0x2b70  UevAgentService - ok
18:12:18.0385 0x2b70  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
18:12:18.0397 0x2b70  Ufx01000 - ok
18:12:18.0401 0x2b70  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
18:12:18.0411 0x2b70  UfxChipidea - ok
18:12:18.0416 0x2b70  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
18:12:18.0425 0x2b70  ufxsynopsys - ok
18:12:18.0432 0x2b70  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
18:12:18.0445 0x2b70  UI0Detect - ok
18:12:18.0449 0x2b70  [ 6487031E1EC332B2AF4792D700ACD0B0, DC63648271DE6BEC1BAACD7AFA00C464FF7360D74A80D7C53E91654A0CDB8150 ] UimBus          C:\WINDOWS\System32\drivers\UimBus.sys
18:12:18.0456 0x2b70  UimBus - ok
18:12:18.0459 0x2b70  [ 204B180F7571F6035B35668FD9FCE8B2, F38EA86F2EFE6CC1C10A8251F5F1C7EB816CC1A97EF1A9A4CDB6ED43CB8EB84B ] Uim_DEVIM       C:\WINDOWS\System32\drivers\uim_devim.sys
18:12:18.0465 0x2b70  Uim_DEVIM - ok
18:12:18.0477 0x2b70  [ A2140F33317DCD78A10099B217382CFB, 842629507D3EA4AAEAAC22C65A7FC4CFE1D2A7B0EB887F13288BFAAB9E554104 ] Uim_IM          C:\WINDOWS\System32\drivers\uim_im.sys
18:12:18.0493 0x2b70  Uim_IM - ok
18:12:18.0501 0x2b70  [ 441E8BC5E68200038F0F1941A10C85F4, B93FB9DEC5365D526737A50C7958DB7441C515DF4AAACB6306998E18CF14F69B ] Uim_VIM         C:\WINDOWS\System32\Drivers\uim_vimx64.sys
18:12:18.0513 0x2b70  Uim_VIM - ok
18:12:18.0517 0x2b70  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
18:12:18.0527 0x2b70  umbus - ok
18:12:18.0531 0x2b70  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
18:12:18.0541 0x2b70  UmPass - ok
18:12:18.0548 0x2b70  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
18:12:18.0565 0x2b70  UmRdpService - ok
18:12:18.0583 0x2b70  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
18:12:18.0621 0x2b70  UnistoreSvc - ok
18:12:18.0633 0x2b70  [ 1E9A5658E0EBDBC381F52123363F74CB, 62CB592F32BCC10FC9C3AF44941CC473F2F62EEBF829CA383F118650451F8F7E ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:12:18.0643 0x2b70  UNS - ok
18:12:18.0652 0x2b70  [ 9CEB89BA3098E46C718FA61E3E5D0BE0, E5C6DE0F17539113FBCDC2F09AE0981F2C601D57B39D072F8D4387DB5DE8B345 ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
18:12:18.0660 0x2b70  UPDATESRV - ok
18:12:18.0670 0x2b70  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:12:18.0694 0x2b70  upnphost - ok
18:12:18.0697 0x2b70  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
18:12:18.0705 0x2b70  UrsChipidea - ok
18:12:18.0709 0x2b70  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
18:12:18.0718 0x2b70  UrsCx01000 - ok
18:12:18.0721 0x2b70  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
18:12:18.0729 0x2b70  UrsSynopsys - ok
18:12:18.0734 0x2b70  [ 93F169DE94DBAC5DAF4755AFF10193DD, 381E6751EB97426B9BF30929E4B82A665D1ED985DA60BE18D3C17CF2BB41F848 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
18:12:18.0747 0x2b70  usbaudio - ok
18:12:18.0753 0x2b70  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
18:12:18.0763 0x2b70  usbccgp - ok
18:12:18.0767 0x2b70  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
18:12:18.0779 0x2b70  usbcir - ok
18:12:18.0782 0x2b70  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
18:12:18.0792 0x2b70  usbehci - ok
18:12:18.0801 0x2b70  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
18:12:18.0817 0x2b70  usbhub - ok
18:12:18.0827 0x2b70  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
18:12:18.0844 0x2b70  USBHUB3 - ok
18:12:18.0847 0x2b70  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
18:12:18.0857 0x2b70  usbohci - ok
18:12:18.0860 0x2b70  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
18:12:18.0872 0x2b70  usbprint - ok
18:12:18.0876 0x2b70  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:12:18.0887 0x2b70  usbscan - ok
18:12:18.0891 0x2b70  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
18:12:18.0902 0x2b70  usbser - ok
18:12:18.0906 0x2b70  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:12:18.0916 0x2b70  USBSTOR - ok
18:12:18.0920 0x2b70  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
18:12:18.0931 0x2b70  usbuhci - ok
18:12:18.0938 0x2b70  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:12:18.0952 0x2b70  USBXHCI - ok
18:12:18.0975 0x2b70  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
18:12:19.0019 0x2b70  UserDataSvc - ok
18:12:19.0038 0x2b70  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
18:12:19.0072 0x2b70  UserManager - ok
18:12:19.0083 0x2b70  [ C75B1B48BCAADEB0275C1EBE2EAE742D, 19875B87BDB23E5B60D6D3173FDF7A7634E81E43501529A56FFCCEE21B7E3B71 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
18:12:19.0108 0x2b70  UsoSvc - ok
18:12:19.0112 0x2b70  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
18:12:19.0121 0x2b70  VaultSvc - ok
18:12:19.0125 0x2b70  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
18:12:19.0134 0x2b70  vdrvroot - ok
18:12:19.0145 0x2b70  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
18:12:19.0172 0x2b70  vds - ok
18:12:19.0178 0x2b70  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
18:12:19.0189 0x2b70  VerifierExt - ok
18:12:19.0201 0x2b70  [ C12B4859FC255AA6B3021CF8BB14A11F, E95922351825D23ABCADD173E9256FC9AFFF28555DD1971CFF5666A2055958C5 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
18:12:19.0222 0x2b70  vhdmp - ok
18:12:19.0225 0x2b70  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
18:12:19.0237 0x2b70  vhf - ok
18:12:19.0240 0x2b70  [ C7FBBEE092086DB4461BCD52C16C15B5, D660BB317A3DF4B88F76301FB5A0C54F751ECE45E480F8DDBC9DC5EEE29DF49F ] vjoy            C:\WINDOWS\System32\drivers\vjoy.sys
18:12:19.0247 0x2b70  vjoy - ok
18:12:19.0251 0x2b70  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
18:12:19.0261 0x2b70  vmbus - ok
18:12:19.0264 0x2b70  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
18:12:19.0274 0x2b70  VMBusHID - ok
18:12:19.0277 0x2b70  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
18:12:19.0288 0x2b70  vmgid - ok
18:12:19.0295 0x2b70  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
18:12:19.0313 0x2b70  vmicguestinterface - ok
18:12:19.0319 0x2b70  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
18:12:19.0336 0x2b70  vmicheartbeat - ok
18:12:19.0342 0x2b70  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
18:12:19.0358 0x2b70  vmickvpexchange - ok
18:12:19.0366 0x2b70  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
18:12:19.0385 0x2b70  vmicrdv - ok
18:12:19.0391 0x2b70  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
18:12:19.0408 0x2b70  vmicshutdown - ok
18:12:19.0414 0x2b70  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
18:12:19.0430 0x2b70  vmictimesync - ok
18:12:19.0436 0x2b70  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
18:12:19.0453 0x2b70  vmicvmsession - ok
18:12:19.0460 0x2b70  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
18:12:19.0478 0x2b70  vmicvss - ok
18:12:19.0482 0x2b70  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
18:12:19.0490 0x2b70  volmgr - ok
18:12:19.0498 0x2b70  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
18:12:19.0511 0x2b70  volmgrx - ok
18:12:19.0519 0x2b70  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
18:12:19.0534 0x2b70  volsnap - ok
18:12:19.0537 0x2b70  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
18:12:19.0545 0x2b70  volume - ok
18:12:19.0549 0x2b70  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
18:12:19.0558 0x2b70  vpci - ok
18:12:19.0563 0x2b70  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
18:12:19.0574 0x2b70  vsmraid - ok
18:12:19.0595 0x2b70  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
18:12:19.0640 0x2b70  VSS - ok
18:12:19.0664 0x2b70  [ 50F70484DA5F9E91185750EDF7C420A7, 5C63B1AE9C5529A751F5B86B395114A1ECD162F367F7DDFFA291E72A284E54EE ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
18:12:19.0696 0x2b70  VSSERV - ok
18:12:19.0703 0x2b70  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
18:12:19.0717 0x2b70  VSTXRAID - ok
18:12:19.0720 0x2b70  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
18:12:19.0731 0x2b70  vwifibus - ok
18:12:19.0735 0x2b70  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
18:12:19.0746 0x2b70  vwififlt - ok
18:12:19.0756 0x2b70  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
18:12:19.0780 0x2b70  W32Time - ok
18:12:19.0784 0x2b70  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
18:12:19.0794 0x2b70  WacomPen - ok
18:12:19.0804 0x2b70  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
18:12:19.0827 0x2b70  WalletService - ok
18:12:19.0831 0x2b70  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:12:19.0845 0x2b70  wanarp - ok
18:12:19.0848 0x2b70  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:12:19.0864 0x2b70  wanarpv6 - ok
18:12:19.0887 0x2b70  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
18:12:19.0934 0x2b70  wbengine - ok
18:12:19.0949 0x2b70  [ 7C4FAE7A8D55C897E5AE681B245A005F, 7E1E6299579BF02E89C5B828A1C19A43FF4E1F43D46D058F8DC0A8E6421C86A7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
18:12:19.0980 0x2b70  WbioSrvc - ok
18:12:19.0985 0x2b70  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
18:12:19.0994 0x2b70  wcifs - ok
18:12:20.0006 0x2b70  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
18:12:20.0038 0x2b70  Wcmsvc - ok
18:12:20.0047 0x2b70  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
18:12:20.0070 0x2b70  wcncsvc - ok
18:12:20.0074 0x2b70  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
18:12:20.0085 0x2b70  wcnfs - ok
18:12:20.0089 0x2b70  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
18:12:20.0098 0x2b70  WdBoot - ok
18:12:20.0111 0x2b70  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
18:12:20.0134 0x2b70  Wdf01000 - ok
18:12:20.0141 0x2b70  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
18:12:20.0153 0x2b70  WdFilter - ok
18:12:20.0157 0x2b70  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
18:12:20.0173 0x2b70  WdiServiceHost - ok
18:12:20.0176 0x2b70  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
18:12:20.0191 0x2b70  WdiSystemHost - ok
18:12:20.0203 0x2b70  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
18:12:20.0229 0x2b70  wdiwifi - ok
18:12:20.0234 0x2b70  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
18:12:20.0244 0x2b70  WdNisDrv - ok
18:12:20.0246 0x2b70  WdNisSvc - ok
18:12:20.0253 0x2b70  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:12:20.0271 0x2b70  WebClient - ok
18:12:20.0277 0x2b70  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
18:12:20.0294 0x2b70  Wecsvc - ok
18:12:20.0298 0x2b70  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
18:12:20.0311 0x2b70  WEPHOSTSVC - ok
18:12:20.0315 0x2b70  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
18:12:20.0335 0x2b70  wercplsupport - ok
18:12:20.0340 0x2b70  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
18:12:20.0356 0x2b70  WerSvc - ok
18:12:20.0362 0x2b70  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
18:12:20.0372 0x2b70  WFPLWFS - ok
18:12:20.0377 0x2b70  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
18:12:20.0391 0x2b70  WiaRpc - ok
18:12:20.0397 0x2b70  [ 47E0F7D312FC38BB7A001A3DBA781A08, F649B813D54E1FAF3D50AC5957E9EA47961D4771D760741C37DA3EB7A23C0DB4 ] WIMMount        C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys
18:12:20.0405 0x2b70  WIMMount - ok
18:12:20.0407 0x2b70  WinDefend - ok
18:12:20.0414 0x2b70  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
18:12:20.0424 0x2b70  WindowsTrustedRT - ok
18:12:20.0428 0x2b70  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
18:12:20.0436 0x2b70  WindowsTrustedRTProxy - ok
18:12:20.0450 0x2b70  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:12:20.0480 0x2b70  WinHttpAutoProxySvc - ok
18:12:20.0484 0x2b70  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
18:12:20.0492 0x2b70  WinMad - ok
18:12:20.0502 0x2b70  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:12:20.0520 0x2b70  Winmgmt - ok
18:12:20.0558 0x2b70  [ A26570B4A21AD6F4D597148D3C22274E, 594BD3B9B9B4027E5A7025CAB715378FB565FC5E00A0315A2EC3A6EFBC9CC72E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:12:20.0633 0x2b70  WinRM - ok
18:12:20.0642 0x2b70  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
18:12:20.0654 0x2b70  WINUSB - ok
18:12:20.0657 0x2b70  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
18:12:20.0666 0x2b70  WinVerbs - ok
18:12:20.0678 0x2b70  [ 239B9AB452DE728ABCB5E957FAE2699D, CDA8293358CCA0AC247950A2F104E3554DEEEDC6C57CAC8350606D5612B8CA62 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
18:12:20.0704 0x2b70  wisvc - ok
18:12:20.0738 0x2b70  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
18:12:20.0802 0x2b70  WlanSvc - ok
18:12:20.0834 0x2b70  [ 7A98AF088E0B1A5EB98863B14F493716, 8B2F8D02AC0637C72859AF29C05C01D7D1C81C6A15CBE2D579F27F3254E66076 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
18:12:20.0893 0x2b70  wlidsvc - ok
18:12:20.0898 0x2b70  [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum         C:\WINDOWS\system32\drivers\WmBEnum.sys
18:12:20.0904 0x2b70  WmBEnum - ok
18:12:20.0908 0x2b70  [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter        C:\WINDOWS\system32\drivers\WmFilter.sys
18:12:20.0913 0x2b70  WmFilter - ok
18:12:20.0917 0x2b70  [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo         C:\WINDOWS\system32\drivers\WmHidLo.sys
18:12:20.0922 0x2b70  WmHidLo - ok
18:12:20.0925 0x2b70  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
18:12:20.0936 0x2b70  WmiAcpi - ok
18:12:20.0943 0x2b70  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:12:20.0958 0x2b70  wmiApSrv - ok
18:12:20.0961 0x2b70  WMPNetworkSvc - ok
18:12:20.0964 0x2b70  [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid        C:\WINDOWS\system32\drivers\WmVirHid.sys
18:12:20.0969 0x2b70  WmVirHid - ok
18:12:20.0973 0x2b70  [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore        C:\WINDOWS\system32\drivers\WmXlCore.sys
18:12:20.0979 0x2b70  WmXlCore - ok
18:12:20.0985 0x2b70  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
18:12:20.0996 0x2b70  Wof - ok
18:12:21.0001 0x2b70  [ FBA28D5AC166714737D1D8CDF0AEF078, 54FBA1CC80E820B462229FCB987FB8DF2321ED85D9450F3F4A81D0982E5D289F ] WofAdk          C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys
18:12:21.0012 0x2b70  WofAdk - ok
18:12:21.0040 0x2b70  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
18:12:21.0094 0x2b70  workfolderssvc - ok
18:12:21.0099 0x2b70  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
18:12:21.0115 0x2b70  WPDBusEnum - ok
18:12:21.0118 0x2b70  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:12:21.0126 0x2b70  WpdUpFltr - ok
18:12:21.0133 0x2b70  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
18:12:21.0151 0x2b70  WpnService - ok
18:12:21.0156 0x2b70  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
18:12:21.0169 0x2b70  WpnUserService - ok
18:12:21.0174 0x2b70  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:12:21.0187 0x2b70  ws2ifsl - ok
18:12:21.0192 0x2b70  [ FF190115CBA067F58C981F0A9F43ABDF, C90353C748C02DB38B561C250682E12C82985A6F7ED7D497AF5DE10EC243FCBA ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
18:12:21.0210 0x2b70  wscsvc - ok
18:12:21.0213 0x2b70  WSearch - ok
18:12:21.0249 0x2b70  [ 6BA66FE47BFAF223AEE6C98F28EB4D8E, 3B380329594DAD5BB50301F5A8A912BF6121788F395133C70C893879F68450FB ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
18:12:21.0314 0x2b70  wuauserv - ok
18:12:21.0320 0x2b70  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
18:12:21.0332 0x2b70  WudfPf - ok
18:12:21.0339 0x2b70  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
18:12:21.0354 0x2b70  WUDFRd - ok
18:12:21.0358 0x2b70  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
18:12:21.0372 0x2b70  wudfsvc - ok
18:12:21.0378 0x2b70  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:12:21.0393 0x2b70  WUDFWpdFs - ok
18:12:21.0403 0x2b70  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:12:21.0421 0x2b70  WUDFWpdMtp - ok
18:12:21.0441 0x2b70  [ D4F2FFCF5D199152DD01026D3AA38138, 4F90FE9BFC6CC2ABB2A163A36A000458A96AB64071861582F17B74C95CAEFB32 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
18:12:21.0483 0x2b70  WwanSvc - ok
18:12:21.0499 0x2b70  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
18:12:21.0534 0x2b70  XblAuthManager - ok
18:12:21.0553 0x2b70  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
18:12:21.0592 0x2b70  XblGameSave - ok
18:12:21.0599 0x2b70  [ C1E85B4FB08B4CCF16841B165910148B, AB33A6630BFC0E230BA464F721DD4ABB7DF79DF2D81C9C7366CC0BA2251F09F3 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
18:12:21.0616 0x2b70  xboxgip - ok
18:12:21.0632 0x2b70  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
18:12:21.0669 0x2b70  XboxNetApiSvc - ok
18:12:21.0673 0x2b70  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
18:12:21.0684 0x2b70  xinputhid - ok
18:12:21.0691 0x2b70  ================ Scan global ===============================
18:12:21.0694 0x2b70  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
18:12:21.0699 0x2b70  [ C509CCD23B086DFC9EAF86E280043672, BF431DC1C618BAF0CB67976C5A8BCCDC3F3CB266F83C614D605BA559BA8EDFD8 ] C:\WINDOWS\system32\winsrv.dll
18:12:21.0706 0x2b70  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
18:12:21.0715 0x2b70  [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
18:12:21.0720 0x2b70  [ Global ] - ok
18:12:21.0720 0x2b70  ================ Scan MBR ==================================
18:12:21.0920 0x2b70  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:12:21.0956 0x2b70  \Device\Harddisk0\DR0 - ok
18:12:21.0957 0x2b70  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
18:12:22.0122 0x2b70  \Device\Harddisk1\DR1 - ok
18:12:22.0167 0x2b70  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
18:12:22.0378 0x2b70  \Device\Harddisk2\DR2 - ok
18:12:22.0379 0x2b70  ================ Scan VBR ==================================
18:12:22.0381 0x2b70  [ 6CAADFDBCB01482159B61F1A788FB3AA ] \Device\Harddisk0\DR0\Partition1
18:12:22.0383 0x2b70  \Device\Harddisk0\DR0\Partition1 - ok
18:12:22.0384 0x2b70  [ 284769EACA0E4A3996D0C632DB8BD108 ] \Device\Harddisk1\DR1\Partition1
18:12:22.0385 0x2b70  \Device\Harddisk1\DR1\Partition1 - ok
18:12:22.0386 0x2b70  [ 1B9184F1A09965856597CC66C1ED7B33 ] \Device\Harddisk2\DR2\Partition1
18:12:22.0388 0x2b70  \Device\Harddisk2\DR2\Partition1 - ok
18:12:22.0389 0x2b70  [ 05CC8467BE6EFD4D7961C75A75517A79 ] \Device\Harddisk2\DR2\Partition2
18:12:22.0391 0x2b70  \Device\Harddisk2\DR2\Partition2 - ok
18:12:22.0391 0x2b70  ================ Scan generic autorun ======================
18:12:22.0393 0x2b70  [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\Windows\system32\rundll32.exe
18:12:22.0410 0x2b70  Logitech Download Assistant - ok
18:12:22.0454 0x2b70  [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
18:12:22.0503 0x2b70  EvtMgr6 - ok
18:12:22.0510 0x2b70  [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
18:12:22.0517 0x2b70  Start WingMan Profiler - ok
18:12:22.0521 0x2b70  [ 5677C8C60F4659E8626AC9036EEF38DF, 1C7D3EC3BCB3E34900DD9556A3EBAF449C68585DC8E07682E680790497105B8B ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
18:12:22.0530 0x2b70  Classic Start Menu - ok
18:12:22.0532 0x2b70  [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\WINDOWS\system32\rundll32.exe
18:12:22.0549 0x2b70  ShadowPlay - ok
18:12:22.0752 0x2b70  [ 222A34C1E04D3A8DAF9BA6A0414958FB, 5B32621DD9CAAC79CA798E7E6CA0D9EDD3B36CA87734FB37034B3B451EC9DECC ] C:\Program Files\Logitech Gaming Software\LCore.exe
18:12:22.0977 0x2b70  Launch LCore - ok
18:12:23.0008 0x2b70  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
18:12:23.0014 0x2b70  GrooveMonitor - ok
18:12:23.0046 0x2b70  [ C7420E7B290E371967F59026E6B014CE, B5852401CCD1D3EDF89462B47B44D58B85E37D54498EC0E743E16DA17764D495 ] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
18:12:23.0083 0x2b70  NBKeyScan - ok
18:12:23.0087 0x2b70  [ 68B7A5320065FCC7F4DF5A0DC3281EA5, 1B0526C04F78A0F824C20AF92C887488A897A228A13DD8939C2E115039466C34 ] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
18:12:23.0095 0x2b70  CloneCDTray - detected UnsignedFile.Multi.Generic ( 1 )
18:12:23.0150 0x2b70  Detect skipped due to KSN trusted
18:12:23.0150 0x2b70  CloneCDTray - ok
18:12:23.0164 0x2b70  [ 2CCEE09A6445622ABDCDAABE1DE89DC1, 9A653B91797C6A6D87F4521B6DE90DCC131675957D88213D97AF9F94D19F80AE ] C:\Users\nc-be_000\Documents\GIGABYTE\AIVIA GHOST\Tilt.exe
18:12:23.0185 0x2b70  Tilt - detected UnsignedFile.Multi.Generic ( 1 )
18:12:23.0232 0x2b70  Detect skipped due to KSN trusted
18:12:23.0232 0x2b70  Tilt - ok
18:12:23.0236 0x2b70  [ 4746E4EAAB0BA0B67189562A7B40D891, DD2DD76063AC365176800E6838CBAC5E2E362FC518E73A19B0E78B0869E92173 ] C:\Users\nc-be_000\Documents\GIGABYTE\AIVIA GHOST\ghostopen.exe
18:12:23.0247 0x2b70  ghost - detected UnsignedFile.Multi.Generic ( 1 )
18:12:23.0322 0x2b70  Detect skipped due to KSN trusted
18:12:23.0322 0x2b70  ghost - ok
18:12:23.0325 0x2b70  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:12:23.0331 0x2b70  APSDaemon - ok
18:12:23.0376 0x2b70  [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] D:\Program Files (x86)\PDF24\pdf24.exe
18:12:23.0386 0x2b70  PDFPrint - ok
18:12:23.0389 0x2b70  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
18:12:23.0396 0x2b70  HP Software Update - ok
18:12:23.0536 0x2b70  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:12:23.0691 0x2b70  OneDriveSetup - ok
18:12:23.0843 0x2b70  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:12:23.0996 0x2b70  OneDriveSetup - ok
18:12:24.0028 0x2b70  [ E4EFC2CDC71E0698CB81A4D60C3FADFF, 0278452E7FE903053A470EFA0C7813E9C43517EC0C8C9E42C5A9A3C99146D06B ] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
18:12:24.0060 0x2b70  IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
18:12:24.0067 0x2b70  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
18:12:24.0074 0x2b70  Dropbox Update - ok
18:12:24.0096 0x2b70  [ D7B1603DB2DA16CC64FF4B6FEC5CD793, 71455625DB7D488712CE5D16FA7BBE982AB626118A40F98560A1D99B2DF464A6 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
18:12:24.0122 0x2b70  GarminExpressTrayApp - ok
18:12:24.0124 0x2b70  Skype - ok
18:12:24.0163 0x2b70  [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe
18:12:24.0181 0x2b70  Uninstall C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 - ok
18:12:24.0300 0x2b70  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:12:24.0452 0x2b70  OneDriveSetup - ok
18:12:24.0457 0x2b70  Waiting for KSN requests completion. In queue: 29
18:12:25.0468 0x2b70  AV detected via SS2: Bitdefender Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.26.1443 ), 0x41000 ( enabled : updated )
18:12:25.0469 0x2b70  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.26.1443 ), 0x41010 ( enabled )
18:12:25.0545 0x2b70  ============================================================
18:12:25.0545 0x2b70  Scan finished
18:12:25.0545 0x2b70  ============================================================
18:12:25.0550 0x14d4  Detected object count: 1
18:12:25.0550 0x14d4  Actual detected object count: 1
18:14:41.0005 0x14d4  chip1click ( UnsignedFile.Multi.Generic ) - skipped by user
18:14:41.0006 0x14d4  chip1click ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Danke im Voraus

