Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: PC ist auffällig langsamer

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 28.12.2016, 22:22   #1
Krossof
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Hallo Trojaner Board,

beim PC-Spielen ist mir das spiel eingefroren, die Hintergrundprogramme liefen weiter. Allerdings stellte ich auch bei Videos und Bildern sowie beim erneuten Start des Spiels ein sehr langsamen aufbau fest.

Da ich in den letzten 5 Tagen nicht zuhause war weiß ich auch nicht genau was passiert sein soll. Im Ereignis Manager waren zuwenige Fehler um auf Hardware zu schließen, er wurde in der Zeit auch nur 2 mal von meiner Familie genutzt.

Da es das erste mal seit fast 500 Stunden ist das dieses Spiel sich 2 mal einfriert oder "lagt" und allgemein Anwendungen sehr langsam ausgeführt werden würde ich Sie bitten mir zu helfen und nach möglichen Viren zu suchen.


Bisher habe ich mit S&D (Free Version) nur im Tiefenscan Rootkits gefunden.
AVG (Free) ist noch nicht durch.
Den Farbar Scann habe ich wie lt. Forum gebeten auch durchgeführt und den Log angehangen.

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Lauritz (28-12-2016 20:42:00)
Gestartet von C:\Users\Lauritz\Downloads
Windows 7 Professional Service Pack 1 (X64) (2012-10-13 12:29:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2922099021-443059803-3302965599-500 - Administrator - Disabled)
Gast (S-1-5-21-2922099021-443059803-3302965599-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2922099021-443059803-3302965599-1009 - Limited - Enabled)
Lauritz (S-1-5-21-2922099021-443059803-3302965599-1000 - Administrator - Enabled) => C:\Users\Lauritz

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Age of Wonders III (HKLM\...\Steam App 226840) (Version:  - Triumph Studios)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG (Version: 16.131.7924 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4739 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.131.7924 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle Realms (HKLM-x32\...\{9AA761E6-CA51-4FF2-A552-D51638BF0595}) (Version: 0.10.000 - Liquid Entertainment)
Black and White (HKLM-x32\...\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}) (Version:  - )
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Capitalism 2 (HKLM-x32\...\Capitalism 2_is1) (Version:  - GOG.com)
Capitalism II (nur deinstallation) (HKLM-x32\...\Capitalism II) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Conquest of Elysium 3 (HKLM\...\Steam App 211900) (Version:  - Illwinter Game Design)
Conquest of Elysium 4 (HKLM\...\Steam App 403950) (Version:  - Illwinter Game Design)
Cossacks: Back to War (HKLM-x32\...\Steam App 4850) (Version:  - GSC Game World)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Democracy 3 (HKLM\...\Steam App 245470) (Version:  - Positech Games)
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
EVE Online (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\{4c47d6a1-0c58-4e9b-8cf8-216262d26f37}) (Version: 1.0.0 - CCP)
EVEMon (HKLM-x32\...\EVEMon) (Version: 2.1.0 - battleclinic.com) <==== ACHTUNG
Evil Genius (HKLM-x32\...\Steam App 3720) (Version:  - Elixir Studios)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Forged Alliance Forever (HKLM-x32\...\{EF37C7C0-1281-4452-8A3F-D71215478D63}) (Version: 240.10.122 - FAF Community)
Fractured Space (HKLM-x32\...\Steam App 310380) (Version:  - Edge Case Games Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version:  - Robotronic Games)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studios)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Little Fighter 2 version 2.0a (HKLM-x32\...\Little Fighter 2) (Version: version 2.0a - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mumble 1.2.15 (HKLM-x32\...\{3320748F-375E-4A80-BD48-EC42124FB502}) (Version: 1.2.15 - Thorvald Natvig)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OpenTTD 1.6.1 (HKLM-x32\...\OpenTTD) (Version: 1.6.1 - OpenTTD)
Pirates of the Caribbean (HKLM-x32\...\{C388D147-CCBA-411C-B9FC-2CC1B4EFB240}) (Version:  - )
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
Planetbase (HKLM-x32\...\Steam App 403190) (Version:  - Madruga Works)
Port Royale 3 (HKLM\...\Steam App 205610) (Version:  - Gaming Minds)
Project AURA (HKLM\...\Steam App 305940) (Version:  - Pixel Quality Games)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PULSAR: Lost Colony (HKLM-x32\...\Steam App 252870) (Version:  - Leafy Games)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Seven Kingdoms 2 HD (HKLM\...\Steam App 338800) (Version:  - Enlight Software Limited)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SRWare Iron (64-Bit) Version 48.2550.2 (HKLM\...\{BA85A29D-B48E-4826-BAEE-817024E52E29}_is1) (Version: 48.2550.2 - SRWare)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version:  - Star Gem Inc.)
Star Ruler (HKLM-x32\...\StarRuler) (Version:  - )
Star Ruler 2 (HKLM-x32\...\Steam App 282590) (Version:  - Blind Mind Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellaris (HKLM\...\Steam App 281990) (Version:  - Paradox Development Studio)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.0001 - Firefly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Thea: The Awakening (HKLM\...\Steam App 378720) (Version:  - MuHa Games)
Unity Web Player (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Vodafone Mobile Broadband (HKLM-x32\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.3.409.46933 - Vodafone)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WordPerfect Office X3 (HKLM-x32\...\_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}) (Version:  - Corel Corporation)
WordPerfect Office X3 (x32 Version: 13.3 - Corel Corporation) Hidden
World of Tanks (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
XCOM 2 (HKLM-x32\...\Steam App 268500) (Version:  - Firaxis)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1CA8BBF8-D4C7-42A4-B9E4-42CB660E22A8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {2328C447-D3E6-452B-87F9-9EE1E62A4363} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {2D1EC2C2-2DE7-44E3-A2C8-8CA22899DCD0} - System32\Tasks\{BA7EFF60-8789-4118-A88C-2358E2C1CEF7} => pcalua.exe -a D:\HDRII\EP1\EAUninstall.exe
Task: {337F6073-AF3B-4041-A1E2-360F21C9D657} - System32\Tasks\{37BDD613-C6FA-476D-9F6B-0D761860DBF2} => pcalua.exe -a D:\HDRII\EAUninstall.exe
Task: {4F5346FE-3B0F-4162-8D5D-5D4D49517DEA} - System32\Tasks\{02E7FDDD-7C7A-4696-8E9F-71C30DFEFF6B} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/105430
Task: {6440EA78-AF98-4591-B84E-B8859C5D18BA} - System32\Tasks\{62C6544D-7998-4493-9DE7-6498D76BC5B1} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe [2001-03-09] (LionHead Studios Ltd.)
Task: {6A85DDF2-94BD-4F8E-BECA-17699438BEBC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {733182AF-2FF2-441C-982F-8A8769EFFDCB} - System32\Tasks\{9BEA0DF0-7E39-48E3-94BA-D7D1CE9B4D23} => Chrome.exe hxxps://ui.skype.com/ui/0/7.30.80.105/de/abandoninstall?page=tsMain
Task: {78356296-813B-4DAF-A3CE-124F5844CA93} - System32\Tasks\{FC6FACA1-9ECD-412C-9E32-0050FE7386B9} => pcalua.exe -a D:\PlanetSide2\Uninstaller.exe
Task: {7E6D8B7A-4C49-4A0C-824C-FE012F75C383} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {8BFCD73A-2B3F-4460-AE44-8BC7FE9F502A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {AB73DEAA-DDED-439D-801C-214D922BF39D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {AF731C36-4DAC-43E7-963B-A431A84F7D32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-07] (Adobe Systems Incorporated)
Task: {B0B61FC4-E05F-4262-87F7-688AF5DBB856} - System32\Tasks\{31C26874-D94B-4972-8561-BC0923796AD2} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe [2001-03-09] (LionHead Studios Ltd.)
Task: {BA2D7491-0897-4A20-AE28-2632701CFF54} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Device Center\itype.exe
Task: {BA65C212-7CA6-4723-864D-03D055E04489} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {C8690BF7-AED1-4CDB-84BC-75C49827CDE6} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
Task: {DACD9C03-531E-428C-8D3D-7A51F8FD7B31} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {E22041C3-3C39-4683-B76D-4826B0A998F7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-15] (Adobe Systems Incorporated)
Task: {E6724815-6F5B-44EC-AEC8-7E9FFEF3DC5E} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {F86498AF-5BC8-424E-A3DF-BB28882EA2C8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Device Center\ipoint.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Lauritz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\876c1f0956c85873\Chromium.lnk -> C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (SRWare) -> --profile-directory="Profile 1"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-12-18 17:31 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-13 13:53 - 2012-02-07 16:27 - 00121344 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2016-03-16 19:27 - 2016-03-11 15:31 - 02576984 _____ () C:\Program Files\SRWare Iron (64-Bit)\libglesv2.dll
2016-03-16 19:27 - 2016-03-11 15:31 - 00093784 _____ () C:\Program Files\SRWare Iron (64-Bit)\libegl.dll
2013-03-12 17:10 - 2016-12-08 16:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 10:49 - 2016-12-20 03:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-10-29 16:31 - 2016-12-20 03:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 17:35 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-04-12 11:44 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-04-12 11:44 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-04-12 11:44 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2016-11-28 12:53 - 2016-11-28 12:53 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-12-13 11:21 - 2016-12-05 17:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2012-10-29 16:31 - 2016-12-20 03:25 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-01-20 07:18 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2012-10-13 13:53 - 2012-02-07 16:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-04-12 11:44 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-04-12 11:44 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-04-12 11:44 - 2014-04-25 13:11 - 02972112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:A70A8BB0 [284]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7924 mehr Seiten.

IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7924 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-12-28 20:30 - 00453906 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15574 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lauritz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3525630A-4038-4DA1-8B14-B1BA07B4A112}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EE1F95C1-FE21-4BD8-B1EF-3C3B97F569C2}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A054DEDA-1F95-46C5-B435-0E8BB91AAB2C}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{4BEB620E-9F8B-4A5F-AD92-663E50414585}D:\world_of_tanks\wotlauncher.exe] => D:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B4883DF9-41FF-4A6B-9D9F-3F04E79BC86A}D:\world_of_tanks\wotlauncher.exe] => D:\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{1A91BAD5-54D2-45CE-B7CF-22F04942A28D}D:\world_of_tanks\worldoftanks.exe] => D:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{2B41D176-6C18-44C8-953F-7CB1DAFE7322}D:\world_of_tanks\worldoftanks.exe] => D:\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{73AEEE84-7816-427D-9BD8-C5322DA10A25}C:\program files (x86)\star ruler\starruler.exe] => C:\program files (x86)\star ruler\starruler.exe
FirewallRules: [UDP Query User{D9F68E51-CDFE-4084-8D7A-F9902E5B1B16}C:\program files (x86)\star ruler\starruler.exe] => C:\program files (x86)\star ruler\starruler.exe
FirewallRules: [TCP Query User{5132D057-4F65-41C8-80FD-2BCCE9254C80}D:\eve online\bin\exefile.exe] => D:\eve online\bin\exefile.exe
FirewallRules: [UDP Query User{8E9CA187-C958-440F-92BB-86E1F5EBE698}D:\eve online\bin\exefile.exe] => D:\eve online\bin\exefile.exe
FirewallRules: [TCP Query User{64A58C25-74DC-4CC5-88A4-51D4C8CE0465}D:\anno171\anno1701.exe] => D:\anno171\anno1701.exe
FirewallRules: [UDP Query User{0053AE60-FB63-4AFD-BEB7-44D7F3C7F87A}D:\anno171\anno1701.exe] => D:\anno171\anno1701.exe
FirewallRules: [{79063EC3-D32F-4609-BA3C-5C6204A378D2}] => C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{11DE37C0-7DEF-4B67-BD6F-1E0173797F95}] => C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{2C78A0C5-39C2-4EB5-B470-6787181B3067}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{369A8CFD-43A6-428F-8F1D-589F4E461759}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{6D59CFA9-DFC8-4DAD-8A15-C05E013E9BE8}] => C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{D35B639C-E5D8-4238-92C8-D88A98B1C8CD}] => C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{2FE5F5E8-21E6-40DD-BB2D-6F39C9D307FF}] => C:\Program Files (x86)\Steam\SteamApps\common\Evil Genius\EvilGeniusLauncher.exe
FirewallRules: [{882484F6-FA56-4C13-98D2-8BDE5B124365}] => C:\Program Files (x86)\Steam\SteamApps\common\Evil Genius\EvilGeniusLauncher.exe
FirewallRules: [TCP Query User{165E54D3-C6F1-4741-B546-FFFC4E29EB99}C:\programdata\faforever\bin\forgedalliance.exe] => C:\programdata\faforever\bin\forgedalliance.exe
FirewallRules: [UDP Query User{7D79CDF4-55A3-4FCF-87AA-1D49879BCEC3}C:\programdata\faforever\bin\forgedalliance.exe] => C:\programdata\faforever\bin\forgedalliance.exe
FirewallRules: [TCP Query User{FF529BB4-7C9B-4596-B876-6840D87437FF}C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe] => C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [UDP Query User{24A79DAB-AC2F-4C5D-8C44-53457662FA7B}C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe] => C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [{1DE14345-D221-44C4-927E-8915EBDC7B0C}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{8C3DC567-10EE-413A-A775-E11810F84692}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{FE6DC594-F56A-44B5-8857-BBD1921EA6BE}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{87578C7C-5CCB-4820-A53A-EA284A55B822}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{7F094403-C09D-4FF8-84AB-024000AB740B}] => LPort=80
FirewallRules: [{13455699-4A60-4268-A195-8156A81F90CF}] => LPort=443
FirewallRules: [{6F6C0479-487A-4AEB-80C2-F07A64CE7406}] => LPort=20010
FirewallRules: [{2E9328CF-89A4-466D-A07C-C8D50FD431F3}] => LPort=3478
FirewallRules: [{BEC6AC26-105D-4ED8-B759-09B432CD9F01}] => LPort=7850
FirewallRules: [{4F1FE10F-F708-40DE-8194-29E955599F65}] => LPort=27022
FirewallRules: [{A1FEE9DF-46B5-4427-803E-5473AA8B14F6}] => LPort=6881
FirewallRules: [{63BA6F08-A43D-4E05-B9AA-3FFDF63A65BF}] => LPort=33333
FirewallRules: [{90F34B83-0226-4C4D-B0EB-08F80DB47615}] => LPort=20443
FirewallRules: [{88299BA2-7499-492C-B6FA-39FC248B0927}] => LPort=8090
FirewallRules: [{5A366660-B3A9-4F3B-9FD8-E8C28DB2C0EB}] => C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{E9164DB0-ACB1-4C50-9D79-3356840DEAC8}] => C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{FB745F0E-6CB3-493B-A67F-DA62816A9847}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67DD86DB-9070-4AE6-BF7A-FC2F64E5C5B2}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F28FC892-C944-4799-A751-E9A912E53383}] => C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{EC27BAA6-6D71-4D21-B93E-4B9CE0220E00}] => C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [TCP Query User{7BBB4B05-1A23-45F0-B3E9-DDE3ACBFDC45}C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe] => C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe
FirewallRules: [UDP Query User{64F90C6B-8DF0-4B73-B60C-73502AC5762B}C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe] => C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe
FirewallRules: [{F65F83C4-E4AF-4E46-A859-11C6B5A123C0}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A7DC8388-128D-411A-A393-964948DDDA54}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{17757A13-4720-4CCD-8708-54F879C3E4C9}] => D:\AgeofEmpires Online\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{81D9EFF7-14A2-4C1D-A52A-3286026B729D}] => D:\AgeofEmpires Online\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5B033B21-4FBF-4990-940E-8FA557BF284D}] => D:\AgeofEmpires Online\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{3DFF6BFE-1E66-440A-8D21-80C9867C8289}] => D:\AgeofEmpires Online\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{BEBB5B2A-A4FE-445A-BD53-7516AAF12958}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{B3C16A45-B465-40CF-A310-14D6D8544EC4}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{33C63DA3-27BC-4ABB-BC1C-2BC556D8C2CC}] => D:\AgeofEmpires Online\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{661A20FA-0891-4694-9CB4-7081E008B9A9}] => D:\AgeofEmpires Online\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [TCP Query User{4885F550-D1A7-48E6-9F2D-C3F444A36484}C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe] => C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe
FirewallRules: [UDP Query User{01826DC1-531C-47ED-8C99-061E337F951F}C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe] => C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe
FirewallRules: [{81F653ED-30F5-459C-BDF7-B797BB43BD31}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{50B022D9-07C7-46AF-97E6-B3ABD881A638}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{C4E340E7-FE79-4C2D-9029-FC4E85871471}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{87AE0554-1480-43C1-957B-A3D0CDCCF464}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{6F224CAE-EEB6-467D-BA7B-CD509E52CA77}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{258F7346-3DBD-403A-A60D-0085524EF75B}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{8ACA1C8F-8910-41D2-AA1B-156A3686DD7B}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{31E17DBD-7450-42BB-A908-B366189C1069}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [TCP Query User{5CF52E34-10DF-4486-9A3C-C93E4349617E}D:\eve test\bin\exefile.exe] => D:\eve test\bin\exefile.exe
FirewallRules: [UDP Query User{C0632904-AB4B-4604-9794-C17929791001}D:\eve test\bin\exefile.exe] => D:\eve test\bin\exefile.exe
FirewallRules: [{AEDCABFF-6C8C-4EC8-A2C6-3F9D8AAC6E60}] => D:\AgeofEmpires Online\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
FirewallRules: [{A5D27DCA-B050-417A-B0CE-96B05374332B}] => D:\AgeofEmpires Online\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
FirewallRules: [{728C2563-F377-46BD-9720-CA49545D29A8}] => D:\AgeofEmpires Online\SteamApps\common\Star Ruler 2\Star Ruler 2.exe
FirewallRules: [{049CBADA-9726-4115-B315-D1BBA4BB4471}] => D:\AgeofEmpires Online\SteamApps\common\Star Ruler 2\Star Ruler 2.exe
FirewallRules: [{B82976CC-4D75-45E2-B585-87E2C5C6E895}] => D:\AgeofEmpires Online\SteamApps\common\star conflict\game.exe
FirewallRules: [{67F59D19-6F28-4A34-BD83-96C9FE22A39E}] => D:\AgeofEmpires Online\SteamApps\common\star conflict\game.exe
FirewallRules: [TCP Query User{A66F55DD-678B-4745-94DB-FBE063BEA500}D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [UDP Query User{2E1EDA66-F54C-4215-96E0-48C54E37BA42}D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [{6EB2C5A9-0078-4002-8374-95AEF3950B25}] => D:\AgeofEmpires Online\SteamApps\common\Planetbase\Planetbase.exe
FirewallRules: [{29CF51ED-505C-4803-BD72-5840A2BF3AE0}] => D:\AgeofEmpires Online\SteamApps\common\Planetbase\Planetbase.exe
FirewallRules: [{B268E636-E6DD-4B5C-8292-A619AFF0D449}] => D:\AgeofEmpires Online\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{9E4FE6CD-4748-442E-BE13-FDE5E51D4D81}] => D:\AgeofEmpires Online\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{6545200B-D399-419C-AE47-BD310CAFF706}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{4F3D9125-81BD-4521-AF7B-82683A0E4F7E}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{AB1629DC-65FB-45AF-BF30-A640F4E604BB}] => D:\AgeofEmpires Online\SteamApps\common\Gnomoria\Gnomoria.exe
FirewallRules: [{CD394664-A4B4-4221-9A4C-850708DFBF3C}] => D:\AgeofEmpires Online\SteamApps\common\Gnomoria\Gnomoria.exe
FirewallRules: [TCP Query User{16E5ECC8-E241-4C67-8130-0581BC3FF300}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{87735BB3-28FC-4A9E-8DFB-C53D11BC5DCB}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{96CC5490-34B7-42C0-A395-A1A4351E9674}] => D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{611DE6F4-D6F4-41AD-912B-4B60D2EB37C2}] => D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{27C6D0CC-AA3A-44E8-B3D8-94FB961E420D}] => D:\AgeofEmpires Online\SteamApps\common\Project Aura\Project Aura.exe
FirewallRules: [{455A754F-9ED1-4CFB-9172-7F08E27D45C1}] => D:\AgeofEmpires Online\SteamApps\common\Project Aura\Project Aura.exe
FirewallRules: [TCP Query User{25652C2E-F1EA-4AF4-8D02-119B20FBC5B1}D:\eve online test server\sharedcache\tq\bin\exefile.exe] => D:\eve online test server\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{337327AF-1C04-4E9F-BFF0-6C0C9A6F571C}D:\eve online test server\sharedcache\tq\bin\exefile.exe] => D:\eve online test server\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{4586FD53-0545-4E21-AF9F-AFBC84778177}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe] => C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe
FirewallRules: [UDP Query User{605DF62E-D495-4172-9867-775AD6DCFF3E}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe] => C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe
FirewallRules: [{3052BF56-A71B-44DF-9B5B-96E8BD796720}] => D:\AgeofEmpires Online\SteamApps\common\Seven Kingdoms 2 HD\7K2.exe
FirewallRules: [{07CCCFB8-3179-4EB7-B1D1-899C344073C2}] => D:\AgeofEmpires Online\SteamApps\common\Seven Kingdoms 2 HD\7K2.exe
FirewallRules: [{C283F350-165D-41CB-B179-E3C57A63D50F}] => D:\AgeofEmpires Online\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{D029A56B-E110-436A-ACC6-68EFD3628378}] => D:\AgeofEmpires Online\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{B60573CB-4959-49B3-BED4-A6134D99D621}] => D:\AgeofEmpires Online\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{E61A2755-1C64-4465-B933-3F8C2D8D9781}] => D:\AgeofEmpires Online\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{496BDC9A-B6E5-48E2-B473-6748198DFD11}] => D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{1B23D3C4-556A-4BF5-A5A6-C58C1121E450}] => D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [TCP Query User{C60CC3AF-3573-4793-A84B-5A7DC321D718}C:\users\lauritz\proxy\freeproxy\freeproxy.exe] => C:\users\lauritz\proxy\freeproxy\freeproxy.exe
FirewallRules: [UDP Query User{AA8AF4EE-5F9F-4B77-9C9B-39A213EB0160}C:\users\lauritz\proxy\freeproxy\freeproxy.exe] => C:\users\lauritz\proxy\freeproxy\freeproxy.exe
FirewallRules: [TCP Query User{30A3F1D6-676A-4FEE-AE6F-C3E36EF18964}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{4A49306D-24EF-4BE6-9646-005110C4D15E}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{FAC251DA-7DC8-47CF-83F7-70C4736B7BF8}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{25E12715-FDCF-4AA8-916D-6F6C14450166}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{643F5760-CC57-46B0-A9AE-383DF3C910C4}] => D:\AgeofEmpires Online\SteamApps\common\Port Royale 3\PortRoyale3.exe
FirewallRules: [{D2CBEB52-1236-423D-A4B6-F421562DA611}] => D:\AgeofEmpires Online\SteamApps\common\Port Royale 3\PortRoyale3.exe
FirewallRules: [{588B24E7-4285-4438-9D20-88FED1C77B95}] => D:\AgeofEmpires Online\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{FA4380EF-610F-4958-BF9D-EC9947C5A0D2}] => D:\AgeofEmpires Online\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{42D08151-42D4-4CA9-A38F-55D8FBCAFDAF}] => D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium3\coe3.exe
FirewallRules: [{4792A8DF-85BC-40EB-8415-79F7C4E664C4}] => D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium3\coe3.exe
FirewallRules: [{96B68FD9-AA35-48B1-92FA-AF006BF45BF7}] => D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium4\coe4.exe
FirewallRules: [{22D48B7B-F53D-4AE2-99FD-874F8C77439A}] => D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium4\coe4.exe
FirewallRules: [{1E090DD7-0BD3-4851-8065-84A2D66DF08F}] => D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [{68C25AAE-A925-449D-8E85-4F23A8C9842B}] => D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [TCP Query User{5A819A13-965B-4BC8-AA48-44F6C99C6337}D:\eve\sharedcache\tq\bin\exefile.exe] => D:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{52111DC9-FC00-4D01-9535-649DEBD968AE}D:\eve\sharedcache\tq\bin\exefile.exe] => D:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [{ABE4C9A0-BBEB-4BA4-BCAF-50982DF45032}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F4E9BAE7-11E9-4457-9367-2D297456093F}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{2FF99247-3D1A-4100-9C91-B62BF7A29EDE}] => D:\AgeofEmpires Online\SteamApps\common\Graviteam Tactics Operation Star\starter.exe
FirewallRules: [{F97D8E2D-0D85-47D8-A1ED-4312164571A8}] => D:\AgeofEmpires Online\SteamApps\common\Graviteam Tactics Operation Star\starter.exe
FirewallRules: [{EA0F917E-CD4C-4E0F-9876-0C9CE4D4D44A}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{71358049-DF66-4E8A-91C2-50CB285071DF}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{1F2CD0F0-9D78-4991-93E2-4CAC962F5993}] => D:\AgeofEmpires Online\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{9665F274-E12D-479C-892D-DED6AACB8EC6}] => D:\AgeofEmpires Online\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{2A48A080-E8CE-48E9-8870-19D099A7BB48}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{EE3F296C-20C8-4481-9259-E96AF41D9210}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{F3BDC4CE-09F0-4B6B-AADA-8433B44D8C48}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{DD967720-A505-4A03-AB01-5E28F690D581}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{2134553F-60B9-4A6F-BE40-6476FF122012}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{124204E2-2440-4C3E-AFBA-687ED0A10DD3}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{6CD9EA87-4346-4DC2-9436-766EF704371F}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{D773CF05-81FD-4946-B5DF-8DC702470628}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{47D8A7BC-BB55-46F4-847A-4C0A80C0FF3B}] => C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{C2D8725A-E936-4D61-8A97-2EE36FBF607E}] => C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{76A16BF0-2535-43EE-AF51-470D66DBD8DB}] => D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\MP\TheaMP.exe
FirewallRules: [{23FF5B09-6085-4895-A10C-317E3A328A63}] => D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\MP\TheaMP.exe
FirewallRules: [{72AFA9A7-7EA2-4BFE-B4F9-7D0FAF3A6D57}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FCC03A1B-03CF-4BEA-91A2-E03C6FE794BF}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B37515D0-0248-49C0-A81D-93666DC4AF7B}] => D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E96B7DB4-85CA-4C18-93C2-1B81DABA92DC}] => D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{885685D8-B0BE-40AE-AD73-486B0C381C07}] => D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{6F80B370-1CFE-461C-A1D6-396B0DE93DD3}] => D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

