Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


Log-Analyse und Auswertung: Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Seite 2 von 3 1 2 3
Alt 01.12.2016, 13:10   #16
yakashi97
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


Addition Log:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-11-2016
durchgeführt von yakashi (01-12-2016 13:09:03)
Gestartet von C:\Users\yakashi\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-09-18 18:00:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2572264492-182372228-3150790763-500 - Administrator - Disabled)
Gast (S-1-5-21-2572264492-182372228-3150790763-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2572264492-182372228-3150790763-1002 - Limited - Enabled)
yakashi (S-1-5-21-2572264492-182372228-3150790763-1000 - Administrator - Enabled) => C:\Users\yakashi

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
American Truck Simulator (HKLM\...\Steam App 270880) (Version:  - SCS Software)
Ansel (Version: 376.09 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assetto Corsa v1.5 (HKLM\...\YXNzZXR0b2NvcnNh_is1) (Version: 1 - )
Autodesk 3ds Max 2017 (HKLM\...\Autodesk 3ds Max 2017) (Version: 19.0.1072.0 - Autodesk)
Autodesk 3ds Max 2017 (Version: 19.0.1072.0 - Autodesk) Hidden
Autodesk 3ds Max 2017 Populate Data (HKLM\...\{2B07E17E-A072-43BD-9DCC-369B56C16698}) (Version: 19.0.0.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk Backburner 2017.0 (HKLM-x32\...\{0038F5AA-8482-4BB2-8A28-3FEA1D58D780}) (Version: 17.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max 2017 64-bit (HKLM\...\{1C4FFAF0-7DBB-4F7A-A386-46747D060826}) (Version: 19.0.0.0 - Autodesk)
Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2017 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2017) (Version: 17.0.411.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2017 (Version: 17.0.411.0 - Autodesk) Hidden
AutoHotkey 1.1.24.01 (HKLM-x32\...\AutoHotkey) (Version: 1.1.24.01 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Call of Duty: Black Ops - Multiplayer (HKLM\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM\...\Steam App 42700) (Version:  - Treyarch)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Driver Booster 3.5 (HKLM-x32\...\Driver Booster_is1) (Version: 3.5 - IObit)
F1 2015 version 1.0 (HKLM-x32\...\{F8180751-C7B2-407F-BD4F-55A6C8FF5F14}_is1) (Version: 1.0 - Codemasters)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.44.20513.9 - Electronic Arts)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.21015 - Electronic Arts)
FileZilla Client 3.22.1 (HKLM-x32\...\FileZilla Client) (Version: 3.22.1 - Tim Kosse)
FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.6.2.2 - FlyVPN)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
GenArts Sapphire Plug-ins 6.10 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
HeavyLoad V3.4 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.4 - JAM Software)
Hotspot Shield 5.4.11 (HKLM-x32\...\HotspotShield) (Version: 5.4.11 - AnchorFree Inc.)
Hotspot Shield 5.4.11 Embedded (x32 Version: 5.4.11.9772 - Buildbot) Hidden
HWiNFO64 Version 5.36 (HKLM\...\HWiNFO64_is1) (Version: 5.36 - Martin Malík - REALiX)
IMG Factory - IMG Factory - A program to manage the IMG file format for GTA games. (HKLM-x32\...\IMG Factory IMG Factory) (Version: "1.1.1" - "IMG Factory")
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
K-Lite Mega Codec Pack 12.4.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Lioncast LM30 Gaming Mouse Version 1.2 (HKLM-x32\...\{7EE2D3D8-7A40-406B-BE38-57DDCCC1B4D4}_is1) (Version: 1.2 - LIONCAST)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Mafia III (HKLM-x32\...\Mafia III_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 1.5.2 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSI Kombustor 3.5.2.1 (64-bit) (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
MySQL Connector Net 6.8.3 (HKLM-x32\...\{38157422-F952-42F7-88AA-CC16A63CD109}) (Version: 6.8.3 - Oracle)
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
Node.js (HKLM\...\{672B5547-D20B-4D19-9BFD-B93C32BC77DA}) (Version: 6.9.1 - Node.js Foundation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA mental ray and IRay feature plugins for 3ds Max 2017 (HKLM\...\{6ABEC32F-B90F-4499-B3A3-FF8A00948178}) (Version: 19.0.0.0 - Autodesk)
NVIDIA mental ray and IRay rendering plugins for 3ds Max 2017 (HKLM\...\{4B889650-52DC-49E0-AB9C-F501B91002E3}) (Version: 19.0.0.0 - Autodesk)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.16.2 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.3.2.64935 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.100.9.0 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (x32 Version: 1.0.0 - Overwolf) Hidden
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.26 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1031 - Razer Inc.)
RealLifeRPG (HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\RealLifeRPG) (Version: 1.5.0 - RealLifeRPG)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.100.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7930 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0015 - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
SciTE4AutoHotkey v3.0.06.01 (HKLM-x32\...\SciTE4AutoHotkey) (Version: v3.0.06.01 - fincs)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
TruckersMP 0.2.1.3.1 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.3.1 Alpha - TruckersMP Team)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 7.0.9-1 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\3dsmax\3ds Max 2017\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\3dsmax\3ds Max 2017\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\3dsmax\3ds Max 2017\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {130AC94F-3990-4E18-A5E4-18D17440AA72} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-07-14] (IObit)
Task: {14D143D2-741C-43C5-A3B9-10F3E375AABF} - System32\Tasks\Driver Booster SkipUAC (yakashi) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-07-18] (IObit)
Task: {158958AA-BE6F-49C4-A4B6-633AF4AE7C02} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {1E5ABC8C-46DF-4795-85CD-45772F7687C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-18] (Google Inc.)
Task: {2E086E28-47C4-4045-A0C3-D1B3AE3774A9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {594DE6E7-63F3-40F3-BC39-9B50B752EEE4} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-10-04] ()
Task: {67F53DD4-A801-4BD6-AA5F-C9E822AA9139} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {6DFBFCC2-2343-42A9-89CF-A0BA6CB1F523} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-11-23] (Overwolf LTD)
Task: {8ACA5664-47A1-4D20-8145-6861E6C04ABE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-10-15] (AVAST Software)
Task: {8ADF4950-8C70-4D35-9D49-4FAF09F292EE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-18] (Google Inc.)
Task: {9350B666-3E9D-410A-A7B3-3F85779FFA9D} - System32\Tasks\AdobeAAMUpdater-1.0-yakashi-PC-yakashi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {C1C8081D-FF2D-4C52-A1AB-8C702C93196C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {C99773BA-D28E-4363-9EF5-EC96B75CC008} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {D2F3A21A-B56B-4758-9D5E-16BAF05054F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {DEC86C38-7222-4C52-905B-4681D89F2B01} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {EF5A9D68-D527-483F-9CEE-877DA1B46024} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FFEB62DF-D620-495A-AC3A-1F02489A54B4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\yakashi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-06-30 09:23 - 2016-06-30 09:23 - 00592384 ____N () C:\Users\yakashi\AppData\Local\MEGAsync\ShellExtX64.dll
2016-10-25 08:57 - 2016-10-25 08:57 - 00491184 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-10-03 15:57 - 2016-10-03 15:57 - 00052400 ____N () D:\FileZilla FTP Client\fzshellext_64.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-10-25 08:57 - 2016-10-25 08:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-10-06 21:31 - 2016-07-01 07:39 - 00061968 ____N () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2016-10-06 21:31 - 2016-07-01 07:39 - 00110608 ____N () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00114664 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00108008 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00024040 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00048104 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-08-24 00:04 - 2016-08-24 00:04 - 00166520 ____N () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-25 09:51 - 2016-10-25 09:51 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-11-20 22:55 - 2016-11-17 11:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-11-20 22:55 - 2016-11-17 11:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-11-20 22:55 - 2016-11-17 11:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-11-20 22:55 - 2016-11-17 11:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-11-20 22:55 - 2016-11-17 11:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-20 22:55 - 2016-11-17 11:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-11-20 22:55 - 2016-11-17 11:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-10-03 15:57 - 2016-10-03 15:57 - 00048304 ____N () D:\FileZilla FTP Client\fzshellext.dll
2016-10-12 00:08 - 2016-10-12 00:08 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 00:08 - 2016-10-12 00:08 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 00:08 - 2016-10-12 00:08 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-10-12 00:08 - 2016-10-12 00:08 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-25 09:49 - 2016-10-25 09:49 - 00109760 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2016-10-12 00:08 - 2016-10-12 00:08 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-10 22:15 - 2016-10-10 22:15 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-10 22:15 - 2016-10-10 22:15 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-10-10 22:15 - 2016-10-10 22:15 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-10 22:17 - 2016-10-10 22:17 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-25 09:41 - 2016-10-25 09:41 - 00109760 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2016-10-10 22:14 - 2016-10-10 22:14 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-10-10 22:14 - 2016-10-10 22:14 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-10-18 22:18 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2572264492-182372228-3150790763-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Roccat Talk.lnk => C:\Windows\pss\Roccat Talk.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^yakashi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^yakashi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\yakashi\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: Ihsoft => C:\Windows\SysWOW64\regsvr32.exe C:\Users\yakashi\AppData\Local\IRTsoft\PtCres.dll
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LCgmmouse20Run => "C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\LCmon.exe" -runauto
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: OKAYFREEDOM Notifier => "C:\Program Files (x86)\OkayFreedom\Notifier.exe"
MSCONFIG\startupreg: OKAYFREEDOM_Agent => "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
MSCONFIG\startupreg: OKAYFREEDOM_Update => "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: ROCCAT Savu Gaming Mouse => "C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe" /Automation 
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: UX Launcher => C:\Program Files (x86)\UX Pack\uxlaunch.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{C154F0CD-BD0E-49FE-A08B-ADFA3DEB513D}] => D:\Steam\Steam.exe
FirewallRules: [{D67D0C7A-1EE8-41E7-91FA-6AA3B6DB1557}] => D:\Steam\Steam.exe
FirewallRules: [{EC280919-019C-4517-B9C7-6750AD836AB7}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{14F4E6EB-C8AA-4A52-B243-2623BAF83044}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{E873D290-8A82-4F57-883C-85DB853C59E7}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3EE0569A-6554-4438-8CCB-66B4154B4C0F}] => LPort=2869
FirewallRules: [{3C7514D5-2EDD-41B7-B4ED-A7FA42AADB48}] => LPort=1900
FirewallRules: [{54F77AD7-F533-41B1-A96C-6579A590FACE}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{80D109E2-5C63-4E07-8952-6AC7DB14CC20}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{4243043F-F6CD-4A6A-AAE9-F6F4633BB014}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{48D91D21-944E-42E4-ACD1-DBBA9CC7CE89}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{604F4D52-C11C-4FDA-BE99-26E710336935}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{9898F13F-BABB-4731-9473-EC75C00E7AC6}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [TCP Query User{73743B1D-0BD7-4F80-82C9-242F1720082C}D:\steam games\steamapps\common\grand theft auto v\gta5.exe] => D:\steam games\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{A2C6B03F-A9DE-4CF3-BB10-3EE96D45297C}D:\steam games\steamapps\common\grand theft auto v\gta5.exe] => D:\steam games\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{F3420EC8-EBEC-4FCE-8A22-1D6084F36167}] => D:\STEAM GAMES\steamapps\common\YoutubersLife\YoutubersLife.exe
FirewallRules: [{06565DDD-714D-4C7B-84D1-86BD727FA035}] => D:\STEAM GAMES\steamapps\common\YoutubersLife\YoutubersLife.exe
FirewallRules: [TCP Query User{47D234EA-066F-4F95-9135-19EE32E9F1A3}D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{248F18FD-8ED7-44DA-B25A-C1ECEE6782EB}D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{9AB60475-2C0C-4D7F-993E-60DA8A303AC8}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BBDD0042-6295-4692-8798-3884FC3C2A13}] => D:\STEAM GAMES\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{6B96A272-145D-408D-AB61-498AD76C087B}] => D:\STEAM GAMES\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{B4D9BBA7-D75D-4EAC-A0A5-D66F28F54F2F}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{20A88BDE-1054-447C-ACBC-EE10732C0787}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{76A2046E-627D-49C8-9392-9F7276DB86B4}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{A046FFAF-523D-4CB6-8EB1-8D2769337E70}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{DC2A7674-DAB4-42A0-AD32-861617653F3F}] => D:\STEAM GAMES\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{B9BA0BCB-1419-40C3-A32D-FEE4BA5BC7B2}] => D:\STEAM GAMES\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{A637E113-4FF3-43F3-8072-4DDA7A9E36CF}] => D:\STEAM GAMES\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{224FD3C0-ED78-49DF-8D75-17E7E7D06AEE}] => D:\STEAM GAMES\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [TCP Query User{352FCEBE-321F-43BE-B9FC-62414E6E6817}C:\program files (x86)\arxgaming\crossfire\updater.exe] => C:\program files (x86)\arxgaming\crossfire\updater.exe
FirewallRules: [UDP Query User{8842CF5D-C92C-4F03-8825-0C94207452EE}C:\program files (x86)\arxgaming\crossfire\updater.exe] => C:\program files (x86)\arxgaming\crossfire\updater.exe
FirewallRules: [{E33CF4AC-FA07-47A0-B266-6FD379202B37}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{D4B913A5-E37D-46CD-A6CD-D09241C3C8D4}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{1A60A3BC-11F3-4DF0-BDB4-1EB05E1DD9FF}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{15B8D802-C50C-4053-9F44-DE3911989EAF}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{75302D50-2C1C-4899-BDFB-F5F76A5F0D9A}D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe] => D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [UDP Query User{F1BCE803-48DB-4864-80DE-E3FC93C78B3D}D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe] => D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [{0463C8D8-B4EB-402C-975A-53FD2C392B62}] => D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3111D372-B30C-4FAE-B30C-317B5EF2D85E}] => D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{092C1376-AC06-434A-96FB-FC3228F5EABB}] => D:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{A933518E-0009-4C7C-A88E-9FFF2D5EFF5F}] => D:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{E0C4FA1A-17FB-46AE-BF91-FAFEF1EC4F7D}] => D:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{BF13EF20-5E2B-4708-B33D-3E75CEB38821}] => D:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{6C09C7DA-714E-4031-86AF-0EE6EDFA77E2}] => D:\Origin\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{C87E4FA4-9211-4F21-92EF-42B9CAA8BAA2}] => D:\Origin\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{3F402526-40FD-43B4-A5D9-C08653ABAD82}D:\steam\steamapps\common\arma 3\arma3.exe] => D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{D689010C-FA53-4FEC-A7F7-AAC59B7B63FE}D:\steam\steamapps\common\arma 3\arma3.exe] => D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{0245273A-4C90-4071-9C35-626A161CB039}] => D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A976202E-6A7E-4E43-9790-CD6ADE8693DE}] => D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{3AAA6858-066E-48E4-8A2E-DA2C7FBB3EF8}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3FE5C8E4-CBAB-47A9-BA8A-5090550B9DCE}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A6F93A87-5C22-4594-8B66-DB93A6CA1E05}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DA5F52FC-5760-4A46-BB74-D27B87A0F0FD}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A4266F27-D898-4820-BB3D-592F15E6A15F}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EA0A30D8-8A68-4CB4-B64F-3E701DEC6374}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{853AB005-0400-42E3-A2F7-90EC6C664786}] => D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{AD647B70-1BEA-48EA-93BB-87A6B3AF96EB}] => D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{F0171D46-E230-42B5-B427-9FD8350CC4FF}D:\origin\fifa 16\fifa16.exe] => D:\origin\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{B474C108-783C-47E7-9213-A436D3B9B52C}D:\origin\fifa 16\fifa16.exe] => D:\origin\fifa 16\fifa16.exe
FirewallRules: [TCP Query User{58A90E93-0CB4-441D-B76E-204F1271DAEC}D:\overwatch\overwatch.exe] => D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{C49A4896-8D01-4659-9EED-558493E89A24}D:\overwatch\overwatch.exe] => D:\overwatch\overwatch.exe
FirewallRules: [TCP Query User{3C118DAE-F4D5-4AAF-B8CC-806DB8B7C683}D:\origin\fifa 17\fifa17.exe] => D:\origin\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{0191E049-B320-4A66-A755-DCF5694552A6}D:\origin\fifa 17\fifa17.exe] => D:\origin\fifa 17\fifa17.exe
FirewallRules: [{6CBB3147-FD41-4480-B0B3-283510667F56}] => D:\STEAM GAMES\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{C165C53B-FBB5-443C-B45B-EF119AA382D5}] => D:\STEAM GAMES\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{A4C0C456-087E-4AE2-9341-A06CFFDE5232}C:\users\yakashi\appdata\local\akamai\netsession_win.exe] => C:\users\yakashi\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0E824E0E-B1D6-4950-B81F-27847D8FD10F}C:\users\yakashi\appdata\local\akamai\netsession_win.exe] => C:\users\yakashi\appdata\local\akamai\netsession_win.exe
FirewallRules: [{7BB74303-1648-42C1-A09B-D97485FA28C1}] => D:\STEAM GAMES\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A05C36E7-621B-4277-8968-EB148C93AC4A}] => D:\STEAM GAMES\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{8C19CFB5-B665-4FFE-B59C-6259432F727E}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => C:\program files\java\jre1.8.0_102\bin\javaw.exe
FirewallRules: [UDP Query User{79824693-369C-4ADC-A03D-86616519F550}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => C:\program files\java\jre1.8.0_102\bin\javaw.exe
FirewallRules: [TCP Query User{982566ED-5024-45D2-BF71-0FF67075C412}C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe] => C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe
FirewallRules: [UDP Query User{CDE26847-1BA0-4C65-8E9D-C9A1F1D5BF5F}C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe] => C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe
FirewallRules: [TCP Query User{C6CC5BFB-0105-48EF-BD11-221267D8FE63}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{208AC28E-67B5-4D36-AC4B-46E07085B89E}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{19414C0E-5BB7-4843-8E4D-DC740DC2A8D5}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{00EFAE64-D055-4D6D-97E4-3C39E267F736}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{61A49BE5-1E75-4527-AF8C-1791634014AB}D:\assetto corsa\assetto corsa\acs.exe] => D:\assetto corsa\assetto corsa\acs.exe
FirewallRules: [UDP Query User{31C55226-954E-479F-9C58-2A90518EF175}D:\assetto corsa\assetto corsa\acs.exe] => D:\assetto corsa\assetto corsa\acs.exe
FirewallRules: [TCP Query User{B9BD4A55-7605-4385-A5FE-5DA23C079143}C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe
FirewallRules: [UDP Query User{6EA11606-5678-4691-9E59-F46C4690FD09}C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe
FirewallRules: [TCP Query User{8E3B91E4-0826-4486-AE19-04B1F080C879}C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe
FirewallRules: [UDP Query User{A4742DE1-B21A-4EED-8676-8B3A98FE83EB}C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe
FirewallRules: [{64D639F4-82CF-4C6E-89AB-D22100570215}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{96968F29-DB47-43E8-A522-CAE9519DE3A0}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{BEF4AADA-7649-41C0-A50D-46F25EB86904}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9605BBFE-30A1-4785-81E3-E83D5A1CFCBC}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{17F5492B-D9D4-46CD-92DF-DA4AEE57DCDB}] => D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{B2AA3AC1-533A-4032-B740-BDBF5CB2E1F6}] => D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{E04608B7-80A4-400F-8AB4-6E354000D0B0}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{BF44CA56-9FEE-4CDD-AE20-432702244286}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{B2F78E63-0A1E-404F-8120-ED562D638FE4}] => C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E8C24C47-F5C0-407D-89EB-3FBC50F9A557}] => C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EB70119F-9788-4950-B1F5-989671C83AE3}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BF3AA2C3-ACFB-4C43-9A22-85E17FF4F755}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ED8F8BC3-0EDC-4460-8D68-6690BF3EF5C5}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85FC551A-DF3F-455B-99A3-E26ECCB7DB80}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{40DB1672-CF66-4B25-A7FE-32AAD83B5B1D}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{C19F1CB3-86D2-459E-92D9-3096928774BB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A804337B-3FC9-4175-BF95-6CB65514522F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{B4FAEA4F-CD69-48A1-98EA-C1D5D9035CC6}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{812CC328-2D7B-49E6-BCA2-B389AE8B4564}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{343367D6-E30F-43E1-A945-F7F86CC7DA99}] => C:\WarThunder\run.exe
FirewallRules: [{A1248029-CBF9-40E0-93C2-C8E047571196}] => C:\WarThunder\run.exe
FirewallRules: [{313C93BD-71C0-4F2D-9933-B74A1B5FB44D}] => LPort=80
FirewallRules: [{CF8102D3-8A93-4348-92DC-23D15B0DC945}] => LPort=443
FirewallRules: [{7F9EA741-3353-4B5E-AC6B-3B174092FEC1}] => LPort=20010
FirewallRules: [{103CB3F1-CA23-4754-8A51-4C63CEC74D86}] => LPort=3478
FirewallRules: [{45747647-D43A-4481-B061-FB86FBEF94C2}] => LPort=7850
FirewallRules: [{748C92A9-DD26-4F92-9F3A-D8ABC7D14235}] => LPort=7852
FirewallRules: [{16751B4F-DF3A-4E6E-A9EB-55D73E4D1696}] => LPort=7853
FirewallRules: [{9CEC824F-AB69-4C31-9C66-8F03FF859D04}] => LPort=27022
FirewallRules: [{413A241E-0489-4A66-A0AA-00C5C65EC997}] => LPort=6881
FirewallRules: [{0AC93F84-0568-46DA-92C2-9B055F73DB73}] => LPort=33333
FirewallRules: [{63246DC3-F7E5-4860-9625-99184C4D21D0}] => LPort=20443
FirewallRules: [{CAA0F976-F41E-4D49-BB6F-FF4BE79D90D4}] => LPort=8090
FirewallRules: [{18A48DD0-AE08-482B-9DD2-99E08DB9B74A}] => D:\STEAM GAMES\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{9B4856AD-4962-4E60-9533-0185DA63850A}] => D:\STEAM GAMES\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [TCP Query User{EBED365D-14C9-48AF-8E7D-3C5248BE2C6B}D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{BB9DD903-B452-4FB0-A7B3-2E35F8F1C127}D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{960E645C-8A65-45D5-B230-F1B2373CFB23}C:\sinusbot\sinusbot.exe] => C:\sinusbot\sinusbot.exe
FirewallRules: [UDP Query User{2BCE5799-BF10-4856-8F70-0FF64A0208A0}C:\sinusbot\sinusbot.exe] => C:\sinusbot\sinusbot.exe
FirewallRules: [{37260D11-F556-453B-A92C-C051AAEDE6CA}] => D:\STEAM GAMES\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{D0098E91-9895-4D6D-B056-9515D314B185}] => D:\STEAM GAMES\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{6079BABD-47BD-41E9-A90F-F3F106BE9CEB}] => D:\Origin\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{C3652AFF-1435-4303-BBF8-65ECE241EE30}] => D:\Origin\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{EF4BDED4-4E5D-40DB-A4C4-155548FD6016}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F2EBF2F1-DFD8-4CB4-B258-28F801B4FB47}D:\crossfirearx\updater.exe] => D:\crossfirearx\updater.exe
FirewallRules: [UDP Query User{EE5E6B2C-1A25-4171-AA76-31BC8D58786C}D:\crossfirearx\updater.exe] => D:\crossfirearx\updater.exe
FirewallRules: [{9CDF1C5E-6D3E-4B26-B924-7F17B8330BF9}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AD220EF0-B6DC-4E5A-843F-FFFD2A942323}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0807B64D-ED82-4952-BE5E-24A282B10086}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A4200EB5-35B4-4541-AE64-B8E3DF62D40C}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{70C2845C-8A09-4710-A883-EC84CB286F89}] => D:\FlyVPN\FlyVPN.exe
FirewallRules: [{06A1184B-922A-4546-9F22-3C98C2EFF16F}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{C0E1C40E-9DBA-4F28-AD73-A7592F997885}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9F5D2263-57C9-421E-90B9-F4587BF97D4E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{94D9E19A-3494-4BD4-8D45-A1D8B8E62551}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D2303C7A-4BED-4F96-A526-5165BEA68782}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{4BE9F3FC-CA14-4492-8B4E-1BA1B2FC3D08}D:\crossfire\updater.exe] => D:\crossfire\updater.exe
FirewallRules: [UDP Query User{5860EEB4-085D-4FC3-BB1A-3C89C96D1F83}D:\crossfire\updater.exe] => D:\crossfire\updater.exe

==================== Wiederherstellungspunkte =========================

01-12-2016 12:55:53 Removed Autodesk Inventor Server Engine for 3ds Max 2017.
01-12-2016 12:56:14 Removed VEGAS Pro 14.0 (64-bit)
01-12-2016 12:56:37 Removed Autodesk 3ds Max 2017 Populate Data.