Gruß

Thomas


Alt 07.11.2016, 23:32   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige.



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
--> Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige.

Alt 08.11.2016, 06:52   #7
Tommkin
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

Ergebnisse AdwCleaner und JRT



Hallo,

hier die Protokolle

AdwCleaner:

Code:
ATTFilter
# AdwCleaner v6.030 - Bericht erstellt am 08/11/2016 um 06:00:55
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-08.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : nc-be_000 - THOMASPC
# Gestartet von : C:\Users\nc-be_000\Desktop\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\nc-be_000\AppData\Roaming\wyupdate au


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [8647 Bytes] - [01/11/2015 13:42:45]
C:\AdwCleaner\AdwCleaner[C2].txt - [3043 Bytes] - [06/11/2016 10:10:45]
C:\AdwCleaner\AdwCleaner[C3].txt - [1149 Bytes] - [08/11/2016 06:00:55]
C:\AdwCleaner\AdwCleaner[S1].txt - [8590 Bytes] - [01/11/2015 13:40:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [2624 Bytes] - [06/11/2016 10:07:27]
C:\AdwCleaner\AdwCleaner[S3].txt - [2977 Bytes] - [06/11/2016 10:10:28]
C:\AdwCleaner\AdwCleaner[S4].txt - [1697 Bytes] - [06/11/2016 20:41:59]
C:\AdwCleaner\AdwCleaner[S5].txt - [1812 Bytes] - [08/11/2016 05:57:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1587 Bytes] ##########
         
und JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Pro x64 
Ran by nc-be_000 (Administrator) on 08.11.2016 at  6:05:04,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 7 

Successfully deleted: C:\ProgramData\1464510323.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1465060923.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1465061034.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1465923319.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1472529071.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1478388931.bdinstall.bin (File) 
Successfully deleted: C:\Users\nc-be_000\AppData\Local\crashrpt (Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.11.2016 at  6:07:29,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Gruß

Thomas

Alt 08.11.2016, 09:49   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige.



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.11.2016, 18:03   #9
Tommkin
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

Aktuelle FRST Logs



Vorab möchte ich anmerken das sich das verhalten des Rechners bisher nicht geändert hat.

Bringt es was die Ereignisanzeige Fehlermeldungen zu posten?

Hier die aktuellen Logs:

FRST.TXT

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
durchgeführt von nc-be_000 (Administrator) auf THOMASPC (08-11-2016 17:55:32)
Gestartet von C:\Downloads
Geladene Profile: nc-be_000 (Verfügbare Profile: nc-be_000)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Program Files (x86)\Android_USB_Driver_Z\Bin\MonServiceUDisk.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Users\nc-be_000\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwtxapps.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1842624 2016-09-30] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-02-18] (Nero AG)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [Tilt] => C:\Users\nc-be_000\Documents\GIGABYTE\AIVIA GHOST\Tilt.exe [733184 2013-06-28] ()
HKLM-x32\...\Run: [ghost] => C:\Users\nc-be_000\Documents\GIGABYTE\AIVIA GHOST\ghostopen.exe [191488 2012-09-18] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Run: [Dropbox Update] => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-10-25] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29544576 2016-08-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\RunOnce: [Uninstall C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Policies\Explorer: [ForceCopyAclwithFile] 0
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\MountPoints2: {9c0b4dc4-630f-11e6-81dc-bc5ff4af5685} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL G:\autorun.exe /auto
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-10-25] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-06]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\nc-be_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bdagent.exe.lnk [2016-06-04]
ShortcutTarget: bdagent.exe.lnk -> C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe (Bitdefender)
BootExecute: autocheck autochk * ᄏȀ耀敓晬牆敥䵟汵楴瑓楲杮灁iPM

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b60d1878-7745-42ec-bc77-05bc18952306}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-11-06] (Bitdefender)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-16] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-16] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-11-06] (Bitdefender)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> D:\Program Files (x86)\Free Download Manager\iefdm2.dll [2014-04-22] (FreeDownloadManager.ORG)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-11-06] (Bitdefender)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-11-06] (Bitdefender)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Toolbar: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-11-06] (Bitdefender)