06-11-2016 19:39:54 Geplanter Prüfpunkt
10-11-2016 00:48:53 Windows Update
12-11-2016 12:48:22 Installed AVG 2016
12-11-2016 12:49:58 Installed AVG
19-11-2016 16:30:02 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
19-11-2016 17:03:22 Windows Update
01-12-2016 04:40:03 Geplanter Prüfpunkt
11-12-2016 00:49:11 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210
11-12-2016 00:50:00 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
11-12-2016 00:50:23 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210
11-12-2016 00:51:34 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
13-12-2016 16:26:51 Microsoft Visual C++ 2005 Redistributable wird installiert
13-12-2016 16:28:22 Microsoft Visual C++ 2005 Redistributable wird installiert
13-12-2016 16:30:54 DirectX wurde installiert
14-12-2016 13:45:34 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel(R) HD Graphics
Description: Intel(R) HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/28/2016 07:57:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mmc.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1dd4

Startzeit: 01d2613b939ec2d6

Endzeit: 3

Anwendungspfad: C:\Windows\system32\mmc.exe

Berichts-ID: 7e760e4b-cd2f-11e6-b90a-bc5ff4450f04

Error: (12/28/2016 07:54:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b54

Startzeit: 01d2613a25a06fee

Endzeit: 186

Anwendungspfad: D:\AgeofEmpires Online\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Berichts-ID:

Error: (12/28/2016 07:41:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: eac

Startzeit: 01d26132791a92a6

Endzeit: 252

Anwendungspfad: D:\AgeofEmpires Online\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Berichts-ID:

Error: (12/28/2016 07:02:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CompatTelRunner.exe, Version: 10.0.14913.1002, Zeitstempel: 0x57d1070d
Name des fehlerhaften Moduls: devinv.dll, Version: 10.0.14913.1002, Zeitstempel: 0x57d10950
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000023c00
ID des fehlerhaften Prozesses: 0x19f8
Startzeit der fehlerhaften Anwendung: 0x01d2613078df23ac
Pfad der fehlerhaften Anwendung: C:\Windows\system32\CompatTelRunner.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\devinv.dll
Berichtskennung: c024926d-cd27-11e6-b90a-bc5ff4450f04

Error: (12/28/2016 06:30:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/26/2016 01:59:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/22/2016 07:59:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/21/2016 06:25:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/21/2016 02:15:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/20/2016 01:51:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.


Systemfehler:
=============
Error: (12/28/2016 07:39:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (12/28/2016 06:31:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/28/2016 06:31:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (12/28/2016 06:30:20 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (12/28/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/28/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (12/28/2016 06:29:38 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (12/26/2016 03:05:58 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (12/26/2016 03:05:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (12/26/2016 02:05:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.


CodeIntegrity:
===================================
  Date: 2012-10-13 16:48:13.632
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-13 16:48:13.621
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-13 16:48:13.337
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-13 16:48:13.328
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 8079.21 MB
Verfügbarer physikalischer RAM: 3209.24 MB
Summe virtueller Speicher: 16156.6 MB
Verfügbarer virtueller Speicher: 12328.28 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:150.98 GB) (Free:26.82 GB) NTFS
Drive d: () (Fixed) (Total:176.27 GB) (Free:26.98 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 335.4 GB) (Disk ID: 429D211B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=176.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)

==================== Ende von Addition.txt ============================
         

Geändert von cosinus (29.12.2016 um 12:07 Uhr) Grund: CODE-Tags

Alt 29.12.2016, 12:09   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Hi

1. Wenn Logs gepostet werden nimmt man nicht einfach irgendwelche Tags, sondern immer CODE-Tags

2. Wo ist das andere FRST-Log?

3. Das ist warum genau ein Viren/Malwareproblem? Wenn es keine Funde gab? Wenn es doch Funde gab musst du auch die Logs dazu posten!
__________________

__________________

Alt 29.12.2016, 19:36   #3
Krossof
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Hi

1. Hab ich es weder gelesen noch wusste ich welche form ihr nutzt daher so.

2. Habe es hinzugefügt

3. Ich bat Trojanerboard um Hilfe mir bei der Suche zu helfen, die ganzen Suchsoftwaren sind viel zu kompliziert für mich um raus zu finden ob ich noch einen Virus im System habe oder nicht.
Mich beunruhigt es zur zeit sehr das mein PC von einem mal auf das andere normale Spiele nicht mehr ruhig laufen lassen kann. Das eine Internetseite 10 statt 1 Sekunde zum laden braucht und das ich Bilder auf der Festplatte von oben nach unten aufbauen sehe statt sofort.

Mit dem Rootkitscan von S&D habe ich ein paar Funde gehabt.

Code:
ATTFilter
// info: Rootkit removal help file
// copyright: (c) 2008-2016 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"No admin in ACL","C:\Windows\SysWOW64\KGyGaAvL.sys"
File:"No admin in ACL","C:\Windows\System32\KGyGaAvL.sys"
File:"Unknown ADS","C:\Users\Lauritz\Documents\My Games\Star Ruler\Saves\3:53.srs.tmp:$DATA"
File:"No admin in ACL","C:\ProgramData\GFACE"
File:"No admin in ACL","C:\ProgramData\GFACE\cookie"
File:"No admin in ACL","C:\ProgramData\GFACE\LogBackups"
File:"No admin in ACL","C:\ProgramData\GFACE\plugin.log"
File:"No admin in ACL","C:\ProgramData\GFACE\LogBackups\20150212_121633_plugin.log"
File:"Unknown ADS","C:\ProgramData\AVG\AV\chjw\1ce9561ce9476e.dat:13626a2e-5ba6-4105-8fd6-fe4c9d887c46:$DATA"
File:"Unknown ADS","C:\ProgramData\AVG\AV\chjw\1ce9561ce9476e.dat:696cd62f-302a-487f-833a-7311c7fa9f45:$DATA"
File:"Unknown ADS","C:\ProgramData\AVG\AV\chjw\3ebaee35baede8fb.dat:60668b04-e7d5-4620-bc74-8677fd839925:$DATA"
File:"Unknown ADS","C:\ProgramData\AVG\AV\chjw\3ebaee35baede8fb.dat:c808c531-1db2-460f-be75-90371637b84f:$DATA"
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Lauritz (Administrator) auf LAURITZ-PC (28-12-2016 20:41:14)
Gestartet von C:\Users\Lauritz\Downloads
Geladene Profile: Lauritz (Verfügbare Profile: Lauritz)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files\SRWare Iron (64-Bit)\chrome.exe" -- "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickFinder Scheduler] => C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE [83568 2007-01-02] (Corel Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [MobileBroadband] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [78336 2013-10-24] (Vodafone)
HKLM-x32\...\Run: [VmbNotifier] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [1893888 2013-10-24] (Vodafone)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\MountPoints2: {d68dae76-f34e-11e5-9414-bc5ff4450f04} - F:\setup_vmb_lite.exe /checkApplicationPresence
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-08-19] (NVIDIA Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [S-1-5-21-2922099021-443059803-3302965599-1000] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-2922099021-443059803-3302965599-1000] => localhost:21320
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0B4D4C20-18BD-4408-9CB9-3057CC20671C}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{832F46A1-9D7F-4D45-BCE9-305835DBF76A}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKU\S-1-5-21-2922099021-443059803-3302965599-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F20DF787-928C-4819-8EE5-12762BEBDD1A}&mid=93a2dbd153dc47d0a8576d16b2a1e6f7-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=AVG&coid=avgtbavg&cmpid=0516av&pr=fr&d=2016-04-26 16:48:53&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2922099021-443059803-3302965599-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-2922099021-443059803-3302965599-1000 -> Kein Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2922099021-443059803-3302965599-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lauritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-28] (Unity Technologies ApS)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 VmbService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2013-10-24] (Vodafone) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-10-13] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-10-13] ()
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2016-06-11] (Macrovision Europe Ltd) [Datei ist nicht signiert]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-28 20:41 - 2016-12-28 20:41 - 00013902 _____ C:\Users\Lauritz\Downloads\FRST.txt
2016-12-28 20:38 - 2016-12-28 20:38 - 02420736 _____ (Farbar) C:\Users\Lauritz\Downloads\FRST64.exe
2016-12-19 18:52 - 2016-12-19 18:52 - 00003074 _____ C:\Windows\System32\Tasks\{9BEA0DF0-7E39-48E3-94BA-D7D1CE9B4D23}
2016-12-14 13:20 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 13:20 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 13:20 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 13:20 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 13:20 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 13:20 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 13:20 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 13:20 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 13:20 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 13:20 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 13:20 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 13:20 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 13:20 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 13:20 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 13:20 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 13:20 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 13:20 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 13:20 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 13:20 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 13:20 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 13:20 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 13:20 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 13:20 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 13:20 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 13:20 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 13:20 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 13:20 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 13:19 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 13:19 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 13:19 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 13:19 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 13:19 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 13:19 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 13:19 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 13:19 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 13:19 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 13:19 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 13:19 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 13:19 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 13:19 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 13:19 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 13:19 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 13:19 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 13:19 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 13:19 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 13:19 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 13:19 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 13:19 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 13:19 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 13:19 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 13:19 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 13:19 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 13:19 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 13:19 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 13:19 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 13:19 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 13:19 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 13:19 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 13:19 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 13:19 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 13:19 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 13:19 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 13:19 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 13:19 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 13:19 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 13:19 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 13:19 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 13:19 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 13:19 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 13:19 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 13:19 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 13:19 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 13:19 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 13:19 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 13:19 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 13:19 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 13:19 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 13:19 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 13:19 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 13:19 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 13:19 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 13:19 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 13:19 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 13:19 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 13:19 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 13:19 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 13:19 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 13:19 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 13:19 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 13:19 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 13:19 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 13:19 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 13:19 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 13:19 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 13:19 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 13:19 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 13:19 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 13:19 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 13:19 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 13:19 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 13:19 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 13:19 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 13:19 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 13:19 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 13:19 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 13:19 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 13:19 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 13:19 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-07 16:18 - 2016-12-07 16:18 - 00000221 _____ C:\Users\Lauritz\Desktop\Borderlands 2.url
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-28 01:44 - 2016-11-28 01:44 - 00000222 _____ C:\Users\Lauritz\Desktop\Age of Wonders III.url

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-28 20:41 - 2015-01-07 00:44 - 00000000 ____D C:\FRST
2016-12-28 20:32 - 2012-10-13 16:03 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\Skype
2016-12-28 20:28 - 2015-04-12 11:44 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-12-28 20:06 - 2016-09-23 18:53 - 00000000 ____D C:\Users\Lauritz\Desktop\backups
2016-12-28 20:06 - 2012-10-31 18:41 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\TS3Client
2016-12-28 19:42 - 2012-10-29 16:29 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-28 18:43 - 2016-11-12 12:45 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-28 18:41 - 2009-07-14 05:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-28 18:41 - 2009-07-14 05:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-28 18:35 - 2013-01-13 22:07 - 00000000 ____D C:\ProgramData\MFAData
2016-12-28 18:29 - 2012-12-18 17:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-28 18:29 - 2012-10-13 13:53 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2016-12-28 18:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-22 20:54 - 2012-11-06 22:27 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\vlc
2016-12-20 17:47 - 2012-10-13 13:53 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-12-18 12:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-18 01:39 - 2016-03-22 21:40 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-15 19:07 - 2011-04-12 08:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-12-15 19:07 - 2011-04-12 08:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-12-15 19:07 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-15 19:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-15 19:01 - 2009-07-14 05:45 - 00483768 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 13:55 - 2013-08-15 11:53 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 13:53 - 2012-10-13 15:30 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 13:51 - 2013-04-25 06:52 - 01592628 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-13 20:06 - 2015-02-19 19:36 - 00000000 ____D C:\Users\Lauritz\AppData\Local\Steam
2016-12-13 16:32 - 2012-11-05 08:18 - 00000000 ____D C:\Users\Lauritz\Documents\My Games
2016-12-11 00:52 - 2014-04-14 16:36 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-10 17:11 - 2016-04-06 02:05 - 00000000 ____D C:\Users\Lauritz\Documents\Project Aura
2016-11-30 14:33 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-28 12:57 - 2016-11-12 12:46 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-11-28 12:57 - 2016-11-12 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-11-28 10:09 - 2016-11-18 19:12 - 00000961 _____ C:\Users\Lauritz\Desktop\OpenTTD.lnk

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-14 13:08

==================== Ende von FRST.txt ============================
         
__________________

Alt 29.12.2016, 19:43   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



+++ WICHTIGER HINWEIS +++


Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?