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/01/2016 12:55:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.8.0.1042, Zeitstempel: 0x5639dd97
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0334c9dd
ID des fehlerhaften Prozesses: 0x1f70
Startzeit der fehlerhaften Anwendung: 0x01d24bc9d7ee2584
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 18813e24-b7bd-11e6-8202-4ccc6a61d306

Error: (12/01/2016 12:55:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/30/2016 03:17:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.8.0.1042, Zeitstempel: 0x5639dd97
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x038bc9dd
ID des fehlerhaften Prozesses: 0x1908
Startzeit der fehlerhaften Anwendung: 0x01d24b146fe87c74
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: b0244d54-b707-11e6-918e-4ccc6a61d306

Error: (11/30/2016 03:17:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/30/2016 03:00:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.8.0.1042, Zeitstempel: 0x5639dd97
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0382c9dd
ID des fehlerhaften Prozesses: 0x109c
Startzeit der fehlerhaften Anwendung: 0x01d24b1217273651
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 57539de1-b705-11e6-82c3-4ccc6a61d306

Error: (11/30/2016 03:00:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/30/2016 02:54:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.8.0.1042, Zeitstempel: 0x5639dd97
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x030cc9dd
ID des fehlerhaften Prozesses: 0x169c
Startzeit der fehlerhaften Anwendung: 0x01d24b113433d100
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 73dc1470-b704-11e6-a7e8-4ccc6a61d306

Error: (11/30/2016 02:54:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/29/2016 09:58:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.8.0.1042, Zeitstempel: 0x5639dd97
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00e3c9dd
ID des fehlerhaften Prozesses: 0x19f8
Startzeit der fehlerhaften Anwendung: 0x01d24a834a7403b0
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 8ad49aa0-b676-11e6-a98c-4ccc6a61d306

Error: (11/29/2016 09:58:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


Systemfehler:
=============
Error: (12/01/2016 01:08:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (12/01/2016 01:08:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/01/2016 01:08:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (12/01/2016 01:07:10 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "3" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/01/2016 01:07:10 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "2" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/01/2016 01:07:10 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "1" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/01/2016 01:07:10 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "0" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/01/2016 12:55:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/01/2016 12:53:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (12/01/2016 12:53:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 14826.85 MB
Verfügbarer physikalischer RAM: 12031.46 MB
Summe virtueller Speicher: 29651.89 MB
Verfügbarer virtueller Speicher: 26816.12 MB

==================== Laufwerke ================================

Drive b: (Lokaler Fotzenträger) (Fixed) (Total:465.76 GB) (Free:422.14 GB) NTFS
Drive c: (Lokaler Klamottenträger) (Fixed) (Total:236 GB) (Free:26.21 GB) NTFS
Drive d: (Lokaler Nuttenträger) (Fixed) (Total:931.41 GB) (Free:114.99 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 236 GB) (Disk ID: 11E626FB)
Partition 1: (Active) - (Size=236 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E159512B)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1956BF5A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Alt 01.12.2016, 13:33   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


ok


1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 01.12.2016, 14:27   #18
yakashi97
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


MBAR LOG:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.12.01.10
  rootkit: v2016.11.20.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18449
yakashi :: YAKASHI-PC [administrator]