FireFox:
========
FF ProfilePath: C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default [2016-11-08]
FF NewTab: Mozilla\Firefox\Profiles\2990bsgg.default -> hxxps://www.google.de/
FF Homepage: Mozilla\Firefox\Profiles\2990bsgg.default -> hxxps://www.google.de
FF NetworkProxy: Mozilla\Firefox\Profiles\2990bsgg.default -> type", 0
FF Extension: (Firefox Hotfix) - C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (Google Translator for Firefox) - C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\Extensions\translator@zoli.bod.xpi [2016-04-29]
FF Extension: (Garmin Communicator) - C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-08-10] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-29]
FF Extension: (Tab Mix Plus) - C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-10-27]
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2016-05-12]
FF SearchPlugin: C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\searchplugins\google-images.xml [2014-09-28]
FF SearchPlugin: C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\searchplugins\google-maps.xml [2014-09-28]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-05-12] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-09-23] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-28] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT [2016-11-06]
CHR Extension: (Google Docs) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-18]
CHR Extension: (Google Drive) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-18]
CHR Extension: (YouTube) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18]
CHR Extension: (Google-Suche) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-18]
CHR Extension: (Bitdefender Wallet) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem [2016-05-29]
CHR Extension: (Google Tabellen) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-18]
CHR Extension: (Google Docs Offline) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-13]
CHR Extension: (Google Mail) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\nc-be_000\AppData\Local\Google\Chrome\User Data\DEFAULT\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-23]
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1440264 2016-09-22] ()
S2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert]
S2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [344288 2015-03-20] (Futuremark)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [985616 2016-10-25] (Garmin Ltd. or its subsidiaries)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
S3 Microsoft Office Groove Audit Service; D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S3 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 Survarium Update Service; F:\Program Files (x86)\Survarium\game\binaries\x86\survarium_service.exe [98904 2016-10-08] ()
R2 UDisk Monitor Z5 Phone; C:\Program Files (x86)\Android_USB_Driver_Z\Bin\MonServiceUDisk.exe [585416 2013-11-18] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-11-06] (Bitdefender)
S3 vmicguestinterface; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicheartbeat; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmickvpexchange; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicshutdown; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmictimesync; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicvmsession; C:\WINDOWS\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-11-06] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [138664 2014-02-15] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-02-15] (SlySoft, Inc.)
S3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-12-12] (ASRock Incorporation)
R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2014-07-30] (ASRock Inc.)
R3 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-11-06] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-11-01] (BitDefender)
R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2016-02-16] (AVM Berlin)
S3 AxtuDrv; C:\WINDOWS\SysWOW64\Drivers\AxtuDrv.sys [21288 2015-10-17] (RW-Everything)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-07-04] (BitDefender LLC)
S4 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 bthav; C:\WINDOWS\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc) [Datei ist nicht signiert]
R3 com0com; C:\WINDOWS\System32\drivers\com0com.sys [76800 2011-01-25] (Vyacheslav Frolov)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 GeneralusbserialserZ52203; C:\WINDOWS\system32\DRIVERS\CT_U_USBSER_Z5.sys [250568 2013-11-18] (QUALCOMM Incorporated)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
S3 HCWF9BDA; C:\WINDOWS\System32\Drivers\hcwF9b64.sys [188376 2013-09-25] (ITE                      )
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2016-09-11] (REALiX(tm))
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [299816 2016-11-06] (Bitdefender)
S3 Kinonih; C:\WINDOWS\System32\drivers\kinonih.sys [32256 2016-03-11] (Kinoni)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 lgLowAudio; C:\WINDOWS\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2016-11-07] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 npusbio; C:\WINDOWS\System32\Drivers\npusbio_x64.sys [38400 2015-12-14] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4i.inf_amd64_9366b2f0469d5baf\nvlddmkm.sys [14159928 2016-10-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-09-02] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-02-19] (Realtek                                            )
S3 SaiHFF12; C:\WINDOWS\system32\DRIVERS\SaiHFF12.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF12; C:\WINDOWS\system32\DRIVERS\SaiIFF12.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S2 SPVVEngine; C:\WINDOWS\system32\Drivers\spvve.sys [246248 2015-10-29] ()
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [44184 2012-08-02] (STMicroelectronics)
R1 truecrypt; C:\Windows\SysWow64\drivers\truecrypt.sys [238784 2014-05-05] (TrueCrypt Foundation)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-07-04] (BitDefender S.R.L.)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-11-28] ()
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-11-28] ()
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700424 2014-11-28] ()
R1 Uim_VIM; C:\WINDOWS\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
S3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [45168 2015-01-05] (Shaul Eizikovich)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [42688 2016-07-16] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221376 2016-07-16] (Microsoft Corporation)
S3 igfx; \SystemRoot\system32\DRIVERS\igdkmd64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-08 06:00 - 2016-11-08 06:00 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-11-08 05:52 - 2016-11-08 05:52 - 01631928 _____ (Malwarebytes) C:\Users\nc-be_000\Desktop\JRT.exe
2016-11-08 05:51 - 2016-11-08 05:51 - 03910208 _____ C:\Users\nc-be_000\Desktop\AdwCleaner_6.030.exe
2016-11-07 22:08 - 2016-10-25 21:00 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-11-07 22:08 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-11-07 22:08 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-11-07 22:08 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-11-07 22:08 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-11-07 22:07 - 2016-11-07 22:07 - 00000000 ____D C:\WINDOWS\LastGood
2016-11-07 18:11 - 2016-11-07 18:15 - 00305968 _____ C:\TDSSKiller.3.1.0.11_07.11.2016_18.11.02_log.txt
2016-11-07 07:09 - 2016-11-07 07:09 - 00000000 ____D C:\Users\nc-be_000\AppData\Temp
2016-11-06 23:25 - 2016-11-08 17:55 - 00000000 ____D C:\FRST
2016-11-06 20:54 - 2016-11-06 21:12 - 00001258 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001UA1d238679d8a6055.job
2016-11-06 20:54 - 2016-11-06 21:12 - 00001206 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001Core1d238679d87fdf3.job
2016-11-06 20:54 - 2016-11-06 20:54 - 00004416 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001UA1d238679d8a6055
2016-11-06 20:54 - 2016-11-06 20:54 - 00004040 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001Core1d238679d87fdf3
2016-11-06 09:57 - 2016-11-07 17:58 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-06 09:57 - 2016-11-06 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-11-06 09:57 - 2016-11-06 09:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-11-06 09:57 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-11-06 09:57 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-06 09:52 - 2016-11-06 09:52 - 00028194 _____ C:\ProgramData\agent.1478422350.bdinstall.bin
2016-11-06 00:59 - 2016-11-06 00:59 - 00299816 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-11-06 00:58 - 2016-11-06 00:58 - 01605376 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-11-06 00:58 - 2016-11-06 00:58 - 00028192 _____ C:\ProgramData\agent.1478390323.bdinstall.bin
2016-11-06 00:56 - 2016-11-06 00:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-06 00:36 - 2016-11-06 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-11-06 00:36 - 2016-11-06 00:36 - 00000684 ____H C:\bdr-cf03
2016-11-06 00:35 - 2016-11-06 00:36 - 00253404 ____H C:\bdr-ld03
2016-11-06 00:35 - 2016-11-06 00:36 - 00009216 ____H C:\bdr-ld03.mbr
2016-11-06 00:35 - 2016-07-04 19:44 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-11-06 00:35 - 2015-12-16 04:53 - 00182936 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-11-06 00:35 - 2015-12-15 21:35 - 49760229 ____H C:\bdr-im03.gz
2016-11-06 00:35 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz03
2016-11-06 00:07 - 2016-11-07 21:41 - 00002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2016-11-06 00:07 - 2016-11-06 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-11-06 00:04 - 2016-11-06 00:04 - 00528676 _____ C:\WINDOWS\Minidump\110616-14250-01.dmp
2016-11-02 07:31 - 2016-11-02 07:31 - 00028768 _____ C:\ProgramData\agent.1478068292.bdinstall.bin
2016-11-01 09:59 - 2016-11-01 09:59 - 00878072 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-10-31 18:09 - 2016-10-31 18:09 - 00000585 _____ C:\Users\nc-be_000\Desktop\simFFB.exe - Verknüpfung.lnk
2016-10-31 17:29 - 2016-10-31 17:29 - 00000644 _____ C:\Users\nc-be_000\Desktop\aceshigh.lnk
2016-10-31 09:30 - 2016-10-31 09:30 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-10-31 09:29 - 2016-10-25 22:40 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 10782952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 10332664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 09120512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 08913512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 08723968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 03927288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 03468736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 02940352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 02574784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-10-31 09:29 - 2016-10-25 22:40 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-10-30 12:36 - 2016-10-30 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-30 12:36 - 2016-10-30 12:36 - 00000000 ____D C:\Program Files\7-Zip
2016-10-29 23:27 - 2016-10-29 23:27 - 00002717 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elite Dangerous Market Connector.lnk
2016-10-29 07:55 - 2016-10-29 07:55 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-28 18:06 - 2016-10-15 10:01 - 00389400 __RSH C:\bootmgr
2016-10-28 18:06 - 2016-07-16 12:43 - 00000001 ___SH C:\BOOTNXT
2016-10-28 18:05 - 2016-10-28 18:05 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-28 16:45 - 2016-10-25 00:30 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-28 16:45 - 2016-10-25 00:30 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-28 15:46 - 2016-10-15 06:11 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-28 15:46 - 2016-10-15 05:51 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-28 15:46 - 2016-10-15 05:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-28 15:46 - 2016-10-15 05:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 15:46 - 2016-10-15 05:48 - 07817568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-28 15:46 - 2016-10-15 05:48 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-28 15:46 - 2016-10-15 05:48 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-28 15:46 - 2016-10-15 05:48 - 00773712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-28 15:46 - 2016-10-15 05:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 15:46 - 2016-10-15 05:47 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-28 15:46 - 2016-10-15 05:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-28 15:46 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-28 15:46 - 2016-10-15 05:32 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-28 15:46 - 2016-10-15 05:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-28 15:46 - 2016-10-15 05:26 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-28 15:46 - 2016-10-15 05:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-28 15:46 - 2016-10-15 05:22 - 01608896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-10-28 15:46 - 2016-10-15 05:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-28 15:46 - 2016-10-15 05:22 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-28 15:46 - 2016-10-15 05:22 - 00628040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-28 15:46 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-28 15:46 - 2016-10-15 05:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-28 15:46 - 2016-10-15 05:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-10-28 15:46 - 2016-10-15 05:15 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-28 15:46 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-28 15:46 - 2016-10-15 05:11 - 01424488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-10-28 15:46 - 2016-10-15 05:11 - 01263848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-28 15:46 - 2016-10-15 05:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 15:46 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 15:46 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-28 15:46 - 2016-10-15 04:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 15:46 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-28 15:46 - 2016-10-15 04:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-28 15:46 - 2016-10-15 04:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-28 15:46 - 2016-10-15 04:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-28 15:46 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-28 15:46 - 2016-10-15 04:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 15:46 - 2016-10-15 04:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-28 15:46 - 2016-10-15 04:55 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-10-28 15:46 - 2016-10-15 04:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 15:46 - 2016-10-15 04:55 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-28 15:46 - 2016-10-15 04:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 15:46 - 2016-10-15 04:54 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-28 15:46 - 2016-10-15 04:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-28 15:46 - 2016-10-15 04:54 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-28 15:46 - 2016-10-15 04:54 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-28 15:46 - 2016-10-15 04:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 15:46 - 2016-10-15 04:53 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-28 15:46 - 2016-10-15 04:53 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-10-28 15:46 - 2016-10-15 04:53 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-28 15:46 - 2016-10-15 04:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-10-28 15:46 - 2016-10-15 04:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-28 15:46 - 2016-10-15 04:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 15:46 - 2016-10-15 04:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-28 15:46 - 2016-10-15 04:52 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-10-28 15:46 - 2016-10-15 04:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-28 15:46 - 2016-10-15 04:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-10-28 15:46 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-28 15:46 - 2016-10-15 04:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 15:46 - 2016-10-15 04:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 15:46 - 2016-10-15 04:50 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-10-28 15:46 - 2016-10-15 04:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 15:46 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-28 15:46 - 2016-10-15 04:49 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-28 15:46 - 2016-10-15 04:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 15:46 - 2016-10-15 04:49 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-28 15:46 - 2016-10-15 04:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-28 15:46 - 2016-10-15 04:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 15:46 - 2016-10-15 04:48 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-28 15:46 - 2016-10-15 04:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-28 15:46 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-28 15:46 - 2016-10-15 04:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-28 15:46 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-28 15:46 - 2016-10-15 04:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-28 15:46 - 2016-10-15 04:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-28 15:46 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 15:46 - 2016-10-15 04:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 15:46 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-28 15:46 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 15:46 - 2016-10-15 04:44 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-10-28 15:46 - 2016-10-15 04:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-28 15:46 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-28 15:46 - 2016-10-15 04:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-28 15:46 - 2016-10-15 04:42 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-28 15:46 - 2016-10-15 04:40 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-28 15:46 - 2016-10-15 04:40 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-28 15:46 - 2016-10-15 04:39 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-10-28 15:46 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-28 15:46 - 2016-10-15 04:37 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-28 15:46 - 2016-10-15 04:37 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-10-28 15:46 - 2016-10-15 04:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-28 15:46 - 2016-10-15 04:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-28 15:46 - 2016-10-15 04:36 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-28 15:46 - 2016-10-15 04:36 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-28 15:46 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-28 15:46 - 2016-10-15 04:35 - 02999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-28 15:46 - 2016-10-15 04:35 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-28 15:46 - 2016-10-15 04:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 15:46 - 2016-10-15 04:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-28 15:46 - 2016-10-15 04:35 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-28 15:46 - 2016-10-15 04:34 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-28 15:46 - 2016-10-15 04:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-28 15:46 - 2016-09-10 14:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-28 15:46 - 2016-08-27 06:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-28 15:45 - 2016-10-15 05:51 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-28 15:45 - 2016-10-15 05:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-28 15:45 - 2016-10-15 05:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 15:45 - 2016-10-15 05:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-28 15:45 - 2016-10-15 05:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-28 15:45 - 2016-10-15 05:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-28 15:45 - 2016-10-15 05:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-28 15:45 - 2016-10-15 05:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-28 15:45 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-28 15:45 - 2016-10-15 05:32 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-28 15:45 - 2016-10-15 05:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-28 15:45 - 2016-10-15 05:31 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-28 15:45 - 2016-10-15 05:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-28 15:45 - 2016-10-15 05:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-28 15:45 - 2016-10-15 05:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-28 15:45 - 2016-10-15 05:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-28 15:45 - 2016-10-15 05:30 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-28 15:45 - 2016-10-15 05:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-28 15:45 - 2016-10-15 05:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-28 15:45 - 2016-10-15 05:30 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-10-28 