Spybot ist unnötiger Schrott, daher => deinstallieren


AVG auch deinstallieren. Das Teil können wir einfach nicht guten Gewissens empfehlen. => http://www.trojaner-board.de/171261-...zer-daten.html und Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Auch andere Freewareanbieter wie Avira, Avast oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Gib Bescheid wenn AVG weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.12.2016, 20:17   #5
Krossof
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



S&D sowie AVG deinstalliert


Alt 29.12.2016, 20:27   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
--> Windows 7: PC ist auffällig langsamer

Alt 29.12.2016, 21:44   #7
Krossof
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Hallo,

danke für den Lesestoff (schuldig)

mbar scann:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.12.29.06
  rootkit: v2016.11.20.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Lauritz :: LAURITZ-PC [administrator]

29.12.2016 20:33:47
mbar-log-2016-12-29 (20-33-47).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 296804
Time elapsed: 29 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
21:42:16.0033 0x0ab0  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
21:42:17.0443 0x0ab0  ============================================================
21:42:17.0443 0x0ab0  Current date / time: 2016/12/29 21:42:17.0443
21:42:17.0443 0x0ab0  SystemInfo:
21:42:17.0443 0x0ab0  
21:42:17.0443 0x0ab0  OS Version: 6.1.7601 ServicePack: 1.0
21:42:17.0443 0x0ab0  Product type: Workstation
21:42:17.0443 0x0ab0  ComputerName: LAURITZ-PC
21:42:17.0443 0x0ab0  UserName: Lauritz
21:42:17.0443 0x0ab0  Windows directory: C:\Windows
21:42:17.0443 0x0ab0  System windows directory: C:\Windows
21:42:17.0443 0x0ab0  Running under WOW64
21:42:17.0443 0x0ab0  Processor architecture: Intel x64
21:42:17.0443 0x0ab0  Number of processors: 4
21:42:17.0443 0x0ab0  Page size: 0x1000
21:42:17.0443 0x0ab0  Boot type: Normal boot
21:42:17.0443 0x0ab0  CodeIntegrityOptions = 0x00000001
21:42:17.0443 0x0ab0  ============================================================
21:42:18.0553 0x0ab0  KLMD registered as C:\Windows\system32\drivers\48836481.sys
21:42:18.0553 0x0ab0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
21:42:18.0893 0x0ab0  System UUID: {BAD5DD2B-D527-3FF0-386E-C9170A215125}
21:42:19.0193 0x0ab0  Drive \Device\Harddisk0\DR0 - Size: 0x53D67B6000 ( 335.35 Gb ), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:42:19.0193 0x0ab0  ============================================================
21:42:19.0193 0x0ab0  \Device\Harddisk0\DR0:
21:42:19.0193 0x0ab0  MBR partitions:
21:42:19.0193 0x0ab0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:42:19.0193 0x0ab0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x12DF4000
21:42:19.0193 0x0ab0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x12E26800, BlocksNum 0x1608C800
21:42:19.0193 0x0ab0  ============================================================
21:42:19.0223 0x0ab0  C: <-> \Device\Harddisk0\DR0\Partition2
21:42:19.0263 0x0ab0  D: <-> \Device\Harddisk0\DR0\Partition3
21:42:19.0263 0x0ab0  ============================================================
21:42:19.0263 0x0ab0  Initialize success
21:42:19.0263 0x0ab0  ============================================================
21:42:25.0600 0x0d94  ============================================================
21:42:25.0600 0x0d94  Scan started
21:42:25.0600 0x0d94  Mode: Manual; SigCheck; TDLFS; 
21:42:25.0600 0x0d94  ============================================================
21:42:25.0600 0x0d94  KSN ping started
21:42:25.0750 0x0d94  KSN ping finished: true
21:42:26.0960 0x0d94  ================ Scan system memory ========================
21:42:26.0960 0x0d94  System memory - ok
21:42:26.0960 0x0d94  ================ Scan services =============================
21:42:27.0110 0x0d94  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:42:27.0150 0x0d94  1394ohci - ok
21:42:27.0260 0x0d94  [ 6CE02D42183CDF31315F208AE35F153F, 89ABA07D48FADF2CFA2A5C9390479B3436229DA4C0082B0EE4B27D66D3AB3B4F ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
21:42:27.0290 0x0d94  acedrv11 - ok
21:42:27.0320 0x0d94  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:42:27.0330 0x0d94  ACPI - ok
21:42:27.0360 0x0d94  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:42:27.0370 0x0d94  AcpiPmi - ok
21:42:27.0490 0x0d94  [ A0CAC4F3F998173A8DC1E67E7E0345EF, D0C2F504A5059691EDBBA917D0C6260450A554A365C12E7747E48EE1668C51A5 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:42:27.0510 0x0d94  AdobeARMservice - ok
21:42:27.0560 0x0d94  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:42:27.0570 0x0d94  adp94xx - ok
21:42:27.0630 0x0d94  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:42:27.0640 0x0d94  adpahci - ok
21:42:27.0660 0x0d94  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:42:27.0680 0x0d94  adpu320 - ok
21:42:27.0720 0x0d94  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:42:27.0730 0x0d94  AeLookupSvc - ok
21:42:27.0770 0x0d94  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
21:42:27.0800 0x0d94  AFD - ok
21:42:27.0830 0x0d94  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:42:27.0840 0x0d94  agp440 - ok
21:42:27.0860 0x0d94  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:42:27.0860 0x0d94  ALG - ok
21:42:27.0910 0x0d94  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:42:27.0920 0x0d94  aliide - ok
21:42:27.0960 0x0d94  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:42:27.0970 0x0d94  amdide - ok
21:42:28.0000 0x0d94  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:42:28.0010 0x0d94  AmdK8 - ok
21:42:28.0030 0x0d94  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:42:28.0050 0x0d94  AmdPPM - ok
21:42:28.0080 0x0d94  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:42:28.0090 0x0d94  amdsata - ok
21:42:28.0110 0x0d94  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:42:28.0120 0x0d94  amdsbs - ok
21:42:28.0130 0x0d94  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:42:28.0140 0x0d94  amdxata - ok
21:42:28.0190 0x0d94  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
21:42:28.0200 0x0d94  AppID - ok
21:42:28.0240 0x0d94  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:42:28.0260 0x0d94  AppIDSvc - ok
21:42:28.0310 0x0d94  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
21:42:28.0330 0x0d94  Appinfo - ok
21:42:28.0360 0x0d94  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:42:28.0380 0x0d94  AppMgmt - ok
21:42:28.0410 0x0d94  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:42:28.0430 0x0d94  arc - ok
21:42:28.0440 0x0d94  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:42:28.0450 0x0d94  arcsas - ok
21:42:28.0490 0x0d94  [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
21:42:28.0500 0x0d94  asahci64 - ok
21:42:28.0610 0x0d94  [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:42:28.0630 0x0d94  aspnet_state - ok
21:42:28.0660 0x0d94  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:42:28.0690 0x0d94  AsyncMac - ok
21:42:28.0730 0x0d94  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:42:28.0730 0x0d94  atapi - ok
21:42:28.0790 0x0d94  [ B4BDE3F758A34658A37DFED3D9783CD8, BC9F6B9BDD639457894DE0F596AB3A655374E078796762FE5E8E5414F0481208 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
21:42:28.0800 0x0d94  atksgt - ok
21:42:28.0870 0x0d94  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:42:28.0900 0x0d94  AudioEndpointBuilder - ok
21:42:28.0920 0x0d94  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:42:28.0940 0x0d94  AudioSrv - ok
21:42:28.0980 0x0d94  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:42:29.0010 0x0d94  AxInstSV - ok
21:42:29.0050 0x0d94  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:42:29.0070 0x0d94  b06bdrv - ok
21:42:29.0100 0x0d94  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:42:29.0110 0x0d94  b57nd60a - ok
21:42:29.0140 0x0d94  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:42:29.0140 0x0d94  BDESVC - ok
21:42:29.0160 0x0d94  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:42:29.0180 0x0d94  Beep - ok
21:42:29.0230 0x0d94  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:42:29.0250 0x0d94  BFE - ok
21:42:29.0290 0x0d94  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:42:29.0320 0x0d94  BITS - ok
21:42:29.0350 0x0d94  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:42:29.0350 0x0d94  blbdrive - ok
21:42:29.0410 0x0d94  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:42:29.0430 0x0d94  bowser - ok
21:42:29.0440 0x0d94  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:42:29.0450 0x0d94  BrFiltLo - ok
21:42:29.0460 0x0d94  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:42:29.0480 0x0d94  BrFiltUp - ok
21:42:29.0510 0x0d94  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:42:29.0530 0x0d94  Browser - ok
21:42:29.0560 0x0d94  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:42:29.0580 0x0d94  Brserid - ok
21:42:29.0590 0x0d94  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:42:29.0600 0x0d94  BrSerWdm - ok
21:42:29.0620 0x0d94  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:42:29.0630 0x0d94  BrUsbMdm - ok
21:42:29.0640 0x0d94  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:42:29.0650 0x0d94  BrUsbSer - ok
21:42:29.0660 0x0d94  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:42:29.0670 0x0d94  BTHMODEM - ok
21:42:29.0700 0x0d94  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:42:29.0730 0x0d94  bthserv - ok
21:42:29.0740 0x0d94  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:42:29.0760 0x0d94  cdfs - ok
21:42:29.0780 0x0d94  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:42:29.0790 0x0d94  cdrom - ok
21:42:29.0820 0x0d94  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:42:29.0840 0x0d94  CertPropSvc - ok
21:42:29.0860 0x0d94  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:42:29.0870 0x0d94  circlass - ok
21:42:29.0930 0x0d94  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
21:42:29.0950 0x0d94  CLFS - ok
21:42:30.0050 0x0d94  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:42:30.0070 0x0d94  clr_optimization_v2.0.50727_32 - ok
21:42:30.0120 0x0d94  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:42:30.0130 0x0d94  clr_optimization_v2.0.50727_64 - ok
21:42:30.0230 0x0d94  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:42:30.0240 0x0d94  clr_optimization_v4.0.30319_32 - ok
21:42:30.0330 0x0d94  [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:42:30.0340 0x0d94  clr_optimization_v4.0.30319_64 - ok
21:42:30.0360 0x0d94  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:42:30.0370 0x0d94  CmBatt - ok
21:42:30.0400 0x0d94  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:42:30.0410 0x0d94  cmdide - ok
21:42:30.0480 0x0d94  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:42:30.0510 0x0d94  CNG - ok
21:42:30.0520 0x0d94  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:42:30.0530 0x0d94  Compbatt - ok
21:42:30.0560 0x0d94  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:42:30.0570 0x0d94  CompositeBus - ok
21:42:30.0580 0x0d94  COMSysApp - ok
21:42:30.0680 0x0d94  [ 78AF1C499BF02F9814DF959A04A4F9C9, 9D569A57551C7ACE032C3ECC7BEB8C7606D6BAF58AC1660B4E9FBE907F47E274 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:42:30.0700 0x0d94  cphs - ok
21:42:30.0720 0x0d94  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:42:30.0730 0x0d94  crcdisk - ok
21:42:30.0780 0x0d94  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:42:30.0800 0x0d94  CryptSvc - ok
21:42:30.0840 0x0d94  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:42:30.0870 0x0d94  CSC - ok
21:42:30.0890 0x0d94  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:42:30.0910 0x0d94  CscService - ok
21:42:30.0980 0x0d94  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:42:31.0000 0x0d94  DcomLaunch - ok
21:42:31.0030 0x0d94  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:42:31.0060 0x0d94  defragsvc - ok
21:42:31.0090 0x0d94  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:42:31.0100 0x0d94  DfsC - ok
21:42:31.0140 0x0d94  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:42:31.0160 0x0d94  Dhcp - ok
21:42:31.0280 0x0d94  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:42:31.0310 0x0d94  DiagTrack - ok
21:42:31.0340 0x0d94  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:42:31.0360 0x0d94  discache - ok
21:42:31.0420 0x0d94  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
21:42:31.0430 0x0d94  Disk - ok
21:42:31.0460 0x0d94  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:42:31.0470 0x0d94  dmvsc - ok
21:42:31.0510 0x0d94  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:42:31.0530 0x0d94  Dnscache - ok
21:42:31.0550 0x0d94  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:42:31.0590 0x0d94  dot3svc - ok
21:42:31.0600 0x0d94  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:42:31.0620 0x0d94  DPS - ok
21:42:31.0670 0x0d94  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:42:31.0680 0x0d94  drmkaud - ok
21:42:31.0760 0x0d94  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:42:31.0780 0x0d94  DXGKrnl - ok
21:42:31.0810 0x0d94  EagleX64 - ok
21:42:31.0830 0x0d94  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:42:31.0870 0x0d94  EapHost - ok
21:42:31.0989 0x0d94  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:42:32.0039 0x0d94  ebdrv - ok
21:42:32.0079 0x0d94  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] EFS             C:\Windows\System32\lsass.exe
21:42:32.0089 0x0d94  EFS - ok
21:42:32.0149 0x0d94  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:42:32.0179 0x0d94  ehRecvr - ok
21:42:32.0189 0x0d94  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:42:32.0199 0x0d94  ehSched - ok
21:42:32.0239 0x0d94  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:42:32.0249 0x0d94  elxstor - ok
21:42:32.0269 0x0d94  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:42:32.0269 0x0d94  ErrDev - ok
21:42:32.0319 0x0d94  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:42:32.0349 0x0d94  EventSystem - ok
21:42:32.0399 0x0d94  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:42:32.0439 0x0d94  exfat - ok
21:42:32.0469 0x0d94  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:42:32.0489 0x0d94  fastfat - ok