01.12.2016 13:49:48
mbar-log-2016-12-01 (13-49-48).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 562780
Time elapsed: 26 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\yakashi\Desktop\WH KEYBINDER\Wheelman Keybinder\keybinder ballas elitemgr.exe (Trojan.FakeMS.ED) -> Delete on reboot. [e14d90521387cc6a2c4ed397ec14b44c]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
TDSSKILLER LOG:
Code:
ATTFilter
14:24:02.0957 0x0e60  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
14:24:20.0985 0x0e60  ============================================================
14:24:20.0985 0x0e60  Current date / time: 2016/12/01 14:24:20.0985
14:24:20.0985 0x0e60  SystemInfo:
14:24:20.0985 0x0e60  
14:24:20.0985 0x0e60  OS Version: 6.1.7601 ServicePack: 1.0
14:24:20.0985 0x0e60  Product type: Workstation
14:24:20.0985 0x0e60  ComputerName: YAKASHI-PC
14:24:20.0985 0x0e60  UserName: yakashi
14:24:20.0985 0x0e60  Windows directory: C:\Windows
14:24:20.0985 0x0e60  System windows directory: C:\Windows
14:24:20.0985 0x0e60  Running under WOW64
14:24:20.0985 0x0e60  Processor architecture: Intel x64
14:24:20.0985 0x0e60  Number of processors: 4
14:24:20.0985 0x0e60  Page size: 0x1000
14:24:20.0985 0x0e60  Boot type: Normal boot
14:24:20.0985 0x0e60  CodeIntegrityOptions = 0x00000001
14:24:20.0985 0x0e60  ============================================================
14:24:21.0278 0x0e60  KLMD registered as C:\Windows\system32\drivers\74747881.sys
14:24:21.0278 0x0e60  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23539, osProperties = 0x1
14:24:21.0304 0x0e60  System UUID: {93A82759-D356-217F-2440-84DB8B371D1E}
14:24:21.0445 0x0e60  Drive \Device\Harddisk0\DR0 - Size: 0x3B00000000 ( 236.00 Gb ), SectorSize: 0x200, Cylinders: 0x7857, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:24:21.0446 0x0e60  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:24:21.0465 0x0e60  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:24:21.0466 0x0e60  ============================================================
14:24:21.0466 0x0e60  \Device\Harddisk0\DR0:
14:24:21.0467 0x0e60  MBR partitions:
14:24:21.0467 0x0e60  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D7FE800
14:24:21.0467 0x0e60  \Device\Harddisk1\DR1:
14:24:21.0467 0x0e60  MBR partitions:
14:24:21.0467 0x0e60  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3DB0
14:24:21.0467 0x0e60  \Device\Harddisk2\DR2:
14:24:21.0467 0x0e60  MBR partitions:
14:24:21.0467 0x0e60  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
14:24:21.0467 0x0e60  ============================================================
14:24:21.0470 0x0e60  C: <-> \Device\Harddisk0\DR0\Partition1
14:24:21.0472 0x0e60  D: <-> \Device\Harddisk1\DR1\Partition1
14:24:21.0489 0x0e60  B: <-> \Device\Harddisk2\DR2\Partition1
14:24:21.0489 0x0e60  ============================================================
14:24:21.0489 0x0e60  Initialize success
14:24:21.0489 0x0e60  ============================================================
14:24:44.0804 0x1500  ============================================================
14:24:44.0804 0x1500  Scan started
14:24:44.0804 0x1500  Mode: Manual; SigCheck; TDLFS; 
14:24:44.0804 0x1500  ============================================================
14:24:44.0804 0x1500  KSN ping started
14:24:44.0935 0x1500  KSN ping finished: true
14:24:45.0018 0x1500  ================ Scan system memory ========================
14:24:45.0018 0x1500  System memory - ok
14:24:45.0018 0x1500  ================ Scan services =============================
14:24:45.0035 0x1500  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:24:45.0054 0x1500  1394ohci - ok
14:24:45.0062 0x1500  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:24:45.0071 0x1500  ACPI - ok
14:24:45.0073 0x1500  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:24:45.0084 0x1500  AcpiPmi - ok
14:24:45.0110 0x1500  [ 0121826AC84AD4AD5E8FEFDD6F555B7A, 3CB8152494CD82E6CE526B46825E7E61433E03F29691A2E90AA4218998BD4913 ] AdAppMgrSvc     C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
14:24:45.0133 0x1500  AdAppMgrSvc - ok
14:24:45.0137 0x1500  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:24:45.0141 0x1500  AdobeARMservice - ok
14:24:45.0154 0x1500  [ 8532B30A054D83614A90D24AD61A29DF, 959C74C63AF7F4E5588C705FBF08EA7A8749268BC28819879ED53AB7A3410B74 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
14:24:45.0167 0x1500  AdobeUpdateService - ok
14:24:45.0176 0x1500  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:24:45.0186 0x1500  adp94xx - ok
14:24:45.0192 0x1500  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:24:45.0200 0x1500  adpahci - ok
14:24:45.0205 0x1500  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:24:45.0211 0x1500  adpu320 - ok
14:24:45.0214 0x1500  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:24:45.0220 0x1500  AeLookupSvc - ok
14:24:45.0228 0x1500  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
14:24:45.0240 0x1500  AFD - ok
14:24:45.0244 0x1500  [ 4707CDF90F59293F6B2A9824475C7EA6, 37C4721BC18889F9BE95B7973A44197D4EBA6991E6E761208D64F1186016659A ] AFTrafMgr1.1    C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_1_64.sys
14:24:45.0328 0x1500  AFTrafMgr1.1 - ok
14:24:45.0330 0x1500  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:24:45.0335 0x1500  agp440 - ok
14:24:45.0368 0x1500  [ 021D06851E7AFF5C314039DF813608F3, 081B14840F4AD428B4407AA2E639369A45D174D9507BD107F33FE3A94FB8F8EC ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
14:24:45.0403 0x1500  AGSService - ok
14:24:45.0407 0x1500  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:24:45.0415 0x1500  ALG - ok
14:24:45.0416 0x1500  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:24:45.0420 0x1500  aliide - ok
14:24:45.0422 0x1500  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:24:45.0426 0x1500  amdide - ok
14:24:45.0427 0x1500  [ 35D34AD337A1AC46F74C3377B4CCA88E, 046695BDF540EDCA87C36EDC725615ACA99DA57558A54CAC1B49F245D702B406 ] amdide64        C:\Windows\system32\DRIVERS\amdide64.sys
14:24:45.0431 0x1500  amdide64 - ok
14:24:45.0434 0x1500  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:24:45.0441 0x1500  AmdK8 - ok
14:24:45.0443 0x1500  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:24:45.0448 0x1500  AmdPPM - ok
14:24:45.0451 0x1500  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:24:45.0457 0x1500  amdsata - ok
14:24:45.0461 0x1500  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:24:45.0468 0x1500  amdsbs - ok
14:24:45.0470 0x1500  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:24:45.0474 0x1500  amdxata - ok
14:24:45.0478 0x1500  [ 52F8C264D3BF90D2726FDE6642A381D4, 3780CCB0E4B89CAD818C887D65677EAB30F5ACC91FC1E6D0818F792A8D731137 ] AppID           C:\Windows\system32\drivers\appid.sys
14:24:45.0483 0x1500  AppID - ok
14:24:45.0485 0x1500  [ 2C49C5C911D1BE2A815BC183C0B2FED1, DDF299E05626E40417C135571F7ED78FB8BC4DD78907980316A6A277D0096074 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:24:45.0490 0x1500  AppIDSvc - ok
14:24:45.0492 0x1500  [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo         C:\Windows\System32\appinfo.dll
14:24:45.0498 0x1500  Appinfo - ok
14:24:45.0503 0x1500  [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:24:45.0507 0x1500  Apple Mobile Device Service - ok
14:24:45.0512 0x1500  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:24:45.0520 0x1500  AppMgmt - ok
14:24:45.0523 0x1500  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:24:45.0528 0x1500  arc - ok
14:24:45.0531 0x1500  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:24:45.0536 0x1500  arcsas - ok
14:24:45.0542 0x1500  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:24:45.0550 0x1500  aspnet_state - ok
14:24:45.0553 0x1500  [ 2C5E21DF89FEE0B09BDA4D1BABCF44B7, A4B8B2EDC66EE5C244FA6B14E208B17B746747C8AF7DCD5F47AB5D44A8CE3D39 ] asstor64        C:\Windows\system32\DRIVERS\asstor64.sys
14:24:45.0558 0x1500  asstor64 - ok
14:24:45.0560 0x1500  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:24:45.0586 0x1500  AsyncMac - ok
14:24:45.0589 0x1500  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:24:45.0593 0x1500  atapi - ok
14:24:45.0603 0x1500  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:24:45.0618 0x1500  AudioEndpointBuilder - ok
14:24:45.0628 0x1500  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:24:45.0640 0x1500  AudioSrv - ok
14:24:45.0644 0x1500  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:24:45.0656 0x1500  AxInstSV - ok
14:24:45.0664 0x1500  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:24:45.0676 0x1500  b06bdrv - ok
14:24:45.0681 0x1500  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:24:45.0690 0x1500  b57nd60a - ok
14:24:45.0694 0x1500  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:24:45.0700 0x1500  BDESVC - ok
14:24:45.0702 0x1500  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:24:45.0717 0x1500  Beep - ok
14:24:45.0737 0x1500  [ AA330E094D81048411B2D9209BBD73A8, C5A78E38F294D80B76D53D18580B2EB5C917BAC8070A4383AE077C57AECD9848 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
14:24:45.0762 0x1500  BEService - ok
14:24:45.0774 0x1500  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:24:45.0789 0x1500  BFE - ok
14:24:45.0802 0x1500  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:24:45.0841 0x1500  BITS - ok
14:24:45.0844 0x1500  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:24:45.0848 0x1500  blbdrive - ok
14:24:45.0856 0x1500  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:24:45.0865 0x1500  Bonjour Service - ok
14:24:45.0868 0x1500  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:24:45.0874 0x1500  bowser - ok
14:24:45.0876 0x1500  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:24:45.0886 0x1500  BrFiltLo - ok
14:24:45.0888 0x1500  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:24:45.0894 0x1500  BrFiltUp - ok
14:24:45.0898 0x1500  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:24:45.0905 0x1500  Browser - ok
14:24:45.0911 0x1500  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:24:45.0922 0x1500  Brserid - ok
14:24:45.0924 0x1500  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:24:45.0930 0x1500  BrSerWdm - ok
14:24:45.0932 0x1500  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:24:45.0938 0x1500  BrUsbMdm - ok
14:24:45.0940 0x1500  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:24:45.0944 0x1500  BrUsbSer - ok
14:24:45.0946 0x1500  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:24:45.0953 0x1500  BTHMODEM - ok
14:24:45.0956 0x1500  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:24:45.0972 0x1500  bthserv - ok
14:24:45.0975 0x1500  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:24:45.0991 0x1500  cdfs - ok
14:24:45.0995 0x1500  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:24:46.0001 0x1500  cdrom - ok
14:24:46.0004 0x1500  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:24:46.0020 0x1500  CertPropSvc - ok
14:24:46.0022 0x1500  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:24:46.0028 0x1500  circlass - ok
14:24:46.0035 0x1500  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
14:24:46.0044 0x1500  CLFS - ok
14:24:46.0048 0x1500  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:24:46.0054 0x1500  clr_optimization_v2.0.50727_32 - ok
14:24:46.0057 0x1500  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:24:46.0063 0x1500  clr_optimization_v2.0.50727_64 - ok
14:24:46.0069 0x1500  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:24:46.0086 0x1500  clr_optimization_v4.0.30319_32 - ok
14:24:46.0089 0x1500  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:24:46.0098 0x1500  clr_optimization_v4.0.30319_64 - ok
14:24:46.0101 0x1500  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:24:46.0105 0x1500  CmBatt - ok
14:24:46.0107 0x1500  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:24:46.0111 0x1500  cmdide - ok
14:24:46.0118 0x1500  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
14:24:46.0131 0x1500  CNG - ok
14:24:46.0133 0x1500  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:24:46.0137 0x1500  Compbatt - ok
14:24:46.0139 0x1500  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:24:46.0145 0x1500  CompositeBus - ok
14:24:46.0146 0x1500  COMSysApp - ok
14:24:46.0148 0x1500  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:24:46.0152 0x1500  crcdisk - ok
14:24:46.0157 0x1500  [ B1962E21F74697AB442FA4432B970E85, DADE4C90624EC928699246785E3DF73D795B5C68834FCD99D3063AD647423D12 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:24:46.0166 0x1500  CryptSvc - ok
14:24:46.0174 0x1500  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
14:24:46.0185 0x1500  CSC - ok
14:24:46.0196 0x1500  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
14:24:46.0210 0x1500  CscService - ok
14:24:46.0220 0x1500  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:24:46.0232 0x1500  DcomLaunch - ok
14:24:46.0238 0x1500  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:24:46.0257 0x1500  defragsvc - ok
14:24:46.0261 0x1500  [ CF1F6326AC44C42F4615D4BD53188AC5, 28DC32F1957918C3D5DE72415CC32A51C6885CAA38119FE475D2631269D3B9B3 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:24:46.0267 0x1500  DfsC - ok
14:24:46.0270 0x1500  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
14:24:46.0277 0x1500  dg_ssudbus - ok
14:24:46.0284 0x1500  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:24:46.0293 0x1500  Dhcp - ok
14:24:46.0313 0x1500  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
14:24:46.0337 0x1500  DiagTrack - ok
14:24:46.0345 0x1500  [ 3F67A20D02EF74C112A42FD7746C8E2E, 502FA3C7C5F1BC51CA51ECB9A29EFAFFB36867F76AACF51FA7BEE45674F2C278 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
14:24:46.0356 0x1500  DigitalWave.Update.Service - ok
14:24:46.0380 0x1500  [ 64F6A6B21B25528F7368928C0171C8E3, B9D56EA97E57501D567D71965C1CD57C85DA1C7EAF958B38F3D199457DD4D2E3 ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
14:24:46.0412 0x1500  Disc Soft Lite Bus Service - ok
14:24:46.0414 0x1500  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:24:46.0429 0x1500  discache - ok
14:24:46.0432 0x1500  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
14:24:46.0437 0x1500  Disk - ok
14:24:46.0441 0x1500  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:24:46.0449 0x1500  Dnscache - ok
14:24:46.0455 0x1500  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:24:46.0473 0x1500  dot3svc - ok
14:24:46.0477 0x1500  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:24:46.0493 0x1500  DPS - ok
14:24:46.0494 0x1500  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:24:46.0499 0x1500  drmkaud - ok
14:24:46.0501 0x1500  [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus   C:\Windows\system32\DRIVERS\dtlitescsibus.sys
14:24:46.0505 0x1500  dtlitescsibus - ok
14:24:46.0507 0x1500  [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus    C:\Windows\system32\DRIVERS\dtliteusbbus.sys
14:24:46.0510 0x1500  dtliteusbbus - ok
14:24:46.0524 0x1500  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:24:46.0539 0x1500  DXGKrnl - ok
14:24:46.0542 0x1500  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:24:46.0559 0x1500  EapHost - ok
14:24:46.0560 0x1500  EasyAntiCheat - ok
14:24:46.0601 0x1500  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:24:46.0650 0x1500  ebdrv - ok
14:24:46.0653 0x1500  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] EFS             C:\Windows\System32\lsass.exe
14:24:46.0658 0x1500  EFS - ok
14:24:46.0670 0x1500  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:24:46.0686 0x1500  ehRecvr - ok
14:24:46.0689 0x1500  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:24:46.0697 0x1500  ehSched - ok
14:24:46.0705 0x1500  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:24:46.0717 0x1500  elxstor - ok
14:24:46.0719 0x1500  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:24:46.0723 0x1500  ErrDev - ok
14:24:46.0727 0x1500  [ FD291A75ECAF197F07BD2040C2A7322A, B4DE1B8A75928C8E6DF870A7B6F286EAA0B9A5D9443E99B66633F8B60013AC67 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
14:24:46.0733 0x1500  EtronHub3 - ok
14:24:46.0736 0x1500  [ DDE9068F9BAC0210195F217AA39B9276, 3AE8CE03B0F93EF6006B46F8DFD5523F6C1951D98FB9A411EA90261C368A453F ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
14:24:46.0742 0x1500  EtronXHCI - ok
14:24:46.0750 0x1500  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:24:46.0771 0x1500  EventSystem - ok
14:24:46.0776 0x1500  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:24:46.0794 0x1500  exfat - ok
14:24:46.0799 0x1500  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:24:46.0817 0x1500  fastfat - ok
14:24:46.0827 0x1500  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:24:46.0842 0x1500  Fax - ok
14:24:46.0844 0x1500  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:24:46.0849 0x1500  fdc - ok
14:24:46.0851 0x1500  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:24:46.0866 0x1500  fdPHost - ok
14:24:46.0868 0x1500  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:24:46.0883 0x1500  FDResPub - ok
14:24:46.0885 0x1500  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:24:46.0890 0x1500  FileInfo - ok
14:24:46.0892 0x1500  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:24:46.0907 0x1500  Filetrace - ok
14:24:46.0927 0x1500  [ 1B04D931B3EFA5FE67FA7D8510722222, 3D55A122A19F7D92782D0588F42F7B7CA33DB56B1F987BCA1E338F7F945E03F1 ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
14:24:46.0951 0x1500  FlexNet Licensing Service 64 - ok
14:24:46.0954 0x1500  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:24:46.0958 0x1500  flpydisk - ok
14:24:46.0964 0x1500  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:24:46.0972 0x1500  FltMgr - ok
14:24:46.0989 0x1500  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
14:24:47.0011 0x1500  FontCache - ok
14:24:47.0015 0x1500  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:24:47.0019 0x1500  FontCache3.0.0.0 - ok
14:24:47.0021 0x1500  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:24:47.0026 0x1500  FsDepends - ok
14:24:47.0028 0x1500  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:24:47.0031 0x1500  Fs_Rec - ok
14:24:47.0036 0x1500  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:24:47.0044 0x1500  fvevol - ok
14:24:47.0047 0x1500  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:24:47.0052 0x1500  gagp30kx - ok
14:24:47.0063 0x1500  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
14:24:47.0079 0x1500  gpsvc - ok
14:24:47.0085 0x1500  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:24:47.0091 0x1500  gupdate - ok
14:24:47.0095 0x1500  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:24:47.0100 0x1500  gupdatem - ok
14:24:47.0102 0x1500  [ 0A08C5ED2F13505C92F2240F8461AEF5, 32075A36437FA905A3885E8074AF3FDF05EF5A17B9B2F93583771B6E054A77D5 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
14:24:47.0105 0x1500  hamachi - ok
14:24:47.0139 0x1500  [ 41C684B6229B8F0C2EAEF4A2251DFAE4, 6C2AD680E67506A8B1BDD112C70587314ADDF97E52341D4927D0BAD3735F930B ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
14:24:47.0179 0x1500  Hamachi2Svc - ok
14:24:47.0183 0x1500  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:24:47.0188 0x1500  hcw85cir - ok
14:24:47.0194 0x1500  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:24:47.0205 0x1500  HdAudAddService - ok
14:24:47.0209 0x1500  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:24:47.0216 0x1500  HDAudBus - ok
14:24:47.0218 0x1500  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:24:47.0223 0x1500  HidBatt - ok
14:24:47.0225 0x1500  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:24:47.0232 0x1500  HidBth - ok
14:24:47.0235 0x1500  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:24:47.0241 0x1500  HidIr - ok
14:24:47.0243 0x1500  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
14:24:47.0258 0x1500  hidserv - ok
14:24:47.0261 0x1500  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:24:47.0265 0x1500  HidUsb - ok
14:24:47.0268 0x1500  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:24:47.0284 0x1500  hkmsvc - ok
14:24:47.0289 0x1500  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:24:47.0297 0x1500  HomeGroupListener - ok
14:24:47.0302 0x1500  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:24:47.0309 0x1500  HomeGroupProvider - ok
14:24:47.0312 0x1500  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:24:47.0316 0x1500  HpSAMD - ok
14:24:47.0360 0x1500  [ 5127365EFFD245C4525999725E5CF185, 9F218346DF9F9AD1B88C4C7EE392C0921B681FE4EBC73ADF4DBC2119261503E7 ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
14:24:47.0402 0x1500  hshld - ok
14:24:47.0406 0x1500  [ E87FEB74393469E15A552B5BA63ACE55, 34690691F650D92B0EA0536D2809CD84654AF28B7CE730C2B2F1EF5782159E14 ] HssTrayService  C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
14:24:47.0411 0x1500  HssTrayService - ok
14:24:47.0422 0x1500  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:24:47.0437 0x1500  HTTP - ok
14:24:47.0447 0x1500  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
14:24:47.0450 0x1500  HWiNFO32 - ok
14:24:47.0452 0x1500  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:24:47.0456 0x1500  hwpolicy - ok
14:24:47.0459 0x1500  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:24:47.0464 0x1500  i8042prt - ok
14:24:47.0475 0x1500  [ 7675D8E247732F45F60AA450BA2C207D, DBB591E56BBF9A93BE66A993D143A97964CC628457CF47EB5231D0DF62B59ADE ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
14:24:47.0489 0x1500  iaStorA - ok
14:24:47.0492 0x1500  [ 31BD488EE7F6ED608A7418F6A7C6948D, BB7DC889C0F73FDE089FC0E52D321F29CBB5A65A3D9F90B0B3A730EF938B6178 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:24:47.0496 0x1500  IAStorDataMgrSvc - ok
14:24:47.0502 0x1500  [ BBEB8AF1A2580896E2E5C0F30B8D5453, 583B529B78937B369DF4C745E1FE00F193776A5B32F1B5EA43786F720949C1FF ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
14:24:47.0510 0x1500  iaStorF - ok
14:24:47.0520 0x1500  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:24:47.0530 0x1500  iaStorV - ok
14:24:47.0543 0x1500  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:24:47.0560 0x1500  idsvc - ok
14:24:47.0562 0x1500  IEEtwCollectorService - ok
14:24:47.0564 0x1500  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:24:47.0569 0x1500  iirsp - ok
14:24:47.0582 0x1500  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:24:47.0599 0x1500  IKEEXT - ok
14:24:47.0664 0x1500  [ 89D73E6E58B70939A4CC17C21D0E0173, 4303ADCA3B0CB33858276F06F5BC9D012F300A8C39989278BBCEF8DA6BF9B61E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:24:47.0726 0x1500  IntcAzAudAddService - ok
14:24:47.0731 0x1500  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:24:47.0735 0x1500  intelide - ok
14:24:47.0738 0x1500  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:24:47.0742 0x1500  intelppm - ok
14:24:47.0745 0x1500  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:24:47.0761 0x1500  IPBusEnum - ok
14:24:47.0764 0x1500  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:24:47.0779 0x1500  IpFilterDriver - ok
14:24:47.0789 0x1500  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:24:47.0801 0x1500  iphlpsvc - ok
14:24:47.0805 0x1500  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:24:47.0811 0x1500  IPMIDRV - ok
14:24:47.0814 0x1500  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:24:47.0830 0x1500  IPNAT - ok
14:24:47.0840 0x1500  [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:24:47.0852 0x1500  iPod Service - ok
14:24:47.0855 0x1500  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:24:47.0864 0x1500  IRENUM - ok
14:24:47.0866 0x1500  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:24:47.0870 0x1500  isapnp - ok
14:24:47.0875 0x1500  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:24:47.0883 0x1500  iScsiPrt - ok
14:24:47.0891 0x1500  [ A7A2E0D3932B1986990AC7077B1658CD, F8CC75A711E6C4E5299557F05C0C6B957E8508EA496BC74CCF4827385B046CB4 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
14:24:47.0901 0x1500  iusb3hub - ok
14:24:47.0915 0x1500  [ F3A9A90A8B6C5B9DF60D0EA957976E66, C381139834E6604BCF02E783834AA5DAE1EE501A1E46F4B1C4E76C89160C7ABF ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
14:24:47.0928 0x1500  iusb3xhc - ok
14:24:47.0931 0x1500  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:24:47.0935 0x1500  kbdclass - ok
14:24:47.0937 0x1500  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:24:47.0942 0x1500  kbdhid - ok
14:24:47.0944 0x1500  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] KeyIso          C:\Windows\system32\lsass.exe
14:24:47.0948 0x1500  KeyIso - ok
14:24:47.0950 0x1500  [ EB7BB4F58971F4FE099B3CE127346563, 6CE7BF43B5775ABF954508B4B02E441C169990FDFDF35FFE3137C85C1231695B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:24:47.0956 0x1500  KSecDD - ok
14:24:47.0960 0x1500  [ 6EBBA531A455E8F1092FD530A8682A97, 658F9ACADD422A2F1D48120FB4FCBB2E8F0CF245C07D439A2611878E82C61A01 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:24:47.0966 0x1500  KSecPkg - ok
14:24:47.0968 0x1500  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:24:47.0982 0x1500  ksthunk - ok
14:24:47.0989 0x1500  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:24:48.0009 0x1500  KtmRm - ok
14:24:48.0014 0x1500  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:24:48.0031 0x1500  LanmanServer - ok
14:24:48.0035 0x1500  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:24:48.0051 0x1500  LanmanWorkstation - ok
14:24:48.0054 0x1500  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:24:48.0069 0x1500  lltdio - ok
14:24:48.0074 0x1500  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:24:48.0093 0x1500  lltdsvc - ok
14:24:48.0095 0x1500  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:24:48.0110 0x1500  lmhosts - ok
14:24:48.0117 0x1500  [ 0554F3B69D39D175DD110D765C11347A, A57D5CE0CBA04806EB0C6D8943D85C5AB63119A99FA8F8000BDF54CCCD1C1BF9 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
14:24:48.0125 0x1500  LMIGuardianSvc - ok
14:24:48.0129 0x1500  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:24:48.0135 0x1500  LSI_FC - ok
14:24:48.0138 0x1500  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:24:48.0143 0x1500  LSI_SAS - ok
14:24:48.0145 0x1500  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:24:48.0150 0x1500  LSI_SAS2 - ok
14:24:48.0153 0x1500  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:24:48.0158 0x1500  LSI_SCSI - ok
14:24:48.0161 0x1500  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:24:48.0178 0x1500  luafv - ok
14:24:48.0180 0x1500  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:24:48.0186 0x1500  Mcx2Svc - ok
14:24:48.0188 0x1500  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:24:48.0192 0x1500  megasas - ok
14:24:48.0198 0x1500  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:24:48.0206 0x1500  MegaSR - ok
14:24:48.0211 0x1500  [ 009B44AA87EBFB87B3D3BB22097DFE73, 267298E3B1FBB9587E8691DC6EAB61AB5F6D2CE7F43B0797EA4E198E704FB7A6 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
14:24:48.0217 0x1500  MEIx64 - ok
14:24:48.0220 0x1500  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:24:48.0236 0x1500  MMCSS - ok
14:24:48.0238 0x1500  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:24:48.0252 0x1500  Modem - ok
14:24:48.0254 0x1500  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:24:48.0260 0x1500  monitor - ok
14:24:48.0262 0x1500  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:24:48.0266 0x1500  mouclass - ok
14:24:48.0269 0x1500  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:24:48.0273 0x1500  mouhid - ok
14:24:48.0276 0x1500  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:24:48.0281 0x1500  mountmgr - ok
14:24:48.0285 0x1500  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:24:48.0291 0x1500  mpio - ok
14:24:48.0294 0x1500  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:24:48.0309 0x1500  mpsdrv - ok
14:24:48.0321 0x1500  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:24:48.0346 0x1500  MpsSvc - ok
14:24:48.0350 0x1500  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:24:48.0357 0x1500  MRxDAV - ok
14:24:48.0361 0x1500  [ 341C65D6D4E9AB705258AC83511F7ADD, EE3F0874DA79C95DE5E5CEC94B1545C049DE21D8F05F63184F9F5DE9553C96A0 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:24:48.0368 0x1500  mrxsmb - ok
14:24:48.0374 0x1500  [ F93EDDF0B69760456C6E0D73405AC078, 9EE64BAA6449A053C152783AD102DE88C3DBC79F8BEF25E5914DC736D495E9F3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:24:48.0383 0x1500  mrxsmb10 - ok
14:24:48.0386 0x1500  [ A558D659B722FE5FB8C6E1BF288F7316, 3E57FF595E9EA9D53881955E7652793888A4E55743190D653A9239FF07653D7B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:24:48.0393 0x1500  mrxsmb20 - ok
14:24:48.0395 0x1500  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:24:48.0399 0x1500  msahci - ok
14:24:48.0402 0x1500  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:24:48.0408 0x1500  msdsm - ok
14:24:48.0412 0x1500  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:24:48.0418 0x1500  MSDTC - ok
14:24:48.0422 0x1500  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:24:48.0436 0x1500  Msfs - ok
14:24:48.0438 0x1500  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:24:48.0453 0x1500  mshidkmdf - ok
14:24:48.0454 0x1500  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:24:48.0458 0x1500  msisadrv - ok
14:24:48.0462 0x1500  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:24:48.0479 0x1500  MSiSCSI - ok
14:24:48.0481 0x1500  msiserver - ok
14:24:48.0482 0x1500  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:24:48.0497 0x1500  MSKSSRV - ok
14:24:48.0498 0x1500  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:24:48.0512 0x1500  MSPCLOCK - ok
14:24:48.0514 0x1500  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:24:48.0528 0x1500  MSPQM - ok
14:24:48.0535 0x1500  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:24:48.0544 0x1500  MsRPC - ok
14:24:48.0547 0x1500  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:24:48.0551 0x1500  mssmbios - ok
14:24:48.0553 0x1500  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:24:48.0567 0x1500  MSTEE - ok
14:24:48.0569 0x1500  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:24:48.0574 0x1500  MTConfig - ok
14:24:48.0577 0x1500  [ AA0C2BA3782E92BD85E2264BE418E67C, 8B0953926E83274DF16670F1EF6F4E302F7EE17418F486975C353A406850298C ] Mup             C:\Windows\system32\Drivers\mup.sys
14:24:48.0582 0x1500  Mup - ok
14:24:48.0590 0x1500  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:24:48.0611 0x1500  napagent - ok
14:24:48.0617 0x1500  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:24:48.0628 0x1500  NativeWifiP - ok
14:24:48.0641 0x1500  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:24:48.0659 0x1500  NDIS - ok
14:24:48.0662 0x1500  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:24:48.0677 0x1500  NdisCap - ok
14:24:48.0678 0x1500  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:24:48.0693 0x1500  NdisTapi - ok
14:24:48.0696 0x1500  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:24:48.0710 0x1500  Ndisuio - ok
14:24:48.0714 0x1500  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:24:48.0731 0x1500  NdisWan - ok
14:24:48.0733 0x1500  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:24:48.0748 0x1500  NDProxy - ok
14:24:48.0750 0x1500  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:24:48.0765 0x1500  NetBIOS - ok
14:24:48.0771 0x1500  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:24:48.0779 0x1500  NetBT - ok
14:24:48.0781 0x1500  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] Netlogon        C:\Windows\system32\lsass.exe
14:24:48.0785 0x1500  Netlogon - ok
14:24:48.0791 0x1500  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:24:48.0811 0x1500  Netman - ok
14:24:48.0816 0x1500  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:48.0828 0x1500  NetMsmqActivator - ok
14:24:48.0831 0x1500  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:48.0836 0x1500  NetPipeActivator - ok
14:24:48.0844 0x1500  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:24:48.0865 0x1500  netprofm - ok
14:24:48.0869 0x1500  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:48.0875 0x1500  NetTcpActivator - ok
14:24:48.0878 0x1500  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:48.0883 0x1500  NetTcpPortSharing - ok
14:24:48.0886 0x1500  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:24:48.0891 0x1500  nfrd960 - ok
14:24:48.0897 0x1500  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:24:48.0906 0x1500  NlaSvc - ok
14:24:48.0909 0x1500  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:24:48.0924 0x1500  Npfs - ok
14:24:48.0925 0x1500  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:24:48.0941 0x1500  nsi - ok
14:24:48.0942 0x1500  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:24:48.0957 0x1500  nsiproxy - ok
14:24:48.0981 0x1500  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:24:49.0009 0x1500  Ntfs - ok
14:24:49.0011 0x1500  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:24:49.0025 0x1500  Null - ok
14:24:49.0033 0x1500  [ 5CE986C82313E6F9D0973E2A74A0BA20, 9367D5A8257EA15B0DBCD6C8FDBFDF0B5B132A7C436E4F03AD84B958112DFA28 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
14:24:49.0043 0x1500  NvContainerLocalSystem - ok
14:24:49.0051 0x1500  [ 5CE986C82313E6F9D0973E2A74A0BA20, 9367D5A8257EA15B0DBCD6C8FDBFDF0B5B132A7C436E4F03AD84B958112DFA28 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
14:24:49.0059 0x1500  NvContainerNetworkService - ok
14:24:49.0066 0x1500  [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
14:24:49.0072 0x1500  NVHDA - ok
14:24:49.0087 0x1500  [ 0B7CFF94C247E661A9D5F7FDAB2F726B, 16D651A50347131CC6B96EB17096EFB22F9767572964E6C12CA1BF928E6C1397 ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
14:24:49.0108 0x1500  NVIDIA Wireless Controller Service - ok
14:24:49.0264 0x1500  [ 774299CADC6BD47F5CB395373AAAB3E6, A083C9E77580915FC41FD470A3F2E57705B3563E2C40F6250D310573BDC53E77 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:24:49.0422 0x1500  nvlddmkm - ok
14:24:49.0434 0x1500  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:24:49.0441 0x1500  nvraid - ok
14:24:49.0445 0x1500  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:24:49.0452 0x1500  nvstor - ok
14:24:49.0454 0x1500  [ 5FA3A8CE5BAA23E2C9D18EA154017BC4, 6C2B0546FB9D8A4C7A747AB776BB98C8A90D2745FA0D293FA63DABBF67C7ED58 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:24:49.0458 0x1500  NvStreamKms - ok
14:24:49.0461 0x1500  [ 1D54A108BFAD4ED568E393518769F516, D0BE8343784DDD2B7CADFC85779CC72C78D49601E9C746D13D8134CE38DD920F ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
14:24:49.0465 0x1500  nvvad_WaveExtensible - ok
14:24:49.0468 0x1500  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:24:49.0474 0x1500  nv_agp - ok
14:24:49.0476 0x1500  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:24:49.0482 0x1500  ohci1394 - ok
14:24:49.0508 0x1500  [ EC4F449D4FD18ECACB6DF3F243CDFD9E, 4B99664230E72873467B923F7735FFCD97FBC8519533A8A93643DAC83E389DC3 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
14:24:49.0538 0x1500  Origin Client Service - ok
14:24:49.0565 0x1500  [ 8EEDCED6BE7A80A50ED31F04543FD442, 532068A020374DAF7CD105F3486772840CA545C3E41612D3F5593683E8A8C090 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
14:24:49.0596 0x1500  Origin Web Helper Service - ok
14:24:49.0615 0x1500  [ 790E2B25E7DD0E9005F5C3B9275BB1FA, DB17C498653C78A1EBC8266D3302CCB737E805CEA90DE3499C8A2634B4E0E2DA ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
14:24:49.0636 0x1500  OverwolfUpdater - ok
14:24:49.0643 0x1500  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:24:49.0652 0x1500  p2pimsvc - ok
14:24:49.0660 0x1500  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:24:49.0670 0x1500  p2psvc - ok
14:24:49.0674 0x1500  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:24:49.0679 0x1500  Parport - ok
14:24:49.0682 0x1500  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:24:49.0686 0x1500  partmgr - ok
14:24:49.0691 0x1500  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:24:49.0698 0x1500  PcaSvc - ok
14:24:49.0702 0x1500  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:24:49.0709 0x1500  pci - ok
14:24:49.0710 0x1500  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:24:49.0714 0x1500  pciide - ok
14:24:49.0719 0x1500  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:24:49.0727 0x1500  pcmcia - ok
14:24:49.0729 0x1500  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:24:49.0733 0x1500  pcw - ok
14:24:49.0743 0x1500  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:24:49.0757 0x1500  PEAUTH - ok
14:24:49.0776 0x1500  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:24:49.0800 0x1500  PeerDistSvc - ok
14:24:49.0811 0x1500  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:24:49.0815 0x1500  PerfHost - ok
14:24:49.0836 0x1500  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:24:49.0870 0x1500  pla - ok
14:24:49.0878 0x1500  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:24:49.0889 0x1500  PlugPlay - ok
14:24:49.0890 0x1500  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:24:49.0895 0x1500  PNRPAutoReg - ok
14:24:49.0902 0x1500  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:24:49.0909 0x1500  PNRPsvc - ok
14:24:49.0917 0x1500  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:24:49.0928 0x1500  PolicyAgent - ok
14:24:49.0933 0x1500  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:24:49.0950 0x1500  Power - ok
14:24:49.0954 0x1500  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:24:49.0969 0x1500  PptpMiniport - ok
14:24:49.0972 0x1500  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:24:49.0977 0x1500  Processor - ok
14:24:49.0982 0x1500  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:24:49.0989 0x1500  ProfSvc - ok
14:24:49.0991 0x1500  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:24:49.0995 0x1500  ProtectedStorage - ok
14:24:49.0999 0x1500  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:24:50.0014 0x1500  Psched - ok
14:24:50.0034 0x1500  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:24:50.0059 0x1500  ql2300 - ok
14:24:50.0063 0x1500  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:24:50.0068 0x1500  ql40xx - ok
14:24:50.0073 0x1500  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:24:50.0083 0x1500  QWAVE - ok
14:24:50.0085 0x1500  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:24:50.0092 0x1500  QWAVEdrv - ok
14:24:50.0094 0x1500  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:24:50.0108 0x1500  RasAcd - ok
14:24:50.0111 0x1500  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:24:50.0126 0x1500  RasAgileVpn - ok
14:24:50.0129 0x1500  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:24:50.0145 0x1500  RasAuto - ok
14:24:50.0148 0x1500  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:24:50.0164 0x1500  Rasl2tp - ok
14:24:50.0171 0x1500  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:24:50.0190 0x1500  RasMan - ok
14:24:50.0193 0x1500  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:24:50.0209 0x1500  RasPppoe - ok
14:24:50.0211 0x1500  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:24:50.0227 0x1500  RasSstp - ok
14:24:50.0231 0x1500  [ 5753CD9159718444F6D9E1634B984BF5, A4D6FB6583724F3DDDBA768D7786EB7E3AB1C8074F66DA9462BBB159CDFA2868 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
14:24:50.0237 0x1500  Razer Game Scanner Service - ok
14:24:50.0244 0x1500  [ 71B6F78D6444CCE6F77BC42917A4E8F7, 34927A2C1CA349D251A327ED1F30018B065A8E6B886D9B5080A8AE2F6A8C0914 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:24:50.0252 0x1500  rdbss - ok
14:24:50.0254 0x1500  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:24:50.0260 0x1500  rdpbus - ok
14:24:50.0261 0x1500  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:24:50.0276 0x1500  RDPCDD - ok
14:24:50.0280 0x1500  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:24:50.0287 0x1500  RDPDR - ok
14:24:50.0289 0x1500  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:24:50.0303 0x1500  RDPENCDD - ok
14:24:50.0305 0x1500  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:24:50.0320 0x1500  RDPREFMP - ok
14:24:50.0322 0x1500  [ 065F79543D7999EC28B687F87E96B803, 6B235C422DCA79ABF0D051C066B2866643333F7ADB7AF914F6EEAC448AA59AAF ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:24:50.0327 0x1500  RdpVideoMiniport - ok
14:24:50.0331 0x1500  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:24:50.0340 0x1500  RDPWD - ok
14:24:50.0344 0x1500  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:24:50.0351 0x1500  rdyboost - ok
14:24:50.0354 0x1500  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:24:50.0371 0x1500  RemoteAccess - ok
14:24:50.0375 0x1500  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:24:50.0392 0x1500  RemoteRegistry - ok
14:24:50.0394 0x1500  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:24:50.0410 0x1500  RpcEptMapper - ok
14:24:50.0412 0x1500  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:24:50.0417 0x1500  RpcLocator - ok
14:24:50.0425 0x1500  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
14:24:50.0435 0x1500  RpcSs - ok
14:24:50.0438 0x1500  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:24:50.0453 0x1500  rspndr - ok
14:24:50.0468 0x1500  [ 09210D1340433EE0054F0DE1E0D3658F, CEBE8E64ABD1F31EAEF44DA6376CAFB23DB655E7B7C798D294D4515137522B6C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:24:50.0483 0x1500  RTL8167 - ok
14:24:50.0486 0x1500  [ 30A186D6A2A2853EEFAD7011E212E41B, 367B8FCCF29470C9237FC1F0EAEB59AE51E33778BC9914A2730AC7DDBC84942B ] rzpmgrk         C:\Windows\system32\drivers\rzpmgrk.sys
14:24:50.0490 0x1500  rzpmgrk - ok
14:24:50.0494 0x1500  [ B4598C05D5440250633E25933FFF42B0, A66D2FB7EF7350EA74D4290C57FB62BC59C6EA93F759D4CA93C3FEBCA7AEB512 ] rzpnk           C:\Windows\system32\drivers\rzpnk.sys
14:24:50.0499 0x1500  rzpnk - ok
14:24:50.0501 0x1500  [ 9B07BB39BE7B684492EDDF4AA7CB3149, E9643182380BA2C02B6119B4A4E385C3C7E49B9C7F0B6A990E9E279F3D2BD648 ] RZSURROUNDVADService C:\Windows\system32\drivers\RzSurroundVAD.sys
14:24:50.0505 0x1500  RZSURROUNDVADService - ok
14:24:50.0571 0x1500  [ BE5ACB5C994335037E5780F8BF1B2E42, 80755FF3E34F08AD3701AACE0A813C53DFF15C7CA128501F683F5340AB4CDB8B ] RzSurroundVADStreamingService C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
14:24:50.0648 0x1500  RzSurroundVADStreamingService - ok
14:24:50.0652 0x1500  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:24:50.0656 0x1500  s3cap - ok
14:24:50.0658 0x1500  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] SamSs           C:\Windows\system32\lsass.exe
14:24:50.0662 0x1500  SamSs - ok
14:24:50.0665 0x1500  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:24:50.0670 0x1500  sbp2port - ok
14:24:50.0675 0x1500  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:24:50.0693 0x1500  SCardSvr - ok
14:24:50.0695 0x1500  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:24:50.0709 0x1500  scfilter - ok
14:24:50.0724 0x1500  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
14:24:50.0745 0x1500  Schedule - ok
14:24:50.0748 0x1500  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:24:50.0763 0x1500  SCPolicySvc - ok
14:24:50.0765 0x1500  [ AD7189E85A0801DE0507C610963A3CD0, 0AA9F3C9D252624CC62EC95FD910C6911E136DD3E66159CEB9857BC7AB70FAA2 ] ScpVBus         C:\Windows\system32\DRIVERS\ScpVBus.sys
14:24:50.0768 0x1500  ScpVBus - ok
14:24:50.0772 0x1500  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:24:50.0779 0x1500  SDRSVC - ok
14:24:50.0781 0x1500  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:24:50.0786 0x1500  secdrv - ok
14:24:50.0788 0x1500  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
14:24:50.0793 0x1500  seclogon - ok
14:24:50.0795 0x1500  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:24:50.0811 0x1500  SENS - ok
14:24:50.0813 0x1500  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:24:50.0818 0x1500  SensrSvc - ok
14:24:50.0820 0x1500  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:24:50.0825 0x1500  Serenum - ok
14:24:50.0827 0x1500  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:24:50.0833 0x1500  Serial - ok
14:24:50.0835 0x1500  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:24:50.0839 0x1500  sermouse - ok
14:24:50.0844 0x1500  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:24:50.0861 0x1500  SessionEnv - ok
14:24:50.0863 0x1500  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:24:50.0868 0x1500  sffdisk - ok
14:24:50.0870 0x1500  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:24:50.0876 0x1500  sffp_mmc - ok
14:24:50.0877 0x1500  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:24:50.0882 0x1500  sffp_sd - ok
14:24:50.0884 0x1500  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:24:50.0888 0x1500  sfloppy - ok
14:24:50.0895 0x1500  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:24:50.0915 0x1500  SharedAccess - ok
14:24:50.0922 0x1500  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:24:50.0942 0x1500  ShellHWDetection - ok
14:24:50.0944 0x1500  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:24:50.0948 0x1500  SiSRaid2 - ok
14:24:50.0951 0x1500  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:24:50.0956 0x1500  SiSRaid4 - ok
14:24:50.0962 0x1500  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:24:50.0971 0x1500  SkypeUpdate - ok
14:24:50.0974 0x1500  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:24:50.0989 0x1500  Smb - ok
14:24:50.0992 0x1500  [ 8CAC3432AD7B3634A765B042AD2E3607, 4980EE619A1BADE2A555A583C5C4732E8C0A82504912AE088F649227A0D3ECC3 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
14:24:50.0995 0x1500  SmbDrvI - ok
14:24:50.0998 0x1500  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:24:51.0003 0x1500  SNMPTRAP - ok
14:24:51.0005 0x1500  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:24:51.0009 0x1500  spldr - ok
14:24:51.0018 0x1500  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
14:24:51.0040 0x1500  Spooler - ok
14:24:51.0085 0x1500  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:24:51.0149 0x1500  sppsvc - ok
14:24:51.0153 0x1500  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:24:51.0169 0x1500  sppuinotify - ok
14:24:51.0177 0x1500  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:24:51.0188 0x1500  srv - ok
14:24:51.0195 0x1500  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:24:51.0205 0x1500  srv2 - ok
14:24:51.0209 0x1500  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:24:51.0216 0x1500  srvnet - ok
14:24:51.0220 0x1500  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:24:51.0238 0x1500  SSDPSRV - ok
14:24:51.0240 0x1500  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:24:51.0256 0x1500  SstpSvc - ok
14:24:51.0260 0x1500  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
14:24:51.0267 0x1500  ssudmdm - ok
14:24:51.0286 0x1500  [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:24:51.0309 0x1500  Steam Client Service - ok
14:24:51.0312 0x1500  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:24:51.0316 0x1500  stexstor - ok
14:24:51.0325 0x1500  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:24:51.0341 0x1500  stisvc - ok
14:24:51.0344 0x1500  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:24:51.0348 0x1500  storflt - ok
14:24:51.0350 0x1500  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:24:51.0354 0x1500  storvsc - ok
14:24:51.0356 0x1500  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:24:51.0360 0x1500  swenum - ok
14:24:51.0367 0x1500  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:24:51.0390 0x1500  swprv - ok
14:24:51.0391 0x1500  Synth3dVsc - ok
14:24:51.0414 0x1500  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
14:24:51.0444 0x1500  SysMain - ok
14:24:51.0457 0x1500  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:24:51.0465 0x1500  TabletInputService - ok
14:24:51.0468 0x1500  [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:24:51.0472 0x1500  tap0901 - ok
14:24:51.0474 0x1500  [ DABC1C08AD2CD6578A1B49C38366110A, D1D4D5ACF2A4847F6E3F35B10658F01E1BA3901436E00BFF09F4871BBC5AFBEB ] tap0901_openvpn_accl C:\Windows\system32\DRIVERS\tap0901_openvpn_accl.sys
14:24:51.0478 0x1500  tap0901_openvpn_accl - ok
14:24:51.0480 0x1500  [ B7D10C680D4C9D2224525B10E64DE6F1, 036263FEA76478B35099C2EF854B4AB8785EA40C3053FC7B2533ADC907E5A324 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
14:24:51.0483 0x1500  taphss6 - ok
14:24:51.0490 0x1500  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:24:51.0509 0x1500  TapiSrv - ok
14:24:51.0533 0x1500  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:24:51.0563 0x1500  Tcpip - ok
14:24:51.0588 0x1500  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:24:51.0613 0x1500  TCPIP6 - ok
14:24:51.0616 0x1500  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:24:51.0621 0x1500  tcpipreg - ok
14:24:51.0624 0x1500  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:24:51.0628 0x1500  TDPIPE - ok
14:24:51.0630 0x1500  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:24:51.0634 0x1500  TDTCP - ok
14:24:51.0638 0x1500  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:24:51.0643 0x1500  tdx - ok
14:24:51.0746 0x1500  [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:24:51.0832 0x1500  TeamViewer - ok
14:24:51.0838 0x1500  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:24:51.0842 0x1500  TermDD - ok
14:24:51.0853 0x1500  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
14:24:51.0868 0x1500  TermService - ok
14:24:51.0870 0x1500  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:24:51.0877 0x1500  Themes - ok
14:24:51.0880 0x1500  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:24:51.0895 0x1500  THREADORDER - ok
14:24:51.0899 0x1500  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:24:51.0915 0x1500  TrkWks - ok
14:24:51.0920 0x1500  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:24:51.0938 0x1500  TrustedInstaller - ok
14:24:51.0940 0x1500  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:24:51.0945 0x1500  tssecsrv - ok
14:24:51.0948 0x1500  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:24:51.0953 0x1500  TsUsbFlt - ok
14:24:51.0955 0x1500  tsusbhub - ok
14:24:51.0958 0x1500  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:24:51.0973 0x1500  tunnel - ok
14:24:51.0976 0x1500  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:24:51.0980 0x1500  uagp35 - ok
14:24:51.0986 0x1500  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:24:52.0005 0x1500  udfs - ok
14:24:52.0008 0x1500  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:24:52.0014 0x1500  UI0Detect - ok
14:24:52.0016 0x1500  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:24:52.0020 0x1500  uliagpkx - ok
14:24:52.0023 0x1500  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:24:52.0027 0x1500  umbus - ok
14:24:52.0029 0x1500  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:24:52.0033 0x1500  UmPass - ok
14:24:52.0038 0x1500  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:24:52.0046 0x1500  UmRdpService - ok
14:24:52.0048 0x1500  [ 8F387A1CC015A3F5020700C657A0FC85, 6C3585887858F357C353102CAE5915A26B812C35374BF0126CE2AB1EF4A58EF8 ] UnsignedThemes  C:\Windows\UnsignedThemesSvc.exe
14:24:52.0052 0x1500  UnsignedThemes - ok
14:24:52.0059 0x1500  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:24:52.0079 0x1500  upnphost - ok
14:24:52.0082 0x1500  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:24:52.0087 0x1500  USBAAPL64 - ok
14:24:52.0090 0x1500  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:24:52.0096 0x1500  usbaudio - ok
14:24:52.0100 0x1500  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:24:52.0105 0x1500  usbccgp - ok
14:24:52.0109 0x1500  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:24:52.0115 0x1500  usbcir - ok
14:24:52.0117 0x1500  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:24:52.0122 0x1500  usbehci - ok
14:24:52.0128 0x1500  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:24:52.0137 0x1500  usbhub - ok
14:24:52.0140 0x1500  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
14:24:52.0144 0x1500  usbohci - ok
14:24:52.0146 0x1500  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:24:52.0151 0x1500  usbprint - ok
14:24:52.0154 0x1500  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:24:52.0159 0x1500  USBSTOR - ok
14:24:52.0161 0x1500  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:24:52.0166 0x1500  usbuhci - ok
14:24:52.0168 0x1500  [ 297EE9C666FC8BB96A232DB0DDBA1E49, C4A3BC7495034E32BB2E0100DB0D9A64EE70F65B0F629F4F099412D03ABE8178 ] uxpatch         C:\Windows\system32\drivers\uxpatch.sys
14:24:52.0171 0x1500  uxpatch - ok
14:24:52.0174 0x1500  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:24:52.0189 0x1500  UxSms - ok
14:24:52.0191 0x1500  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] VaultSvc        C:\Windows\system32\lsass.exe
14:24:52.0195 0x1500  VaultSvc - ok
14:24:52.0197 0x1500  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:24:52.0201 0x1500  vdrvroot - ok
14:24:52.0209 0x1500  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:24:52.0232 0x1500  vds - ok
14:24:52.0234 0x1500  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:24:52.0240 0x1500  vga - ok
14:24:52.0242 0x1500  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:24:52.0256 0x1500  VgaSave - ok
14:24:52.0258 0x1500  VGPU - ok
14:24:52.0262 0x1500  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:24:52.0269 0x1500  vhdmp - ok
14:24:52.0272 0x1500  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:24:52.0276 0x1500  viaide - ok
14:24:52.0280 0x1500  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:24:52.0287 0x1500  vmbus - ok
14:24:52.0290 0x1500  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:24:52.0293 0x1500  VMBusHID - ok
14:24:52.0296 0x1500  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:24:52.0301 0x1500  volmgr - ok
14:24:52.0307 0x1500  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:24:52.0316 0x1500  volmgrx - ok
14:24:52.0322 0x1500  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:24:52.0330 0x1500  volsnap - ok
14:24:52.0334 0x1500  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:24:52.0341 0x1500  vsmraid - ok
14:24:52.0362 0x1500  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:24:52.0398 0x1500  VSS - ok
14:24:52.0401 0x1500  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:24:52.0407 0x1500  vwifibus - ok
14:24:52.0413 0x1500  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:24:52.0434 0x1500  W32Time - ok
14:24:52.0437 0x1500  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:24:52.0442 0x1500  WacomPen - ok
14:24:52.0444 0x1500  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:24:52.0459 0x1500  WANARP - ok
14:24:52.0462 0x1500  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:24:52.0476 0x1500  Wanarpv6 - ok
14:24:52.0496 0x1500  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:24:52.0523 0x1500  wbengine - ok
14:24:52.0529 0x1500  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:24:52.0539 0x1500  WbioSrvc - ok
14:24:52.0546 0x1500  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:24:52.0559 0x1500  wcncsvc - ok
14:24:52.0561 0x1500  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:24:52.0566 0x1500  WcsPlugInService - ok
14:24:52.0568 0x1500  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:24:52.0572 0x1500  Wd - ok
14:24:52.0585 0x1500  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:24:52.0601 0x1500  Wdf01000 - ok
14:24:52.0605 0x1500  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:24:52.0611 0x1500  WdiServiceHost - ok
14:24:52.0613 0x1500  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:24:52.0618 0x1500  WdiSystemHost - ok
14:24:52.0624 0x1500  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
14:24:52.0632 0x1500  WebClient - ok
14:24:52.0637 0x1500  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:24:52.0657 0x1500  Wecsvc - ok
14:24:52.0683 0x1500  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:24:52.0700 0x1500  wercplsupport - ok
14:24:52.0702 0x1500  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:24:52.0718 0x1500  WerSvc - ok
14:24:52.0720 0x1500  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:24:52.0734 0x1500  WfpLwf - ok
14:24:52.0736 0x1500  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:24:52.0740 0x1500  WIMMount - ok
14:24:52.0741 0x1500  WinDefend - ok
14:24:52.0743 0x1500  WinHttpAutoProxySvc - ok
14:24:52.0750 0x1500  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:24:52.0768 0x1500  Winmgmt - ok
14:24:52.0794 0x1500  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
14:24:52.0828 0x1500  WinRM - ok
14:24:52.0832 0x1500  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:24:52.0838 0x1500  WinUsb - ok
14:24:52.0851 0x1500  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:24:52.0869 0x1500  Wlansvc - ok
14:24:52.0901 0x1500  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:24:52.0937 0x1500  wlidsvc - ok
14:24:52.0940 0x1500  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
14:24:52.0944 0x1500  WmiAcpi - ok
14:24:52.0950 0x1500  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:24:52.0957 0x1500  wmiApSrv - ok
14:24:52.0959 0x1500  WMPNetworkSvc - ok
14:24:52.0960 0x1500  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:24:52.0965 0x1500  WPCSvc - ok
14:24:52.0969 0x1500  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:24:52.0975 0x1500  WPDBusEnum - ok
14:24:52.0977 0x1500  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:24:52.0992 0x1500  ws2ifsl - ok
14:24:52.0995 0x1500  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:24:53.0003 0x1500  wscsvc - ok
14:24:53.0004 0x1500  WSearch - ok
14:24:53.0038 0x1500  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:24:53.0079 0x1500  wuauserv - ok
14:24:53.0083 0x1500  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:24:53.0088 0x1500  WudfPf - ok
14:24:53.0093 0x1500  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:24:53.0100 0x1500  WUDFRd - ok
14:24:53.0103 0x1500  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:24:53.0109 0x1500  wudfsvc - ok
14:24:53.0114 0x1500  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:24:53.0122 0x1500  WwanSvc - ok
14:24:53.0131 0x1500  X6va063 - ok
14:24:53.0133 0x1500  [ F0AE983ABA93D6A0327FC21B9ABED1C3, FB804CF5E8FF083E4223E4845311A1D2BEB2CEE1A0B5F0F1B1CEB0EF4D36B040 ] xb1usb          C:\Windows\system32\DRIVERS\xb1usb.sys
14:24:53.0140 0x1500  xb1usb - ok
14:24:53.0144 0x1500  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
14:24:53.0149 0x1500  xusb21 - ok
14:24:53.0151 0x1500  ================ Scan global ===============================
14:24:53.0153 0x1500  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:24:53.0159 0x1500  [ B96D67F1BF78F1005B9D77EA7889F2B8, CD4A75C306E5B2A0898849DC8700548AE2771F6D3618ACB2E8A1A1DB04224B49 ] C:\Windows\system32\winsrv.dll
14:24:53.0168 0x1500  [ B96D67F1BF78F1005B9D77EA7889F2B8, CD4A75C306E5B2A0898849DC8700548AE2771F6D3618ACB2E8A1A1DB04224B49 ] C:\Windows\system32\winsrv.dll
14:24:53.0172 0x1500  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:24:53.0179 0x1500  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:24:53.0184 0x1500  [ Global ] - ok
14:24:53.0184 0x1500  ================ Scan MBR ==================================
14:24:53.0185 0x1500  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:24:53.0207 0x1500  \Device\Harddisk0\DR0 - ok
14:24:53.0416 0x1500  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:24:53.0746 0x1500  \Device\Harddisk1\DR1 - ok
14:24:53.0747 0x1500  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:24:53.0767 0x1500  \Device\Harddisk2\DR2 - ok
14:24:53.0767 0x1500  ================ Scan VBR ==================================
14:24:53.0769 0x1500  [ 5DE6E03EE42EF9B7E74B70A8FDBDC275 ] \Device\Harddisk0\DR0\Partition1
14:24:53.0770 0x1500  \Device\Harddisk0\DR0\Partition1 - ok
14:24:53.0771 0x1500  [ ACBE52E3AFB2DD21DC25505C7B112E48 ] \Device\Harddisk1\DR1\Partition1
14:24:53.0772 0x1500  \Device\Harddisk1\DR1\Partition1 - ok
14:24:53.0773 0x1500  [ C06F8F8A7BA394DBAB3955BBC56526F7 ] \Device\Harddisk2\DR2\Partition1
14:24:53.0773 0x1500  \Device\Harddisk2\DR2\Partition1 - ok
14:24:53.0774 0x1500  ================ Scan generic autorun ======================
14:24:53.0806 0x1500  [ 7D5E8D5BDF324718BBC91DF02D830317, AA6A8B0536C14A7D11FDFFA5F980E90059F6C3BE99DE57503EC58DEA022C5398 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
14:24:53.0840 0x1500  Adobe Creative Cloud - ok
14:24:53.0858 0x1500  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:24:53.0880 0x1500  Sidebar - ok
14:24:53.0883 0x1500  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:24:53.0891 0x1500  mctadmin - ok
14:24:53.0908 0x1500  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:24:53.0924 0x1500  Sidebar - ok
14:24:53.0927 0x1500  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:24:53.0934 0x1500  mctadmin - ok
14:24:53.0934 0x1500  Waiting for KSN requests completion. In queue: 110
14:24:54.0938 0x1500  Win FW state via NFP2: enabled ( trusted )
14:24:55.0064 0x1500  ============================================================
14:24:55.0064 0x1500  Scan finished
14:24:55.0064 0x1500  ============================================================
14:24:55.0066 0x0474  Detected object count: 0
14:24:55.0066 0x0474  Actual detected object count: 0
__________________
Alt 01.12.2016, 14:46   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


Zitat:
C:\Users\yakashi\Desktop\WH KEYBINDER\Wheelman Keybinder\keybinder ballas elitemgr.exe
Das soll was bitte genau sein?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.12.2016, 16:24   #20
yakashi97
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


Zitat:
Zitat von cosinus Beitrag anzeigen
Das soll was bitte genau sein?
So wie es ausschaut eine Datei von einem Keybinder (Autohotkey), habe diese Datei aber nie geöffnet von daher konnte ich mir es schon denken, dass es etwas damit zutun hatte weil das Icon vom Programm schon so komisch ausgesehen hat.