15:45 - 2016-10-15 05:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-28 15:45 - 2016-10-15 05:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-28 15:45 - 2016-10-15 05:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-28 15:45 - 2016-10-15 05:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-28 15:45 - 2016-10-15 05:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-28 15:45 - 2016-10-15 05:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-28 15:45 - 2016-10-15 05:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-28 15:45 - 2016-10-15 05:26 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-10-28 15:45 - 2016-10-15 05:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-28 15:45 - 2016-10-15 05:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 15:45 - 2016-10-15 05:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-28 15:45 - 2016-10-15 05:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-28 15:45 - 2016-10-15 05:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-28 15:45 - 2016-10-15 05:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-28 15:45 - 2016-10-15 05:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-28 15:45 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-28 15:45 - 2016-10-15 05:19 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-28 15:45 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-28 15:45 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-28 15:45 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-28 15:45 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-28 15:45 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-28 15:45 - 2016-10-15 05:14 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-28 15:45 - 2016-10-15 05:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-28 15:45 - 2016-10-15 05:11 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-28 15:45 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-28 15:45 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-28 15:45 - 2016-10-15 05:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 15:45 - 2016-10-15 05:02 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-28 15:45 - 2016-10-15 05:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 15:45 - 2016-10-15 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-28 15:45 - 2016-10-15 04:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-28 15:45 - 2016-10-15 04:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-10-28 15:45 - 2016-10-15 04:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-10-28 15:45 - 2016-10-15 04:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-28 15:45 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-28 15:45 - 2016-10-15 04:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-10-28 15:45 - 2016-10-15 04:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-28 15:45 - 2016-10-15 04:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-28 15:45 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-28 15:45 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-28 15:45 - 2016-10-15 04:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-28 15:45 - 2016-10-15 04:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 15:45 - 2016-10-15 04:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 15:45 - 2016-10-15 04:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 15:45 - 2016-10-15 04:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 15:45 - 2016-10-15 04:55 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-10-28 15:45 - 2016-10-15 04:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-28 15:45 - 2016-10-15 04:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 15:45 - 2016-10-15 04:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-28 15:45 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-28 15:45 - 2016-10-15 04:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-28 15:45 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-28 15:45 - 2016-10-15 04:53 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-10-28 15:45 - 2016-10-15 04:53 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-10-28 15:45 - 2016-10-15 04:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-28 15:45 - 2016-10-15 04:53 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-28 15:45 - 2016-10-15 04:52 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-28 15:45 - 2016-10-15 04:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 15:45 - 2016-10-15 04:51 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-28 15:45 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-10-28 15:45 - 2016-10-15 04:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 15:45 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-28 15:45 - 2016-10-15 04:49 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-10-28 15:45 - 2016-10-15 04:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-10-28 15:45 - 2016-10-15 04:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 15:45 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-28 15:45 - 2016-10-15 04:48 - 23680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-28 15:45 - 2016-10-15 04:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-28 15:45 - 2016-10-15 04:47 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-28 15:45 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-28 15:45 - 2016-10-15 04:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 15:45 - 2016-10-15 04:47 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-10-28 15:45 - 2016-10-15 04:46 - 19418112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-28 15:45 - 2016-10-15 04:46 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-28 15:45 - 2016-10-15 04:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 15:45 - 2016-10-15 04:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-10-28 15:45 - 2016-10-15 04:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 15:45 - 2016-10-15 04:45 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-28 15:45 - 2016-10-15 04:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 15:45 - 2016-10-15 04:45 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-28 15:45 - 2016-10-15 04:44 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-28 15:45 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-28 15:45 - 2016-10-15 04:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-28 15:45 - 2016-10-15 04:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 15:45 - 2016-10-15 04:42 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-28 15:45 - 2016-10-15 04:42 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-28 15:45 - 2016-10-15 04:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-28 15:45 - 2016-10-15 04:42 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-10-28 15:45 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-28 15:45 - 2016-10-15 04:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-28 15:45 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-28 15:45 - 2016-10-15 04:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 15:45 - 2016-10-15 04:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 15:45 - 2016-10-15 04:40 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-10-28 15:45 - 2016-10-15 04:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-10-28 15:45 - 2016-10-15 04:38 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-10-28 15:45 - 2016-10-15 04:38 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-28 15:45 - 2016-10-15 04:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-28 15:45 - 2016-10-15 04:36 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-10-28 15:45 - 2016-10-15 04:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 02670592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-28 15:45 - 2016-10-15 04:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-10-28 15:45 - 2016-10-15 04:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-28 15:45 - 2016-10-15 04:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-28 15:45 - 2016-08-06 05:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-27 08:33 - 2016-10-27 08:33 - 00026276 _____ C:\ProgramData\agent.1477553607.bdinstall.bin
2016-10-27 01:07 - 2016-10-27 01:07 - 00611804 _____ C:\WINDOWS\Minidump\102716-39187-01.dmp
2016-10-24 23:01 - 2016-10-22 08:25 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437563.dll
2016-10-24 23:01 - 2016-10-22 08:25 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437563.dll
2016-10-23 12:19 - 2016-10-23 12:19 - 00000000 ____D C:\Program Files\ASRock Utility
2016-10-22 12:12 - 2016-11-06 00:03 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-10-21 19:01 - 2016-10-19 23:43 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-10-21 19:01 - 2016-10-19 23:43 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-10-21 19:01 - 2016-10-19 23:43 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-10-21 19:01 - 2016-10-18 22:27 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437557.dll
2016-10-21 19:01 - 2016-10-18 22:27 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437557.dll
2016-10-21 19:01 - 2016-10-18 22:27 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-10-21 19:01 - 2016-10-18 22:27 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-10-19 19:30 - 2016-11-06 00:04 - 706885211 ____N C:\WINDOWS\MEMORY.DMP
2016-10-19 19:30 - 2016-10-19 19:30 - 00484180 _____ C:\WINDOWS\Minidump\101916-18687-01.dmp
2016-10-19 11:06 - 2016-10-19 11:06 - 00000798 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-10-17 11:15 - 2016-10-17 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-10-17 11:15 - 2016-10-17 11:21 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-10-17 11:15 - 2016-10-17 11:15 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-10-16 13:26 - 2016-10-18 09:16 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\ED-IBE
2016-10-13 21:12 - 2016-10-13 21:12 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-12 13:40 - 2016-10-12 13:40 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\TeamViewer
2016-10-12 09:54 - 2016-10-12 09:54 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-10-11 21:21 - 2016-10-05 11:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-11 21:21 - 2016-10-05 11:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-11 21:21 - 2016-10-05 10:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 21:21 - 2016-10-05 10:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-11 21:21 - 2016-10-05 10:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-11 21:21 - 2016-10-05 10:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-11 21:21 - 2016-10-05 10:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-11 21:21 - 2016-10-05 10:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-11 21:21 - 2016-10-05 10:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-11 21:21 - 2016-10-05 10:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-11 21:21 - 2016-10-05 10:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-11 21:21 - 2016-10-05 10:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-11 21:21 - 2016-10-05 10:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-11 21:21 - 2016-10-05 10:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-11 21:21 - 2016-10-05 10:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-11 21:21 - 2016-10-05 10:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-11 21:21 - 2016-10-05 10:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-11 21:21 - 2016-10-05 10:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-11 21:21 - 2016-10-05 10:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-11 21:21 - 2016-10-05 10:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-11 21:21 - 2016-10-05 10:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-11 21:21 - 2016-10-05 10:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-11 21:21 - 2016-10-05 10:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-11 21:21 - 2016-10-05 10:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-11 21:21 - 2016-10-05 10:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-11 21:21 - 2016-10-05 10:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-11 21:21 - 2016-10-05 10:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-11 21:21 - 2016-10-05 10:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-11 21:21 - 2016-10-05 10:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-11 21:21 - 2016-10-05 10:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-11 21:21 - 2016-10-05 10:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-11 21:21 - 2016-10-05 10:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-11 21:20 - 2016-10-05 11:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-11 21:20 - 2016-10-05 11:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-11 21:20 - 2016-10-05 11:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-11 21:20 - 2016-10-05 11:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-11 21:20 - 2016-10-05 11:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-11 21:20 - 2016-10-05 11:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-11 21:20 - 2016-10-05 11:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-11 21:20 - 2016-10-05 11:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-11 21:20 - 2016-10-05 11:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-11 21:20 - 2016-10-05 11:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-11 21:20 - 2016-10-05 11:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-11 21:20 - 2016-10-05 11:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-11 21:20 - 2016-10-05 10:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-11 21:20 - 2016-10-05 10:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-11 21:20 - 2016-10-05 10:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-11 21:20 - 2016-10-05 10:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-11 21:20 - 2016-10-05 10:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-11 21:20 - 2016-10-05 10:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-11 21:20 - 2016-10-05 10:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-11 21:20 - 2016-10-05 10:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-11 21:20 - 2016-10-05 10:36 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-10-11 21:20 - 2016-10-05 10:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-11 21:20 - 2016-10-05 10:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-11 21:20 - 2016-10-05 10:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-11 21:20 - 2016-10-05 10:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-11 21:20 - 2016-10-05 10:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-11 21:20 - 2016-10-05 10:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-11 21:20 - 2016-10-05 10:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-11 21:20 - 2016-10-05 10:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-11 21:20 - 2016-10-05 10:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-11 21:20 - 2016-10-05 10:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-11 21:20 - 2016-10-05 10:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-11 21:20 - 2016-10-05 10:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-11 21:20 - 2016-10-05 10:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-11 21:20 - 2016-10-05 10:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-11 21:20 - 2016-10-05 10:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-11 21:20 - 2016-10-05 10:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-11 21:20 - 2016-10-05 10:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-11 21:20 - 2016-10-05 10:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-11 21:20 - 2016-10-05 10:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-11 21:20 - 2016-10-05 10:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-11 21:20 - 2016-10-05 10:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 21:20 - 2016-10-05 10:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-11 21:20 - 2016-10-05 10:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-11 21:20 - 2016-10-05 10:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-11 21:20 - 2016-10-05 10:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-11 21:20 - 2016-10-05 10:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-11 21:20 - 2016-10-05 10:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-11 21:20 - 2016-10-05 10:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-11 21:20 - 2016-10-05 10:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-11 21:20 - 2016-10-05 10:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-11 21:20 - 2016-10-05 10:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-11 21:20 - 2016-10-05 10:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-11 21:20 - 2016-10-05 10:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-11 21:20 - 2016-10-05 10:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-11 21:20 - 2016-10-05 10:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-11 21:20 - 2016-10-05 10:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-11 21:20 - 2016-10-05 10:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-11 21:20 - 2016-10-05 10:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-11 21:20 - 2016-10-05 10:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-11 21:20 - 2016-10-05 10:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-11 21:20 - 2016-10-05 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-11 21:20 - 2016-10-05 10:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-11 21:20 - 2016-10-05 10:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-11 21:20 - 2016-10-05 10:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-11 21:20 - 2016-10-05 10:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-11 21:20 - 2016-10-05 10:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-11 21:20 - 2016-10-05 10:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-11 21:20 - 2016-10-05 10:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-11 21:20 - 2016-10-05 10:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-11 21:20 - 2016-10-05 10:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-11 21:20 - 2016-10-05 10:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-11 21:20 - 2016-10-05 10:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-11 21:20 - 2016-10-05 10:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-11 21:20 - 2016-10-05 10:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-11 21:20 - 2016-10-05 10:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-11 21:20 - 2016-10-05 10:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-11 21:20 - 2016-10-05 10:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-11 21:20 - 2016-10-05 10:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-11 21:20 - 2016-10-05 10:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-11 21:20 - 2016-10-05 10:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-11 21:20 - 2016-10-05 10:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-11 21:20 - 2016-10-05 10:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-11 21:20 - 2016-10-05 10:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-11 21:20 - 2016-10-05 10:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-11 21:20 - 2016-10-05 10:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-11 21:20 - 2016-10-05 10:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-11 21:20 - 2016-10-05 10:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-11 21:20 - 2016-10-05 10:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-11 21:20 - 2016-10-05 10:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-11 21:20 - 2016-10-05 10:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-11 21:20 - 2016-10-05 10:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-11 21:20 - 2016-10-05 10:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-11 21:20 - 2016-10-05 01:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-11 21:20 - 2016-09-07 06:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-11 21:13 - 2016-10-11 21:13 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-11 21:13 - 2016-10-11 21:13 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-11 11:02 - 2016-10-11 11:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickGamma
2016-10-11 10:29 - 2016-10-11 10:29 - 00000000 ____D C:\WINDOWS\amlog
2016-10-11 10:12 - 2016-10-11 10:13 - 00000772 _____ C:\WINDOWS\ampa.ini
2016-10-11 10:05 - 2016-10-22 12:13 - 00001024 ____H C:\AMTAG.BIN
2016-10-11 10:05 - 2016-10-11 10:05 - 00001006 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant Standard Edition 6.0.lnk
2016-10-11 10:05 - 2016-10-11 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.0
2016-10-11 10:05 - 2015-12-11 08:57 - 01920624 _____ C:\WINDOWS\ampa.exe
2016-10-11 10:05 - 2015-11-10 08:36 - 00019568 _____ C:\WINDOWS\SysWOW64\ampa.sys
2016-10-11 10:05 - 2015-11-10 08:36 - 00019568 _____ C:\WINDOWS\system32\ampa.sys
2016-10-10 17:53 - 2016-10-10 17:54 - 00000431 ____N C:\Users\nc-be_000\medcd.ini
2016-10-10 17:53 - 2004-11-11 10:54 - 00008682 ____N C:\Users\nc-be_000\overlay.ini
2016-10-10 17:53 - 2004-11-03 11:34 - 00000000 ____N C:\Users\nc-be_000\vorlagen.ini
2016-10-09 10:48 - 2016-10-09 10:48 - 00000000 ____D C:\WINDOWS\Panther