21:42:32.0539 0x0d94  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:42:32.0549 0x0d94  Fax - ok
21:42:32.0569 0x0d94  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:42:32.0569 0x0d94  fdc - ok
21:42:32.0609 0x0d94  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:42:32.0639 0x0d94  fdPHost - ok
21:42:32.0649 0x0d94  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:42:32.0679 0x0d94  FDResPub - ok
21:42:32.0699 0x0d94  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:42:32.0709 0x0d94  FileInfo - ok
21:42:32.0709 0x0d94  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:42:32.0729 0x0d94  Filetrace - ok
21:42:32.0749 0x0d94  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:42:32.0759 0x0d94  flpydisk - ok
21:42:32.0769 0x0d94  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:42:32.0779 0x0d94  FltMgr - ok
21:42:32.0859 0x0d94  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
21:42:32.0889 0x0d94  FontCache - ok
21:42:32.0939 0x0d94  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:42:32.0949 0x0d94  FontCache3.0.0.0 - ok
21:42:32.0969 0x0d94  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:42:32.0979 0x0d94  FsDepends - ok
21:42:32.0999 0x0d94  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:42:33.0009 0x0d94  Fs_Rec - ok
21:42:33.0059 0x0d94  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:42:33.0079 0x0d94  fvevol - ok
21:42:33.0109 0x0d94  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:42:33.0109 0x0d94  gagp30kx - ok
21:42:33.0179 0x0d94  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
21:42:33.0209 0x0d94  gpsvc - ok
21:42:33.0249 0x0d94  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
21:42:33.0259 0x0d94  hamachi - ok
21:42:33.0259 0x0d94  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:42:33.0269 0x0d94  hcw85cir - ok
21:42:33.0309 0x0d94  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:42:33.0339 0x0d94  HdAudAddService - ok
21:42:33.0369 0x0d94  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:42:33.0389 0x0d94  HDAudBus - ok
21:42:33.0409 0x0d94  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:42:33.0419 0x0d94  HidBatt - ok
21:42:33.0439 0x0d94  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:42:33.0459 0x0d94  HidBth - ok
21:42:33.0469 0x0d94  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:42:33.0489 0x0d94  HidIr - ok
21:42:33.0509 0x0d94  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:42:33.0539 0x0d94  hidserv - ok
21:42:33.0569 0x0d94  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:42:33.0579 0x0d94  HidUsb - ok
21:42:33.0609 0x0d94  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:42:33.0629 0x0d94  hkmsvc - ok
21:42:33.0659 0x0d94  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:42:33.0669 0x0d94  HomeGroupListener - ok
21:42:33.0689 0x0d94  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:42:33.0699 0x0d94  HomeGroupProvider - ok
21:42:33.0729 0x0d94  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:42:33.0729 0x0d94  HpSAMD - ok
21:42:33.0819 0x0d94  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:42:33.0849 0x0d94  HTTP - ok
21:42:33.0859 0x0d94  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:42:33.0859 0x0d94  hwpolicy - ok
21:42:33.0889 0x0d94  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:42:33.0899 0x0d94  i8042prt - ok
21:42:33.0939 0x0d94  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:42:33.0949 0x0d94  iaStor - ok
21:42:33.0989 0x0d94  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:42:34.0009 0x0d94  iaStorV - ok
21:42:34.0089 0x0d94  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:42:34.0119 0x0d94  idsvc - ok
21:42:34.0149 0x0d94  IEEtwCollectorService - ok
21:42:34.0329 0x0d94  [ A1CF07D24EDCDC6870535471654D957C, FA0CD2ABA2C15E9FC4A1DEE58F365EC10D9597D521556DC2648B50CE0537926D ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:42:34.0409 0x0d94  igfx - ok
21:42:34.0449 0x0d94  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:42:34.0449 0x0d94  iirsp - ok
21:42:34.0529 0x0d94  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:42:34.0559 0x0d94  IKEEXT - ok
21:42:34.0689 0x0d94  [ F2744FD54BE1580BE05916D1C755C92A, 27FAC146876B6C6EBE0C00CDEC3E01C69DACB2584BEC85DD0FE5B55AD2157452 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:42:34.0739 0x0d94  IntcAzAudAddService - ok
21:42:34.0779 0x0d94  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:42:34.0799 0x0d94  IntcDAud - ok
21:42:34.0869 0x0d94  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:42:34.0889 0x0d94  Intel(R) Capability Licensing Service Interface - ok
21:42:34.0959 0x0d94  [ 709C8623721A1F1EF388EA75A07EC33B, 8F3046F1699E7B560827A965C66F3FCACDE24CD451829D4D2218038830344867 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:42:34.0969 0x0d94  Intel(R) ME Service - detected UnsignedFile.Multi.Generic ( 1 )
21:42:35.0216 0x0d94  Detect skipped due to KSN trusted
21:42:35.0216 0x0d94  Intel(R) ME Service - ok
21:42:35.0246 0x0d94  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:42:35.0266 0x0d94  intelide - ok
21:42:35.0296 0x0d94  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:42:35.0316 0x0d94  intelppm - ok
21:42:35.0336 0x0d94  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:42:35.0376 0x0d94  IPBusEnum - ok
21:42:35.0386 0x0d94  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:42:35.0416 0x0d94  IpFilterDriver - ok
21:42:35.0466 0x0d94  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:42:35.0486 0x0d94  iphlpsvc - ok
21:42:35.0506 0x0d94  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:42:35.0516 0x0d94  IPMIDRV - ok
21:42:35.0526 0x0d94  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:42:35.0546 0x0d94  IPNAT - ok
21:42:35.0566 0x0d94  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:42:35.0576 0x0d94  IRENUM - ok
21:42:35.0586 0x0d94  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:42:35.0596 0x0d94  isapnp - ok
21:42:35.0636 0x0d94  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:42:35.0656 0x0d94  iScsiPrt - ok
21:42:35.0696 0x0d94  [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:42:35.0706 0x0d94  iusb3hcs - ok
21:42:35.0726 0x0d94  [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:42:35.0746 0x0d94  iusb3hub - ok
21:42:35.0806 0x0d94  [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:42:35.0826 0x0d94  iusb3xhc - ok
21:42:35.0856 0x0d94  [ C44B44E24B929631D9D7368F5B2B40CF, A7F11A5A970FA30CC358B9A0FE8163B686208E424C6682AEA45C06B1E7E11963 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:42:35.0866 0x0d94  jhi_service - ok
21:42:35.0906 0x0d94  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:42:35.0916 0x0d94  kbdclass - ok
21:42:35.0956 0x0d94  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:42:35.0966 0x0d94  kbdhid - ok
21:42:35.0996 0x0d94  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] KeyIso          C:\Windows\system32\lsass.exe
21:42:36.0016 0x0d94  KeyIso - ok
21:42:36.0076 0x0d94  [ F54475BA70B5CDA4EF11DC44BFB07F40, 9A6FA4978746F2F75D6B5892C1FE2042FF86C588AFEEC80534E0FB2F4450F9C3 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:42:36.0086 0x0d94  KSecDD - ok
21:42:36.0106 0x0d94  [ ED1D1E1AAACF08438F9BCF731C8CA168, 8DFE5F7E1080B65A75BC840708AB7A42EA42510D5507EF86294649C72430B569 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:42:36.0116 0x0d94  KSecPkg - ok
21:42:36.0136 0x0d94  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:42:36.0176 0x0d94  ksthunk - ok
21:42:36.0216 0x0d94  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:42:36.0246 0x0d94  KtmRm - ok
21:42:36.0296 0x0d94  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:42:36.0336 0x0d94  LanmanServer - ok
21:42:36.0376 0x0d94  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:42:36.0396 0x0d94  LanmanWorkstation - ok
21:42:36.0446 0x0d94  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
21:42:36.0456 0x0d94  LGBusEnum - ok
21:42:36.0496 0x0d94  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
21:42:36.0506 0x0d94  LGVirHid - ok
21:42:36.0546 0x0d94  [ 955982BF4421B77722196552B62E8DC2, 3732449ACDBB78E1ED8436DF153C899C28573F458FDCFE345DFA1B305D085033 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
21:42:36.0556 0x0d94  lirsgt - ok
21:42:36.0586 0x0d94  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:42:36.0626 0x0d94  lltdio - ok
21:42:36.0656 0x0d94  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:42:36.0686 0x0d94  lltdsvc - ok
21:42:36.0716 0x0d94  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:42:36.0736 0x0d94  lmhosts - ok
21:42:36.0766 0x0d94  [ 75F29D77B0540FCF47EE3BE000BBABDA, 3FFDDC42D51FABAA7F3BFD088F008DE39F3479B25214260D98336F00B6336BFA ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:42:36.0776 0x0d94  LMS - ok
21:42:36.0816 0x0d94  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:42:36.0826 0x0d94  LSI_FC - ok
21:42:36.0846 0x0d94  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:42:36.0866 0x0d94  LSI_SAS - ok
21:42:36.0866 0x0d94  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:42:36.0876 0x0d94  LSI_SAS2 - ok
21:42:36.0886 0x0d94  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:42:36.0896 0x0d94  LSI_SCSI - ok
21:42:36.0906 0x0d94  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:42:36.0926 0x0d94  luafv - ok
21:42:36.0956 0x0d94  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
21:42:36.0966 0x0d94  MBfilt - ok
21:42:36.0986 0x0d94  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:42:36.0996 0x0d94  Mcx2Svc - ok
21:42:37.0006 0x0d94  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:42:37.0016 0x0d94  megasas - ok
21:42:37.0036 0x0d94  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:42:37.0046 0x0d94  MegaSR - ok
21:42:37.0076 0x0d94  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:42:37.0076 0x0d94  MEIx64 - ok
21:42:37.0106 0x0d94  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:42:37.0126 0x0d94  MMCSS - ok
21:42:37.0136 0x0d94  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:42:37.0156 0x0d94  Modem - ok
21:42:37.0176 0x0d94  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:42:37.0186 0x0d94  monitor - ok
21:42:37.0216 0x0d94  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:42:37.0216 0x0d94  mouclass - ok
21:42:37.0236 0x0d94  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:42:37.0246 0x0d94  mouhid - ok
21:42:37.0286 0x0d94  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:42:37.0306 0x0d94  mountmgr - ok
21:42:37.0326 0x0d94  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:42:37.0336 0x0d94  mpio - ok
21:42:37.0346 0x0d94  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:42:37.0406 0x0d94  mpsdrv - ok
21:42:37.0456 0x0d94  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:42:37.0496 0x0d94  MpsSvc - ok
21:42:37.0516 0x0d94  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:42:37.0526 0x0d94  MRxDAV - ok
21:42:37.0566 0x0d94  [ 8A6DD6FDCCC010F7C6480EE7D0C3B92E, F061B59E5569D334C293420A4E98A2E2842037419E13001FF4FDCB9DE4A90BC5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:42:37.0576 0x0d94  mrxsmb - ok
21:42:37.0626 0x0d94  [ 68C12354AEA8FB5B559F5F69EF1C0DF0, E73BEFA5615231B86962FDB5201BA05B8A15D51F09BB6232315F44B39C46560D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:42:37.0646 0x0d94  mrxsmb10 - ok
21:42:37.0666 0x0d94  [ 307E956C0DE630EE0ACE657233C0E83F, 45918BAFA9A1C4F4552A2A259CDFB89146FEE6622BDBC7B6B92D5BB2528586A4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:42:37.0676 0x0d94  mrxsmb20 - ok
21:42:37.0716 0x0d94  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:42:37.0726 0x0d94  msahci - ok
21:42:37.0746 0x0d94  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:42:37.0766 0x0d94  msdsm - ok
21:42:37.0776 0x0d94  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:42:37.0786 0x0d94  MSDTC - ok
21:42:37.0816 0x0d94  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:42:37.0836 0x0d94  Msfs - ok
21:42:37.0846 0x0d94  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:42:37.0856 0x0d94  mshidkmdf - ok
21:42:37.0866 0x0d94  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:42:37.0876 0x0d94  msisadrv - ok
21:42:37.0906 0x0d94  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:42:37.0926 0x0d94  MSiSCSI - ok
21:42:37.0926 0x0d94  msiserver - ok
21:42:37.0966 0x0d94  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:42:38.0006 0x0d94  MSKSSRV - ok
21:42:38.0016 0x0d94  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:42:38.0036 0x0d94  MSPCLOCK - ok
21:42:38.0046 0x0d94  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:42:38.0066 0x0d94  MSPQM - ok
21:42:38.0086 0x0d94  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:42:38.0096 0x0d94  MsRPC - ok
21:42:38.0116 0x0d94  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:42:38.0116 0x0d94  mssmbios - ok
21:42:38.0136 0x0d94  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:42:38.0156 0x0d94  MSTEE - ok
21:42:38.0166 0x0d94  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:42:38.0176 0x0d94  MTConfig - ok
21:42:38.0186 0x0d94  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:42:38.0186 0x0d94  Mup - ok
21:42:38.0216 0x0d94  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:42:38.0246 0x0d94  napagent - ok
21:42:38.0276 0x0d94  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:42:38.0286 0x0d94  NativeWifiP - ok
21:42:38.0346 0x0d94  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:42:38.0376 0x0d94  NDIS - ok
21:42:38.0386 0x0d94  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:42:38.0406 0x0d94  NdisCap - ok
21:42:38.0426 0x0d94  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:42:38.0446 0x0d94  NdisTapi - ok
21:42:38.0466 0x0d94  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:42:38.0486 0x0d94  Ndisuio - ok
21:42:38.0506 0x0d94  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:42:38.0526 0x0d94  NdisWan - ok
21:42:38.0536 0x0d94  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:42:38.0556 0x0d94  NDProxy - ok
21:42:38.0576 0x0d94  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:42:38.0596 0x0d94  NetBIOS - ok
21:42:38.0636 0x0d94  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:42:38.0656 0x0d94  NetBT - ok