Alt 02.12.2016, 09:20   #21
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
--> Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED

Alt 02.12.2016, 11:56   #22
yakashi97
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


ADWCleaner:
Code:
ATTFilter
# AdwCleaner v6.030 - Bericht erstellt am 02/12/2016 um 11:50:47
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-12-01.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (X64)
# Benutzername : yakashi - YAKASHI-PC
# Gestartet von : C:\Users\yakashi\Desktop\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\yakashi\AppData\Roaming\Microleaves
[-] Ordner gelöscht: C:\Program Files (x86)\Microleaves


***** [ Dateien ] *****

[-] Datei gelöscht: C:\END


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microleaves
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microleaves
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1638 Bytes] - [02/12/2016 11:50:47]
C:\AdwCleaner\AdwCleaner[S0].txt - [1847 Bytes] - [02/12/2016 11:49:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1784 Bytes] ##########
JRTLOG:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Ultimate x64 
Ran by yakashi (Administrator) on 02.12.2016 at 11:54:32,22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 40 

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\ProgramData\reviversoft (Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Roaming\iobit\driver booster (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (yakashi) (Task)
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EA063RW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2DA5YYYY (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5S5CPCMS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\920R25I2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BXQRQ7XU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EU3L250N (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G2BSLH7Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDCSTL0U (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPAHE30L (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P1BZV57I (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PUHCHZCE (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\yakashi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WY3ENBJX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EA063RW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2DA5YYYY (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5S5CPCMS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\920R25I2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BXQRQ7XU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EU3L250N (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G2BSLH7Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDCSTL0U (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPAHE30L (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P1BZV57I (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PUHCHZCE (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WY3ENBJX (Temporary Internet Files Folder) 



Registry: 1 

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\StartMenuReviverService (Registry Key) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.12.2016 at 11:55:12,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Alt 02.12.2016, 11:58   #23
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 02.12.2016, 12:03   #24
yakashi97
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


FRST LOG:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2016
durchgeführt von yakashi (Administrator) auf YAKASHI-PC (02-12-2016 12:03:00)
Gestartet von C:\Users\yakashi\Desktop
Geladene Profile: yakashi (Verfügbare Profile: yakashi)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\yakashi\Desktop\rgnlauncher1.2.1.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,C:\Program Files (x86)\aivadflp\ilnmnfug.exe, [X]
HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\MountPoints2: {5e3da5ff-827d-11e6-ac6c-4ccc6a61d306} - G:\setup.exe
HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\Winlogon: [Shell] c:\windows\explorer.exe [2872320 2010-11-20] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-18\...\Run: [] => 0
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-09-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\yakashi\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\yakashi\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\yakashi\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
Startup: C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ilnmnfug.exe [2016-12-02] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{3A231831-A6A7-4122-82AA-B18E85CAF178}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6067DDCE-2A82-487F-8C19-7E8CFF1A228C}: [DhcpNameServer] 192.168.2.1
ManualProxies: 

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-09-18] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-09-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-09-18] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-09-18] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-09-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-09-18] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-09-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-09-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.google.de/
CHR StartupUrls: ChromeDefaultData -> "hxxps://www.google.de/"
CHR Profile: C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-02] <==== ACHTUNG
CHR Extension: (ProxFlow) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aakchaleigkohafkfjfjbblobjifikek [2016-10-15]
CHR Extension: (Google Präsentationen) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-18]
CHR Extension: (Google Docs) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-18]
CHR Extension: (Google Drive) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-18]
CHR Extension: (YouTube) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-18]
CHR Extension: (Adblock Plus) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Google Tabellen) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-18]
CHR Extension: (Google Docs Offline) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-18]
CHR Extension: (Google Mail) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-18]
CHR Extension: (Chrome Media Router) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1456136 2016-10-11] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [229648 2016-10-30] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2710648 2016-08-24] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [103168 2016-08-24] ()
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-24] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-11-22] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-11-22] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1316080 2016-11-23] (Overwolf LTD)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer Inc)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AFTrafMgr1.1; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_1_64.sys [54712 2016-08-23] (AnchorFree Inc.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2016-09-18] (Advanced Micro Devices Inc.)
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [83792 2016-09-18] (Asmedia Technology)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-09-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-09-25] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-09-18] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [32224 2016-11-22] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-28] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-09-23] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2016-11-20] (The OpenVPN Project)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-08-23] (Anchorfree Inc.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [42760 2016-02-21] (Microsoft Corporation)
U0 aswVmm; kein ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va063; \??\C:\Windows\SysWOW64\Drivers\X6va063 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-02 12:01 - 2016-12-02 12:03 - 00017429 _____ C:\Users\yakashi\Desktop\FRST.txt
2016-12-02 12:01 - 2016-12-02 12:01 - 00063852 _____ C:\Users\yakashi\Desktop\Addition.txt
2016-12-02 11:55 - 2016-12-02 11:55 - 00006531 _____ C:\Users\yakashi\Desktop\JRT.txt
2016-12-02 11:54 - 2016-12-02 11:54 - 01631928 _____ (Malwarebytes) C:\Users\yakashi\Downloads\JRT.exe
2016-12-02 11:54 - 2016-12-02 11:54 - 01631928 _____ (Malwarebytes) C:\Users\yakashi\Desktop\JRT.exe
2016-12-02 11:48 - 2016-12-02 11:50 - 00000000 ____D C:\AdwCleaner
2016-12-02 11:48 - 2016-12-02 11:48 - 03910208 _____ C:\Users\yakashi\Downloads\AdwCleaner_6.030.exe
2016-12-02 11:48 - 2016-12-02 11:48 - 03910208 _____ C:\Users\yakashi\Desktop\AdwCleaner_6.030.exe
2016-12-01 21:13 - 2016-12-01 21:13 - 00000000 ____D C:\Users\yakashi\Desktop\Nvidia Inspector
2016-12-01 21:12 - 2016-12-01 21:12 - 00288725 _____ C:\Users\yakashi\Downloads\nvidiaInspector_1.9.7.7.zip
2016-12-01 20:48 - 2016-12-01 21:04 - 00000000 ____D C:\Configuration
2016-12-01 20:41 - 2016-12-01 20:41 - 01636796 _____ C:\Users\yakashi\Downloads\headzfetz-Loader-2.3.rar
2016-12-01 18:37 - 2016-12-01 18:37 - 00417408 _____ C:\Users\yakashi\Downloads\laufscript.zip
2016-12-01 18:37 - 2016-12-01 18:37 - 00000000 ____D C:\Users\yakashi\Desktop\lf
2016-12-01 18:36 - 2016-12-01 18:36 - 00032600 _____ C:\Users\yakashi\Downloads\asiloader (1).zip
2016-12-01 18:36 - 2016-12-01 18:36 - 00000000 ____D C:\Users\yakashi\Desktop\backup
2016-12-01 18:35 - 2016-11-18 01:04 - 04280280 _____ C:\Users\yakashi\Desktop\rgnlauncher1.2.1.exe
2016-12-01 18:32 - 2016-12-01 18:32 - 04731330 _____ C:\Users\yakashi\Downloads\Timecyc_by_Dezor.rar
2016-12-01 14:24 - 2016-12-01 14:27 - 00210698 _____ C:\TDSSKiller.3.1.0.12_01.12.2016_14.24.02_log.txt
2016-12-01 13:49 - 2016-12-01 17:40 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-12-01 13:49 - 2016-12-01 14:17 - 00000000 ____D C:\Users\yakashi\Desktop\mbar
2016-12-01 13:48 - 2016-12-01 13:48 - 16563352 _____ (Malwarebytes Corp.) C:\Users\yakashi\Downloads\mbar-1.09.3.1001.exe
2016-11-30 16:56 - 2016-12-02 12:03 - 00000000 ____D C:\FRST
2016-11-30 16:56 - 2016-12-01 12:59 - 02411520 _____ (Farbar) C:\Users\yakashi\Desktop\FRST64.exe
2016-11-30 15:55 - 2016-11-30 15:55 - 00041537 _____ C:\Users\yakashi\Desktop\Blaffert 10_2016.pdf
2016-11-30 15:55 - 2016-11-30 15:55 - 00039744 _____ C:\Users\yakashi\Desktop\Blaffert 11_2016.pdf
2016-11-30 15:46 - 2016-11-30 15:46 - 00039744 _____ C:\Users\yakashi\Downloads\Blaffert 11_2016.pdf
2016-11-30 15:45 - 2016-11-30 15:45 - 00041537 _____ C:\Users\yakashi\Downloads\Blaffert 10_2016.pdf
2016-11-30 15:44 - 2016-11-30 15:44 - 00001325 _____ C:\Users\yakashi\Desktop\scan.txt
2016-11-30 15:03 - 2016-11-30 15:03 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-30 15:03 - 2016-11-24 20:22 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-11-30 15:03 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-11-30 15:03 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-11-30 15:03 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-11-30 15:03 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-11-30 15:02 - 2016-11-24 21:54 - 40123840 _____ C:\Windows\system32\nvcompiler.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 35224632 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 34701760 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 28139576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 17440928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 17373312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 14057528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-11-30 15:02 - 2016-11-24 21:54 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 10346208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 09151216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 08913512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 08754344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 03643840 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 03206592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437609.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437609.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 01036736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00945208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00895424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00439864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00407248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00170872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00148200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-11-28 14:20 - 2016-11-28 14:20 - 01222159 _____ C:\Users\yakashi\Downloads\OptiFine_1.7.10_HD_U_D6.jar
2016-11-28 13:48 - 2016-12-02 11:59 - 00000000 ____D C:\Users\yakashi\Desktop\GTA - San Andreas
2016-11-27 18:23 - 2016-11-27 18:23 - 00000000 ____D C:\Users\yakashi\Desktop\Neuer Ordner
2016-11-27 13:16 - 2016-11-27 13:16 - 00000986 _____ C:\Users\Public\Desktop\SciTE4AutoHotkey.lnk
2016-11-27 13:16 - 2016-11-27 13:16 - 00000000 ____D C:\Users\yakashi\Documents\AutoHotkey
2016-11-27 13:16 - 2016-11-27 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SciTE4AutoHotkey
2016-11-27 13:15 - 2016-11-27 13:15 - 01924681 _____ (fincs) C:\Users\yakashi\Downloads\SciTE4AHK300601_Install.exe
2016-11-27 01:29 - 2016-11-27 01:29 - 00010881 _____ C:\Users\yakashi\Desktop\julian adventskalender.pwn
2016-11-27 00:47 - 2016-11-27 00:47 - 00007564 _____ C:\Users\yakashi\Desktop\present.pwn
2016-11-27 00:42 - 2016-11-27 00:42 - 00001139 _____ C:\Users\yakashi\Desktop\autohaus gtarl.pwn
2016-11-27 00:26 - 2016-11-27 00:26 - 00657365 _____ C:\Users\yakashi\Desktop\maps.pwn
2016-11-27 00:10 - 2016-11-27 00:10 - 00837119 _____ C:\Users\yakashi\Downloads\editor.rar
2016-11-26 23:41 - 2016-11-26 23:41 - 16270006 _____ C:\Users\yakashi\Downloads\sa-mp-0.3.7-install.exe
2016-11-26 23:41 - 2016-11-26 23:41 - 02094241 _____ C:\Users\yakashi\Downloads\samp037_svr_R2-1-1_win32.zip
2016-11-26 21:43 - 2016-11-26 21:43 - 02509914 _____ C:\Users\yakashi\Downloads\Message bling sound.rar
2016-11-26 21:23 - 2016-11-26 21:36 - 3979544377 _____ C:\Users\yakashi\Downloads\CrossFire_ARxGaming.zip
2016-11-26 21:18 - 2016-11-26 21:18 - 01847449 _____ C:\Users\yakashi\Downloads\HGWC.rar
2016-11-26 21:12 - 2016-11-28 20:32 - 00000643 _____ C:\Users\yakashi\Desktop\CrossFire ArxGaming.lnk
2016-11-26 13:15 - 2016-10-18 18:21 - 00786815 _____ C:\Users\yakashi\Desktop\Laufscript.exe
2016-11-26 00:08 - 2016-11-27 18:16 - 00000000 ____D C:\Users\yakashi\Desktop\gtarl
2016-11-26 00:07 - 2016-11-26 00:07 - 00001068 _____ C:\Users\yakashi\Desktop\GTA SA.lnk
2016-11-26 00:07 - 2016-11-26 00:07 - 00000000 ____D C:\Users\yakashi\Desktop\WH KEYBINDER
2016-11-25 12:17 - 2016-11-25 12:17 - 02285109 _____ C:\Users\yakashi\Downloads\PRIVATKI DOZZER.rar
2016-11-25 00:23 - 2016-11-25 00:23 - 08108436 _____ C:\Users\yakashi\Downloads\2012 BMW M3 E92 Hamann.zip
2016-11-25 00:22 - 2016-11-25 00:22 - 15637566 _____ C:\Users\yakashi\Downloads\Транспорт - BMW_e30_UDC[SAMODS.RU].rar
2016-11-25 00:15 - 2016-11-25 00:15 - 15640912 _____ C:\Users\yakashi\Downloads\1476393124_E36 SEDAN.zip
2016-11-24 20:18 - 2016-11-24 20:19 - 41599579 _____ C:\Users\yakashi\Documents\Ohne Titel.mp4
2016-11-24 17:39 - 2016-11-24 17:39 - 43086377 _____ C:\Users\yakashi\Downloads\client_21031.zip
2016-11-24 13:35 - 2016-11-24 13:35 - 00000970 _____ C:\Users\yakashi\Downloads\listen.asx
2016-11-24 13:35 - 2016-11-24 13:35 - 00000970 _____ C:\Users\yakashi\Downloads\listen (1).asx
2016-11-24 02:59 - 2016-11-24 02:59 - 05763621 _____ C:\Users\yakashi\Downloads\Sounds (1).rar
2016-11-24 02:59 - 2016-11-24 02:59 - 01091085 _____ C:\Users\yakashi\Downloads\sounds.rar
2016-11-24 02:56 - 2016-11-24 02:56 - 10611225 _____ C:\Users\yakashi\Downloads\71344-bmw-m4-coupe.zip
2016-11-24 02:51 - 2016-11-24 02:51 - 09816325 _____ C:\Users\yakashi\Downloads\71429-bmw-m4-2014-liberty-walk.zip
2016-11-24 01:15 - 2016-11-24 01:15 - 00397091 _____ C:\Users\yakashi\Downloads\Smooth Camera.zip
2016-11-24 01:13 - 2016-11-24 01:13 - 01204711 _____ C:\Windows\unins000.exe
2016-11-24 01:13 - 2016-11-24 01:13 - 00894870 _____ (Seemann, Deji, Alien ) C:\Users\yakashi\Downloads\CLEO4_setup.exe
2016-11-23 20:53 - 2016-11-25 15:23 - 00007515 _____ C:\Users\yakashi\Downloads\WhatsApp Image 2016-11-20 at 17.21.51.jpeg
2016-11-23 18:47 - 2016-11-17 14:45 - 00101824 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-11-23 18:47 - 2016-11-17 14:45 - 00091584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-11-23 18:47 - 2016-11-17 14:45 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-11-23 16:39 - 2016-11-23 16:39 - 00008945 _____ C:\Users\yakashi\Downloads\WhatsApp Ptt 2016-11-23 at 16.39.03.ogg; codecs=opus
2016-11-23 16:39 - 2016-11-23 16:39 - 00008572 _____ C:\Users\yakashi\Downloads\WhatsApp Ptt 2016-11-23 at 16.38.58.ogg; codecs=opus
2016-11-22 21:07 - 2016-11-22 21:07 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-11-22 21:07 - 2016-11-22 21:07 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-11-22 21:07 - 2016-11-22 21:07 - 00000000 ____D C:\Windows\system32\DAX2
2016-11-22 21:07 - 2016-11-22 21:07 - 00000000 ____D C:\Program Files\Realtek
2016-11-22 21:01 - 2016-11-22 21:01 - 00795640 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-11-22 21:01 - 2016-11-22 21:01 - 00032224 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2016-11-22 21:00 - 2016-11-22 21:00 - 72520720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-11-22 21:00 - 2016-11-22 21:00 - 23505720 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 23414272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRender64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 17378000 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 15202040 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 14057256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 13122584 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 12988352 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 10534696 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 07172912 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 07096184 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 07020920 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-11-22 21:00 - 2016-11-22 21:00 - 06374320 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-11-22 21:00 - 2016-11-22 21:00 - 05793528 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 05593624 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 05341352 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 05310472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-11-22 21:00 - 2016-11-22 21:00 - 03299832 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 03291320 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 03203592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 03133856 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-11-22 21:00 - 2016-11-22 21:00 - 02825104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02775360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02706872 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02439048 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02203752 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02190992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02110592 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02073088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01920820 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2016-11-22 21:00 - 2016-11-22 21:00 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01618032 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01591056 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01529136 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64Proxy.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01508928 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01435144 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01422928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01382240 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01360520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01337648 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01334384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01213664 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01186840 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01166168 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01115136 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01041744 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01003864 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01001800 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00999856 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00962136 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00931624 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00923752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00873472 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00864344 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00858208 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00854040 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00823816 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2016-11-22 21:00 - 2016-11-22 21:00 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00725944 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00677680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00618192 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00601152 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00571384 _____ (Intel Corporation) C:\Windows\system32\tbb_waves.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00514528 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00500560 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00498640 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00472312 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00447184 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00445400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00438696 _____ (Conexant Systems, Inc.) C:\Windows\system32\CAF64APO2.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00428232 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00416512 _____ (Harman) C:\Windows\system32\HMUI.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00372736 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00366128 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00360352 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00341160 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00272712 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00258864 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00253896 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00203848 _____ (Harman) C:\Windows\system32\HMHVS.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00190936 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00190936 _____ (Harman) C:\Windows\system32\HMEQ.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00179600 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00158704 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00154368 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00118592 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00112496 _____ (Conexant Systems, Inc.) C:\Windows\system32\Caf64api.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00105312 _____ C:\Windows\system32\audioLibVc.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00075544 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00005604 _____ C:\Windows\system32\cxapo.lncs
2016-11-22 21:00 - 2016-11-22 21:00 - 00000736 _____ C:\Windows\system32\cxapo.prop
2016-11-22 19:18 - 2016-11-22 19:18 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign977265cf2a883c90
2016-11-22 19:18 - 2016-11-22 19:18 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign8d8e6ecb2758a646
2016-11-21 17:01 - 2016-11-21 17:01 - 03336882 _____ C:\Users\yakashi\Downloads\asd.rar
2016-11-21 16:54 - 2016-11-21 16:54 - 00942390 _____ C:\Users\yakashi\Downloads\Keybinder.rar
2016-11-21 01:24 - 2016-11-21 01:24 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\MSIConfig
2016-11-20 23:10 - 2016-11-20 23:10 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\NVIDIA
2016-11-20 23:08 - 2016-11-24 21:54 - 19948848 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-11-20 23:08 - 2016-11-24 21:54 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-11-20 23:08 - 2016-11-24 21:54 - 00041344 _____ C:\Windows\system32\nvinfo.pb
2016-11-20 23:08 - 2016-11-24 20:39 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-11-20 23:08 - 2016-11-24 20:39 - 02477624 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-11-20 23:08 - 2016-11-24 20:39 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-11-20 23:08 - 2016-11-24 20:39 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-11-20 23:08 - 2016-11-24 20:39 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-11-20 23:08 - 2016-11-24 20:39 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-11-20 23:08 - 2016-11-23 13:58 - 07538847 _____ C:\Windows\system32\nvcoproc.bin
2016-11-20 23:08 - 2016-11-17 03:04 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437595.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 01595456 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437595.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 00212936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-11-20 23:08 - 2016-11-17 03:04 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-11-20 23:08 - 2016-11-17 03:04 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-11-20 22:55 - 2016-12-02 11:54 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-20 22:55 - 2016-11-30 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-20 22:55 - 2016-11-30 15:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-20 22:55 - 2016-11-23 18:47 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-20 22:55 - 2016-11-23 18:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-20 22:55 - 2016-11-20 22:56 - 00000000 ____D C:\Users\yakashi\AppData\Local\NVIDIA
2016-11-20 22:55 - 2016-11-17 14:45 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-11-20 22:54 - 2016-11-20 22:55 - 73981120 _____ (NVIDIA Corporation) C:\Users\yakashi\Downloads\GeForce_Experience_v3.1.0.52.exe
2016-11-20 12:53 - 2016-11-24 21:54 - 03941720 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-11-20 12:53 - 2016-11-24 21:54 - 03479744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-11-20 12:53 - 2016-11-24 20:39 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-11-20 12:53 - 2016-11-24 20:39 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-11-20 12:22 - 2016-11-17 14:45 - 01854400 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-11-20 12:22 - 2016-11-17 14:45 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-11-20 12:15 - 2016-11-20 12:16 - 00095650 _____ C:\Windows\ntbtlog.txt
2016-11-20 10:56 - 2016-11-20 10:56 - 00037912 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901_openvpn_accl.sys
2016-11-20 10:55 - 2016-11-20 10:56 - 00000000 ____D C:\ProgramData\FlyVPN
2016-11-20 10:55 - 2016-11-20 10:55 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyVPN
2016-11-20 10:54 - 2016-11-20 10:55 - 02133568 _____ (FlyVPN) C:\Users\yakashi\Downloads\FlyVPNInstaller_3.6.2.2.exe
2016-11-20 03:29 - 2016-11-20 03:29 - 01055510 _____ C:\Users\yakashi\Downloads\maurice.rar
2016-11-20 02:35 - 2016-11-20 02:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 3
2016-11-20 02:35 - 2016-11-20 02:35 - 00000000 ____D C:\Program Files\MSI Kombustor 3
2016-11-20 02:34 - 2016-11-20 02:34 - 19819074 _____ (MSI Co., LTD ) C:\Users\yakashi\Downloads\MSI_Kombustor_Setup_3.5.2.1_x64.exe
2016-11-20 02:24 - 2016-11-20 02:24 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\JAM Software
2016-11-20 02:18 - 2016-11-20 02:18 - 09928496 _____ (JAM Software ) C:\Users\yakashi\Downloads\HeavyLoad-x64-Setup.exe
2016-11-20 02:18 - 2016-11-20 02:18 - 00000000 ____D C:\Program Files\JAM Software
2016-11-20 02:17 - 2016-11-20 02:17 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-11-20 02:17 - 2016-11-20 02:17 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-11-20 02:17 - 2016-11-20 02:17 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-11-20 02:17 - 2016-11-20 02:17 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-11-20 02:17 - 2016-11-20 02:17 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-11-20 02:11 - 2016-11-20 02:11 - 1127223062 _____ C:\Windows\MEMORY.DMP
2016-11-20 02:11 - 2016-11-20 02:11 - 00872216 _____ C:\Windows\Minidump\112016-12604-01.dmp
2016-11-20 02:11 - 2016-11-20 02:11 - 00000000 ____D C:\Windows\Minidump
2016-11-20 02:04 - 2016-11-24 19:55 - 00000000 ____D C:\Users\yakashi\AppData\Local\NVIDIA Corporation
2016-11-20 01:57 - 2016-11-20 22:53 - 00000000 ____D C:\Users\yakashi\Downloads\settings
2016-11-20 01:57 - 2016-11-20 22:53 - 00000000 ____D C:\Users\yakashi\Downloads\DDU Logs
2016-11-20 01:57 - 2016-11-20 01:57 - 01129418 _____ (Igor Pavlov) C:\Users\yakashi\Downloads\DDU_v17.0.3.0.exe
2016-11-20 01:57 - 2016-11-20 01:57 - 00000000 ____D C:\Users\yakashi\Downloads\x64
2016-11-20 01:57 - 2016-10-25 19:21 - 01434112 _____ C:\Users\yakashi\Downloads\Display Driver Uninstaller.exe
2016-11-20 01:57 - 2016-10-25 19:21 - 00546304 _____ C:\Users\yakashi\Downloads\Display Driver Uninstaller.pdb
2016-11-20 01:57 - 2015-09-06 12:26 - 00000224 _____ C:\Users\yakashi\Downloads\Display Driver Uninstaller.exe.config
2016-11-20 01:35 - 2016-11-20 01:35 - 00032600 _____ C:\Users\yakashi\Downloads\asiloader.zip
2016-11-20 01:12 - 2016-11-20 01:12 - 00000000 ____D C:\NVIDIA
2016-11-20 00:06 - 2016-11-20 00:06 - 00001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-11-19 20:08 - 2016-11-19 20:08 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\npm
2016-11-19 20:08 - 2016-11-19 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2016-11-19 20:08 - 2016-11-19 20:08 - 00000000 ____D C:\Program Files\nodejs
2016-11-19 15:53 - 2016-11-24 22:38 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\RealLifeRPG
2016-11-19 15:53 - 2016-11-19 15:53 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RealLifeRPG
2016-11-19 15:53 - 2016-11-19 15:53 - 00000000 ____D C:\Users\yakashi\AppData\Local\SquirrelTemp
2016-11-19 15:53 - 2016-11-19 15:53 - 00000000 ____D C:\Users\yakashi\AppData\Local\RealLifeRPG
2016-11-18 12:41 - 2016-11-18 12:41 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsigne5ad980403d43f8f
2016-11-18 01:00 - 2016-11-18 01:00 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsigne85634600fc93685
2016-11-17 20:01 - 2016-11-17 20:01 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsigne474e41904f67f97
2016-11-17 19:12 - 2016-11-17 19:12 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsigna001b5586abb9615
2016-11-17 16:07 - 2016-11-17 16:07 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign7374dce4b52fb315
2016-11-17 13:11 - 2016-11-17 13:11 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign77994062462cd779
2016-11-16 20:08 - 2016-11-16 20:08 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign599d10b1f225e4da
2016-11-16 18:28 - 2016-11-16 18:28 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign90d856c5e2989c09
2016-11-15 11:43 - 2016-11-15 11:43 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign6654733c6298a1d5
2016-11-15 11:31 - 2016-11-15 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-11-15 11:31 - 2016-11-15 11:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-11-13 18:30 - 2016-11-13 18:30 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsignbb0e65e07ea8f574
2016-11-13 18:22 - 2016-11-13 18:22 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsignf881167ce1563999
2016-11-13 18:22 - 2016-11-13 18:22 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign096e30b9346fd6ca
2016-11-11 22:33 - 2016-11-11 22:33 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Steganos Updates
2016-11-08 18:53 - 2016-11-08 18:53 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsignfb9607c0028ace4a
2016-11-08 18:50 - 2016-11-08 18:50 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsignde802797b7a02827
2016-11-07 23:35 - 2016-11-07 23:35 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign30bdcf888e87adf0
2016-11-06 23:53 - 2016-11-06 23:53 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsignc944d2db450e0a4a
2016-11-06 23:53 - 2016-11-06 23:53 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign10d2cbe3e78c6675
2016-11-06 13:56 - 2016-11-06 13:56 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2016-11-06 03:25 - 2016-11-08 01:51 - 00000000 ____D C:\Users\yakashi\Documents\American Truck Simulator
2016-11-06 03:25 - 2016-11-06 10:59 - 00000000 ____D C:\Users\yakashi\Documents\ATSMP
2016-11-05 17:57 - 2016-11-05 17:57 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign5f74d0cbf2283865
2016-11-05 17:57 - 2016-11-05 17:57 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign095d95b18fe0a50d
2016-11-05 13:07 - 2016-11-05 13:07 - 00000000 ____D C:\Users\yakashi\AppData\Local\TS3index.com_GbR
2016-11-05 12:57 - 2016-11-05 12:59 - 00000000 ____D C:\SinusBot
2016-11-05 12:56 - 2016-11-05 12:56 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-11-04 13:28 - 2016-12-02 11:59 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-11-04 13:28 - 2016-11-25 21:21 - 00000000 _____ C:\Windows\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt
2016-11-04 13:28 - 2016-11-04 13:28 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign6e125d926d59050a
2016-11-04 13:28 - 2016-11-04 13:28 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign6aae28833155f8df
2016-11-04 13:28 - 2016-11-04 13:28 - 00000000 ____D C:\ProgramData\RzSurroundVAD_1.1.62.0
2016-11-04 13:28 - 2016-09-17 02:12 - 00044144 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-11-04 13:28 - 2016-09-07 22:27 - 00137840 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2016-11-04 13:27 - 2016-11-04 13:28 - 00000000 ____D C:\Program Files (x86)\Razer
2016-11-04 13:27 - 2016-11-04 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-11-04 13:26 - 2016-11-04 13:36 - 00000000 ____D C:\ProgramData\Razer
2016-11-04 13:26 - 2016-11-04 13:26 - 00000000 ____D C:\Users\yakashi\AppData\Local\Razer