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-08 17:47 - 2016-07-16 23:51 - 02253434 _____ C:\WINDOWS\system32\perfh007.dat
2016-11-08 17:47 - 2016-07-16 23:51 - 00594356 _____ C:\WINDOWS\system32\perfc007.dat
2016-11-08 17:47 - 2015-08-08 08:58 - 04737060 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-08 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-08 17:40 - 2016-08-13 18:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-08 17:40 - 2016-08-13 18:03 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-08 17:40 - 2016-05-29 09:15 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-11-08 07:08 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-08 07:08 - 2015-08-16 13:30 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\ClassicShell
2016-11-08 07:08 - 2014-05-04 20:57 - 00806550 _____ C:\bdlog.txt
2016-11-08 06:46 - 2016-08-13 18:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-08 06:00 - 2015-11-01 13:40 - 00000000 ____D C:\AdwCleaner
2016-11-07 22:08 - 2016-09-16 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-07 22:08 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-07 22:08 - 2016-03-29 19:32 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-07 22:06 - 2016-08-13 18:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-07 18:09 - 2015-11-28 16:51 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\CrashDumps
2016-11-07 18:09 - 2015-11-01 09:19 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-07 18:00 - 2015-11-01 09:19 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-07 07:13 - 2016-08-13 18:04 - 00000000 ____D C:\Users\nc-be_000
2016-11-07 07:08 - 2014-05-05 16:39 - 00000000 ____D C:\Users\nc-be_000\Desktop\Tools
2016-11-06 21:12 - 2016-03-14 07:18 - 00000000 ____D C:\WINDOWS\pss
2016-11-06 09:57 - 2015-11-01 09:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-06 00:36 - 2016-05-29 09:26 - 00002291 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2016-11-06 00:36 - 2016-05-29 09:26 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\Bitdefender
2016-11-06 00:35 - 2016-05-29 09:25 - 00000000 ____D C:\ProgramData\Bitdefender
2016-11-06 00:35 - 2014-05-04 17:53 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-11-06 00:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-06 00:10 - 2016-01-17 12:26 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2016-11-06 00:10 - 2014-08-11 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-11-06 00:07 - 2014-05-05 22:13 - 00000000 ____D C:\Program Files (x86)\Garmin
2016-11-06 00:07 - 2014-05-05 00:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-06 00:04 - 2016-08-25 19:21 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-06 00:03 - 2016-09-21 21:07 - 00000000 ____D C:\Users\OVRLibraryService
2016-11-06 00:03 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-06 00:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
2016-11-06 00:03 - 2016-02-16 12:12 - 00000000 ____D C:\Program Files (x86)\FRITZ!BoxPrint
2016-11-06 00:03 - 2016-02-16 12:12 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2016-11-06 00:03 - 2015-03-28 10:37 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-11-06 00:03 - 2014-10-02 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-11-06 00:03 - 2014-10-02 22:55 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-11-06 00:03 - 2014-08-31 13:26 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Google
2016-11-06 00:03 - 2014-05-05 20:46 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cuttermaran
2016-11-06 00:03 - 2014-05-04 23:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-06 00:03 - 2014-05-04 23:08 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\TeraCopy
2016-11-06 00:03 - 2014-05-04 23:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-11-06 00:03 - 2014-05-04 13:25 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Packages
2016-11-03 22:47 - 2014-07-28 16:56 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\ElevatedDiagnostics
2016-11-03 08:22 - 2014-10-02 22:55 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\Samsung
2016-11-02 20:16 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-11-01 13:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-01 13:28 - 2015-06-22 19:49 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\vlc
2016-10-29 23:27 - 2016-01-01 19:29 - 00000000 ____D C:\Program Files (x86)\EDMarketConnector
2016-10-29 18:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-29 16:24 - 2015-12-13 13:50 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-29 07:55 - 2015-02-01 10:05 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\Dropbox
2016-10-28 19:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-28 19:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-28 19:07 - 2014-08-16 17:30 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Adobe
2016-10-28 18:06 - 2016-08-13 18:02 - 00616352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-28 18:06 - 2015-08-08 08:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-28 18:05 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-28 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-28 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-28 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-28 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-28 16:45 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-27 22:22 - 2016-01-01 19:30 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\EDMarketConnector
2016-10-27 22:21 - 2016-01-29 23:56 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Frontier_Developments
2016-10-25 21:17 - 2016-09-19 09:19 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-25 21:17 - 2016-09-19 09:19 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-25 21:17 - 2016-09-19 09:19 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-25 21:17 - 2016-09-19 09:19 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-25 21:17 - 2016-09-19 09:19 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-25 21:17 - 2016-09-16 11:42 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-25 21:17 - 2016-09-16 11:42 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-25 21:13 - 2016-09-16 07:34 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-10-24 07:31 - 2016-09-19 09:19 - 07507695 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-24 07:10 - 2015-10-17 18:24 - 00021288 _____ (RW-Everything) C:\WINDOWS\SysWOW64\Drivers\ArdDrv.sys
2016-10-23 09:00 - 2014-05-07 04:57 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Logitech
2016-10-22 22:41 - 2015-03-27 17:25 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\NVIDIA Corporation
2016-10-22 12:12 - 2015-03-20 17:45 - 00000000 ____D C:\Users\nc-be_000\AppData\Local\Downloaded Installations
2016-10-22 12:05 - 2014-05-04 17:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-22 12:03 - 2014-12-15 06:51 - 00000000 ____D C:\ProgramData\TEMP
2016-10-21 19:47 - 2015-12-18 18:32 - 00002273 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-21 19:47 - 2015-12-18 18:32 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-21 19:02 - 2016-08-13 18:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-21 19:02 - 2016-08-13 18:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-21 07:48 - 2015-12-25 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-19 19:31 - 2016-07-06 17:28 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\discord
2016-10-19 11:06 - 2016-04-24 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-10-18 20:15 - 2014-05-04 20:58 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\TS3Client
2016-10-18 18:40 - 2014-06-09 12:20 - 00171224 _____ C:\Users\nc-be_000\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-17 12:50 - 2014-09-18 19:53 - 00000000 ____D C:\Users\nc-be_000\AppData\Roaming\DVDVideoSoft
2016-10-13 19:07 - 2015-06-14 08:41 - 00000000 ____D C:\Users\nc-be_000\Documents\Survarium
2016-10-12 13:40 - 2016-09-19 09:51 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-10-12 13:38 - 2014-09-09 05:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 13:38 - 2014-09-09 05:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 10:49 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 10:49 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-12 10:49 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-12 10:49 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-12 10:49 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-12 09:54 - 2014-05-04 13:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 09:51 - 2014-09-09 05:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-12 09:51 - 2014-05-04 13:44 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-11 09:11 - 2016-08-13 18:03 - 00067584 ____S C:\WINDOWS\bootstat2.dat
2016-10-11 08:53 - 2016-09-21 19:56 - 00000000 ____D C:\Program Files\OCPlugIn
2016-10-09 15:03 - 2014-05-07 05:02 - 01065984 _____ C:\Users\nc-be_000\AppData\Local\file__0.localstorage
2016-10-09 15:02 - 2014-05-07 05:02 - 00000000 ____D C:\Users\nc-be_000\Heaven