21:42:38.0676 0x0d94  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] Netlogon        C:\Windows\system32\lsass.exe
21:42:38.0686 0x0d94  Netlogon - ok
21:42:38.0716 0x0d94  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:42:38.0746 0x0d94  Netman - ok
21:42:38.0826 0x0d94  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:38.0836 0x0d94  NetMsmqActivator - ok
21:42:38.0876 0x0d94  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:38.0886 0x0d94  NetPipeActivator - ok
21:42:38.0926 0x0d94  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:42:38.0956 0x0d94  netprofm - ok
21:42:38.0976 0x0d94  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:38.0976 0x0d94  NetTcpActivator - ok
21:42:38.0986 0x0d94  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:38.0986 0x0d94  NetTcpPortSharing - ok
21:42:39.0016 0x0d94  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:42:39.0026 0x0d94  nfrd960 - ok
21:42:39.0076 0x0d94  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:42:39.0106 0x0d94  NlaSvc - ok
21:42:39.0116 0x0d94  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:42:39.0136 0x0d94  Npfs - ok
21:42:39.0156 0x0d94  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:42:39.0176 0x0d94  nsi - ok
21:42:39.0186 0x0d94  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:42:39.0206 0x0d94  nsiproxy - ok
21:42:39.0326 0x0d94  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:42:39.0365 0x0d94  Ntfs - ok
21:42:39.0385 0x0d94  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:42:39.0405 0x0d94  Null - ok
21:42:39.0455 0x0d94  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
21:42:39.0465 0x0d94  NVHDA - ok
21:42:39.0895 0x0d94  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:42:40.0085 0x0d94  nvlddmkm - ok
21:42:40.0125 0x0d94  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:42:40.0135 0x0d94  nvraid - ok
21:42:40.0155 0x0d94  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:42:40.0165 0x0d94  nvstor - ok
21:42:40.0235 0x0d94  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:42:40.0265 0x0d94  nvsvc - ok
21:42:40.0285 0x0d94  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:42:40.0295 0x0d94  nv_agp - ok
21:42:40.0315 0x0d94  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:42:40.0325 0x0d94  ohci1394 - ok
21:42:40.0355 0x0d94  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:42:40.0365 0x0d94  p2pimsvc - ok
21:42:40.0385 0x0d94  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:42:40.0405 0x0d94  p2psvc - ok
21:42:40.0405 0x0d94  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
21:42:40.0415 0x0d94  Parport - ok
21:42:40.0425 0x0d94  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:42:40.0435 0x0d94  partmgr - ok
21:42:40.0485 0x0d94  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:42:40.0495 0x0d94  PcaSvc - ok
21:42:40.0525 0x0d94  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:42:40.0545 0x0d94  pci - ok
21:42:40.0575 0x0d94  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:42:40.0585 0x0d94  pciide - ok
21:42:40.0605 0x0d94  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:42:40.0615 0x0d94  pcmcia - ok
21:42:40.0635 0x0d94  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:42:40.0635 0x0d94  pcw - ok
21:42:40.0695 0x0d94  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:42:40.0715 0x0d94  PEAUTH - ok
21:42:40.0795 0x0d94  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:42:40.0825 0x0d94  PeerDistSvc - ok
21:42:40.0885 0x0d94  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:42:40.0895 0x0d94  PerfHost - ok
21:42:40.0975 0x0d94  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:42:41.0015 0x0d94  pla - ok
21:42:41.0055 0x0d94  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:42:41.0075 0x0d94  PlugPlay - ok
21:42:41.0075 0x0d94  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:42:41.0085 0x0d94  PNRPAutoReg - ok
21:42:41.0105 0x0d94  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:42:41.0115 0x0d94  PNRPsvc - ok
21:42:41.0175 0x0d94  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:42:41.0195 0x0d94  PolicyAgent - ok
21:42:41.0215 0x0d94  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:42:41.0245 0x0d94  Power - ok
21:42:41.0265 0x0d94  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:42:41.0285 0x0d94  PptpMiniport - ok
21:42:41.0295 0x0d94  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:42:41.0305 0x0d94  Processor - ok
21:42:41.0335 0x0d94  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:42:41.0345 0x0d94  ProfSvc - ok
21:42:41.0365 0x0d94  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:42:41.0365 0x0d94  ProtectedStorage - ok
21:42:41.0395 0x0d94  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:42:41.0415 0x0d94  Psched - ok
21:42:41.0485 0x0d94  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:42:41.0515 0x0d94  ql2300 - ok
21:42:41.0535 0x0d94  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:42:41.0545 0x0d94  ql40xx - ok
21:42:41.0575 0x0d94  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:42:41.0585 0x0d94  QWAVE - ok
21:42:41.0595 0x0d94  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:42:41.0595 0x0d94  QWAVEdrv - ok
21:42:41.0605 0x0d94  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:42:41.0625 0x0d94  RasAcd - ok
21:42:41.0665 0x0d94  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:42:41.0705 0x0d94  RasAgileVpn - ok
21:42:41.0725 0x0d94  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:42:41.0755 0x0d94  RasAuto - ok
21:42:41.0775 0x0d94  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:42:41.0795 0x0d94  Rasl2tp - ok
21:42:41.0825 0x0d94  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:42:41.0845 0x0d94  RasMan - ok
21:42:41.0865 0x0d94  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:42:41.0885 0x0d94  RasPppoe - ok
21:42:41.0905 0x0d94  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:42:41.0925 0x0d94  RasSstp - ok
21:42:41.0945 0x0d94  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:42:41.0965 0x0d94  rdbss - ok
21:42:41.0985 0x0d94  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:42:41.0985 0x0d94  rdpbus - ok
21:42:42.0015 0x0d94  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:42:42.0035 0x0d94  RDPCDD - ok
21:42:42.0055 0x0d94  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:42:42.0065 0x0d94  RDPDR - ok
21:42:42.0075 0x0d94  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:42:42.0095 0x0d94  RDPENCDD - ok
21:42:42.0095 0x0d94  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:42:42.0115 0x0d94  RDPREFMP - ok
21:42:42.0195 0x0d94  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:42:42.0215 0x0d94  RdpVideoMiniport - ok
21:42:42.0255 0x0d94  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:42:42.0275 0x0d94  RDPWD - ok
21:42:42.0295 0x0d94  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:42:42.0315 0x0d94  rdyboost - ok
21:42:42.0335 0x0d94  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:42:42.0355 0x0d94  RemoteAccess - ok
21:42:42.0375 0x0d94  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:42:42.0395 0x0d94  RemoteRegistry - ok
21:42:42.0405 0x0d94  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:42:42.0425 0x0d94  RpcEptMapper - ok
21:42:42.0445 0x0d94  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:42:42.0455 0x0d94  RpcLocator - ok
21:42:42.0505 0x0d94  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
21:42:42.0515 0x0d94  RpcSs - ok
21:42:42.0535 0x0d94  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:42:42.0555 0x0d94  rspndr - ok
21:42:42.0615 0x0d94  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:42:42.0625 0x0d94  RTL8167 - ok
21:42:42.0675 0x0d94  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:42:42.0685 0x0d94  s3cap - ok
21:42:42.0705 0x0d94  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] SamSs           C:\Windows\system32\lsass.exe
21:42:42.0715 0x0d94  SamSs - ok
21:42:42.0735 0x0d94  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:42:42.0755 0x0d94  sbp2port - ok
21:42:42.0785 0x0d94  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:42:42.0815 0x0d94  SCardSvr - ok
21:42:42.0835 0x0d94  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:42:42.0855 0x0d94  scfilter - ok
21:42:42.0925 0x0d94  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
21:42:42.0965 0x0d94  Schedule - ok
21:42:42.0985 0x0d94  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:42:43.0005 0x0d94  SCPolicySvc - ok
21:42:43.0025 0x0d94  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:42:43.0035 0x0d94  SDRSVC - ok
21:42:43.0055 0x0d94  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:42:43.0065 0x0d94  secdrv - ok
21:42:43.0105 0x0d94  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
21:42:43.0115 0x0d94  seclogon - ok
21:42:43.0135 0x0d94  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:42:43.0155 0x0d94  SENS - ok
21:42:43.0165 0x0d94  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:42:43.0175 0x0d94  SensrSvc - ok
21:42:43.0185 0x0d94  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:42:43.0195 0x0d94  Serenum - ok
21:42:43.0235 0x0d94  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:42:43.0245 0x0d94  Serial - ok
21:42:43.0265 0x0d94  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:42:43.0285 0x0d94  sermouse - ok
21:42:43.0315 0x0d94  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:42:43.0345 0x0d94  SessionEnv - ok
21:42:43.0355 0x0d94  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:42:43.0365 0x0d94  sffdisk - ok
21:42:43.0385 0x0d94  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:42:43.0385 0x0d94  sffp_mmc - ok
21:42:43.0405 0x0d94  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:42:43.0405 0x0d94  sffp_sd - ok
21:42:43.0415 0x0d94  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:42:43.0425 0x0d94  sfloppy - ok
21:42:43.0455 0x0d94  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:42:43.0485 0x0d94  SharedAccess - ok
21:42:43.0505 0x0d94  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:42:43.0525 0x0d94  ShellHWDetection - ok
21:42:43.0555 0x0d94  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:42:43.0555 0x0d94  SiSRaid2 - ok
21:42:43.0565 0x0d94  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:42:43.0575 0x0d94  SiSRaid4 - ok
21:42:43.0665 0x0d94  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:42:43.0685 0x0d94  SkypeUpdate - ok
21:42:43.0715 0x0d94  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:42:43.0735 0x0d94  Smb - ok
21:42:43.0755 0x0d94  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:42:43.0765 0x0d94  SNMPTRAP - ok
21:42:43.0805 0x0d94  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
21:42:43.0815 0x0d94  speedfan - ok
21:42:43.0825 0x0d94  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:42:43.0835 0x0d94  spldr - ok
21:42:43.0885 0x0d94  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:42:43.0915 0x0d94  Spooler - ok
21:42:44.0045 0x0d94  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:42:44.0115 0x0d94  sppsvc - ok
21:42:44.0135 0x0d94  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:42:44.0155 0x0d94  sppuinotify - ok
21:42:44.0205 0x0d94  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:42:44.0215 0x0d94  srv - ok
21:42:44.0235 0x0d94  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:42:44.0245 0x0d94  srv2 - ok
21:42:44.0265 0x0d94  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:42:44.0275 0x0d94  srvnet - ok
21:42:44.0305 0x0d94  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:42:44.0335 0x0d94  SSDPSRV - ok
21:42:44.0355 0x0d94  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:42:44.0375 0x0d94  SstpSvc - ok
21:42:44.0555 0x0d94  [ 9867A86327E8AE3806305F1BCF01211A, CCDDB2560B30D27CE662F1B02710E1FAA9331E6A27D9A6629EEDED2CBA822062 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:42:44.0595 0x0d94  Steam Client Service - ok
21:42:44.0695 0x0d94  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:42:44.0715 0x0d94  Stereo Service - ok
21:42:44.0735 0x0d94  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:42:44.0745 0x0d94  stexstor - ok
21:42:44.0785 0x0d94  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:42:44.0795 0x0d94  stisvc - ok
21:42:44.0815 0x0d94  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:42:44.0825 0x0d94  storflt - ok
21:42:44.0845 0x0d94  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:42:44.0845 0x0d94  StorSvc - ok
21:42:44.0865 0x0d94  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:42:44.0875 0x0d94  storvsc - ok
21:42:44.0895 0x0d94  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:42:44.0905 0x0d94  swenum - ok
21:42:44.0925 0x0d94  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:42:44.0955 0x0d94  swprv - ok
21:42:45.0055 0x0d94  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
21:42:45.0085 0x0d94  SysMain - ok
21:42:45.0095 0x0d94  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:42:45.0105 0x0d94  TabletInputService - ok
21:42:45.0145 0x0d94  [ D0B07EED9DDEC5C69521C689B7BF455F, A9F1C76FBF833E25A8470116A9BB7F7121A86138B31B54C098F1E22C11109044 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
21:42:45.0165 0x0d94  tap0901 - detected UnsignedFile.Multi.Generic ( 1 )
21:42:45.0245 0x0d94  Detect skipped due to KSN trusted
21:42:45.0245 0x0d94  tap0901 - ok
21:42:45.0285 0x0d94  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:42:45.0325 0x0d94  TapiSrv - ok
21:42:45.0425 0x0d94  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:42:45.0455 0x0d94  Tcpip - ok
21:42:45.0535 0x0d94  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:42:45.0575 0x0d94  TCPIP6 - ok
21:42:45.0615 0x0d94  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:42:45.0615 0x0d94  tcpipreg - ok
21:42:45.0645 0x0d94  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:42:45.0655 0x0d94  TDPIPE - ok
21:42:45.0675 0x0d94  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:42:45.0675 0x0d94  TDTCP - ok
21:42:45.0715 0x0d94  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:42:45.0735 0x0d94  tdx - ok
21:42:45.0755 0x0d94  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:42:45.0775 0x0d94  TermDD - ok
21:42:45.0835 0x0d94  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:42:45.0865 0x0d94  TermService - ok