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-02 11:58 - 2009-07-14 18:58 - 00700614 _____ C:\Windows\system32\perfh007.dat
2016-12-02 11:58 - 2009-07-14 18:58 - 00149962 _____ C:\Windows\system32\perfc007.dat
2016-12-02 11:58 - 2009-07-14 06:13 - 01624324 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-02 11:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-02 11:54 - 2016-09-24 13:52 - 00000000 ____D C:\Users\yakashi\AppData\Local\CrashDumps
2016-12-02 11:54 - 2016-09-18 19:37 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\IObit
2016-12-02 11:54 - 2016-09-18 19:37 - 00000000 ____D C:\ProgramData\IObit
2016-12-02 11:54 - 2016-09-18 19:37 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-02 11:52 - 2016-09-29 17:52 - 00000000 ____D C:\Users\yakashi\AppData\Local\LogMeIn Hamachi
2016-12-02 11:52 - 2016-09-20 12:49 - 00000000 ___RD C:\Users\yakashi\Creative Cloud Files
2016-12-02 11:52 - 2016-09-20 12:49 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-12-02 11:52 - 2016-09-20 12:45 - 00000000 ____D C:\Users\yakashi\AppData\Local\Adobe
2016-12-02 11:51 - 2016-09-18 19:36 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-02 11:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-02 11:50 - 2009-07-14 05:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-02 11:50 - 2009-07-14 05:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-02 11:49 - 2016-10-06 16:12 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-12-02 11:41 - 2016-09-18 19:36 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-02 00:09 - 2016-09-18 20:11 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\TS3Client
2016-12-01 20:43 - 2016-09-30 17:16 - 00000000 ____D C:\Temp
2016-12-01 16:27 - 2016-10-18 22:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-01 13:49 - 2016-10-18 22:27 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-01 13:07 - 2016-10-15 12:34 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-01 12:56 - 2016-10-10 11:27 - 00000000 ____D C:\ProgramData\VEGAS
2016-12-01 12:55 - 2016-09-19 07:51 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Adobe
2016-12-01 12:54 - 2016-09-20 12:47 - 00000000 ____D C:\ProgramData\Adobe
2016-11-30 16:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Resources
2016-11-29 16:07 - 2016-09-25 00:59 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Origin
2016-11-29 14:14 - 2016-10-10 21:01 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\trainer
2016-11-29 14:09 - 2016-09-25 00:57 - 00000000 ____D C:\ProgramData\Origin
2016-11-28 23:09 - 2016-10-01 16:51 - 00000000 ____D C:\Windows\pss
2016-11-28 14:23 - 2016-10-06 23:18 - 00000000 ____D C:\Users\yakashi\AppData\Local\ftblauncher
2016-11-28 14:12 - 2016-10-06 23:18 - 00000000 ____D C:\ftb
2016-11-27 18:39 - 2016-09-18 20:07 - 00000000 ____D C:\Users\yakashi\Documents\GTA San Andreas User Files
2016-11-27 13:16 - 2016-09-18 19:47 - 00000000 ____D C:\Program Files\AutoHotkey
2016-11-25 14:11 - 2016-09-18 20:07 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-11-25 12:55 - 2016-10-28 12:53 - 00000000 ____D C:\Users\yakashi\Documents\HP-Overlay
2016-11-25 00:12 - 2016-10-11 17:09 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\DVDVideoSoft
2016-11-24 22:38 - 2016-09-25 12:54 - 00000000 ____D C:\Users\yakashi\AppData\Local\Arma 3
2016-11-24 17:41 - 2016-10-30 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP
2016-11-24 13:26 - 2016-09-25 12:53 - 00000000 ____D C:\Users\yakashi\AppData\Local\Arma 3 Launcher
2016-11-24 13:25 - 2016-09-27 13:30 - 00000000 ____D C:\Users\yakashi\Documents\Arma 3 - Other Profiles
2016-11-24 01:13 - 2016-09-19 15:24 - 00014940 _____ C:\Windows\unins000.dat
2016-11-23 18:47 - 2016-09-23 22:12 - 00003602 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 18:47 - 2016-09-18 20:30 - 00003840 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 18:47 - 2016-09-18 20:30 - 00003840 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 18:47 - 2016-09-18 20:30 - 00003790 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 18:47 - 2016-09-18 20:30 - 00003778 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 18:47 - 2016-09-18 20:30 - 00003542 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 17:29 - 2016-09-20 14:17 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Skype
2016-11-23 11:51 - 2016-09-20 14:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-23 11:51 - 2016-09-20 14:17 - 00000000 ____D C:\ProgramData\Skype
2016-11-22 21:09 - 2016-09-25 00:58 - 00000000 ____D C:\Program Files (x86)\Origin
2016-11-20 23:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2016-11-20 00:58 - 2016-09-18 19:35 - 00073256 _____ C:\Users\yakashi\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-20 00:57 - 2009-07-14 05:45 - 00345744 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-20 00:06 - 2016-09-25 14:08 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-19 22:46 - 2016-09-27 13:01 - 00000000 ____D C:\Users\yakashi\AppData\Local\Battle.net
2016-11-19 00:56 - 2016-09-18 20:06 - 00000000 ____D C:\Users\yakashi\AppData\Local\Overwolf
2016-11-18 13:05 - 2016-10-21 15:13 - 00001456 _____ C:\Users\yakashi\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-11-17 20:05 - 2016-10-06 14:21 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Sony
2016-11-17 18:35 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-15 13:30 - 2016-09-30 11:33 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-11-15 13:30 - 2016-09-30 11:33 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-11-15 11:42 - 2016-09-18 19:36 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-12 22:55 - 2016-09-23 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2016-11-12 22:55 - 2016-09-23 22:12 - 00000000 ____D C:\Program Files (x86)\OkayFreedom
2016-11-11 22:40 - 2016-10-15 01:18 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-11 13:47 - 2016-09-30 11:32 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-11-06 22:04 - 2016-09-19 12:46 - 00000000 ____D C:\Program Files\Rockstar Games
2016-11-06 22:04 - 2016-09-19 12:46 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-11-06 03:14 - 2016-09-22 16:07 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-11-06 02:01 - 2016-10-15 01:18 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-05 19:13 - 2016-10-30 17:45 - 00000000 ____D C:\Users\yakashi\Documents\Euro Truck Simulator 2
2016-11-05 18:01 - 2016-09-25 14:08 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\TeamViewer
2016-11-05 12:56 - 2016-09-18 20:10 - 00000952 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-11-03 20:47 - 2016-10-20 00:05 - 00000000 ____D C:\Program Files (x86)\aivadflp
2016-11-03 14:04 - 2016-09-28 14:39 - 00000000 ____D C:\Program Files (x86)\UX Pack
2016-11-03 14:04 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2016-11-03 14:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Cursors
2016-11-03 13:00 - 2016-10-28 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2016-11-03 13:00 - 2016-10-28 23:56 - 00000000 ____D C:\Program Files (x86)\NCWest

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-24 00:10 - 2016-11-01 18:11 - 0000033 _____ () C:\Users\yakashi\AppData\Roaming\AdobeWLCMCache.dat
2016-06-17 07:53 - 2016-06-17 07:53 - 0000244 _____ () C:\Users\yakashi\AppData\Roaming\fnp_registrations.xml
2016-06-17 07:53 - 2016-06-17 07:53 - 0003279 _____ () C:\Users\yakashi\AppData\Roaming\GBpc-EUC-V
2007-05-11 08:00 - 2007-05-11 08:00 - 0059417 _____ () C:\Users\yakashi\AppData\Roaming\Gendarmerie.wee
2016-10-21 15:13 - 2016-11-18 13:05 - 0001456 _____ () C:\Users\yakashi\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-11-22 21:07 - 2016-11-22 21:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\yakashi\AppData\Local\Temp\libeay32.dll
C:\Users\yakashi\AppData\Local\Temp\msvcr120.dll
C:\Users\yakashi\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\yakashi\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\yakashi\AppData\Local\Temp\nvStInst.exe
C:\Users\yakashi\AppData\Local\Temp\SNU_Au1.exe
C:\Users\yakashi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-24 00:01

==================== Ende von FRST.txt ============================

Alt 02.12.2016, 12:04   #25
yakashi97
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


ADDITIONLOG:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-11-2016
durchgeführt von yakashi (02-12-2016 12:03:09)
Gestartet von C:\Users\yakashi\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-09-18 18:00:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2572264492-182372228-3150790763-500 - Administrator - Disabled)
Gast (S-1-5-21-2572264492-182372228-3150790763-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2572264492-182372228-3150790763-1002 - Limited - Enabled)
yakashi (S-1-5-21-2572264492-182372228-3150790763-1000 - Administrator - Enabled) => C:\Users\yakashi

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
American Truck Simulator (HKLM\...\Steam App 270880) (Version:  - SCS Software)
Ansel (Version: 376.09 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assetto Corsa v1.5 (HKLM\...\YXNzZXR0b2NvcnNh_is1) (Version: 1 - )
Autodesk 3ds Max 2017 (HKLM\...\Autodesk 3ds Max 2017) (Version: 19.0.1072.0 - Autodesk)
Autodesk 3ds Max 2017 (Version: 19.0.1072.0 - Autodesk) Hidden
Autodesk 3ds Max 2017 Populate Data (HKLM\...\{2B07E17E-A072-43BD-9DCC-369B56C16698}) (Version: 19.0.0.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk Backburner 2017.0 (HKLM-x32\...\{0038F5AA-8482-4BB2-8A28-3FEA1D58D780}) (Version: 17.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max 2017 64-bit (HKLM\...\{1C4FFAF0-7DBB-4F7A-A386-46747D060826}) (Version: 19.0.0.0 - Autodesk)
Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2017 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2017) (Version: 17.0.411.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2017 (Version: 17.0.411.0 - Autodesk) Hidden
AutoHotkey 1.1.24.01 (HKLM-x32\...\AutoHotkey) (Version: 1.1.24.01 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Call of Duty: Black Ops - Multiplayer (HKLM\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM\...\Steam App 42700) (Version:  - Treyarch)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Driver Booster 3.5 (HKLM-x32\...\Driver Booster_is1) (Version: 3.5 - IObit)
F1 2015 version 1.0 (HKLM-x32\...\{F8180751-C7B2-407F-BD4F-55A6C8FF5F14}_is1) (Version: 1.0 - Codemasters)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.44.20513.9 - Electronic Arts)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.21015 - Electronic Arts)
FileZilla Client 3.22.1 (HKLM-x32\...\FileZilla Client) (Version: 3.22.1 - Tim Kosse)
FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.6.2.2 - FlyVPN)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
GenArts Sapphire Plug-ins 6.10 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
HeavyLoad V3.4 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.4 - JAM Software)
Hotspot Shield 5.4.11 (HKLM-x32\...\HotspotShield) (Version: 5.4.11 - AnchorFree Inc.)
Hotspot Shield 5.4.11 Embedded (x32 Version: 5.4.11.9772 - Buildbot) Hidden
HWiNFO64 Version 5.36 (HKLM\...\HWiNFO64_is1) (Version: 5.36 - Martin Malík - REALiX)
IMG Factory - IMG Factory - A program to manage the IMG file format for GTA games. (HKLM-x32\...\IMG Factory IMG Factory) (Version: "1.1.1" - "IMG Factory")
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
K-Lite Mega Codec Pack 12.4.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Lioncast LM30 Gaming Mouse Version 1.2 (HKLM-x32\...\{7EE2D3D8-7A40-406B-BE38-57DDCCC1B4D4}_is1) (Version: 1.2 - LIONCAST)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Mafia III (HKLM-x32\...\Mafia III_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 1.5.2 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSI Kombustor 3.5.2.1 (64-bit) (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
MySQL Connector Net 6.8.3 (HKLM-x32\...\{38157422-F952-42F7-88AA-CC16A63CD109}) (Version: 6.8.3 - Oracle)
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
Node.js (HKLM\...\{672B5547-D20B-4D19-9BFD-B93C32BC77DA}) (Version: 6.9.1 - Node.js Foundation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA mental ray and IRay feature plugins for 3ds Max 2017 (HKLM\...\{6ABEC32F-B90F-4499-B3A3-FF8A00948178}) (Version: 19.0.0.0 - Autodesk)
NVIDIA mental ray and IRay rendering plugins for 3ds Max 2017 (HKLM\...\{4B889650-52DC-49E0-AB9C-F501B91002E3}) (Version: 19.0.0.0 - Autodesk)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.16.2 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.3.2.64935 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.100.9.0 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (x32 Version: 1.0.0 - Overwolf) Hidden
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.26 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1031 - Razer Inc.)
RealLifeRPG (HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\RealLifeRPG) (Version: 1.5.0 - RealLifeRPG)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.100.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7930 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0015 - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
SciTE4AutoHotkey v3.0.06.01 (HKLM-x32\...\SciTE4AutoHotkey) (Version: v3.0.06.01 - fincs)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
TruckersMP 0.2.1.3.1 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.3.1 Alpha - TruckersMP Team)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 7.0.9-1 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\3dsmax\3ds Max 2017\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\3dsmax\3ds Max 2017\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\3dsmax\3ds Max 2017\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {158958AA-BE6F-49C4-A4B6-633AF4AE7C02} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {1E5ABC8C-46DF-4795-85CD-45772F7687C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-18] (Google Inc.)
Task: {2E086E28-47C4-4045-A0C3-D1B3AE3774A9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {594DE6E7-63F3-40F3-BC39-9B50B752EEE4} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-10-04] ()
Task: {67F53DD4-A801-4BD6-AA5F-C9E822AA9139} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {6DFBFCC2-2343-42A9-89CF-A0BA6CB1F523} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-11-23] (Overwolf LTD)
Task: {8ACA5664-47A1-4D20-8145-6861E6C04ABE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-10-15] (AVAST Software)
Task: {8ADF4950-8C70-4D35-9D49-4FAF09F292EE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-18] (Google Inc.)
Task: {9350B666-3E9D-410A-A7B3-3F85779FFA9D} - System32\Tasks\AdobeAAMUpdater-1.0-yakashi-PC-yakashi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {C1C8081D-FF2D-4C52-A1AB-8C702C93196C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {C99773BA-D28E-4363-9EF5-EC96B75CC008} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {D2F3A21A-B56B-4758-9D5E-16BAF05054F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {DEC86C38-7222-4C52-905B-4681D89F2B01} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {EF5A9D68-D527-483F-9CEE-877DA1B46024} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FFEB62DF-D620-495A-AC3A-1F02489A54B4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\yakashi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-06-30 09:23 - 2016-06-30 09:23 - 00592384 ____N () C:\Users\yakashi\AppData\Local\MEGAsync\ShellExtX64.dll
2016-10-25 08:57 - 2016-10-25 08:57 - 00491184 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-10-03 15:57 - 2016-10-03 15:57 - 00052400 ____N () D:\FileZilla FTP Client\fzshellext_64.dll
2016-05-17 23:42 - 2016-05-17 23:42 - 00230064 ____N () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-11-20 22:55 - 2016-11-17 14:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-11-15 11:42 - 2016-11-08 22:03 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-15 11:42 - 2016-11-08 22:03 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-12-01 18:35 - 2016-11-18 01:04 - 04280280 _____ () C:\Users\yakashi\Desktop\rgnlauncher1.2.1.exe
2016-10-06 21:31 - 2016-07-01 07:39 - 00061968 ____N () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2016-10-06 21:31 - 2016-07-01 07:39 - 00110608 ____N () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00114664 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00108008 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00024040 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00048104 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-08-24 00:04 - 2016-08-24 00:04 - 00166520 ____N () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-10-18 22:18 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2572264492-182372228-3150790763-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Roccat Talk.lnk => C:\Windows\pss\Roccat Talk.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^yakashi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^yakashi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\yakashi\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: Ihsoft => C:\Windows\SysWOW64\regsvr32.exe C:\Users\yakashi\AppData\Local\IRTsoft\PtCres.dll
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LCgmmouse20Run => "C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\LCmon.exe" -runauto
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: OKAYFREEDOM Notifier => "C:\Program Files (x86)\OkayFreedom\Notifier.exe"
MSCONFIG\startupreg: OKAYFREEDOM_Agent => "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
MSCONFIG\startupreg: OKAYFREEDOM_Update => "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: ROCCAT Savu Gaming Mouse => "C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe" /Automation 
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: UX Launcher => C:\Program Files (x86)\UX Pack\uxlaunch.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{C154F0CD-BD0E-49FE-A08B-ADFA3DEB513D}] => D:\Steam\Steam.exe
FirewallRules: [{D67D0C7A-1EE8-41E7-91FA-6AA3B6DB1557}] => D:\Steam\Steam.exe
FirewallRules: [{EC280919-019C-4517-B9C7-6750AD836AB7}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{14F4E6EB-C8AA-4A52-B243-2623BAF83044}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{E873D290-8A82-4F57-883C-85DB853C59E7}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3EE0569A-6554-4438-8CCB-66B4154B4C0F}] => LPort=2869
FirewallRules: [{3C7514D5-2EDD-41B7-B4ED-A7FA42AADB48}] => LPort=1900
FirewallRules: [{54F77AD7-F533-41B1-A96C-6579A590FACE}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{80D109E2-5C63-4E07-8952-6AC7DB14CC20}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{4243043F-F6CD-4A6A-AAE9-F6F4633BB014}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{48D91D21-944E-42E4-ACD1-DBBA9CC7CE89}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{604F4D52-C11C-4FDA-BE99-26E710336935}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{9898F13F-BABB-4731-9473-EC75C00E7AC6}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [TCP Query User{73743B1D-0BD7-4F80-82C9-242F1720082C}D:\steam games\steamapps\common\grand theft auto v\gta5.exe] => D:\steam games\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{A2C6B03F-A9DE-4CF3-BB10-3EE96D45297C}D:\steam games\steamapps\common\grand theft auto v\gta5.exe] => D:\steam games\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{F3420EC8-EBEC-4FCE-8A22-1D6084F36167}] => D:\STEAM GAMES\steamapps\common\YoutubersLife\YoutubersLife.exe
FirewallRules: [{06565DDD-714D-4C7B-84D1-86BD727FA035}] => D:\STEAM GAMES\steamapps\common\YoutubersLife\YoutubersLife.exe
FirewallRules: [TCP Query User{47D234EA-066F-4F95-9135-19EE32E9F1A3}D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{248F18FD-8ED7-44DA-B25A-C1ECEE6782EB}D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{9AB60475-2C0C-4D7F-993E-60DA8A303AC8}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BBDD0042-6295-4692-8798-3884FC3C2A13}] => D:\STEAM GAMES\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{6B96A272-145D-408D-AB61-498AD76C087B}] => D:\STEAM GAMES\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{B4D9BBA7-D75D-4EAC-A0A5-D66F28F54F2F}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{20A88BDE-1054-447C-ACBC-EE10732C0787}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{76A2046E-627D-49C8-9392-9F7276DB86B4}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{A046FFAF-523D-4CB6-8EB1-8D2769337E70}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{DC2A7674-DAB4-42A0-AD32-861617653F3F}] => D:\STEAM GAMES\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{B9BA0BCB-1419-40C3-A32D-FEE4BA5BC7B2}] => D:\STEAM GAMES\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{A637E113-4FF3-43F3-8072-4DDA7A9E36CF}] => D:\STEAM GAMES\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{224FD3C0-ED78-49DF-8D75-17E7E7D06AEE}] => D:\STEAM GAMES\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [TCP Query User{352FCEBE-321F-43BE-B9FC-62414E6E6817}C:\program files (x86)\arxgaming\crossfire\updater.exe] => C:\program files (x86)\arxgaming\crossfire\updater.exe
FirewallRules: [UDP Query User{8842CF5D-C92C-4F03-8825-0C94207452EE}C:\program files (x86)\arxgaming\crossfire\updater.exe] => C:\program files (x86)\arxgaming\crossfire\updater.exe
FirewallRules: [{E33CF4AC-FA07-47A0-B266-6FD379202B37}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{D4B913A5-E37D-46CD-A6CD-D09241C3C8D4}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{1A60A3BC-11F3-4DF0-BDB4-1EB05E1DD9FF}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{15B8D802-C50C-4053-9F44-DE3911989EAF}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{75302D50-2C1C-4899-BDFB-F5F76A5F0D9A}D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe] => D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [UDP Query User{F1BCE803-48DB-4864-80DE-E3FC93C78B3D}D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe] => D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [{0463C8D8-B4EB-402C-975A-53FD2C392B62}] => D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3111D372-B30C-4FAE-B30C-317B5EF2D85E}] => D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{092C1376-AC06-434A-96FB-FC3228F5EABB}] => D:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{A933518E-0009-4C7C-A88E-9FFF2D5EFF5F}] => D:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{E0C4FA1A-17FB-46AE-BF91-FAFEF1EC4F7D}] => D:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{BF13EF20-5E2B-4708-B33D-3E75CEB38821}] => D:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{6C09C7DA-714E-4031-86AF-0EE6EDFA77E2}] => D:\Origin\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{C87E4FA4-9211-4F21-92EF-42B9CAA8BAA2}] => D:\Origin\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{3F402526-40FD-43B4-A5D9-C08653ABAD82}D:\steam\steamapps\common\arma 3\arma3.exe] => D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{D689010C-FA53-4FEC-A7F7-AAC59B7B63FE}D:\steam\steamapps\common\arma 3\arma3.exe] => D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{0245273A-4C90-4071-9C35-626A161CB039}] => D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A976202E-6A7E-4E43-9790-CD6ADE8693DE}] => D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{3AAA6858-066E-48E4-8A2E-DA2C7FBB3EF8}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3FE5C8E4-CBAB-47A9-BA8A-5090550B9DCE}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A6F93A87-5C22-4594-8B66-DB93A6CA1E05}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DA5F52FC-5760-4A46-BB74-D27B87A0F0FD}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A4266F27-D898-4820-BB3D-592F15E6A15F}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EA0A30D8-8A68-4CB4-B64F-3E701DEC6374}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{853AB005-0400-42E3-A2F7-90EC6C664786}] => D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{AD647B70-1BEA-48EA-93BB-87A6B3AF96EB}] => D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{F0171D46-E230-42B5-B427-9FD8350CC4FF}D:\origin\fifa 16\fifa16.exe] => D:\origin\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{B474C108-783C-47E7-9213-A436D3B9B52C}D:\origin\fifa 16\fifa16.exe] => D:\origin\fifa 16\fifa16.exe
FirewallRules: [TCP Query User{58A90E93-0CB4-441D-B76E-204F1271DAEC}D:\overwatch\overwatch.exe] => D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{C49A4896-8D01-4659-9EED-558493E89A24}D:\overwatch\overwatch.exe] => D:\overwatch\overwatch.exe
FirewallRules: [TCP Query User{3C118DAE-F4D5-4AAF-B8CC-806DB8B7C683}D:\origin\fifa 17\fifa17.exe] => D:\origin\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{0191E049-B320-4A66-A755-DCF5694552A6}D:\origin\fifa 17\fifa17.exe] => D:\origin\fifa 17\fifa17.exe
FirewallRules: [{6CBB3147-FD41-4480-B0B3-283510667F56}] => D:\STEAM GAMES\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{C165C53B-FBB5-443C-B45B-EF119AA382D5}] => D:\STEAM GAMES\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{A4C0C456-087E-4AE2-9341-A06CFFDE5232}C:\users\yakashi\appdata\local\akamai\netsession_win.exe] => C:\users\yakashi\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0E824E0E-B1D6-4950-B81F-27847D8FD10F}C:\users\yakashi\appdata\local\akamai\netsession_win.exe] => C:\users\yakashi\appdata\local\akamai\netsession_win.exe
FirewallRules: [{7BB74303-1648-42C1-A09B-D97485FA28C1}] => D:\STEAM GAMES\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A05C36E7-621B-4277-8968-EB148C93AC4A}] => D:\STEAM GAMES\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{8C19CFB5-B665-4FFE-B59C-6259432F727E}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => C:\program files\java\jre1.8.0_102\bin\javaw.exe
FirewallRules: [UDP Query User{79824693-369C-4ADC-A03D-86616519F550}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => C:\program files\java\jre1.8.0_102\bin\javaw.exe
FirewallRules: [TCP Query User{982566ED-5024-45D2-BF71-0FF67075C412}C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe] => C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe
FirewallRules: [UDP Query User{CDE26847-1BA0-4C65-8E9D-C9A1F1D5BF5F}C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe] => C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe
FirewallRules: [TCP Query User{C6CC5BFB-0105-48EF-BD11-221267D8FE63}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{208AC28E-67B5-4D36-AC4B-46E07085B89E}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{19414C0E-5BB7-4843-8E4D-DC740DC2A8D5}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{00EFAE64-D055-4D6D-97E4-3C39E267F736}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{61A49BE5-1E75-4527-AF8C-1791634014AB}D:\assetto corsa\assetto corsa\acs.exe] => D:\assetto corsa\assetto corsa\acs.exe
FirewallRules: [UDP Query User{31C55226-954E-479F-9C58-2A90518EF175}D:\assetto corsa\assetto corsa\acs.exe] => D:\assetto corsa\assetto corsa\acs.exe
FirewallRules: [TCP Query User{B9BD4A55-7605-4385-A5FE-5DA23C079143}C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe
FirewallRules: [UDP Query User{6EA11606-5678-4691-9E59-F46C4690FD09}C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe
FirewallRules: [TCP Query User{8E3B91E4-0826-4486-AE19-04B1F080C879}C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe
FirewallRules: [UDP Query User{A4742DE1-B21A-4EED-8676-8B3A98FE83EB}C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe
FirewallRules: [{64D639F4-82CF-4C6E-89AB-D22100570215}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{96968F29-DB47-43E8-A522-CAE9519DE3A0}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{BEF4AADA-7649-41C0-A50D-46F25EB86904}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9605BBFE-30A1-4785-81E3-E83D5A1CFCBC}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{17F5492B-D9D4-46CD-92DF-DA4AEE57DCDB}] => D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{B2AA3AC1-533A-4032-B740-BDBF5CB2E1F6}] => D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{E04608B7-80A4-400F-8AB4-6E354000D0B0}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{BF44CA56-9FEE-4CDD-AE20-432702244286}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{B2F78E63-0A1E-404F-8120-ED562D638FE4}] => C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E8C24C47-F5C0-407D-89EB-3FBC50F9A557}] => C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EB70119F-9788-4950-B1F5-989671C83AE3}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BF3AA2C3-ACFB-4C43-9A22-85E17FF4F755}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ED8F8BC3-0EDC-4460-8D68-6690BF3EF5C5}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85FC551A-DF3F-455B-99A3-E26ECCB7DB80}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{40DB1672-CF66-4B25-A7FE-32AAD83B5B1D}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{C19F1CB3-86D2-459E-92D9-3096928774BB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A804337B-3FC9-4175-BF95-6CB65514522F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{B4FAEA4F-CD69-48A1-98EA-C1D5D9035CC6}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{812CC328-2D7B-49E6-BCA2-B389AE8B4564}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{343367D6-E30F-43E1-A945-F7F86CC7DA99}] => C:\WarThunder\run.exe
FirewallRules: [{A1248029-CBF9-40E0-93C2-C8E047571196}] => C:\WarThunder\run.exe
FirewallRules: [{313C93BD-71C0-4F2D-9933-B74A1B5FB44D}] => LPort=80
FirewallRules: [{CF8102D3-8A93-4348-92DC-23D15B0DC945}] => LPort=443
FirewallRules: [{7F9EA741-3353-4B5E-AC6B-3B174092FEC1}] => LPort=20010
FirewallRules: [{103CB3F1-CA23-4754-8A51-4C63CEC74D86}] => LPort=3478
FirewallRules: [{45747647-D43A-4481-B061-FB86FBEF94C2}] => LPort=7850
FirewallRules: [{748C92A9-DD26-4F92-9F3A-D8ABC7D14235}] => LPort=7852
FirewallRules: [{16751B4F-DF3A-4E6E-A9EB-55D73E4D1696}] => LPort=7853
FirewallRules: [{9CEC824F-AB69-4C31-9C66-8F03FF859D04}] => LPort=27022
FirewallRules: [{413A241E-0489-4A66-A0AA-00C5C65EC997}] => LPort=6881
FirewallRules: [{0AC93F84-0568-46DA-92C2-9B055F73DB73}] => LPort=33333
FirewallRules: [{63246DC3-F7E5-4860-9625-99184C4D21D0}] => LPort=20443
FirewallRules: [{CAA0F976-F41E-4D49-BB6F-FF4BE79D90D4}] => LPort=8090
FirewallRules: [{18A48DD0-AE08-482B-9DD2-99E08DB9B74A}] => D:\STEAM GAMES\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{9B4856AD-4962-4E60-9533-0185DA63850A}] => D:\STEAM GAMES\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [TCP Query User{EBED365D-14C9-48AF-8E7D-3C5248BE2C6B}D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{BB9DD903-B452-4FB0-A7B3-2E35F8F1C127}D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{960E645C-8A65-45D5-B230-F1B2373CFB23}C:\sinusbot\sinusbot.exe] => C:\sinusbot\sinusbot.exe
FirewallRules: [UDP Query User{2BCE5799-BF10-4856-8F70-0FF64A0208A0}C:\sinusbot\sinusbot.exe] => C:\sinusbot\sinusbot.exe
FirewallRules: [{37260D11-F556-453B-A92C-C051AAEDE6CA}] => D:\STEAM GAMES\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{D0098E91-9895-4D6D-B056-9515D314B185}] => D:\STEAM GAMES\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{6079BABD-47BD-41E9-A90F-F3F106BE9CEB}] => D:\Origin\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{C3652AFF-1435-4303-BBF8-65ECE241EE30}] => D:\Origin\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{EF4BDED4-4E5D-40DB-A4C4-155548FD6016}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F2EBF2F1-DFD8-4CB4-B258-28F801B4FB47}D:\crossfirearx\updater.exe] => D:\crossfirearx\updater.exe
FirewallRules: [UDP Query User{EE5E6B2C-1A25-4171-AA76-31BC8D58786C}D:\crossfirearx\updater.exe] => D:\crossfirearx\updater.exe
FirewallRules: [{9CDF1C5E-6D3E-4B26-B924-7F17B8330BF9}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AD220EF0-B6DC-4E5A-843F-FFFD2A942323}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0807B64D-ED82-4952-BE5E-24A282B10086}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A4200EB5-35B4-4541-AE64-B8E3DF62D40C}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{70C2845C-8A09-4710-A883-EC84CB286F89}] => D:\FlyVPN\FlyVPN.exe
FirewallRules: [{06A1184B-922A-4546-9F22-3C98C2EFF16F}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{C0E1C40E-9DBA-4F28-AD73-A7592F997885}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9F5D2263-57C9-421E-90B9-F4587BF97D4E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{94D9E19A-3494-4BD4-8D45-A1D8B8E62551}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D2303C7A-4BED-4F96-A526-5165BEA68782}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{4BE9F3FC-CA14-4492-8B4E-1BA1B2FC3D08}D:\crossfire\updater.exe] => D:\crossfire\updater.exe
FirewallRules: [UDP Query User{5860EEB4-085D-4FC3-BB1A-3C89C96D1F83}D:\crossfire\updater.exe] => D:\crossfire\updater.exe