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-05 04:52 - 2015-05-05 04:52 - 0139608 _____ () C:\Users\nc-be_000\AppData\Roaming\icarus-dxdiag.xml
2014-05-07 05:02 - 2016-10-09 15:03 - 1065984 _____ () C:\Users\nc-be_000\AppData\Local\file__0.localstorage
2014-05-05 05:33 - 2014-07-04 19:33 - 0000083 ___SH () C:\ProgramData\.zreglib
2016-09-19 19:16 - 2016-09-19 19:16 - 0026853 _____ () C:\ProgramData\agent.1474308984.bdinstall.bin
2016-10-27 08:33 - 2016-10-27 08:33 - 0026276 _____ () C:\ProgramData\agent.1477553607.bdinstall.bin
2016-11-02 07:31 - 2016-11-02 07:31 - 0028768 _____ () C:\ProgramData\agent.1478068292.bdinstall.bin
2016-11-06 00:58 - 2016-11-06 00:58 - 0028192 _____ () C:\ProgramData\agent.1478390323.bdinstall.bin
2016-11-06 09:52 - 2016-11-06 09:52 - 0028194 _____ () C:\ProgramData\agent.1478422350.bdinstall.bin
2014-05-04 23:49 - 2014-05-04 23:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-06 15:23 - 2016-08-21 12:42 - 0002643 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\nc-be_000\AppData\Local\Temp\i4jdel0.exe
C:\Users\nc-be_000\AppData\Local\Temp\libeay32.dll
C:\Users\nc-be_000\AppData\Local\Temp\msvcr120.dll
C:\Users\nc-be_000\AppData\Local\Temp\Nexus Mod Manager-0.63.1.exe
C:\Users\nc-be_000\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\nc-be_000\AppData\Local\Temp\nvStInst.exe
C:\Users\nc-be_000\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-06 13:26

==================== Ende von FRST.txt ============================
         

Alt 08.11.2016, 18:04   #10
Tommkin
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

Aktuelle FRST Logs 2



Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-11-2016
durchgeführt von nc-be_000 (08-11-2016 17:55:57)
Gestartet von C:\Downloads
Windows 10 Pro Version 1607 (X64) (2016-08-13 17:26:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2909243537-4192776109-3153355720-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2909243537-4192776109-3153355720-503 - Limited - Disabled)
Gast (S-1-5-21-2909243537-4192776109-3153355720-501 - Limited - Disabled)
nc-be_000 (S-1-5-21-2909243537-4192776109-3153355720-1001 - Administrator - Enabled) => C:\Users\nc-be_000

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3DMark (HKLM-x32\...\{66847f67-7331-422f-bc6c-d961c453d7df}) (Version: 1.5.884.0 - Futuremark)
3DMark (Version: 1.5.884.0 - Futuremark) Hidden
4500_G510nz_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Aces High III (remove only) (HKLM-x32\...\Aces High III) (Version: Version 0.09 Patch 1 - Hitech Creations, Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AIVIA GHOST (HKLM-x32\...\{4E711815-5F4E-47F2-B1E1-C0B43A8D57F3}) (Version: 1.06.0000 - GIGABYTE)
Android USB Driver (HKLM-x32\...\Z5 Android USB Driver_is1) (Version:  - )
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.4.6.0 - SlySoft)
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Compatibility Toolkit (Version: 10.1.14393.0 - Microsoft) Hidden
Appman Sequencer on amd64 (Version: 10.1.14393.0 - Microsoft) Hidden
ASRock XFast RAM v2.0.29 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Assessments on Client (x32 Version: 10.1.14393.0 - Microsoft) Hidden
AusweisApp2 (HKLM-x32\...\{1C785E05-CFC7-43BE-9A52-9FB39C180CB8}) (Version: 1.2.2 - Governikus GmbH & Co. KG)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1436 - Bitdefender)
Bitdefender Internet Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.28.1478 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BQ Handset USB Driver 1.0 (HKLM-x32\...\USB Driver_is1) (Version:  - )
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
COMPUTER BILD Spionage-Stopper für Windows 10 (HKLM-x32\...\{F9565211-5480-408D-BC7C-1FE7B8366ACE}_is1) (Version: 1.0.0.1 - pXc-coding.com)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID CPU-Z OC Formula 1.76 (HKLM\...\CPUID CPU-Z OC Formula_is1) (Version: 1.76 - CPUID, Inc.)
CrystalDiskInfo 6.1.12 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)
CrystalDiskMark 3.0.3a (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3a - Crystal Dew World)
Dacia Media Nav Toolbox (HKLM-x32\...\Dacia Media Nav Toolbox) (Version: 3.18.4.502485 - NNG Llc.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Digital Camera Enhancer 1.3 (HKLM-x32\...\Digital Camera Enhancer 1.3_is1) (Version:  - )
Discord (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Driver Fusion (HKLM-x32\...\Driver Fusion) (Version: 3.3.0.0 - Treexy)
Dropbox (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Dropbox) (Version: 13.4.21 - Dropbox, Inc.)
Elevated Installer (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Elite Dangerous Launcher version 0.4.5499.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.5499.0 - Frontier Developments)
Elite Dangerous Market Connector (HKLM-x32\...\{374DFE82-C865-4AFD-B69A-1ABC16C9AD08}) (Version: 2.2.2.0 - Marginal)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FaceFilter v3.02 SE (HKLM-x32\...\{6020758E-57A9-41E3-AF20-8EE311EA6156}) (Version: 3.02.2713.1 - Reallusion Inc.)
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fractured Space (HKLM\...\Steam App 310380) (Version:  - Edge Case Games Ltd.)
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Futuremark SystemInfo (HKLM-x32\...\{79659071-4B68-4EC8-833C-49C97B68FCD0}) (Version: 4.36.512.0 - Futuremark)
Garmin Express (HKLM-x32\...\{d74c733b-9216-49f5-ae3a-14bf3a3d66f5}) (Version: 4.2.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Glamour Strip Poker Video Edition 1.1 (HKLM-x32\...\Glamour Strip Poker Video Edition_is1) (Version:  - )
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoogleClean (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510n-z 14.0 Rel. 6 (HKLM\...\{6B9B2E57-D988-4258-8A2C-6F3657A600BD}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HWiNFO64 Version 5.34 (HKLM\...\HWiNFO64_is1) (Version: 5.34 - Martin Malík - REALiX)
IL-2 Sturmovik Battle of Stalingrad (HKLM-x32\...\{66F649A9-0FA2-487E-BC0D-894BD7E89D5E}_is1) (Version:  - 1C Game Studios)
Imaging And Configuration Designer (x32 Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Designer (x32 Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Tools Support (x32 Version: 10.1.14393.0 - Microsoft) Hidden
Inno3D TunelT OverClock Utility version V6.0.0.1 (HKLM-x32\...\Inno3D TunelT OverClock Utility_is1) (Version: V6.0.0.1 - )
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.14393.0 - Microsoft) Hidden
K-Lite Codec Pack 10.3.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.5 - )
LAV Filters 0.61.2 (HKLM-x32\...\lavfilters_is1) (Version: 0.61.2 - Hendrik Leppkes)
LibreOffice 5.1.0.3 (HKLM-x32\...\{2F75F86D-8362-4F49-9536-D87DCBF6ABAE}) (Version: 5.1.0.3 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.0 - LOOT Development Team)
Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.29 - PasswdFinder)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6CE5BAE9-D3CA-4B99-891A-1DC6C118A5FC}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version:  - )
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version:  - )
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version:  - )
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version:  - )
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23829 (HKLM\...\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23829 (HKLM\...\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23829 (HKLM-x32\...\{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23829 (HKLM-x32\...\{8BE670DF-EA47-3A15-88CC-00FFCA1FFA12}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\{B0A5A6EE-F8BA-48B1-BB32-BAC17E96C2B4}) (Version: 2.0.50728 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 de)) (Version: 45.4.0 - Mozilla)
Mp3tag v2.63 (HKLM-x32\...\Mp3tag) (Version: v2.63 - Florian Heidenreich)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NaturalPoint USB Drivers x64 (HKLM\...\{533773B8-9AC1-4C0F-A2BF-57466A45C6F5}) (Version: 2.70.0000 - NaturalPoint)
Network Print Monitor for Windows (HKLM-x32\...\Network Print Monitor) (Version:  - )
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.1 - Black Tree Gaming)
Null-modem emulator (com0com) (HKLM-x32\...\com0com) (Version: 2.2.2.0 - Vyacheslav Frolov)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Paint Shop Pro 5.03 CD (HKLM-x32\...\Paint Shop Pro 5.03) (Version:  - )
Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Backup and Recovery™ 16 (HKLM\...\{DADAA9CF-36B6-11E6-B0B5-005056C00008}) (Version: 10.28.101 - Paragon Software)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Passbild-Generator v4.0a (HKLM-x32\...\Passbild-Generator_is1) (Version:  - Passbild-Generator)
PC-WELT-Windows-Service-Center 5.0 (HKLM\...\{E2D3B526-5BB7-4BC7-B8F9-8BE11F0FF978}}_is1) (Version:  - IDG Tech Media GmbH)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PNY Drive Utility (HKLM-x32\...\{6C87713B-BB39-4B18-9BE6-C87CBDB66371}) (Version: 1.0.3 - PNY Technologies)
QuickGamma 4.0.0.2 (HKLM-x32\...\QuickGamma_is1) (Version: 4.0.0.2 - Eberhard Werle)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.7.107.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recovery Media Builder™ (HKLM\...\{EC1AB719-E98B-532C-95D4-381FB69F5CD2}) (Version: 1.00.0000 - Paragon Software)
Registry Cleaner (HKLM-x32\...\Registry Cleaner_is1) (Version: 1.3 - Abelssoft)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
ROCCAT Power-Grid Version 0.461 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.461 - ROCCAT GmbH)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Schirmfoto (HKLM-x32\...\Schirmfoto_is1) (Version: 2014 - Abelssoft)
SCL011 Contactless Reader (HKLM-x32\...\{101A21B2-E102-4F64-A7FA-CEF7182D0E2D}) (Version: 1.01 - SCM Microsystems)
Serif DrawPlus X6 (HKLM\...\{8A8AB2D3-53DE-4A65-8D35-68A09AA1AD7A}) (Version: 13.0.3.26 - Serif (Europe) Ltd)
Serif PhotoPlus X7 (HKLM\...\{7B7344AA-B8E3-4A86-B499-517B7E2F6CB3}) (Version: 17.0.3.023 - Serif (Europe) Ltd)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.4.0 - )
SSD Fresh 2016 (HKLM-x32\...\{71149886-0AA3-4F31-81F9-CC90EA0D55EF}_is1) (Version: 5.0 - Abelssoft)
Star Citizen Launcher (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.44c - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
tax 2016 (HKLM-x32\...\{30E85B0C-57D8-4ECE-814B-264550A92FAB}) (Version: 23.00.1146 - Buhl Data Service GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Toolkit Documentation (x32 Version: 10.1.14393.0 - Microsoft) Hidden
TrackIR 5 (HKLM-x32\...\{c1ef3d1e-986d-400c-966a-8bdb6149fe02}) (Version: 5.4.1.0000 - NaturalPoint)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 6.0a - TrueCrypt Foundation)
UEV Tools on amd64 (Version: 10.1.14393.0 - Microsoft) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
USBGrabberDrv (HKLM-x32\...\{E34CEAA5-9537-4CCB-A54F-DB0D8F15EA80}) (Version: 1.00.0000 - NEWMI)
User State Migration Tool (x32 Version: 10.1.14393.0 - Microsoft) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
vReveal 3 (HKLM-x32\...\vReveal 3) (Version:  - MotionDSP)
VSDC Free Video Editor Version 4.0.1.475 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 4.0.1.475 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WPT Redistributables (x32 Version: 10.1.14393.0 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.14393.0 - Microsoft) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0047DB09-E400-4C2C-A90F-FB117171778D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {01A5FC92-AEE1-4421-A1B7-235A6135C836} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {04453E0A-84AA-4638-B539-32804810967B} - System32\Tasks\{0AECFAC2-CC14-4D55-BA2E-BFA970DFD241} => pcalua.exe -a "F:\G940_lights_1.1_by_MikkOwl\G940 Lights v1.1 by MikkOwl\G940 Lights v1.1 by MikkOwl.exe" -d "F:\G940_lights_1.1_by_MikkOwl\G940 Lights v1.1 by MikkOwl"
Task: {069035FF-1DC4-4E01-B424-97599DC08959} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {125CFFFC-4D7D-4AC0-8A8D-8A7F919D9A4A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-10-25] ()
Task: {131CD8D7-F098-413E-85EE-85BA39CBF701} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {21CB5035-8224-49FF-AA1E-052E370046B8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {3076D751-E142-4B8C-BB14-DE7FB5F5F0C3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {31363D01-DBD7-4879-BECF-5D74E810D195} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {32B52A04-2D05-4742-9430-5D8CA0207933} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {34176780-9572-4CDE-90F8-9CC0CFB4C8A2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3C5A0D04-64DE-4B93-9BFB-90641383FAC7} - System32\Tasks\{BEA97B43-5EBE-4758-BEB7-3C70031BB286} => pcalua.exe -a K:\SETUP.EXE -d K:\
Task: {3CF78C17-6B4B-4AEC-A7AA-CBD25073558B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
Task: {3EAC6888-1ED8-41E0-AD84-CACE3A4FD558} - System32\Tasks\{83E16EA3-ABAF-4FF5-8F6A-3D155AD08978} => pcalua.exe -a "C:\Windows\PokerGirls - LostGirls3-HD\uninstall.exe" -c "/U:C:\Program Files (x86)\PokerGirls.v.2\opponents\GirlsNextDoor2-HD\irunin.xml"
Task: {3EFE40E3-5E14-4D62-A235-088814720A14} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {40682253-1F5D-4DE4-837D-DB25795D70B5} - System32\Tasks\{8C3F4BEB-F4F5-47C8-87FD-C251D401B24A} => pcalua.exe -a "C:\Windows\PokerGirls Video Strip Poker v3\uninstall.exe" -c "/U:C:\Program Files (x86)\PokerGirls.v.2\irunin.xml"
Task: {476F64E4-D9E4-4A43-8D1E-4C273550D215} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {4DA22A8D-6500-4319-9CB1-183E790830E1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {4FBA0300-5DC6-4147-851E-5FFBE115913D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001Core1d238679d87fdf3 => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {5081C2A5-A109-40CC-B8BA-B79A68C9A49A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-18] (Google Inc.)
Task: {5B8B2D8F-2381-4548-ACC1-067857FD7744} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {61046984-C92A-488A-82C5-B154AA45E4D7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {6B51F5AC-A696-4354-8486-2516CCC6A7C6} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe
Task: {7345DBD8-B3D8-458A-BE5B-5B6C219C4432} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {82398961-46D1-45A6-AD3F-A01688F37F67} - System32\Tasks\{2D1A843A-803E-4F12-8FE2-095A4CF87C97} => pcalua.exe -a "C:\Windows\PokerGirls - DemoGirl-HD\uninstall.exe" -c "/U:C:\Program Files (x86)\PokerGirls.v.2\opponents\DemoGirl-HD\irunin.xml"
Task: {82429630-8B50-45DC-A412-B6F75634A4DF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {88173574-02D3-4720-8200-3F45337313BB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9C6968AF-18F1-4A5F-814A-085711E83FDE} - System32\Tasks\Schnellstart => Rundll32.exe powrprof.dll,SetSuspendState Hibernate
Task: {A1DB3F7C-5B9A-4EE5-A424-06141F51CD2B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001UA1d238679d8a6055 => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {ABE1C068-5705-4F18-BA17-83CAB04A4D3C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {B215EFB5-A8F4-4E7C-8F4A-F889D90A7AE5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-28] (Adobe Systems Incorporated)
Task: {B6F4960C-1F96-4096-99BD-758B84491F31} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {B84110B2-6B73-4869-9EF4-932A8EE6485F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-18] (Google Inc.)
Task: {C4FEEA47-E498-4F45-8389-F5DB8FA34D3B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E0B5E71A-DF79-44E6-820A-FDB3AAC83C0E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EDEEA298-8D2D-410A-A215-681DFE3EEA08} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {FAF419D8-0F61-4605-BEEC-76CB785FEA67} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001Core1d238679d87fdf3.job => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001UA1d238679d8a6055.job => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\nc-be_000\Documents\PC-WELT\pcwServiceCenter_2016\pcwServiceCenter_2016\Tools\pcwWinXMenuManager\64-Bit\Backup.original\Group5\02 - Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://start.qone8.com/?type=sc&ts=1398159831&from=smt&uid=TOSHIBAXDT01ACA200_X3SHT9LGSXXX3SHT9LGSX