21:42:45.0905 0x0d94  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:42:45.0915 0x0d94  Themes - ok
21:42:45.0955 0x0d94  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:42:45.0985 0x0d94  THREADORDER - ok
21:42:46.0025 0x0d94  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:42:46.0045 0x0d94  TrkWks - ok
21:42:46.0075 0x0d94  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:42:46.0115 0x0d94  TrustedInstaller - ok
21:42:46.0145 0x0d94  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:42:46.0155 0x0d94  tssecsrv - ok
21:42:46.0205 0x0d94  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:42:46.0215 0x0d94  TsUsbFlt - ok
21:42:46.0245 0x0d94  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:42:46.0265 0x0d94  TsUsbGD - ok
21:42:46.0295 0x0d94  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:42:46.0315 0x0d94  tunnel - ok
21:42:46.0325 0x0d94  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:42:46.0335 0x0d94  uagp35 - ok
21:42:46.0345 0x0d94  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:42:46.0365 0x0d94  udfs - ok
21:42:46.0385 0x0d94  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:42:46.0395 0x0d94  UI0Detect - ok
21:42:46.0415 0x0d94  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:42:46.0415 0x0d94  uliagpkx - ok
21:42:46.0425 0x0d94  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:42:46.0435 0x0d94  umbus - ok
21:42:46.0445 0x0d94  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:42:46.0455 0x0d94  UmPass - ok
21:42:46.0475 0x0d94  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:42:46.0485 0x0d94  UmRdpService - ok
21:42:46.0565 0x0d94  [ 193AD338F2A64D17300AD640ADFA5D0A, DABFFFE66CE7335F477C14C1D95AB9DB3C2EA3155ACBE41049FE217532E731C0 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:42:46.0585 0x0d94  UNS - ok
21:42:46.0605 0x0d94  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:42:46.0635 0x0d94  upnphost - ok
21:42:46.0695 0x0d94  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:42:46.0715 0x0d94  usbaudio - ok
21:42:46.0765 0x0d94  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
21:42:46.0775 0x0d94  usbccgp - ok
21:42:46.0805 0x0d94  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:42:46.0825 0x0d94  usbcir - ok
21:42:46.0865 0x0d94  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:42:46.0875 0x0d94  usbehci - ok
21:42:46.0915 0x0d94  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
21:42:46.0945 0x0d94  usbhub - ok
21:42:46.0975 0x0d94  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:42:46.0985 0x0d94  usbohci - ok
21:42:47.0015 0x0d94  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:42:47.0025 0x0d94  usbprint - ok
21:42:47.0065 0x0d94  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:42:47.0075 0x0d94  USBSTOR - ok
21:42:47.0135 0x0d94  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:42:47.0145 0x0d94  usbuhci - ok
21:42:47.0185 0x0d94  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
21:42:47.0205 0x0d94  usb_rndisx - ok
21:42:47.0235 0x0d94  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:42:47.0275 0x0d94  UxSms - ok
21:42:47.0285 0x0d94  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] VaultSvc        C:\Windows\system32\lsass.exe
21:42:47.0295 0x0d94  VaultSvc - ok
21:42:47.0305 0x0d94  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:42:47.0315 0x0d94  vdrvroot - ok
21:42:47.0335 0x0d94  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:42:47.0365 0x0d94  vds - ok
21:42:47.0385 0x0d94  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:42:47.0385 0x0d94  vga - ok
21:42:47.0405 0x0d94  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:42:47.0425 0x0d94  VgaSave - ok
21:42:47.0445 0x0d94  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:42:47.0455 0x0d94  vhdmp - ok
21:42:47.0485 0x0d94  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:42:47.0495 0x0d94  viaide - ok
21:42:47.0595 0x0d94  [ 1CB47E637072394600082C85D2125243, 723A7F58F125B3B43FFA3F45DEFECB468AE89E29988EFF932C8C5DDE13879D96 ] VmbService      C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
21:42:47.0615 0x0d94  VmbService - detected UnsignedFile.Multi.Generic ( 1 )
21:42:47.0765 0x0d94  VmbService ( UnsignedFile.Multi.Generic ) - warning
21:42:47.0895 0x0d94  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:42:47.0915 0x0d94  vmbus - ok
21:42:47.0915 0x0d94  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:42:47.0925 0x0d94  VMBusHID - ok
21:42:47.0955 0x0d94  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:42:47.0955 0x0d94  volmgr - ok
21:42:47.0975 0x0d94  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:42:47.0985 0x0d94  volmgrx - ok
21:42:48.0005 0x0d94  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:42:48.0015 0x0d94  volsnap - ok
21:42:48.0035 0x0d94  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:42:48.0045 0x0d94  vsmraid - ok
21:42:48.0115 0x0d94  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:42:48.0165 0x0d94  VSS - ok
21:42:48.0175 0x0d94  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:42:48.0175 0x0d94  vwifibus - ok
21:42:48.0205 0x0d94  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:42:48.0235 0x0d94  W32Time - ok
21:42:48.0245 0x0d94  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:42:48.0255 0x0d94  WacomPen - ok
21:42:48.0275 0x0d94  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:42:48.0295 0x0d94  WANARP - ok
21:42:48.0305 0x0d94  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:42:48.0325 0x0d94  Wanarpv6 - ok
21:42:48.0415 0x0d94  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:42:48.0435 0x0d94  WatAdminSvc - ok
21:42:48.0515 0x0d94  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:42:48.0555 0x0d94  wbengine - ok
21:42:48.0565 0x0d94  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:42:48.0575 0x0d94  WbioSrvc - ok
21:42:48.0585 0x0d94  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:42:48.0605 0x0d94  wcncsvc - ok
21:42:48.0615 0x0d94  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:42:48.0625 0x0d94  WcsPlugInService - ok
21:42:48.0645 0x0d94  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:42:48.0645 0x0d94  Wd - ok
21:42:48.0705 0x0d94  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:42:48.0725 0x0d94  Wdf01000 - ok
21:42:48.0765 0x0d94  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:42:48.0765 0x0d94  WdiServiceHost - ok
21:42:48.0775 0x0d94  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:42:48.0775 0x0d94  WdiSystemHost - ok
21:42:48.0815 0x0d94  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
21:42:48.0835 0x0d94  WebClient - ok
21:42:48.0845 0x0d94  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:42:48.0865 0x0d94  Wecsvc - ok
21:42:48.0885 0x0d94  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:42:48.0905 0x0d94  wercplsupport - ok
21:42:48.0935 0x0d94  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:42:48.0955 0x0d94  WerSvc - ok
21:42:48.0975 0x0d94  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:42:48.0995 0x0d94  WfpLwf - ok
21:42:49.0005 0x0d94  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:42:49.0015 0x0d94  WIMMount - ok
21:42:49.0035 0x0d94  WinDefend - ok
21:42:49.0045 0x0d94  WinHttpAutoProxySvc - ok
21:42:49.0095 0x0d94  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:42:49.0125 0x0d94  Winmgmt - ok
21:42:49.0225 0x0d94  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:42:49.0265 0x0d94  WinRM - ok
21:42:49.0325 0x0d94  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:42:49.0345 0x0d94  WinUsb - ok
21:42:49.0405 0x0d94  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:42:49.0445 0x0d94  Wlansvc - ok
21:42:49.0625 0x0d94  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:42:49.0655 0x0d94  wlidsvc - ok
21:42:49.0675 0x0d94  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:42:49.0685 0x0d94  WmiAcpi - ok
21:42:49.0705 0x0d94  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:42:49.0715 0x0d94  wmiApSrv - ok
21:42:49.0745 0x0d94  WMPNetworkSvc - ok
21:42:49.0765 0x0d94  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:42:49.0775 0x0d94  WPCSvc - ok
21:42:49.0785 0x0d94  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:42:49.0805 0x0d94  WPDBusEnum - ok
21:42:49.0835 0x0d94  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:42:49.0875 0x0d94  ws2ifsl - ok
21:42:49.0885 0x0d94  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:42:49.0895 0x0d94  wscsvc - ok
21:42:49.0905 0x0d94  WSearch - ok
21:42:50.0035 0x0d94  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:42:50.0075 0x0d94  wuauserv - ok
21:42:50.0105 0x0d94  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:42:50.0115 0x0d94  WudfPf - ok
21:42:50.0155 0x0d94  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:42:50.0175 0x0d94  WUDFRd - ok
21:42:50.0205 0x0d94  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:42:50.0215 0x0d94  wudfsvc - ok
21:42:50.0255 0x0d94  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:42:50.0275 0x0d94  WwanSvc - ok
21:42:50.0345 0x0d94  X6va012 - ok
21:42:50.0365 0x0d94  ================ Scan global ===============================
21:42:50.0405 0x0d94  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:42:50.0445 0x0d94  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
21:42:50.0465 0x0d94  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
21:42:50.0495 0x0d94  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:42:50.0545 0x0d94  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:42:50.0555 0x0d94  [ Global ] - ok
21:42:50.0555 0x0d94  ================ Scan MBR ==================================
21:42:50.0565 0x0d94  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:42:50.0845 0x0d94  \Device\Harddisk0\DR0 - ok
21:42:50.0845 0x0d94  ================ Scan VBR ==================================
21:42:50.0845 0x0d94  [ 61A53B03E3E9579DDC75A997E1AFD70B ] \Device\Harddisk0\DR0\Partition1
21:42:50.0845 0x0d94  \Device\Harddisk0\DR0\Partition1 - ok
21:42:50.0875 0x0d94  [ CFC2B11A92CE94C6CCF9563348979436 ] \Device\Harddisk0\DR0\Partition2
21:42:50.0875 0x0d94  \Device\Harddisk0\DR0\Partition2 - ok
21:42:50.0895 0x0d94  [ 2640F5232931FBBF369087696CB225AA ] \Device\Harddisk0\DR0\Partition3
21:42:50.0895 0x0d94  \Device\Harddisk0\DR0\Partition3 - ok
21:42:50.0895 0x0d94  ================ Scan generic autorun ======================
21:42:51.0265 0x0d94  [ C43D50453404EF1C6801EFFC2492A202, 1D4142E49B2F8129C5643A3B6AD3BA93520FA008D9382EFA60CCDC6172F48D43 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:42:51.0455 0x0d94  RTHDVCPL - ok
21:42:51.0487 0x0d94  [ 483BAA4246B80BDE1EA562C618BBA4A1, 0340A483F2F00A329ADC625940E5B2E951E1AA362CB088477EFC92D245207CEA ] C:\Windows\system32\igfxtray.exe
21:42:51.0487 0x0d94  IgfxTray - ok
21:42:51.0507 0x0d94  [ 40CAEC9DBC892ED1915704CC54CB382E, 38976A5EF1461027FF8F07397793A9BEFD0B3B47EB1B86F0F3FB88818E5917C9 ] C:\Windows\system32\hkcmd.exe
21:42:51.0517 0x0d94  HotKeysCmds - ok
21:42:51.0537 0x0d94  [ C88B01661694F2013F8DF1BD66B8B39E, 5BB40F448A85EE00FC090D61BFAB2D15874946E355F92B4FA40482153F0EB83E ] C:\Windows\system32\igfxpers.exe
21:42:51.0547 0x0d94  Persistence - ok
21:42:51.0657 0x0d94  [ 66B1C09A03323BC0142B62769ACB195E, 54B59524DE975DF649AD0C781772753135F6F73BA1A5E2458658665565BAADEC ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:42:51.0687 0x0d94  NvBackend - ok
21:42:51.0747 0x0d94  [ 4D241A6A8F6BA9FA32FF836551FFDCEA, DEE87DFB6A8E87D40E3653435223B54AF2AB232DDC02D22468C126C54096F006 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:42:51.0767 0x0d94  USB3MON - ok
21:42:51.0837 0x0d94  [ DA6D879F890699D24E50C5CA8901C180, ECA491649CD2188512F3AA5CF5F788521FA838F45BD0658CE387A1E9443D2D7D ] C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE
21:42:51.0847 0x0d94  QuickFinder Scheduler - ok
21:42:51.0887 0x0d94  [ AC0BB0F95240D0E3E64CAA483FBA0476, E4C969D8C500DFE31A24FF09A896862F62188A639962866194B7CA4E5669C85F ] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
21:42:51.0887 0x0d94  MobileBroadband - detected UnsignedFile.Multi.Generic ( 1 )
21:42:51.0977 0x0d94  MobileBroadband ( UnsignedFile.Multi.Generic ) - warning
21:42:52.0166 0x0d94  [ 508B8935D3F6F38AB99C3FB171C40FD4, 02147CE2C8E558842EE6C4A11F78BDE533269A83BEB2D78EB68E1050EFE8F042 ] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
21:42:52.0196 0x0d94  VmbNotifier - detected UnsignedFile.Multi.Generic ( 1 )
21:42:52.0446 0x0d94  VmbNotifier ( UnsignedFile.Multi.Generic ) - warning
21:42:52.0616 0x0d94  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:42:52.0646 0x0d94  Sidebar - ok
21:42:52.0676 0x0d94  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:42:52.0696 0x0d94  mctadmin - ok
21:42:52.0736 0x0d94  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:42:52.0756 0x0d94  Sidebar - ok
21:42:52.0786 0x0d94  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:42:52.0796 0x0d94  mctadmin - ok
21:42:52.0956 0x0d94  [ FF206944E3A8590FABE10FB2C321AA6D, 77C555667674C9E4473C64921C5F2A7D723FBE28A73EB5EBAA777CD04D11C06B ] C:\Program Files (x86)\Steam\steam.exe
21:42:52.0996 0x0d94  Steam - ok
21:42:53.0096 0x0d94  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
21:42:53.0116 0x0d94  Sidebar - ok
21:42:53.0156 0x0d94  Skype - ok
21:42:53.0156 0x0d94  Waiting for KSN requests completion. In queue: 90
21:42:54.0166 0x0d94  Win FW state via NFP2: enabled ( trusted )
21:42:54.0256 0x0d94  ============================================================
21:42:54.0256 0x0d94  Scan finished
21:42:54.0256 0x0d94  ============================================================
21:42:54.0256 0x1014  Detected object count: 3
21:42:54.0256 0x1014  Actual detected object count: 3
21:43:03.0770 0x1014  VmbService ( UnsignedFile.Multi.Generic ) - skipped by user
21:43:03.0770 0x1014  VmbService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:43:03.0780 0x1014  MobileBroadband ( UnsignedFile.Multi.Generic ) - skipped by user
21:43:03.0780 0x1014  MobileBroadband ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:43:03.0780 0x1014  VmbNotifier ( UnsignedFile.Multi.Generic ) - skipped by user
21:43:03.0780 0x1014  VmbNotifier ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:43:05.0985 0x17d4  Deinitialize success
         