==================== Wiederherstellungspunkte =========================

01-12-2016 12:55:53 Removed Autodesk Inventor Server Engine for 3ds Max 2017.
01-12-2016 12:56:14 Removed VEGAS Pro 14.0 (64-bit)
01-12-2016 12:56:37 Removed Autodesk 3ds Max 2017 Populate Data.
01-12-2016 14:17:44 Malwarebytes Anti-Rootkit Restore Point
02-12-2016 11:54:32 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/02/2016 11:54:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.9.1.335, Zeitstempel: 0x580f9487
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x109c
Startzeit der fehlerhaften Anwendung: 0x01d24c8a2df3a614
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
Berichtskennung: bb7395e4-b87d-11e6-8998-4ccc6a61d306

Error: (12/02/2016 11:54:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.8.0.1042, Zeitstempel: 0x5639dd97
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0325c9dd
ID des fehlerhaften Prozesses: 0x1a34
Startzeit der fehlerhaften Anwendung: 0x01d24c8a744ed174
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: b4ad4584-b87d-11e6-8998-4ccc6a61d306

Error: (12/02/2016 11:54:31 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/02/2016 11:42:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.8.0.1042, Zeitstempel: 0x5639dd97
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00dec9dd
ID des fehlerhaften Prozesses: 0x6a4
Startzeit der fehlerhaften Anwendung: 0x01d24c88d1ce9671
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 123e4891-b87c-11e6-97a5-4ccc6a61d306

Error: (12/02/2016 11:42:49 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/02/2016 12:06:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x582e1b2f
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x582e1abd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d4a9
ID des fehlerhaften Prozesses: 0xfec
Startzeit der fehlerhaften Anwendung: 0x01d24c2241d9a7a1
Pfad der fehlerhaften Anwendung: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Pfad des fehlerhaften Moduls: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
Berichtskennung: bbeaab71-b81a-11e6-91ab-4ccc6a61d306

Error: (12/01/2016 11:26:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x582e1b2f
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x582e1abd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d4a9
ID des fehlerhaften Prozesses: 0x1938
Startzeit der fehlerhaften Anwendung: 0x01d24c19b46096c1
Pfad der fehlerhaften Anwendung: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Pfad des fehlerhaften Moduls: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
Berichtskennung: 26007901-b815-11e6-91ab-4ccc6a61d306

Error: (12/01/2016 10:26:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x582e1b2f
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x582e1abd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d4a9
ID des fehlerhaften Prozesses: 0x18e8
Startzeit der fehlerhaften Anwendung: 0x01d24c145001cd71
Pfad der fehlerhaften Anwendung: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Pfad des fehlerhaften Moduls: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
Berichtskennung: dae26801-b80c-11e6-91ab-4ccc6a61d306

Error: (12/01/2016 09:47:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x582e1b2f
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x582e1abd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d4a9
ID des fehlerhaften Prozesses: 0x1e3c
Startzeit der fehlerhaften Anwendung: 0x01d24c1382073e01
Pfad der fehlerhaften Anwendung: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Pfad des fehlerhaften Moduls: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
Berichtskennung: 5e992ef1-b807-11e6-91ab-4ccc6a61d306

Error: (12/01/2016 06:40:48 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\yakashi\Desktop\lf\Laufscript (Taste E).exe". Fehler in Manifest- oder Richtliniendatei "C:\Users\yakashi\Desktop\lf\Laufscript (Taste E).exe" in Zeile 0.
Ungültige XML-Syntax.


Systemfehler:
=============
Error: (12/02/2016 11:54:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/02/2016 11:54:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/02/2016 11:52:28 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (12/02/2016 11:52:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/02/2016 11:52:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (12/02/2016 11:51:23 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "3" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/02/2016 11:51:23 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "2" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/02/2016 11:51:23 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "1" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/02/2016 11:51:23 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "0" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/02/2016 11:50:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 14826.85 MB
Verfügbarer physikalischer RAM: 12251.15 MB
Summe virtueller Speicher: 29651.89 MB
Verfügbarer virtueller Speicher: 27049.01 MB

==================== Laufwerke ================================

Drive b: (Lokaler Rotzenträger) (Fixed) (Total:465.76 GB) (Free:422.14 GB) NTFS
Drive c: (Lokaler Klamottenträger) (Fixed) (Total:236 GB) (Free:25.33 GB) NTFS
Drive d: (Lokaler Fragelträger) (Fixed) (Total:931.41 GB) (Free:98.61 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 236 GB) (Disk ID: 11E626FB)
Partition 1: (Active) - (Size=236 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E159512B)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1956BF5A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Alt 02.12.2016, 13:18   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,C:\Program Files (x86)\aivadflp\ilnmnfug.exe, [X]
HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\Winlogon: [Shell] c:\windows\explorer.exe [2872320 2010-11-20] (Microsoft Corporation) <==== ACHTUNG
CHR Profile: C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-02] <==== ACHTUNG
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Keine Datei
C:\Program Files\AVAST Software
C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ilnmnfug.exe
C:\Program Files (x86)\aivadflp
C:\Users\yakashi\AppData\Local\Tempzxpsigne5ad980403d43f8f
C:\Users\yakashi\AppData\Local\Tempzxpsigne85634600fc93685
C:\Users\yakashi\AppData\Local\Tempzxpsigne474e41904f67f97
C:\Users\yakashi\AppData\Local\Tempzxpsigna001b5586abb9615
C:\Users\yakashi\AppData\Local\Tempzxpsign7374dce4b52fb315
C:\Users\yakashi\AppData\Local\Tempzxpsign77994062462cd779
C:\Users\yakashi\AppData\Local\Tempzxpsign599d10b1f225e4da
C:\Users\yakashi\AppData\Local\Tempzxpsign90d856c5e2989c09
C:\Users\yakashi\AppData\Local\Tempzxpsign6654733c6298a1d5
C:\Users\yakashi\AppData\Local\Tempzxpsignbb0e65e07ea8f574
C:\Users\yakashi\AppData\Local\Tempzxpsignf881167ce1563999
C:\Users\yakashi\AppData\Local\Tempzxpsign096e30b9346fd6ca
C:\Users\yakashi\AppData\Local\Tempzxpsignfb9607c0028ace4a
C:\Users\yakashi\AppData\Local\Tempzxpsignde802797b7a02827
C:\Users\yakashi\AppData\Local\Tempzxpsign30bdcf888e87adf0
C:\Users\yakashi\AppData\Local\Tempzxpsignc944d2db450e0a4a
C:\Users\yakashi\AppData\Local\Tempzxpsign10d2cbe3e78c6675
C:\Users\yakashi\AppData\Local\Tempzxpsign5f74d0cbf2283865
C:\Users\yakashi\AppData\Local\Tempzxpsign095d95b18fe0a50d
C:\Users\yakashi\AppData\Local\Tempzxpsign6e125d926d59050a
C:\Users\yakashi\AppData\Local\Tempzxpsign6aae28833155f8df
folder: C:\Windows\SysWOW64\RTCOM
folder: C:\Windows\system32\DAX2
hosts:
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 02.12.2016, 13:25   #27
yakashi97
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


FIXLOG:
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-11-2016
durchgeführt von yakashi (02-12-2016 13:22:00) Run:1
Gestartet von C:\Users\yakashi\Desktop
Geladene Profile: yakashi (Verfügbare Profile: yakashi)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,C:\Program Files (x86)\aivadflp\ilnmnfug.exe, [X]
HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\Winlogon: [Shell] c:\windows\explorer.exe [2872320 2010-11-20] (Microsoft Corporation) <==== ACHTUNG
CHR Profile: C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-02] <==== ACHTUNG
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Keine Datei
C:\Program Files\AVAST Software
C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ilnmnfug.exe
C:\Program Files (x86)\aivadflp
C:\Users\yakashi\AppData\Local\Tempzxpsigne5ad980403d43f8f
C:\Users\yakashi\AppData\Local\Tempzxpsigne85634600fc93685
C:\Users\yakashi\AppData\Local\Tempzxpsigne474e41904f67f97
C:\Users\yakashi\AppData\Local\Tempzxpsigna001b5586abb9615
C:\Users\yakashi\AppData\Local\Tempzxpsign7374dce4b52fb315
C:\Users\yakashi\AppData\Local\Tempzxpsign77994062462cd779
C:\Users\yakashi\AppData\Local\Tempzxpsign599d10b1f225e4da
C:\Users\yakashi\AppData\Local\Tempzxpsign90d856c5e2989c09
C:\Users\yakashi\AppData\Local\Tempzxpsign6654733c6298a1d5
C:\Users\yakashi\AppData\Local\Tempzxpsignbb0e65e07ea8f574
C:\Users\yakashi\AppData\Local\Tempzxpsignf881167ce1563999
C:\Users\yakashi\AppData\Local\Tempzxpsign096e30b9346fd6ca
C:\Users\yakashi\AppData\Local\Tempzxpsignfb9607c0028ace4a
C:\Users\yakashi\AppData\Local\Tempzxpsignde802797b7a02827
C:\Users\yakashi\AppData\Local\Tempzxpsign30bdcf888e87adf0
C:\Users\yakashi\AppData\Local\Tempzxpsignc944d2db450e0a4a
C:\Users\yakashi\AppData\Local\Tempzxpsign10d2cbe3e78c6675
C:\Users\yakashi\AppData\Local\Tempzxpsign5f74d0cbf2283865
C:\Users\yakashi\AppData\Local\Tempzxpsign095d95b18fe0a50d
C:\Users\yakashi\AppData\Local\Tempzxpsign6e125d926d59050a
C:\Users\yakashi\AppData\Local\Tempzxpsign6aae28833155f8df
folder: C:\Windows\SysWOW64\RTCOM
folder: C:\Windows\system32\DAX2
hosts:
emptytemp:
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Wert erfolgreich wiederhergestellt
HKU\S-1-5-21-2572264492-182372228-3150790763-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Wert erfolgreich entfernt
C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Schlüssel nicht gefunden. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" => Schlüssel erfolgreich entfernt
"HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" => Schlüssel erfolgreich entfernt
"C:\Program Files\AVAST Software" => nicht gefunden.
C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ilnmnfug.exe => erfolgreich verschoben
C:\Program Files (x86)\aivadflp => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsigne5ad980403d43f8f => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsigne85634600fc93685 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsigne474e41904f67f97 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsigna001b5586abb9615 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign7374dce4b52fb315 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign77994062462cd779 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign599d10b1f225e4da => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign90d856c5e2989c09 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign6654733c6298a1d5 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsignbb0e65e07ea8f574 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsignf881167ce1563999 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign096e30b9346fd6ca => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsignfb9607c0028ace4a => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsignde802797b7a02827 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign30bdcf888e87adf0 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsignc944d2db450e0a4a => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign10d2cbe3e78c6675 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign5f74d0cbf2283865 => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign095d95b18fe0a50d => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign6e125d926d59050a => erfolgreich verschoben
C:\Users\yakashi\AppData\Local\Tempzxpsign6aae28833155f8df => erfolgreich verschoben

========================= folder: C:\Windows\SysWOW64\RTCOM ========================

2016-11-22 21:00 - 2016-11-22 21:00 - 1530096 _____ (Conexant Systems Inc.) C:\Windows\SysWOW64\RTCOM\CX32APO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 2409632 _____ (Fortemedia Corporation) C:\Windows\SysWOW64\RTCOM\FMAPO32.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 0965680 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\RTCOM\MaxxSpeechAPO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 1216312 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTCOM\RTCOMDLL.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 0716760 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTCOM\RtDataProc.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 0172992 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTCOM\RtkCfg.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 0147824 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTCOM\RTLCPAPI.dll

====== Ende von Folder: ======


========================= folder: C:\Windows\system32\DAX2 ========================

2016-11-22 21:00 - 2016-11-22 21:00 - 6115328 _____ () C:\Windows\system32\DAX2\DAX2.sdf
2016-11-22 21:00 - 2016-11-22 21:00 - 4850356 _____ () C:\Windows\system32\DAX2\RTAIODAT2.DAT

====== Ende von Folder: ======

C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43155149 B
Java, Flash, Steam htmlcache => 116501822 B
Windows/system/drivers => 368744816 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile32 => 65960 B
LocalService => 66228 B
NetworkService => 183296 B
yakashi => 30956257302 B

RecycleBin => 38349662 B
EmptyTemp: => 29.4 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 13:22:09 ====

Alt 02.12.2016, 14:34   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 02.12.2016, 15:20   #29
yakashi97
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


FRST LOG:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2016
durchgeführt von yakashi (Administrator) auf YAKASHI-PC (02-12-2016 15:20:09)
Gestartet von C:\Users\yakashi\Desktop
Geladene Profile: yakashi (Verfügbare Profile: yakashi)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
() C:\Users\yakashi\Desktop\rgnlauncher1.2.1.exe
() C:\Users\yakashi\Desktop\GTA - San Andreas\rgn_ac_gta.exe
() C:\Users\yakashi\Desktop\Laufscript.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Playtech) C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino.exe
(EuroGrand Casino) C:\Users\yakashi\AppData\Local\EuroGrand Casino notification\notification_center.exe
(EuroGrand Casino) C:\Users\yakashi\AppData\Local\EuroGrand Casino\regtrk.exe
() C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino_browser.exe
() C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino_browser.exe
() C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino_browser.exe
() C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino_browser.exe
() C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino_browser.exe
() C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino_browser.exe
() C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino_browser.exe
() C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino_browser.exe
() C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino_browser.exe
() C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino_browser.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\MountPoints2: {5e3da5ff-827d-11e6-ac6c-4ccc6a61d306} - G:\setup.exe
HKU\S-1-5-18\...\Run: [] => 0
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-09-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\yakashi\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\yakashi\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\yakashi\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
Startup: C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EuroGrand Casino notification.lnk [2016-12-02]
ShortcutTarget: EuroGrand Casino notification.lnk -> C:\Users\yakashi\AppData\Local\EuroGrand Casino notification\notification_center.exe (EuroGrand Casino)
Startup: C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ilnmnfug.exe [2016-12-02] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3A231831-A6A7-4122-82AA-B18E85CAF178}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6067DDCE-2A82-487F-8C19-7E8CFF1A228C}: [DhcpNameServer] 192.168.2.1
ManualProxies: 