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-04 07:51 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-06 00:36 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-11-06 00:36 - 2016-05-09 11:29 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2016-11-06 00:36 - 2016-05-09 11:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2016-11-06 00:36 - 2016-05-09 11:29 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2016-11-06 00:36 - 2016-05-09 11:29 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2016-09-16 07:34 - 2016-09-30 05:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-16 07:34 - 2016-09-30 05:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-16 07:35 - 2016-09-30 05:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-08-16 22:30 - 2013-11-18 10:44 - 00585416 _____ () C:\Program Files (x86)\Android_USB_Driver_Z\Bin\MonServiceUDisk.exe
2016-09-16 11:42 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-04 07:51 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-13 18:28 - 2016-08-13 18:28 - 00959168 _____ () C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-15 19:40 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-11 21:20 - 2016-10-05 10:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-28 15:46 - 2016-10-15 04:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-28 15:46 - 2016-10-15 04:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-28 15:46 - 2016-10-15 04:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-30 16:51 - 2016-08-30 16:51 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-30 16:51 - 2016-08-30 16:51 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-30 16:51 - 2016-08-30 16:51 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-01-06 20:43 - 2016-01-06 20:43 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-01-06 20:43 - 2016-01-06 20:43 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2012-09-18 15:41 - 2012-09-18 15:41 - 00191488 _____ () C:\Users\nc-be_000\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe
2016-10-17 11:15 - 2016-08-31 18:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-17 11:21 - 2016-08-31 18:55 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-17 11:21 - 2016-08-31 18:55 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-17 11:21 - 2016-08-31 18:55 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-09-16 07:34 - 2016-09-29 18:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-16 07:34 - 2016-09-29 18:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-19 09:21 - 2016-09-30 05:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-22 14:45 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [146]
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [248]
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9 [362]
AlternateDataStreams: C:\Users\nc-be_000\Desktop\AdwCleaner_6.030.exe:BDU [0]
AlternateDataStreams: C:\Users\nc-be_000\Desktop\JRT.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\127.0.0.1 -> hxxp://127.0.0.1
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\facebook.com -> hxxps://staticxx.facebook.com
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\facebook.net -> hxxps://connect.facebook.net
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\fbcdn.net -> hxxps://static.xx.fbcdn.net
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\google-analytics.com -> hxxps://www.google-analytics.com
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\paragon-software.com -> hxxps://bo4-fe.paragon-software.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2016-11-08 17:40 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Piplay"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "NBKeyScan"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "Tilt"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\StartupFolder: => "DesktopVideoPlayer.lnk"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "Uninstall C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AE6C659B-9C22-4EF4-B91C-F97048754A0D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{6B9B2E57-D988-4258-8A2C-6F3657A600BD}\setup\hpznui40.exe
FirewallRules: [{39D238F3-BA73-4B8D-86FE-18876CD2BCE1}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{E9D044A3-259F-417B-9724-C49D476BD27B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{AC6C63BB-A5E5-4F5A-AC34-0D855550CAFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{19030A2A-E0E7-43C6-99BB-CBDF2A581A79}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{28934A3E-E97F-4071-A17F-2C61ECEDD839}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{BFBB2BD9-58A6-4281-A373-F8F4C071AC77}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{7BC9AEB6-445E-49A5-A890-CFEB55F3CDEE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{556315F3-3A89-4266-B381-757222C0F1F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5DC24A07-F98B-4DB7-85D6-52F4B4F13840}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{2E806F86-7015-4C45-AE1C-822E5F78C4ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DADECCC1-28A0-4622-BB54-E8C2B808A625}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{408D8040-F157-4009-88E0-8453880C41D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{C3AF2C30-3537-44D9-A044-32BE7551B6F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{4D5655E4-8DE4-43A4-8E83-9FEB300AE5C4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{2322A395-9B52-4E43-9A80-9E6F36522C40}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{75ADD192-CE1D-464B-A7E4-52D25E0577F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{000807E8-706F-4348-ABBA-E8ADA73E1D59}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [UDP Query User{98906EB1-BB28-4779-863A-6A902FEE8F26}F:\program files (x86)\survarium\game\binaries\x86\survarium.exe] => (Allow) F:\program files (x86)\survarium\game\binaries\x86\survarium.exe
FirewallRules: [TCP Query User{2FBCAE20-E7B1-45C5-A146-BA845C86237B}F:\program files (x86)\survarium\game\binaries\x86\survarium.exe] => (Allow) F:\program files (x86)\survarium\game\binaries\x86\survarium.exe
FirewallRules: [UDP Query User{F3386FFA-F5E6-4076-922B-ABA6314586B6}F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [TCP Query User{474B055D-5F85-4534-BD00-7BC2968F878E}F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [{76F55B24-B467-4AB7-94D4-701245DF3691}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{88906E6C-9549-4D69-81C1-E1263E98C383}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{57327234-4496-4FBD-B8E4-6A763A08CA49}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{4DDC699A-A716-4BD7-B9F5-AC4695DDC747}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{59E10A62-1449-4940-852B-6FF142BD18FF}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{681EC210-4504-4494-91FF-C8200080D495}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{C4A3EC6B-89FF-440E-BF59-0C30AD0E8057}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{A35DA6C4-E80E-45AE-AE04-22B3929D6C5B}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [{86CF56DF-4D51-4AE5-93BA-4224ED8AA093}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [UDP Query User{93734F32-8C0A-42D1-B62F-4A606528B9D5}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [TCP Query User{D5C65DA4-EECC-4DD4-91A6-7AA84D96B34D}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{D30904E8-FCC4-4983-A0BE-D3DC792CB7E2}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{CD8FF397-62E0-47E1-B36D-D4D137423BD8}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{6F7D13CB-B5A6-49AE-9FB3-BAD9F1DB04ED}C:\program files (x86)\edmarketconnector\edmarketconnector.exe] => (Allow) C:\program files (x86)\edmarketconnector\edmarketconnector.exe
FirewallRules: [TCP Query User{95857AA5-B264-42BD-B03C-BDE60BF7BFAB}C:\program files (x86)\edmarketconnector\edmarketconnector.exe] => (Allow) C:\program files (x86)\edmarketconnector\edmarketconnector.exe
FirewallRules: [{4D7ACAAD-9A81-47ED-8992-D6C48E7BF595}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{FB04A857-443D-487D-8F5E-E5B54773DFF3}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{C8B530B7-3A85-497B-8080-A436E68E85AB}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{1DBFBF35-ACF0-445F-B9A3-E15176F0EF38}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{2CA43E2A-6790-41F0-AF08-F8E580CE7E2B}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{6A341E16-241F-4D7C-A374-1BAD64136CF9}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{233A25E0-488B-47CC-A7E8-D82B37D7F095}] => (Allow) D:\Games\World_of_Tanks\WOTLauncher.exe
FirewallRules: [{E15E27B9-299E-43BB-BB2E-FA6343C44FB1}] => (Allow) D:\Games\World_of_Tanks\WOTLauncher.exe
FirewallRules: [{AC78B970-4479-449F-867E-D53A241D1C58}] => (Allow) K:\fsetup.exe
FirewallRules: [{B25BE4D3-7960-4BF0-848C-0BB7C5593772}] => (Allow) K:\fsetup.exe
FirewallRules: [{95D39A74-BBC9-4206-A384-EE60B414CD20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E45B2A7E-C363-4DD9-A4BF-D27B995AF4DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EC0FC526-69C3-4280-96B3-C3B818A9D52A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC24BEB1-C840-4F4A-ADB3-4A9271789BC3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{960E656E-3944-48AC-B329-772BAFCB2FE9}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{7F2D7F63-F40B-4F34-8BB1-DA4F8C3E5628}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{0764916E-B3C2-46A1-90CB-ACFD6897CC34}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{151C647C-94AB-4448-A393-EE837E09ACC7}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{8CFD4370-00E6-4EDF-9CA3-535B40B2AE55}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{8412CD0C-6464-46AA-84E8-678E9D7BAB03}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{5267BC9D-0E2B-43A8-8D8A-371093D5CB55}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_launcher.exe
FirewallRules: [UDP Query User{5E8889CF-4140-4F8A-8A24-D567CCAD5589}D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [TCP Query User{794F5AF2-E311-47A5-A378-4D2556910A19}D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [UDP Query User{D5850BDD-396A-4C31-8B0E-0CF356858821}F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [TCP Query User{E9B98FAF-293C-4F03-A421-34DBC6967E79}F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [UDP Query User{B57A4FCA-07D4-4834-8543-938C197D9443}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe
FirewallRules: [TCP Query User{8E041B79-F618-4C93-BF86-A114F8B738AD}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe
FirewallRules: [UDP Query User{0DEA9964-A719-488B-BEE2-06374E077363}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe
FirewallRules: [TCP Query User{E6288314-AD24-4C60-9008-BA9A8827B033}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe
FirewallRules: [{12BB10E0-1453-461C-923B-ADEBDEEC448E}] => (Allow) C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3369A231-4E3E-4B00-9F04-F1FC134910A7}] => (Allow) C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A5501480-27EE-43F3-A7FD-F14C19B1E3D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B521A10-9C90-4767-A5E1-85E7874974B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB0A91F2-72F2-4D57-8CA0-912C9CF07138}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{42EF87EE-A4C8-4856-978F-D662B226EAC2}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{FDF952CF-5890-40B6-950F-81DFF651C938}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{8DDECFED-D00A-43B9-8CFC-7817C06B7BD3}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{B8E59A75-C4C6-4438-8B41-9A343F7E1136}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{B55735BD-D987-49A8-82FF-BAD589E4939F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{C09EACAC-C352-47BA-8A00-FAE7D3154A0A}] => (Allow) LPort=1900
FirewallRules: [{FA31A1DE-CDDE-4196-AD01-AFDEB894C244}] => (Allow) LPort=2869
FirewallRules: [{57BE9907-5536-47D2-8D7E-BFA79A5B4526}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{05D7FFA3-E0E6-480A-846F-9045E9EEF0C9}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\IL-2 Sturmovik Cliffs of Dover\Launcher.exe
FirewallRules: [{E7247C92-F9DA-4B9D-A5AC-3B1FC0C48AF3}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\IL-2 Sturmovik Cliffs of Dover\Launcher.exe
FirewallRules: [{6AB19740-F0EC-42B9-A4D4-67C2D7286C0E}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D4400AAC-BA51-497A-8CD9-F75B0A20568B}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{355E7556-05C5-4D9F-B0F8-C16E1CFC5AB1}] => (Block) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [{90500F81-B705-48AB-AB8F-8FBE6E5E61D7}] => (Block) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [UDP Query User{9A58EBC4-CD8F-4BE7-BAC6-85C3E54DA5FF}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [TCP Query User{DD4EB6CA-88F8-411E-A3C5-093667EB689D}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.2.2\AusweisApp2.exe
FirewallRules: [{A213B923-CA6F-401E-82F0-0E34402AEFCA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8B34EAE-8DAB-4497-9658-F16BA6D99080}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2A46827-E6D3-4326-BA58-A1615457D9FF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{1C4A4442-440F-4ADE-BFC0-D63786A84F0C}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{3524F0A9-6F7E-4A6C-B6A3-2BFF7B71F686}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{124894AE-D52E-45BB-8782-040810F01B22}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{89BA1B81-C263-4620-8977-310C88B55A30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0A276127-2D54-4BAD-9CC5-1DD08A379D6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{F3237A89-850D-478A-A0B5-0DE1575AE1F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{17761D45-6795-4446-8EED-CB351594D6EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{64803FFB-FC94-4667-B9E6-5969D6D94CF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9F41279A-CC24-488B-A2DF-4445A75523A8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8E6DAE37-9665-4F69-A01F-65A386455AF2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D4250D0A-0117-40BF-8506-7EED949D06A5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{6B82F515-CB4F-4A02-B226-11350078987F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [TCP Query User{D413E93E-8D02-4130-8F18-FA627B4466DE}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{6652D262-56CB-49A2-A3ED-66DDAA0485B9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