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-09-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-09-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-09-18] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-09-18] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-09-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-09-18] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-09-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-09-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-02] <==== ACHTUNG
CHR Extension: (Google Docs) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-02]
CHR Extension: (Google Drive) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-02]
CHR Extension: (YouTube) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-02]
CHR Extension: (Google Mail) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-02]
CHR Extension: (Chrome Media Router) - C:\Users\yakashi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-02]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1456136 2016-10-11] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [229648 2016-10-30] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2710648 2016-08-24] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [103168 2016-08-24] ()
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-24] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-11-22] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-11-22] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1316080 2016-11-23] (Overwolf LTD)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer Inc)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AFTrafMgr1.1; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_1_64.sys [54712 2016-08-23] (AnchorFree Inc.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2016-09-18] (Advanced Micro Devices Inc.)
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [83792 2016-09-18] (Asmedia Technology)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-09-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-09-25] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-09-18] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [32224 2016-11-22] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-28] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-09-23] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2016-11-20] (The OpenVPN Project)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-08-23] (Anchorfree Inc.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [42760 2016-02-21] (Microsoft Corporation)
U0 aswVmm; kein ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va063; \??\C:\Windows\SysWOW64\Drivers\X6va063 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-02 14:50 - 2016-12-02 14:50 - 00001838 _____ C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\EuroGrand Casino.lnk
2016-12-02 14:50 - 2016-12-02 14:50 - 00001836 _____ C:\Users\yakashi\Desktop\EuroGrand Casino.lnk
2016-12-02 14:50 - 2016-12-02 14:50 - 00000000 ____D C:\Users\yakashi\AppData\Local\EuroGrand Casino notification
2016-12-02 14:44 - 2016-12-02 14:50 - 00000000 ____D C:\Users\yakashi\AppData\Local\EuroGrand Casino
2016-12-02 13:23 - 2016-12-02 13:23 - 00000000 ____D C:\Users\yakashi\AppData\Local\CrashRpt
2016-12-02 13:22 - 2016-12-02 13:22 - 00007521 _____ C:\Users\yakashi\Desktop\Fixlog.txt
2016-12-02 12:51 - 2016-12-02 12:51 - 00509820 _____ C:\Users\yakashi\Downloads\Weapon Sounds Pack.rar
2016-12-02 12:01 - 2016-12-02 15:20 - 00018826 _____ C:\Users\yakashi\Desktop\FRST.txt
2016-12-02 12:01 - 2016-12-02 12:03 - 00063853 _____ C:\Users\yakashi\Desktop\Addition.txt
2016-12-02 11:55 - 2016-12-02 11:55 - 00006531 _____ C:\Users\yakashi\Desktop\JRT.txt
2016-12-02 11:54 - 2016-12-02 11:54 - 01631928 _____ (Malwarebytes) C:\Users\yakashi\Downloads\JRT.exe
2016-12-02 11:54 - 2016-12-02 11:54 - 01631928 _____ (Malwarebytes) C:\Users\yakashi\Desktop\JRT.exe
2016-12-02 11:48 - 2016-12-02 11:50 - 00000000 ____D C:\AdwCleaner
2016-12-02 11:48 - 2016-12-02 11:48 - 03910208 _____ C:\Users\yakashi\Downloads\AdwCleaner_6.030.exe
2016-12-02 11:48 - 2016-12-02 11:48 - 03910208 _____ C:\Users\yakashi\Desktop\AdwCleaner_6.030.exe
2016-12-01 21:13 - 2016-12-01 21:13 - 00000000 ____D C:\Users\yakashi\Desktop\Nvidia Inspector
2016-12-01 21:12 - 2016-12-01 21:12 - 00288725 _____ C:\Users\yakashi\Downloads\nvidiaInspector_1.9.7.7.zip
2016-12-01 20:48 - 2016-12-02 13:14 - 00000000 ____D C:\Configuration
2016-12-01 20:41 - 2016-12-01 20:41 - 01636796 _____ C:\Users\yakashi\Downloads\headzfetz-Loader-2.3.rar
2016-12-01 18:37 - 2016-12-01 18:37 - 00417408 _____ C:\Users\yakashi\Downloads\laufscript.zip
2016-12-01 18:37 - 2016-12-01 18:37 - 00000000 ____D C:\Users\yakashi\Desktop\lf
2016-12-01 18:36 - 2016-12-01 18:36 - 00032600 _____ C:\Users\yakashi\Downloads\asiloader (1).zip
2016-12-01 18:36 - 2016-12-01 18:36 - 00000000 ____D C:\Users\yakashi\Desktop\backup
2016-12-01 18:35 - 2016-11-18 01:04 - 04280280 _____ C:\Users\yakashi\Desktop\rgnlauncher1.2.1.exe
2016-12-01 18:32 - 2016-12-01 18:32 - 04731330 _____ C:\Users\yakashi\Downloads\Timecyc_by_Dezor.rar
2016-12-01 14:24 - 2016-12-01 14:27 - 00210698 _____ C:\TDSSKiller.3.1.0.12_01.12.2016_14.24.02_log.txt
2016-12-01 13:49 - 2016-12-01 17:40 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-12-01 13:49 - 2016-12-01 14:17 - 00000000 ____D C:\Users\yakashi\Desktop\mbar
2016-12-01 13:48 - 2016-12-01 13:48 - 16563352 _____ (Malwarebytes Corp.) C:\Users\yakashi\Downloads\mbar-1.09.3.1001.exe
2016-11-30 16:56 - 2016-12-02 15:20 - 00000000 ____D C:\FRST
2016-11-30 16:56 - 2016-12-01 12:59 - 02411520 _____ (Farbar) C:\Users\yakashi\Desktop\FRST64.exe
2016-11-30 15:55 - 2016-11-30 15:55 - 00041537 _____ C:\Users\yakashi\Desktop\Blaffert 10_2016.pdf
2016-11-30 15:55 - 2016-11-30 15:55 - 00039744 _____ C:\Users\yakashi\Desktop\Blaffert 11_2016.pdf
2016-11-30 15:46 - 2016-11-30 15:46 - 00039744 _____ C:\Users\yakashi\Downloads\Blaffert 11_2016.pdf
2016-11-30 15:45 - 2016-11-30 15:45 - 00041537 _____ C:\Users\yakashi\Downloads\Blaffert 10_2016.pdf
2016-11-30 15:44 - 2016-11-30 15:44 - 00001325 _____ C:\Users\yakashi\Desktop\scan.txt
2016-11-30 15:03 - 2016-11-30 15:03 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-30 15:03 - 2016-11-24 20:22 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-11-30 15:03 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-11-30 15:03 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-11-30 15:03 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-11-30 15:03 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-11-30 15:02 - 2016-11-24 21:54 - 40123840 _____ C:\Windows\system32\nvcompiler.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 35224632 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 34701760 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 28139576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 17440928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 17373312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 14057528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-11-30 15:02 - 2016-11-24 21:54 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 10346208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 09151216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 08913512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 08754344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 03643840 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 03206592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437609.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437609.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 01036736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00945208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00895424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00439864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00407248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00170872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00148200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-11-30 15:02 - 2016-11-24 21:54 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-11-28 14:20 - 2016-11-28 14:20 - 01222159 _____ C:\Users\yakashi\Downloads\OptiFine_1.7.10_HD_U_D6.jar
2016-11-28 13:48 - 2016-12-02 11:59 - 00000000 ____D C:\Users\yakashi\Desktop\GTA - San Andreas
2016-11-27 18:23 - 2016-11-27 18:23 - 00000000 ____D C:\Users\yakashi\Desktop\Neuer Ordner
2016-11-27 13:16 - 2016-11-27 13:16 - 00000986 _____ C:\Users\Public\Desktop\SciTE4AutoHotkey.lnk
2016-11-27 13:16 - 2016-11-27 13:16 - 00000000 ____D C:\Users\yakashi\Documents\AutoHotkey
2016-11-27 13:16 - 2016-11-27 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SciTE4AutoHotkey
2016-11-27 13:15 - 2016-11-27 13:15 - 01924681 _____ (fincs) C:\Users\yakashi\Downloads\SciTE4AHK300601_Install.exe
2016-11-27 01:29 - 2016-11-27 01:29 - 00010881 _____ C:\Users\yakashi\Desktop\julian adventskalender.pwn
2016-11-27 00:47 - 2016-11-27 00:47 - 00007564 _____ C:\Users\yakashi\Desktop\present.pwn
2016-11-27 00:42 - 2016-11-27 00:42 - 00001139 _____ C:\Users\yakashi\Desktop\autohaus gtarl.pwn
2016-11-27 00:26 - 2016-11-27 00:26 - 00657365 _____ C:\Users\yakashi\Desktop\maps.pwn
2016-11-27 00:10 - 2016-11-27 00:10 - 00837119 _____ C:\Users\yakashi\Downloads\editor.rar
2016-11-26 23:41 - 2016-11-26 23:41 - 16270006 _____ C:\Users\yakashi\Downloads\sa-mp-0.3.7-install.exe
2016-11-26 23:41 - 2016-11-26 23:41 - 02094241 _____ C:\Users\yakashi\Downloads\samp037_svr_R2-1-1_win32.zip
2016-11-26 21:43 - 2016-11-26 21:43 - 02509914 _____ C:\Users\yakashi\Downloads\Message bling sound.rar
2016-11-26 21:23 - 2016-11-26 21:36 - 3979544377 _____ C:\Users\yakashi\Downloads\CrossFire_ARxGaming.zip
2016-11-26 21:18 - 2016-11-26 21:18 - 01847449 _____ C:\Users\yakashi\Downloads\HGWC.rar
2016-11-26 21:12 - 2016-11-28 20:32 - 00000643 _____ C:\Users\yakashi\Desktop\CrossFire ArxGaming.lnk
2016-11-26 13:15 - 2016-10-18 18:21 - 00786815 _____ C:\Users\yakashi\Desktop\Laufscript.exe
2016-11-26 00:08 - 2016-11-27 18:16 - 00000000 ____D C:\Users\yakashi\Desktop\gtarl
2016-11-26 00:07 - 2016-11-26 00:07 - 00001068 _____ C:\Users\yakashi\Desktop\GTA SA.lnk
2016-11-26 00:07 - 2016-11-26 00:07 - 00000000 ____D C:\Users\yakashi\Desktop\WH KEYBINDER
2016-11-25 12:17 - 2016-11-25 12:17 - 02285109 _____ C:\Users\yakashi\Downloads\PRIVATKI DOZZER.rar
2016-11-25 00:23 - 2016-11-25 00:23 - 08108436 _____ C:\Users\yakashi\Downloads\2012 BMW M3 E92 Hamann.zip
2016-11-25 00:22 - 2016-11-25 00:22 - 15637566 _____ C:\Users\yakashi\Downloads\Транспорт - BMW_e30_UDC[SAMODS.RU].rar
2016-11-25 00:15 - 2016-11-25 00:15 - 15640912 _____ C:\Users\yakashi\Downloads\1476393124_E36 SEDAN.zip
2016-11-24 20:18 - 2016-11-24 20:19 - 41599579 _____ C:\Users\yakashi\Documents\Ohne Titel.mp4
2016-11-24 17:39 - 2016-11-24 17:39 - 43086377 _____ C:\Users\yakashi\Downloads\client_21031.zip
2016-11-24 13:35 - 2016-11-24 13:35 - 00000970 _____ C:\Users\yakashi\Downloads\listen.asx
2016-11-24 13:35 - 2016-11-24 13:35 - 00000970 _____ C:\Users\yakashi\Downloads\listen (1).asx
2016-11-24 02:59 - 2016-11-24 02:59 - 05763621 _____ C:\Users\yakashi\Downloads\Sounds (1).rar
2016-11-24 02:59 - 2016-11-24 02:59 - 01091085 _____ C:\Users\yakashi\Downloads\sounds.rar
2016-11-24 02:56 - 2016-11-24 02:56 - 10611225 _____ C:\Users\yakashi\Downloads\71344-bmw-m4-coupe.zip
2016-11-24 02:51 - 2016-11-24 02:51 - 09816325 _____ C:\Users\yakashi\Downloads\71429-bmw-m4-2014-liberty-walk.zip
2016-11-24 01:15 - 2016-11-24 01:15 - 00397091 _____ C:\Users\yakashi\Downloads\Smooth Camera.zip
2016-11-24 01:13 - 2016-11-24 01:13 - 01204711 _____ C:\Windows\unins000.exe
2016-11-24 01:13 - 2016-11-24 01:13 - 00894870 _____ (Seemann, Deji, Alien ) C:\Users\yakashi\Downloads\CLEO4_setup.exe
2016-11-23 20:53 - 2016-11-25 15:23 - 00007515 _____ C:\Users\yakashi\Downloads\WhatsApp Image 2016-11-20 at 17.21.51.jpeg
2016-11-23 18:47 - 2016-11-17 14:45 - 00101824 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-11-23 18:47 - 2016-11-17 14:45 - 00091584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-11-23 18:47 - 2016-11-17 14:45 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-11-23 16:39 - 2016-11-23 16:39 - 00008945 _____ C:\Users\yakashi\Downloads\WhatsApp Ptt 2016-11-23 at 16.39.03.ogg; codecs=opus
2016-11-23 16:39 - 2016-11-23 16:39 - 00008572 _____ C:\Users\yakashi\Downloads\WhatsApp Ptt 2016-11-23 at 16.38.58.ogg; codecs=opus
2016-11-22 21:07 - 2016-11-22 21:07 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-11-22 21:07 - 2016-11-22 21:07 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-11-22 21:07 - 2016-11-22 21:07 - 00000000 ____D C:\Windows\system32\DAX2
2016-11-22 21:07 - 2016-11-22 21:07 - 00000000 ____D C:\Program Files\Realtek
2016-11-22 21:01 - 2016-11-22 21:01 - 00795640 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-11-22 21:01 - 2016-11-22 21:01 - 00032224 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2016-11-22 21:00 - 2016-11-22 21:00 - 72520720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-11-22 21:00 - 2016-11-22 21:00 - 23505720 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 23414272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRender64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 17378000 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 15202040 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 14057256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 13122584 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 12988352 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 10534696 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 07172912 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 07096184 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 07020920 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-11-22 21:00 - 2016-11-22 21:00 - 06374320 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-11-22 21:00 - 2016-11-22 21:00 - 05793528 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 05593624 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 05341352 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 05310472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-11-22 21:00 - 2016-11-22 21:00 - 03299832 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 03291320 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 03203592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 03133856 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-11-22 21:00 - 2016-11-22 21:00 - 02825104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02775360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02706872 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02439048 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02203752 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02190992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02110592 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02073088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 02050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01920820 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2016-11-22 21:00 - 2016-11-22 21:00 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01618032 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01591056 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01529136 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64Proxy.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01508928 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01435144 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01422928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01382240 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01360520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01337648 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01334384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01213664 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01186840 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01166168 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01115136 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01041744 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01003864 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 01001800 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00999856 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00962136 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00931624 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00923752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00873472 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00864344 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00858208 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00854040 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00823816 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2016-11-22 21:00 - 2016-11-22 21:00 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00725944 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00677680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00618192 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00601152 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00571384 _____ (Intel Corporation) C:\Windows\system32\tbb_waves.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00514528 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00500560 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00498640 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00472312 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00447184 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00445400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00438696 _____ (Conexant Systems, Inc.) C:\Windows\system32\CAF64APO2.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00428232 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00416512 _____ (Harman) C:\Windows\system32\HMUI.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00372736 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00366128 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00360352 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00341160 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00272712 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00258864 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00253896 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00203848 _____ (Harman) C:\Windows\system32\HMHVS.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00190936 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00190936 _____ (Harman) C:\Windows\system32\HMEQ.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00179600 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00158704 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00154368 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00118592 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00112496 _____ (Conexant Systems, Inc.) C:\Windows\system32\Caf64api.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00105312 _____ C:\Windows\system32\audioLibVc.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00075544 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-11-22 21:00 - 2016-11-22 21:00 - 00005604 _____ C:\Windows\system32\cxapo.lncs
2016-11-22 21:00 - 2016-11-22 21:00 - 00000736 _____ C:\Windows\system32\cxapo.prop
2016-11-22 19:18 - 2016-11-22 19:18 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign977265cf2a883c90
2016-11-22 19:18 - 2016-11-22 19:18 - 00000000 ____D C:\Users\yakashi\AppData\Local\Tempzxpsign8d8e6ecb2758a646
2016-11-21 17:01 - 2016-11-21 17:01 - 03336882 _____ C:\Users\yakashi\Downloads\asd.rar
2016-11-21 16:54 - 2016-11-21 16:54 - 00942390 _____ C:\Users\yakashi\Downloads\Keybinder.rar
2016-11-21 01:24 - 2016-11-21 01:24 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\MSIConfig
2016-11-20 23:10 - 2016-11-20 23:10 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\NVIDIA
2016-11-20 23:08 - 2016-11-24 21:54 - 19948848 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-11-20 23:08 - 2016-11-24 21:54 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-11-20 23:08 - 2016-11-24 21:54 - 00041344 _____ C:\Windows\system32\nvinfo.pb
2016-11-20 23:08 - 2016-11-24 20:39 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-11-20 23:08 - 2016-11-24 20:39 - 02477624 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-11-20 23:08 - 2016-11-24 20:39 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-11-20 23:08 - 2016-11-24 20:39 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-11-20 23:08 - 2016-11-24 20:39 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-11-20 23:08 - 2016-11-24 20:39 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-11-20 23:08 - 2016-11-23 13:58 - 07538847 _____ C:\Windows\system32\nvcoproc.bin
2016-11-20 23:08 - 2016-11-17 03:04 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437595.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 01595456 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437595.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 00212936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-11-20 23:08 - 2016-11-17 03:04 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-11-20 23:08 - 2016-11-17 03:04 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-11-20 23:08 - 2016-11-17 03:04 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-11-20 22:55 - 2016-12-02 13:22 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-20 22:55 - 2016-11-30 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-20 22:55 - 2016-11-30 15:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-20 22:55 - 2016-11-23 18:47 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-20 22:55 - 2016-11-23 18:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-20 22:55 - 2016-11-20 22:56 - 00000000 ____D C:\Users\yakashi\AppData\Local\NVIDIA
2016-11-20 22:55 - 2016-11-17 14:45 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-11-20 22:54 - 2016-11-20 22:55 - 73981120 _____ (NVIDIA Corporation) C:\Users\yakashi\Downloads\GeForce_Experience_v3.1.0.52.exe
2016-11-20 12:53 - 2016-11-24 21:54 - 03941720 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-11-20 12:53 - 2016-11-24 21:54 - 03479744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-11-20 12:53 - 2016-11-24 20:39 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-11-20 12:53 - 2016-11-24 20:39 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-11-20 12:22 - 2016-11-17 14:45 - 01854400 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-11-20 12:22 - 2016-11-17 14:45 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-11-20 12:15 - 2016-11-20 12:16 - 00095650 _____ C:\Windows\ntbtlog.txt
2016-11-20 10:56 - 2016-11-20 10:56 - 00037912 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901_openvpn_accl.sys
2016-11-20 10:55 - 2016-11-20 10:56 - 00000000 ____D C:\ProgramData\FlyVPN
2016-11-20 10:55 - 2016-11-20 10:55 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyVPN
2016-11-20 10:54 - 2016-11-20 10:55 - 02133568 _____ (FlyVPN) C:\Users\yakashi\Downloads\FlyVPNInstaller_3.6.2.2.exe
2016-11-20 03:29 - 2016-11-20 03:29 - 01055510 _____ C:\Users\yakashi\Downloads\maurice.rar
2016-11-20 02:35 - 2016-11-20 02:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 3
2016-11-20 02:35 - 2016-11-20 02:35 - 00000000 ____D C:\Program Files\MSI Kombustor 3
2016-11-20 02:34 - 2016-11-20 02:34 - 19819074 _____ (MSI Co., LTD ) C:\Users\yakashi\Downloads\MSI_Kombustor_Setup_3.5.2.1_x64.exe
2016-11-20 02:24 - 2016-11-20 02:24 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\JAM Software
2016-11-20 02:18 - 2016-11-20 02:18 - 09928496 _____ (JAM Software ) C:\Users\yakashi\Downloads\HeavyLoad-x64-Setup.exe
2016-11-20 02:18 - 2016-11-20 02:18 - 00000000 ____D C:\Program Files\JAM Software
2016-11-20 02:17 - 2016-11-20 02:17 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-11-20 02:17 - 2016-11-20 02:17 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-11-20 02:17 - 2016-11-20 02:17 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-11-20 02:17 - 2016-11-20 02:17 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-11-20 02:17 - 2016-11-20 02:17 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-11-20 02:11 - 2016-11-20 02:11 - 1127223062 _____ C:\Windows\MEMORY.DMP
2016-11-20 02:11 - 2016-11-20 02:11 - 00872216 _____ C:\Windows\Minidump\112016-12604-01.dmp
2016-11-20 02:11 - 2016-11-20 02:11 - 00000000 ____D C:\Windows\Minidump
2016-11-20 02:04 - 2016-11-24 19:55 - 00000000 ____D C:\Users\yakashi\AppData\Local\NVIDIA Corporation
2016-11-20 01:57 - 2016-11-20 22:53 - 00000000 ____D C:\Users\yakashi\Downloads\settings
2016-11-20 01:57 - 2016-11-20 22:53 - 00000000 ____D C:\Users\yakashi\Downloads\DDU Logs
2016-11-20 01:57 - 2016-11-20 01:57 - 01129418 _____ (Igor Pavlov) C:\Users\yakashi\Downloads\DDU_v17.0.3.0.exe
2016-11-20 01:57 - 2016-11-20 01:57 - 00000000 ____D C:\Users\yakashi\Downloads\x64
2016-11-20 01:57 - 2016-10-25 19:21 - 01434112 _____ C:\Users\yakashi\Downloads\Display Driver Uninstaller.exe
2016-11-20 01:57 - 2016-10-25 19:21 - 00546304 _____ C:\Users\yakashi\Downloads\Display Driver Uninstaller.pdb
2016-11-20 01:57 - 2015-09-06 12:26 - 00000224 _____ C:\Users\yakashi\Downloads\Display Driver Uninstaller.exe.config
2016-11-20 01:35 - 2016-11-20 01:35 - 00032600 _____ C:\Users\yakashi\Downloads\asiloader.zip
2016-11-20 01:12 - 2016-11-20 01:12 - 00000000 ____D C:\NVIDIA
2016-11-20 00:06 - 2016-11-20 00:06 - 00001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-11-19 20:08 - 2016-11-19 20:08 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\npm
2016-11-19 20:08 - 2016-11-19 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2016-11-19 20:08 - 2016-11-19 20:08 - 00000000 ____D C:\Program Files\nodejs
2016-11-19 15:53 - 2016-11-24 22:38 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\RealLifeRPG
2016-11-19 15:53 - 2016-11-19 15:53 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RealLifeRPG
2016-11-19 15:53 - 2016-11-19 15:53 - 00000000 ____D C:\Users\yakashi\AppData\Local\SquirrelTemp
2016-11-19 15:53 - 2016-11-19 15:53 - 00000000 ____D C:\Users\yakashi\AppData\Local\RealLifeRPG
2016-11-15 11:31 - 2016-11-15 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-11-15 11:31 - 2016-11-15 11:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-11-11 22:33 - 2016-11-11 22:33 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Steganos Updates
2016-11-06 13:56 - 2016-11-06 13:56 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2016-11-06 03:25 - 2016-11-08 01:51 - 00000000 ____D C:\Users\yakashi\Documents\American Truck Simulator
2016-11-06 03:25 - 2016-11-06 10:59 - 00000000 ____D C:\Users\yakashi\Documents\ATSMP
2016-11-05 13:07 - 2016-11-05 13:07 - 00000000 ____D C:\Users\yakashi\AppData\Local\TS3index.com_GbR
2016-11-05 12:57 - 2016-11-05 12:59 - 00000000 ____D C:\SinusBot
2016-11-05 12:56 - 2016-11-05 12:56 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-11-04 13:28 - 2016-12-02 13:30 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-11-04 13:28 - 2016-11-25 21:21 - 00000000 _____ C:\Windows\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt
2016-11-04 13:28 - 2016-11-04 13:28 - 00000000 ____D C:\ProgramData\RzSurroundVAD_1.1.62.0
2016-11-04 13:28 - 2016-09-17 02:12 - 00044144 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-11-04 13:28 - 2016-09-07 22:27 - 00137840 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2016-11-04 13:27 - 2016-11-04 13:28 - 00000000 ____D C:\Program Files (x86)\Razer
2016-11-04 13:27 - 2016-11-04 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-11-04 13:26 - 2016-11-04 13:36 - 00000000 ____D C:\ProgramData\Razer
2016-11-04 13:26 - 2016-11-04 13:26 - 00000000 ____D C:\Users\yakashi\AppData\Local\Razer

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-02 15:11 - 2016-09-18 20:11 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\TS3Client
2016-12-02 14:55 - 2009-07-14 05:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-02 14:55 - 2009-07-14 05:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-02 14:41 - 2016-09-18 19:36 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-02 13:29 - 2009-07-14 18:58 - 00700614 _____ C:\Windows\system32\perfh007.dat
2016-12-02 13:29 - 2009-07-14 18:58 - 00149962 _____ C:\Windows\system32\perfc007.dat
2016-12-02 13:29 - 2009-07-14 06:13 - 01624324 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-02 13:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-02 13:23 - 2016-09-29 17:52 - 00000000 ____D C:\Users\yakashi\AppData\Local\LogMeIn Hamachi
2016-12-02 13:23 - 2016-09-20 12:49 - 00000000 ___RD C:\Users\yakashi\Creative Cloud Files
2016-12-02 13:23 - 2016-09-20 12:49 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-12-02 13:23 - 2016-09-20 12:45 - 00000000 ____D C:\Users\yakashi\AppData\Local\Adobe
2016-12-02 13:22 - 2016-09-18 19:36 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-02 13:22 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-02 11:54 - 2016-09-24 13:52 - 00000000 ____D C:\Users\yakashi\AppData\Local\CrashDumps
2016-12-02 11:54 - 2016-09-18 19:37 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\IObit
2016-12-02 11:54 - 2016-09-18 19:37 - 00000000 ____D C:\ProgramData\IObit
2016-12-02 11:54 - 2016-09-18 19:37 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-02 11:49 - 2016-10-06 16:12 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-12-01 20:43 - 2016-09-30 17:16 - 00000000 ____D C:\Temp
2016-12-01 16:27 - 2016-10-18 22:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-01 13:49 - 2016-10-18 22:27 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-01 13:07 - 2016-10-15 12:34 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-01 12:56 - 2016-10-10 11:27 - 00000000 ____D C:\ProgramData\VEGAS
2016-12-01 12:55 - 2016-09-19 07:51 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Adobe
2016-12-01 12:54 - 2016-09-20 12:47 - 00000000 ____D C:\ProgramData\Adobe
2016-11-30 16:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Resources
2016-11-29 16:07 - 2016-09-25 00:59 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Origin
2016-11-29 14:14 - 2016-10-10 21:01 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\trainer
2016-11-29 14:09 - 2016-09-25 00:57 - 00000000 ____D C:\ProgramData\Origin
2016-11-28 23:09 - 2016-10-01 16:51 - 00000000 ____D C:\Windows\pss
2016-11-28 14:23 - 2016-10-06 23:18 - 00000000 ____D C:\Users\yakashi\AppData\Local\ftblauncher
2016-11-28 14:12 - 2016-10-06 23:18 - 00000000 ____D C:\ftb
2016-11-27 18:39 - 2016-09-18 20:07 - 00000000 ____D C:\Users\yakashi\Documents\GTA San Andreas User Files
2016-11-27 13:16 - 2016-09-18 19:47 - 00000000 ____D C:\Program Files\AutoHotkey
2016-11-25 14:11 - 2016-09-18 20:07 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-11-25 12:55 - 2016-10-28 12:53 - 00000000 ____D C:\Users\yakashi\Documents\HP-Overlay
2016-11-25 00:12 - 2016-10-11 17:09 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\DVDVideoSoft
2016-11-24 22:38 - 2016-09-25 12:54 - 00000000 ____D C:\Users\yakashi\AppData\Local\Arma 3
2016-11-24 17:41 - 2016-10-30 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP
2016-11-24 13:26 - 2016-09-25 12:53 - 00000000 ____D C:\Users\yakashi\AppData\Local\Arma 3 Launcher
2016-11-24 13:25 - 2016-09-27 13:30 - 00000000 ____D C:\Users\yakashi\Documents\Arma 3 - Other Profiles
2016-11-24 01:13 - 2016-09-19 15:24 - 00014940 _____ C:\Windows\unins000.dat
2016-11-23 18:47 - 2016-09-23 22:12 - 00003602 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 18:47 - 2016-09-18 20:30 - 00003840 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 18:47 - 2016-09-18 20:30 - 00003840 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 18:47 - 2016-09-18 20:30 - 00003790 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 18:47 - 2016-09-18 20:30 - 00003778 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 18:47 - 2016-09-18 20:30 - 00003542 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 17:29 - 2016-09-20 14:17 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Skype
2016-11-23 11:51 - 2016-09-20 14:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-23 11:51 - 2016-09-20 14:17 - 00000000 ____D C:\ProgramData\Skype
2016-11-22 21:09 - 2016-09-25 00:58 - 00000000 ____D C:\Program Files (x86)\Origin
2016-11-20 23:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2016-11-20 00:58 - 2016-09-18 19:35 - 00073256 _____ C:\Users\yakashi\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-20 00:57 - 2009-07-14 05:45 - 00345744 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-20 00:06 - 2016-09-25 14:08 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-19 22:46 - 2016-09-27 13:01 - 00000000 ____D C:\Users\yakashi\AppData\Local\Battle.net
2016-11-19 00:56 - 2016-09-18 20:06 - 00000000 ____D C:\Users\yakashi\AppData\Local\Overwolf
2016-11-18 13:05 - 2016-10-21 15:13 - 00001456 _____ C:\Users\yakashi\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-11-17 20:05 - 2016-10-06 14:21 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Sony
2016-11-17 18:35 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-15 13:30 - 2016-09-30 11:33 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-11-15 13:30 - 2016-09-30 11:33 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-11-15 11:42 - 2016-09-18 19:36 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-12 22:55 - 2016-09-23 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2016-11-12 22:55 - 2016-09-23 22:12 - 00000000 ____D C:\Program Files (x86)\OkayFreedom
2016-11-11 22:40 - 2016-10-15 01:18 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-11 13:47 - 2016-09-30 11:32 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-11-06 22:04 - 2016-09-19 12:46 - 00000000 ____D C:\Program Files\Rockstar Games
2016-11-06 22:04 - 2016-09-19 12:46 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-11-06 03:14 - 2016-09-22 16:07 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-11-06 02:01 - 2016-10-15 01:18 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-05 19:13 - 2016-10-30 17:45 - 00000000 ____D C:\Users\yakashi\Documents\Euro Truck Simulator 2
2016-11-05 18:01 - 2016-09-25 14:08 - 00000000 ____D C:\Users\yakashi\AppData\Roaming\TeamViewer
2016-11-05 12:56 - 2016-09-18 20:10 - 00000952 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-11-03 14:04 - 2016-09-28 14:39 - 00000000 ____D C:\Program Files (x86)\UX Pack
2016-11-03 14:04 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2016-11-03 14:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Cursors
2016-11-03 13:00 - 2016-10-28 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2016-11-03 13:00 - 2016-10-28 23:56 - 00000000 ____D C:\Program Files (x86)\NCWest

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-24 00:10 - 2016-11-01 18:11 - 0000033 _____ () C:\Users\yakashi\AppData\Roaming\AdobeWLCMCache.dat
2016-06-17 07:53 - 2016-06-17 07:53 - 0000244 _____ () C:\Users\yakashi\AppData\Roaming\fnp_registrations.xml
2016-06-17 07:53 - 2016-06-17 07:53 - 0003279 _____ () C:\Users\yakashi\AppData\Roaming\GBpc-EUC-V
2007-05-11 08:00 - 2007-05-11 08:00 - 0059417 _____ () C:\Users\yakashi\AppData\Roaming\Gendarmerie.wee
2016-10-21 15:13 - 2016-11-18 13:05 - 0001456 _____ () C:\Users\yakashi\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-11-22 21:07 - 2016-11-22 21:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-24 00:01

==================== Ende von FRST.txt ============================

Alt 02.12.2016, 15:22   #30
yakashi97
 
Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Standard

Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


ADDITIONLOG:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-11-2016
durchgeführt von yakashi (02-12-2016 15:20:26)
Gestartet von C:\Users\yakashi\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-09-18 18:00:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2572264492-182372228-3150790763-500 - Administrator - Disabled)
Gast (S-1-5-21-2572264492-182372228-3150790763-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2572264492-182372228-3150790763-1002 - Limited - Enabled)
yakashi (S-1-5-21-2572264492-182372228-3150790763-1000 - Administrator - Enabled) => C:\Users\yakashi

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
American Truck Simulator (HKLM\...\Steam App 270880) (Version:  - SCS Software)
Ansel (Version: 376.09 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assetto Corsa v1.5 (HKLM\...\YXNzZXR0b2NvcnNh_is1) (Version: 1 - )
Autodesk 3ds Max 2017 (HKLM\...\Autodesk 3ds Max 2017) (Version: 19.0.1072.0 - Autodesk)
Autodesk 3ds Max 2017 (Version: 19.0.1072.0 - Autodesk) Hidden
Autodesk 3ds Max 2017 Populate Data (HKLM\...\{2B07E17E-A072-43BD-9DCC-369B56C16698}) (Version: 19.0.0.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk Backburner 2017.0 (HKLM-x32\...\{0038F5AA-8482-4BB2-8A28-3FEA1D58D780}) (Version: 17.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max 2017 64-bit (HKLM\...\{1C4FFAF0-7DBB-4F7A-A386-46747D060826}) (Version: 19.0.0.0 - Autodesk)
Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2017 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2017) (Version: 17.0.411.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2017 (Version: 17.0.411.0 - Autodesk) Hidden
AutoHotkey 1.1.24.01 (HKLM-x32\...\AutoHotkey) (Version: 1.1.24.01 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Call of Duty: Black Ops - Multiplayer (HKLM\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM\...\Steam App 42700) (Version:  - Treyarch)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Driver Booster 3.5 (HKLM-x32\...\Driver Booster_is1) (Version: 3.5 - IObit)
EuroGrand Casino (HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\EuroGrand Casino) (Version: 1.1.1.33 - EuroGrand Casino)
EuroGrand Casino Notification (HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\EuroGrand Casino notification) (Version:  - )
F1 2015 version 1.0 (HKLM-x32\...\{F8180751-C7B2-407F-BD4F-55A6C8FF5F14}_is1) (Version: 1.0 - Codemasters)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.44.20513.9 - Electronic Arts)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.21015 - Electronic Arts)
FileZilla Client 3.22.1 (HKLM-x32\...\FileZilla Client) (Version: 3.22.1 - Tim Kosse)
FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.6.2.2 - FlyVPN)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
GenArts Sapphire Plug-ins 6.10 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
HeavyLoad V3.4 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.4 - JAM Software)
Hotspot Shield 5.4.11 (HKLM-x32\...\HotspotShield) (Version: 5.4.11 - AnchorFree Inc.)
Hotspot Shield 5.4.11 Embedded (x32 Version: 5.4.11.9772 - Buildbot) Hidden
HWiNFO64 Version 5.36 (HKLM\...\HWiNFO64_is1) (Version: 5.36 - Martin Malík - REALiX)
IMG Factory - IMG Factory - A program to manage the IMG file format for GTA games. (HKLM-x32\...\IMG Factory IMG Factory) (Version: "1.1.1" - "IMG Factory")
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
K-Lite Mega Codec Pack 12.4.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Lioncast LM30 Gaming Mouse Version 1.2 (HKLM-x32\...\{7EE2D3D8-7A40-406B-BE38-57DDCCC1B4D4}_is1) (Version: 1.2 - LIONCAST)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Mafia III (HKLM-x32\...\Mafia III_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 1.5.2 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSI Kombustor 3.5.2.1 (64-bit) (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
MySQL Connector Net 6.8.3 (HKLM-x32\...\{38157422-F952-42F7-88AA-CC16A63CD109}) (Version: 6.8.3 - Oracle)
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
Node.js (HKLM\...\{672B5547-D20B-4D19-9BFD-B93C32BC77DA}) (Version: 6.9.1 - Node.js Foundation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA mental ray and IRay feature plugins for 3ds Max 2017 (HKLM\...\{6ABEC32F-B90F-4499-B3A3-FF8A00948178}) (Version: 19.0.0.0 - Autodesk)
NVIDIA mental ray and IRay rendering plugins for 3ds Max 2017 (HKLM\...\{4B889650-52DC-49E0-AB9C-F501B91002E3}) (Version: 19.0.0.0 - Autodesk)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.16.2 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.3.2.64935 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.100.9.0 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (x32 Version: 1.0.0 - Overwolf) Hidden
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.26 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1031 - Razer Inc.)
RealLifeRPG (HKU\S-1-5-21-2572264492-182372228-3150790763-1000\...\RealLifeRPG) (Version: 1.5.0 - RealLifeRPG)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.100.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7930 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0015 - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
SciTE4AutoHotkey v3.0.06.01 (HKLM-x32\...\SciTE4AutoHotkey) (Version: v3.0.06.01 - fincs)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
TruckersMP 0.2.1.3.1 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.3.1 Alpha - TruckersMP Team)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 7.0.9-1 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\3dsmax\3ds Max 2017\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\3dsmax\3ds Max 2017\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\3dsmax\3ds Max 2017\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2572264492-182372228-3150790763-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {158958AA-BE6F-49C4-A4B6-633AF4AE7C02} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {1E5ABC8C-46DF-4795-85CD-45772F7687C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-18] (Google Inc.)
Task: {2E086E28-47C4-4045-A0C3-D1B3AE3774A9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {594DE6E7-63F3-40F3-BC39-9B50B752EEE4} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-10-04] ()
Task: {67F53DD4-A801-4BD6-AA5F-C9E822AA9139} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {6DFBFCC2-2343-42A9-89CF-A0BA6CB1F523} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-11-23] (Overwolf LTD)
Task: {8ACA5664-47A1-4D20-8145-6861E6C04ABE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-10-15] (AVAST Software)
Task: {8ADF4950-8C70-4D35-9D49-4FAF09F292EE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-18] (Google Inc.)
Task: {9350B666-3E9D-410A-A7B3-3F85779FFA9D} - System32\Tasks\AdobeAAMUpdater-1.0-yakashi-PC-yakashi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {C1C8081D-FF2D-4C52-A1AB-8C702C93196C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {C99773BA-D28E-4363-9EF5-EC96B75CC008} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {D2F3A21A-B56B-4758-9D5E-16BAF05054F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {DEC86C38-7222-4C52-905B-4681D89F2B01} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {EF5A9D68-D527-483F-9CEE-877DA1B46024} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FFEB62DF-D620-495A-AC3A-1F02489A54B4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EuroGrand Casino notification.lnk -> C:\Users\yakashi\AppData\Local\EuroGrand Casino notification\notification_center.exe (EuroGrand Casino) -> /executebg  /url='hxxps://c6m7w2m9.ssl.hwcdn.net/playtech_notifications/casino_eurogrand/bg.7z' /fallbackurl='hxxp://fallback.playtech-installer.com/playtech_notifications/casino_eurogrand/bg.7z' /id='EuroGrand Casino_1' /type='1'
ShortcutWithArgument: C:\Users\yakashi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-30 09:23 - 2016-06-30 09:23 - 00592384 ____N () C:\Users\yakashi\AppData\Local\MEGAsync\ShellExtX64.dll
2016-10-25 08:57 - 2016-10-25 08:57 - 00491184 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-17 23:42 - 2016-05-17 23:42 - 00230064 ____N () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-10-03 15:57 - 2016-10-03 15:57 - 00052400 ____N () D:\FileZilla FTP Client\fzshellext_64.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-10-25 08:57 - 2016-10-25 08:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-11-15 11:42 - 2016-11-08 22:03 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-15 11:42 - 2016-11-08 22:03 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-07-14 11:25 - 2016-07-14 11:25 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2016-07-14 11:25 - 2016-07-14 11:25 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2016-07-14 11:25 - 2016-07-14 11:25 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2016-07-14 11:26 - 2016-07-14 11:26 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2016-11-20 00:11 - 2016-10-07 19:27 - 04029440 ____N () C:\Program Files\TeamSpeak 3 Client\plugins\task_force_radio_win64.dll
2016-07-14 11:26 - 2016-07-14 11:26 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-12-01 18:35 - 2016-11-18 01:04 - 04280280 _____ () C:\Users\yakashi\Desktop\rgnlauncher1.2.1.exe
2016-12-01 18:35 - 2013-05-08 14:17 - 14483936 _____ () C:\Users\yakashi\Desktop\GTA - San Andreas\rgn_ac_gta.exe
2016-11-26 13:15 - 2016-10-18 18:21 - 00786815 _____ () C:\Users\yakashi\Desktop\Laufscript.exe
2016-12-02 14:44 - 2016-11-15 16:13 - 00397384 ____N () C:\Users\yakashi\AppData\Local\EuroGrand Casino\casino_browser.exe
2016-10-06 21:31 - 2016-07-01 07:39 - 00061968 ____N () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2016-10-06 21:31 - 2016-07-01 07:39 - 00110608 ____N () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00114664 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00108008 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00024040 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-11 17:09 - 2016-08-31 19:04 - 00048104 ____N () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-08-24 00:04 - 2016-08-24 00:04 - 00166520 ____N () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-20 22:55 - 2016-11-17 14:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-20 22:55 - 2016-11-17 11:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-11-20 22:55 - 2016-11-17 11:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-11-20 22:55 - 2016-11-17 11:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-11-20 22:55 - 2016-11-17 11:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-11-20 22:55 - 2016-11-17 11:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-20 22:55 - 2016-11-17 11:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-11-20 22:55 - 2016-11-17 11:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-10-25 09:51 - 2016-10-25 09:51 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-10-03 15:57 - 2016-10-03 15:57 - 00048304 ____N () D:\FileZilla FTP Client\fzshellext.dll
2016-10-12 00:08 - 2016-10-12 00:08 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 00:08 - 2016-10-12 00:08 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 00:08 - 2016-10-12 00:08 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-10-12 00:08 - 2016-10-12 00:08 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-25 09:49 - 2016-10-25 09:49 - 00109760 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2016-10-12 00:08 - 2016-10-12 00:08 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-10 22:15 - 2016-10-10 22:15 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-10 22:15 - 2016-10-10 22:15 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-10-10 22:15 - 2016-10-10 22:15 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-10 22:17 - 2016-10-10 22:17 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-25 09:41 - 2016-10-25 09:41 - 00109760 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2016-10-10 22:14 - 2016-10-10 22:14 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-10-10 22:14 - 2016-10-10 22:14 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-12-02 11:59 - 2008-01-13 23:40 - 00003072 _____ () C:\Users\yakashi\Desktop\GTA - San Andreas\vorbisfile.dll
2016-11-28 14:08 - 2010-08-13 17:44 - 00111104 _____ () C:\Users\yakashi\Desktop\GTA - San Andreas\colormod.asi
2016-11-28 14:08 - 2013-07-08 18:00 - 00056320 _____ () C:\Users\yakashi\Desktop\GTA - San Andreas\Optimiser.asi
2016-11-28 14:08 - 2011-08-27 11:47 - 00158720 _____ () C:\Users\yakashi\Desktop\GTA - San Andreas\sensfix.asi
2016-11-28 14:08 - 2008-03-31 16:25 - 00027648 _____ () C:\Users\yakashi\Desktop\GTA - San Andreas\StreamMemFix1.0.asi
2016-11-28 14:08 - 2008-07-31 07:53 - 00027648 _____ () C:\Users\yakashi\Desktop\GTA - San Andreas\StreamMemFix2.2_test1.asi
2016-11-28 14:08 - 2008-07-31 07:54 - 00027648 _____ () C:\Users\yakashi\Desktop\GTA - San Andreas\StreamMemFix2.2_test2.asi
2016-12-02 11:59 - 2003-11-16 10:48 - 00065536 _____ () C:\Users\yakashi\Desktop\GTA - San Andreas\vorbisHooked.dll
2016-11-28 13:49 - 2003-11-15 16:54 - 00139617 _____ () C:\Users\yakashi\Desktop\GTA - San Andreas\ogg.dll
2016-12-02 11:59 - 2003-11-16 09:48 - 01060864 _____ () C:\Users\yakashi\Desktop\GTA - San Andreas\vorbis.dll
2016-12-02 14:44 - 2016-11-15 16:13 - 00321096 ____N () C:\Users\yakashi\AppData\Local\EuroGrand Casino\chromium.dll
2016-12-02 14:44 - 2016-11-15 16:17 - 01180744 ____N () C:\Users\yakashi\AppData\Local\EuroGrand Casino\nvssd450.dll
2016-12-02 14:44 - 2016-11-15 16:17 - 41380936 ____N () C:\Users\yakashi\AppData\Local\EuroGrand Casino\libcef.dll
2016-12-02 14:44 - 2016-11-15 16:17 - 01495624 ____N () C:\Users\yakashi\AppData\Local\EuroGrand Casino\libglesv2.dll
2016-12-02 14:44 - 2016-11-15 16:17 - 00087112 ____N () C:\Users\yakashi\AppData\Local\EuroGrand Casino\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-12-02 13:22 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2572264492-182372228-3150790763-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\yakashi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Roccat Talk.lnk => C:\Windows\pss\Roccat Talk.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^yakashi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^yakashi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\yakashi\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: Ihsoft => C:\Windows\SysWOW64\regsvr32.exe C:\Users\yakashi\AppData\Local\IRTsoft\PtCres.dll
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LCgmmouse20Run => "C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\LCmon.exe" -runauto
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: OKAYFREEDOM Notifier => "C:\Program Files (x86)\OkayFreedom\Notifier.exe"
MSCONFIG\startupreg: OKAYFREEDOM_Agent => "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
MSCONFIG\startupreg: OKAYFREEDOM_Update => "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: ROCCAT Savu Gaming Mouse => "C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe" /Automation 
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: UX Launcher => C:\Program Files (x86)\UX Pack\uxlaunch.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{C154F0CD-BD0E-49FE-A08B-ADFA3DEB513D}] => D:\Steam\Steam.exe
FirewallRules: [{D67D0C7A-1EE8-41E7-91FA-6AA3B6DB1557}] => D:\Steam\Steam.exe
FirewallRules: [{EC280919-019C-4517-B9C7-6750AD836AB7}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{14F4E6EB-C8AA-4A52-B243-2623BAF83044}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{E873D290-8A82-4F57-883C-85DB853C59E7}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3EE0569A-6554-4438-8CCB-66B4154B4C0F}] => LPort=2869
FirewallRules: [{3C7514D5-2EDD-41B7-B4ED-A7FA42AADB48}] => LPort=1900
FirewallRules: [{54F77AD7-F533-41B1-A96C-6579A590FACE}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{80D109E2-5C63-4E07-8952-6AC7DB14CC20}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{4243043F-F6CD-4A6A-AAE9-F6F4633BB014}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{48D91D21-944E-42E4-ACD1-DBBA9CC7CE89}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{604F4D52-C11C-4FDA-BE99-26E710336935}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{9898F13F-BABB-4731-9473-EC75C00E7AC6}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [TCP Query User{73743B1D-0BD7-4F80-82C9-242F1720082C}D:\steam games\steamapps\common\grand theft auto v\gta5.exe] => D:\steam games\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{A2C6B03F-A9DE-4CF3-BB10-3EE96D45297C}D:\steam games\steamapps\common\grand theft auto v\gta5.exe] => D:\steam games\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{F3420EC8-EBEC-4FCE-8A22-1D6084F36167}] => D:\STEAM GAMES\steamapps\common\YoutubersLife\YoutubersLife.exe
FirewallRules: [{06565DDD-714D-4C7B-84D1-86BD727FA035}] => D:\STEAM GAMES\steamapps\common\YoutubersLife\YoutubersLife.exe
FirewallRules: [TCP Query User{47D234EA-066F-4F95-9135-19EE32E9F1A3}D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{248F18FD-8ED7-44DA-B25A-C1ECEE6782EB}D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => D:\steam games\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{9AB60475-2C0C-4D7F-993E-60DA8A303AC8}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BBDD0042-6295-4692-8798-3884FC3C2A13}] => D:\STEAM GAMES\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{6B96A272-145D-408D-AB61-498AD76C087B}] => D:\STEAM GAMES\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{B4D9BBA7-D75D-4EAC-A0A5-D66F28F54F2F}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{20A88BDE-1054-447C-ACBC-EE10732C0787}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{76A2046E-627D-49C8-9392-9F7276DB86B4}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{A046FFAF-523D-4CB6-8EB1-8D2769337E70}] => D:\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{DC2A7674-DAB4-42A0-AD32-861617653F3F}] => D:\STEAM GAMES\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{B9BA0BCB-1419-40C3-A32D-FEE4BA5BC7B2}] => D:\STEAM GAMES\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{A637E113-4FF3-43F3-8072-4DDA7A9E36CF}] => D:\STEAM GAMES\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{224FD3C0-ED78-49DF-8D75-17E7E7D06AEE}] => D:\STEAM GAMES\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [TCP Query User{352FCEBE-321F-43BE-B9FC-62414E6E6817}C:\program files (x86)\arxgaming\crossfire\updater.exe] => C:\program files (x86)\arxgaming\crossfire\updater.exe
FirewallRules: [UDP Query User{8842CF5D-C92C-4F03-8825-0C94207452EE}C:\program files (x86)\arxgaming\crossfire\updater.exe] => C:\program files (x86)\arxgaming\crossfire\updater.exe
FirewallRules: [{E33CF4AC-FA07-47A0-B266-6FD379202B37}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{D4B913A5-E37D-46CD-A6CD-D09241C3C8D4}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{1A60A3BC-11F3-4DF0-BDB4-1EB05E1DD9FF}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{15B8D802-C50C-4053-9F44-DE3911989EAF}] => D:\STEAM GAMES\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{75302D50-2C1C-4899-BDFB-F5F76A5F0D9A}D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe] => D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [UDP Query User{F1BCE803-48DB-4864-80DE-E3FC93C78B3D}D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe] => D:\steam games\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [{0463C8D8-B4EB-402C-975A-53FD2C392B62}] => D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3111D372-B30C-4FAE-B30C-317B5EF2D85E}] => D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{092C1376-AC06-434A-96FB-FC3228F5EABB}] => D:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{A933518E-0009-4C7C-A88E-9FFF2D5EFF5F}] => D:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{E0C4FA1A-17FB-46AE-BF91-FAFEF1EC4F7D}] => D:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{BF13EF20-5E2B-4708-B33D-3E75CEB38821}] => D:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{6C09C7DA-714E-4031-86AF-0EE6EDFA77E2}] => D:\Origin\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{C87E4FA4-9211-4F21-92EF-42B9CAA8BAA2}] => D:\Origin\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{3F402526-40FD-43B4-A5D9-C08653ABAD82}D:\steam\steamapps\common\arma 3\arma3.exe] => D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{D689010C-FA53-4FEC-A7F7-AAC59B7B63FE}D:\steam\steamapps\common\arma 3\arma3.exe] => D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{0245273A-4C90-4071-9C35-626A161CB039}] => D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A976202E-6A7E-4E43-9790-CD6ADE8693DE}] => D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{3AAA6858-066E-48E4-8A2E-DA2C7FBB3EF8}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3FE5C8E4-CBAB-47A9-BA8A-5090550B9DCE}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A6F93A87-5C22-4594-8B66-DB93A6CA1E05}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DA5F52FC-5760-4A46-BB74-D27B87A0F0FD}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A4266F27-D898-4820-BB3D-592F15E6A15F}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EA0A30D8-8A68-4CB4-B64F-3E701DEC6374}] => C:\Users\yakashi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{853AB005-0400-42E3-A2F7-90EC6C664786}] => D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{AD647B70-1BEA-48EA-93BB-87A6B3AF96EB}] => D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{F0171D46-E230-42B5-B427-9FD8350CC4FF}D:\origin\fifa 16\fifa16.exe] => D:\origin\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{B474C108-783C-47E7-9213-A436D3B9B52C}D:\origin\fifa 16\fifa16.exe] => D:\origin\fifa 16\fifa16.exe
FirewallRules: [TCP Query User{58A90E93-0CB4-441D-B76E-204F1271DAEC}D:\overwatch\overwatch.exe] => D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{C49A4896-8D01-4659-9EED-558493E89A24}D:\overwatch\overwatch.exe] => D:\overwatch\overwatch.exe
FirewallRules: [TCP Query User{3C118DAE-F4D5-4AAF-B8CC-806DB8B7C683}D:\origin\fifa 17\fifa17.exe] => D:\origin\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{0191E049-B320-4A66-A755-DCF5694552A6}D:\origin\fifa 17\fifa17.exe] => D:\origin\fifa 17\fifa17.exe
FirewallRules: [{6CBB3147-FD41-4480-B0B3-283510667F56}] => D:\STEAM GAMES\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{C165C53B-FBB5-443C-B45B-EF119AA382D5}] => D:\STEAM GAMES\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{A4C0C456-087E-4AE2-9341-A06CFFDE5232}C:\users\yakashi\appdata\local\akamai\netsession_win.exe] => C:\users\yakashi\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0E824E0E-B1D6-4950-B81F-27847D8FD10F}C:\users\yakashi\appdata\local\akamai\netsession_win.exe] => C:\users\yakashi\appdata\local\akamai\netsession_win.exe
FirewallRules: [{7BB74303-1648-42C1-A09B-D97485FA28C1}] => D:\STEAM GAMES\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A05C36E7-621B-4277-8968-EB148C93AC4A}] => D:\STEAM GAMES\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{8C19CFB5-B665-4FFE-B59C-6259432F727E}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => C:\program files\java\jre1.8.0_102\bin\javaw.exe
FirewallRules: [UDP Query User{79824693-369C-4ADC-A03D-86616519F550}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => C:\program files\java\jre1.8.0_102\bin\javaw.exe
FirewallRules: [TCP Query User{982566ED-5024-45D2-BF71-0FF67075C412}C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe] => C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe
FirewallRules: [UDP Query User{CDE26847-1BA0-4C65-8E9D-C9A1F1D5BF5F}C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe] => C:\users\yakashi\desktop\streets of crime - cops and robbers\samp-server.exe
FirewallRules: [TCP Query User{C6CC5BFB-0105-48EF-BD11-221267D8FE63}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{208AC28E-67B5-4D36-AC4B-46E07085B89E}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{19414C0E-5BB7-4843-8E4D-DC740DC2A8D5}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{00EFAE64-D055-4D6D-97E4-3C39E267F736}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{61A49BE5-1E75-4527-AF8C-1791634014AB}D:\assetto corsa\assetto corsa\acs.exe] => D:\assetto corsa\assetto corsa\acs.exe
FirewallRules: [UDP Query User{31C55226-954E-479F-9C58-2A90518EF175}D:\assetto corsa\assetto corsa\acs.exe] => D:\assetto corsa\assetto corsa\acs.exe
FirewallRules: [TCP Query User{B9BD4A55-7605-4385-A5FE-5DA23C079143}C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe
FirewallRules: [UDP Query User{6EA11606-5678-4691-9E59-F46C4690FD09}C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\server 0.3z r2\samp-server.exe
FirewallRules: [TCP Query User{8E3B91E4-0826-4486-AE19-04B1F080C879}C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe
FirewallRules: [UDP Query User{A4742DE1-B21A-4EED-8676-8B3A98FE83EB}C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe] => C:\users\yakashi\desktop\mapeditor fullpack\texture-studio-master\samp-server.exe
FirewallRules: [{64D639F4-82CF-4C6E-89AB-D22100570215}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{96968F29-DB47-43E8-A522-CAE9519DE3A0}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{BEF4AADA-7649-41C0-A50D-46F25EB86904}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9605BBFE-30A1-4785-81E3-E83D5A1CFCBC}] => D:\STEAM GAMES\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{17F5492B-D9D4-46CD-92DF-DA4AEE57DCDB}] => D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{B2AA3AC1-533A-4032-B740-BDBF5CB2E1F6}] => D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{E04608B7-80A4-400F-8AB4-6E354000D0B0}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{BF44CA56-9FEE-4CDD-AE20-432702244286}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{B2F78E63-0A1E-404F-8120-ED562D638FE4}] => C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E8C24C47-F5C0-407D-89EB-3FBC50F9A557}] => C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EB70119F-9788-4950-B1F5-989671C83AE3}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BF3AA2C3-ACFB-4C43-9A22-85E17FF4F755}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ED8F8BC3-0EDC-4460-8D68-6690BF3EF5C5}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85FC551A-DF3F-455B-99A3-E26ECCB7DB80}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{40DB1672-CF66-4B25-A7FE-32AAD83B5B1D}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{C19F1CB3-86D2-459E-92D9-3096928774BB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A804337B-3FC9-4175-BF95-6CB65514522F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{B4FAEA4F-CD69-48A1-98EA-C1D5D9035CC6}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{812CC328-2D7B-49E6-BCA2-B389AE8B4564}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{343367D6-E30F-43E1-A945-F7F86CC7DA99}] => C:\WarThunder\run.exe
FirewallRules: [{A1248029-CBF9-40E0-93C2-C8E047571196}] => C:\WarThunder\run.exe
FirewallRules: [{313C93BD-71C0-4F2D-9933-B74A1B5FB44D}] => LPort=80
FirewallRules: [{CF8102D3-8A93-4348-92DC-23D15B0DC945}] => LPort=443
FirewallRules: [{7F9EA741-3353-4B5E-AC6B-3B174092FEC1}] => LPort=20010
FirewallRules: [{103CB3F1-CA23-4754-8A51-4C63CEC74D86}] => LPort=3478
FirewallRules: [{45747647-D43A-4481-B061-FB86FBEF94C2}] => LPort=7850
FirewallRules: [{748C92A9-DD26-4F92-9F3A-D8ABC7D14235}] => LPort=7852
FirewallRules: [{16751B4F-DF3A-4E6E-A9EB-55D73E4D1696}] => LPort=7853
FirewallRules: [{9CEC824F-AB69-4C31-9C66-8F03FF859D04}] => LPort=27022
FirewallRules: [{413A241E-0489-4A66-A0AA-00C5C65EC997}] => LPort=6881
FirewallRules: [{0AC93F84-0568-46DA-92C2-9B055F73DB73}] => LPort=33333
FirewallRules: [{63246DC3-F7E5-4860-9625-99184C4D21D0}] => LPort=20443
FirewallRules: [{CAA0F976-F41E-4D49-BB6F-FF4BE79D90D4}] => LPort=8090
FirewallRules: [{18A48DD0-AE08-482B-9DD2-99E08DB9B74A}] => D:\STEAM GAMES\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{9B4856AD-4962-4E60-9533-0185DA63850A}] => D:\STEAM GAMES\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [TCP Query User{EBED365D-14C9-48AF-8E7D-3C5248BE2C6B}D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{BB9DD903-B452-4FB0-A7B3-2E35F8F1C127}D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\steam games\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{960E645C-8A65-45D5-B230-F1B2373CFB23}C:\sinusbot\sinusbot.exe] => C:\sinusbot\sinusbot.exe
FirewallRules: [UDP Query User{2BCE5799-BF10-4856-8F70-0FF64A0208A0}C:\sinusbot\sinusbot.exe] => C:\sinusbot\sinusbot.exe
FirewallRules: [{37260D11-F556-453B-A92C-C051AAEDE6CA}] => D:\STEAM GAMES\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{D0098E91-9895-4D6D-B056-9515D314B185}] => D:\STEAM GAMES\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{6079BABD-47BD-41E9-A90F-F3F106BE9CEB}] => D:\Origin\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{C3652AFF-1435-4303-BBF8-65ECE241EE30}] => D:\Origin\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{EF4BDED4-4E5D-40DB-A4C4-155548FD6016}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F2EBF2F1-DFD8-4CB4-B258-28F801B4FB47}D:\crossfirearx\updater.exe] => D:\crossfirearx\updater.exe
FirewallRules: [UDP Query User{EE5E6B2C-1A25-4171-AA76-31BC8D58786C}D:\crossfirearx\updater.exe] => D:\crossfirearx\updater.exe
FirewallRules: [{9CDF1C5E-6D3E-4B26-B924-7F17B8330BF9}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AD220EF0-B6DC-4E5A-843F-FFFD2A942323}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0807B64D-ED82-4952-BE5E-24A282B10086}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A4200EB5-35B4-4541-AE64-B8E3DF62D40C}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{70C2845C-8A09-4710-A883-EC84CB286F89}] => D:\FlyVPN\FlyVPN.exe
FirewallRules: [{06A1184B-922A-4546-9F22-3C98C2EFF16F}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{C0E1C40E-9DBA-4F28-AD73-A7592F997885}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9F5D2263-57C9-421E-90B9-F4587BF97D4E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{94D9E19A-3494-4BD4-8D45-A1D8B8E62551}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D2303C7A-4BED-4F96-A526-5165BEA68782}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{4BE9F3FC-CA14-4492-8B4E-1BA1B2FC3D08}D:\crossfire\updater.exe] => D:\crossfire\updater.exe
FirewallRules: [UDP Query User{5860EEB4-085D-4FC3-BB1A-3C89C96D1F83}D:\crossfire\updater.exe] => D:\crossfire\updater.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/02/2016 01:25:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.8.0.1042, Zeitstempel: 0x5639dd97
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0110c9dd
ID des fehlerhaften Prozesses: 0x18dc
Startzeit der fehlerhaften Anwendung: 0x01d24c9732d963b4
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 7333e024-b88a-11e6-868e-4ccc6a61d306

Error: (12/02/2016 01:25:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/02/2016 11:54:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.9.1.335, Zeitstempel: 0x580f9487
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x109c
Startzeit der fehlerhaften Anwendung: 0x01d24c8a2df3a614
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
Berichtskennung: bb7395e4-b87d-11e6-8998-4ccc6a61d306

Error: (12/02/2016 11:54:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.8.0.1042, Zeitstempel: 0x5639dd97
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0325c9dd
ID des fehlerhaften Prozesses: 0x1a34
Startzeit der fehlerhaften Anwendung: 0x01d24c8a744ed174
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: b4ad4584-b87d-11e6-8998-4ccc6a61d306

Error: (12/02/2016 11:54:31 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/02/2016 11:42:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.8.0.1042, Zeitstempel: 0x5639dd97
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00dec9dd
ID des fehlerhaften Prozesses: 0x6a4
Startzeit der fehlerhaften Anwendung: 0x01d24c88d1ce9671
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 123e4891-b87c-11e6-97a5-4ccc6a61d306

Error: (12/02/2016 11:42:49 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/02/2016 12:06:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x582e1b2f
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x582e1abd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d4a9
ID des fehlerhaften Prozesses: 0xfec
Startzeit der fehlerhaften Anwendung: 0x01d24c2241d9a7a1
Pfad der fehlerhaften Anwendung: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Pfad des fehlerhaften Moduls: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
Berichtskennung: bbeaab71-b81a-11e6-91ab-4ccc6a61d306

Error: (12/01/2016 11:26:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x582e1b2f
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x582e1abd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d4a9
ID des fehlerhaften Prozesses: 0x1938
Startzeit der fehlerhaften Anwendung: 0x01d24c19b46096c1
Pfad der fehlerhaften Anwendung: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Pfad des fehlerhaften Moduls: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
Berichtskennung: 26007901-b815-11e6-91ab-4ccc6a61d306

Error: (12/01/2016 10:26:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x582e1b2f
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x582e1abd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d4a9
ID des fehlerhaften Prozesses: 0x18e8
Startzeit der fehlerhaften Anwendung: 0x01d24c145001cd71
Pfad der fehlerhaften Anwendung: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Pfad des fehlerhaften Moduls: C:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
Berichtskennung: dae26801-b80c-11e6-91ab-4ccc6a61d306


Systemfehler:
=============
Error: (12/02/2016 03:09:37 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/02/2016 01:25:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/02/2016 01:23:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (12/02/2016 01:23:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/02/2016 01:23:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (12/02/2016 01:22:36 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "3" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/02/2016 01:22:36 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "2" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/02/2016 01:22:36 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "1" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/02/2016 01:22:36 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "0" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware.

Error: (12/02/2016 11:54:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 14826.85 MB
Verfügbarer physikalischer RAM: 9625.69 MB
Summe virtueller Speicher: 29651.89 MB
Verfügbarer virtueller Speicher: 24090.39 MB

==================== Laufwerke ================================

Drive b: (Lokaler Datenträger) (Fixed) (Total:465.76 GB) (Free:422.14 GB) NTFS
Drive c: (Lokaler Klamottenträger) (Fixed) (Total:236 GB) (Free:52.08 GB) NTFS
Drive d: (Lokaler Baumträger) (Fixed) (Total:931.41 GB) (Free:98.61 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 236 GB) (Disk ID: 11E626FB)
Partition 1: (Active) - (Size=236 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E159512B)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1956BF5A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Antwort
Seite 2 von 3 1 2 3

Themen zu Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED
appdata, code, computer, erkannt, kostenlose, log, malwarebytes, microsoft, neu, problem, roaming, scan, service, sicherheitslücke, startup, tan, tante, telekom, unbedingt, verdacht, virus, websites, windows, windows 7, woche


« 2x Windows 10 Rechner im Netz mit Trojaner, wo fange ich an? | Spammails an Emailadressen die mir bekannt sind »


Ähnliche Themen: Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED


  1. Trojan.FakeMS.ED in dll-Datei
    Log-Analyse und Auswertung - 06.12.2014 (11)
  2. Malwarebytes hat Trojan.FakeMS.ED gefunden
    Log-Analyse und Auswertung - 13.11.2014 (7)
  3. Trojan.FakeMS.ED\Mp3tag.exe
    Plagegeister aller Art und deren Bekämpfung - 03.11.2014 (7)
  4. Trojan.FakeMS.ED, Trojan.FakeMS, trojware.win32.injector
    Log-Analyse und Auswertung - 03.09.2014 (19)
  5. Trojan.FakeMS
    Plagegeister aller Art und deren Bekämpfung - 23.03.2014 (8)
  6. Trojan.FakeMS
    Log-Analyse und Auswertung - 03.05.2013 (9)
  7. Trojan.Agent.ED und Trojan.FakeMS.zb
    Plagegeister aller Art und deren Bekämpfung - 30.04.2013 (20)
  8. Trojan.Ransom.ED, Trojan.Agent.ED und Trojan.FakeMS.PRGen auf laptop
    Log-Analyse und Auswertung - 13.04.2013 (9)
  9. Trojan.Ransom.ED, Trojan.Agent.ED, Trojan.FakeMS.PRGen und Bublik b. durch Email erhalten?
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (29)
  10. Bublik b.; Trojan.Ransom.ED; Trojan.Agent.ED und Trojan.FakeMS.PRGen in Email?
    Mülltonne - 28.03.2013 (0)
  11. Trojan FakeMS und Trojan Agent
    Log-Analyse und Auswertung - 29.01.2013 (17)
  12. trojan.fakems
    Log-Analyse und Auswertung - 22.01.2013 (1)
  13. Trojan.FakeMS, Exploit.Drop.GSA, Trojan.Ransom.SUGen
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (18)
  14. Trojan.FakeMS / Trojan.Agent.ck / Exploit.Drop.GSA
    Plagegeister aller Art und deren Bekämpfung - 03.01.2013 (3)
  15. Trojan.FakeMS und KillProc.A
    Log-Analyse und Auswertung - 31.07.2012 (7)
  16. Trojan.FakeMS gefunden - Infizierung?
    Log-Analyse und Auswertung - 12.07.2012 (2)
  17. Verseucht - Windows läuft kaum noch. Rogue.FakeHDD; Trojan.FakeMS; Rogue.AntiMalware; Trojan.Agent
    Log-Analyse und Auswertung - 08.06.2011 (22)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED - Addition Log: Code: Alles auswählen Aufklappen ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-11-2016 durchgeführt von yakashi (01-12-2016 13:09:03) Gestartet von C:\Users\yakashi\Desktop Windows 7 Ultimate Service Pack - Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED...
Archiv
Du betrachtest: Verdacht auf schweren Trrojaner | Trojan.FakeMS.ED auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129