==================== Wiederherstellungspunkte =========================

29-10-2016 23:27:02 Installed Elite Dangerous Market Connector
02-11-2016 19:20:21 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
02-11-2016 19:20:27 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
03-11-2016 08:18:27 chip 1-click download service wurde entfernt.
03-11-2016 08:18:49 Removed Cuttermaran 1.70
05-11-2016 08:58:13 Garmin Express
08-11-2016 06:05:05 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/08/2016 06:58:47 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_4213128bc687e6d3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_89c04962db040fd9.manifest.

Error: (11/08/2016 06:58:47 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_89c04962db040fd9.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_4213128bc687e6d3.manifest.

Error: (11/08/2016 06:58:47 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_89c04962db040fd9.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_4213128bc687e6d3.manifest.

Error: (11/08/2016 06:05:06 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/08/2016 06:02:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_4213128bc687e6d3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_89c04962db040fd9.manifest.

Error: (11/08/2016 06:02:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_89c04962db040fd9.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_4213128bc687e6d3.manifest.

Error: (11/08/2016 06:02:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_89c04962db040fd9.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_4213128bc687e6d3.manifest.

Error: (11/08/2016 05:39:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_4213128bc687e6d3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_89c04962db040fd9.manifest.

Error: (11/08/2016 05:39:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_89c04962db040fd9.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_4213128bc687e6d3.manifest.

Error: (11/08/2016 05:39:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_89c04962db040fd9.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.351_none_4213128bc687e6d3.manifest.


Systemfehler:
=============
Error: (11/08/2016 05:40:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/08/2016 05:40:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/08/2016 05:40:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/08/2016 05:40:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "jhi_service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (11/08/2016 05:40:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DevoloNetworkService" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (11/08/2016 05:40:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Device Interaction Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (11/08/2016 05:40:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "hpqddsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (11/08/2016 05:40:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "chip1click" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (11/08/2016 05:40:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (11/08/2016 05:40:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst jhi_service erreicht.


CodeIntegrity:
===================================
  Date: 2016-09-21 20:19:43.421
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 16337.71 MB
Verfügbarer physikalischer RAM: 13913.47 MB
Summe virtueller Speicher: 18769.71 MB
Verfügbarer virtueller Speicher: 16444.7 MB

==================== Laufwerke ================================

Drive c: (DISK1_C) (Fixed) (Total:223.13 GB) (Free:150.47 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (DISK2_D) (Fixed) (Total:467.46 GB) (Free:229.48 GB) NTFS
Drive e: (DISK2_E) (Fixed) (Total:464.04 GB) (Free:384.4 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (DISK3_F) (Fixed) (Total:223.57 GB) (Free:77.69 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 223.6 GB) (Disk ID: 903CC57B)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 223.6 GB) (Disk ID: 4EFA3136)
Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2F8692B5)
Partition 1: (Not Active) - (Size=467.5 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=464 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Danke

Gruß

Thomas

Alt 09.11.2016, 00:18   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige.



Die Logs sind imho sauber und es bestätigt sich, was ich vorher schon gedacht habe: dein Probleme hat nix mit Malware zu tun. Aber mittlerweile hat es sich ja durchgesetzt, sich immer einen Befall einzureden egal mit welchem Computerproblem man konfrontiert wird.

Zitat:
Error: (11/08/2016 06:58:47 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Was macht man denn jetzt noch mit der uralten Software Nero8???

Dein Problem ist im Windowsbereich besser aufgehoben. Hier wären wir jedenfalls fertig.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Abschließend müssen wir noch ein paar Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.


Cleanup:


Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.


Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen - sofern benötigt, wenn nicht benötigt natürlich sinnigerweise deinstallieren oder Alternativen verwenden (und diese aktuell halten).
  • Browser (Internet Explorer, Edge, Firefox, Chrome, ...)
  • Java (bitte wirklich nur installieren/installiert lassen wenn unbedingt nötig!)
  • Flash-Player (nach Möglichkeit deinstallieren und HTML5 verwenden siehe zB https://www.youtube.com/html5 )
  • PDF-Reader (nach Möglichkeit nicht den Adobe Reader verwenden)

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 

Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und/oder mit dem ESET Online Scanner scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden. Alternativen zu NoScript (wenn um das das Verhindern von Usertracking und Werbung auf Webseiten) geht wären da Ghostery oder uBlock. Ghostery ist eine sehr bekannte Erweiterung, die aber auch in Kritik geraten ist, vgl. dazu bitte diesen Thread => Ghostery schleift Werbung durch

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.11.2016, 07:00   #12
Tommkin
 
Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Standard

Erledigt



Hallo,

vielen Dank für die Hilfe. Spende ist raus.

Ich habe einen neuen Thread im Windows Bereich geöffnet.

Gruß

Thomas

Antwort

Themen zu Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige.
administrator, adobe flash player, defender, desktop, explorer, firefox, firewall, flash player, free download, geforce, homepage, installation, langsam, launch, mozilla, nvidia, prozesse, realtek, router, rundll, services.exe, software, suche, system, trojaner, usb, windows



Ähnliche Themen: Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige.


  1. Pc plötzlich langsam und die größe der Icons etc. war plötzlich verstellt
    Plagegeister aller Art und deren Bekämpfung - 06.11.2016 (16)
  2. Laptop hängt sich auf, ettliche Fehlermeldungen in der Ereignisanzeige
    Netzwerk und Hardware - 10.10.2016 (2)
  3. Mein PC Ist plötzlich sehr langsam und hängt sich teilweise auch plötzlich auf.
    Plagegeister aller Art und deren Bekämpfung - 17.12.2015 (15)
  4. Ereignisanzeige Fehlermeldungen und Warnungen
    Alles rund um Windows - 20.11.2015 (5)
  5. PC schaltet plötzlich komplett ab, Ereignisanzeige + Zuverlässigkeitsüberwachung auffällig
    Plagegeister aller Art und deren Bekämpfung - 12.12.2014 (15)
  6. PC startet von selbst neu / Fehlermeldungen / Bluescreen.
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (39)
  7. compaq 615 win7 zeigt Fehlermeldungen und ist sehr langsam
    Log-Analyse und Auswertung - 18.10.2013 (9)
  8. Windows 7: Computer plötzlich langsam/Fehlermeldungen tauchen auf
    Log-Analyse und Auswertung - 04.09.2013 (5)
  9. Datenträgerprüfung auf Konsistenz bricht immer ab, Fehlermeldungen in der Ereignisanzeige (NTFS, Regestry etc)
    Plagegeister aller Art und deren Bekämpfung - 21.03.2013 (0)
  10. VIRUS ? Ordner und Dateien plötzlich versteckt, Windows Fehlermeldungen zu Festplatte
    Plagegeister aller Art und deren Bekämpfung - 23.11.2011 (35)
  11. Trojaner eingefangen? Viele Fehlermeldungen, IE startet selbstständig
    Log-Analyse und Auswertung - 03.01.2010 (1)
  12. Laptop rechnet und rechnet und rechnet...
    Log-Analyse und Auswertung - 11.09.2009 (8)
  13. unklare fehlermeldungen (virus?)
    Log-Analyse und Auswertung - 03.05.2009 (14)
  14. Unklare Aktive Verbindung
    Plagegeister aller Art und deren Bekämpfung - 30.04.2009 (0)
  15. Trojaner? Rechner rechnet und rechnet!
    Log-Analyse und Auswertung - 05.05.2008 (1)
  16. langsames DSL und unklare Fehlermeldung
    Plagegeister aller Art und deren Bekämpfung - 23.11.2007 (6)
  17. PC startet plötzlich neu
    Log-Analyse und Auswertung - 13.09.2007 (2)

Zum Thema Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. - Hallo, mein Rechner startet seit einigen Tagen sehr langsam, in der Ereignisanzeige werden Dienste angezeigt die auch bei einer Suche im Netz keinen Hinweis bringen. Ein Trojaner mit der Bezeichnung - Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige....
Archiv
Du betrachtest: Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.