vielen dank für die Mühe!

Alt 29.12.2016, 22:00   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.12.2016, 18:17   #9
Krossof
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Hallo cosinus,

ich habe die Schritte abgearbeitet. Hier die Logs

Code:
ATTFilter
# AdwCleaner v6.041 - Bericht erstellt am 30/12/2016 um 17:57:41
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-29.2 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Lauritz - LAURITZ-PC
# Gestartet von : C:\Users\Lauritz\Downloads\AdwCleaner_6.041.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Lauritz\AppData\Roaming\loadtbs
[-] Ordner gelöscht: C:\ProgramData\iwin games
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\iwin games


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Software\AVG Nation toolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AVG Nation toolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\AVG Nation toolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\AVG Secure Search
[-] Schlüssel gelöscht: HKLM\SOFTWARE\AVG Security Toolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AVG Nation toolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2491 Bytes] - [30/12/2016 17:57:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [2634 Bytes] - [30/12/2016 17:54:09]
C:\AdwCleaner\AdwCleaner[S1].txt - [2706 Bytes] - [30/12/2016 17:57:09]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2710 Bytes] ##########
         

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64 
Ran by Lauritz (Administrator) on 30.12.2016 at 18:11:26,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 42 

Successfully deleted: C:\Users\Lauritz\AppData\Roaming\wyupdate au (Folder) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3IDGDRRF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5YGCQTJ3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P2HLRO6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9CXFKHA8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJQ9FY49 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EB2N1QGQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECI0RADR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F8KM16H7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWC13UU1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LITNR2CO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LWO9YTXF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M1Z7BI0E (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OB8J7RWP (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P56P2LIC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S3MC89ZW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UWVK969N (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3IDGDRRF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5YGCQTJ3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P2HLRO6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9CXFKHA8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJQ9FY49 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EB2N1QGQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECI0RADR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F8KM16H7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWC13UU1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LITNR2CO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LWO9YTXF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M1Z7BI0E (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OB8J7RWP (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P56P2LIC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S3MC89ZW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UWVK969N (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.12.2016 at 18:14:37,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 31.12.2016, 13:55   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.01.2017, 17:33   #11
Krossof
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Frohes Neues!

Der Scan hatte sich ca. 1 Min bei AppID aufgehangen (Keine Rückmeldung) danach ging es ohne Probleme weiter.

FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Lauritz (Administrator) auf LAURITZ-PC (02-01-2017 17:20:00)
Gestartet von C:\Users\Lauritz\Desktop
Geladene Profile: Lauritz (Verfügbare Profile: Lauritz)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [QuickFinder Scheduler] => C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE [83568 2007-01-02] (Corel Corporation)
HKLM-x32\...\Run: [MobileBroadband] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [78336 2013-10-24] (Vodafone)
HKLM-x32\...\Run: [VmbNotifier] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [1893888 2013-10-24] (Vodafone)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\MountPoints2: {d68dae76-f34e-11e5-9414-bc5ff4450f04} - F:\setup_vmb_lite.exe /checkApplicationPresence
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-08-19] (NVIDIA Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0B4D4C20-18BD-4408-9CB9-3057CC20671C}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{832F46A1-9D7F-4D45-BCE9-305835DBF76A}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2922099021-443059803-3302965599-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2922099021-443059803-3302965599-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lauritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-28] (Unity Technologies ApS)

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 VmbService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2013-10-24] (Vodafone) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-10-13] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-10-13] ()
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2016-06-11] (Macrovision Europe Ltd) [Datei ist nicht signiert]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-30 18:14 - 2016-12-30 18:14 - 00007289 _____ C:\Users\Lauritz\Desktop\JRT.txt
2016-12-30 18:07 - 2016-12-30 18:07 - 00002804 _____ C:\Users\Lauritz\Desktop\AdwCleaner[C0].txt
2016-12-30 18:02 - 2016-12-30 18:03 - 01663040 _____ (Malwarebytes) C:\Users\Lauritz\Downloads\JRT.exe
2016-12-30 17:52 - 2016-12-30 17:57 - 00000000 ____D C:\AdwCleaner
2016-12-30 17:52 - 2016-12-30 17:52 - 03977168 _____ C:\Users\Lauritz\Downloads\AdwCleaner_6.041.exe
2016-12-29 21:42 - 2016-12-29 21:43 - 00202264 _____ C:\TDSSKiller.3.1.0.12_29.12.2016_21.42.16_log.txt
2016-12-29 21:25 - 2016-12-29 21:26 - 00004828 _____ C:\TDSSKiller.3.1.0.12_29.12.2016_21.25.51_log.txt
2016-12-29 21:15 - 2016-12-29 21:15 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Lauritz\Desktop\tdsskiller.exe
2016-12-29 20:33 - 2016-12-29 21:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-12-29 20:33 - 2016-12-29 20:33 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-29 20:33 - 2016-12-29 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-29 20:32 - 2016-12-29 21:13 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-29 20:31 - 2016-12-29 21:13 - 00000000 ____D C:\Users\Lauritz\Desktop\mbar
2016-12-29 20:30 - 2016-12-29 20:30 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Lauritz\Desktop\mbar-1.09.3.1001.exe
2016-12-29 20:12 - 2017-01-02 17:14 - 00524288 ___SH C:\Windows\system32\config\components{c46fc21d-cdf9-11e6-a1e7-bc5ff4450f04}.TMContainer00000000000000000001.regtrans-ms
2016-12-29 20:12 - 2017-01-02 17:14 - 00065536 ___SH C:\Windows\system32\config\components{c46fc21d-cdf9-11e6-a1e7-bc5ff4450f04}.TM.blf
2016-12-29 20:12 - 2016-12-29 20:23 - 00524288 ___SH C:\Windows\system32\config\components{c46fc21d-cdf9-11e6-a1e7-bc5ff4450f04}.TMContainer00000000000000000002.regtrans-ms
2016-12-29 19:57 - 2016-12-29 20:11 - 00000000 ____D C:\Users\Lauritz\AppData\Local\AvgSetupLog
2016-12-29 19:52 - 2016-12-30 17:58 - 00006208 _____ C:\Windows\PFRO.log
2016-12-28 20:42 - 2016-12-28 20:43 - 00064261 _____ C:\Users\Lauritz\Downloads\Addition.txt
2016-12-28 20:41 - 2016-12-28 20:43 - 00048421 _____ C:\Users\Lauritz\Downloads\FRST.txt
2016-12-28 20:38 - 2016-12-28 20:38 - 02420736 _____ (Farbar) C:\Users\Lauritz\Downloads\FRST64.exe
2016-12-19 18:52 - 2016-12-19 18:52 - 00003074 _____ C:\Windows\System32\Tasks\{9BEA0DF0-7E39-48E3-94BA-D7D1CE9B4D23}
2016-12-14 13:20 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 13:20 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 13:20 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 13:20 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 13:20 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 13:20 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 13:20 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 13:20 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 13:20 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 13:20 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 13:20 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 13:20 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 13:20 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 13:20 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 13:20 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 13:20 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 13:20 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 13:20 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 13:20 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 13:20 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 13:20 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 13:20 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 13:20 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 13:20 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 13:20 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 13:20 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 13:20 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 13:19 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 13:19 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 13:19 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 13:19 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 13:19 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 13:19 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 13:19 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 13:19 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 13:19 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 13:19 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 13:19 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 13:19 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 13:19 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 13:19 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 13:19 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 13:19 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 13:19 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 13:19 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 13:19 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 13:19 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 13:19 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 13:19 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 13:19 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 13:19 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 13:19 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 13:19 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 13:19 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 13:19 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 13:19 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 13:19 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 13:19 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 13:19 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 13:19 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 13:19 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 13:19 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 13:19 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 13:19 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 13:19 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 13:19 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 13:19 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 13:19 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 13:19 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 13:19 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 13:19 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 13:19 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 13:19 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 13:19 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 13:19 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 13:19 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 13:19 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 13:19 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 13:19 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 13:19 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 13:19 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 13:19 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 13:19 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 13:19 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 13:19 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 13:19 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 13:19 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 13:19 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 13:19 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 13:19 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 13:19 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 13:19 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 13:19 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 13:19 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 13:19 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 13:19 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 13:19 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 13:19 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 13:19 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 13:19 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 13:19 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 13:19 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 13:19 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 13:19 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 13:19 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 13:19 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 13:19 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 13:19 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-07 16:18 - 2016-12-07 16:18 - 00000221 _____ C:\Users\Lauritz\Desktop\Borderlands 2.url

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-02 17:21 - 2015-01-07 00:44 - 00009775 _____ C:\Users\Lauritz\Desktop\FRST.txt
2017-01-02 17:20 - 2015-01-07 00:44 - 00000000 ____D C:\FRST
2017-01-02 17:20 - 2012-10-13 16:03 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\Skype
2017-01-02 17:10 - 2009-07-14 05:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-02 17:10 - 2009-07-14 05:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-02 17:05 - 2012-10-29 16:29 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-02 16:59 - 2012-12-18 17:31 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-02 16:59 - 2012-10-13 13:53 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2017-01-02 16:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-30 23:28 - 2016-03-27 06:42 - 16037138 ____H C:\Users\Lauritz\AppData\Local\IconCache.db
2016-12-30 22:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\config\RegBack
2016-12-30 18:14 - 2012-10-13 13:29 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming
2016-12-30 18:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-12-30 18:12 - 2012-10-13 13:23 - 00000000 __SHD C:\System Volume Information
2016-12-30 18:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\catroot2
2016-12-30 18:03 - 2012-10-13 13:29 - 00000000 ___RD C:\Users\Lauritz\Downloads
2016-12-30 17:57 - 2009-07-14 04:20 - 00000000 ___HD C:\ProgramData
2016-12-30 17:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64
2016-12-30 17:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32
2016-12-30 17:47 - 2012-10-13 13:53 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-12-29 23:52 - 2012-10-31 18:41 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\TS3Client
2016-12-29 21:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\drivers
2016-12-29 20:11 - 2013-01-13 22:19 - 00000000 ____D C:\ProgramData\AVG
2016-12-29 20:11 - 2013-01-13 22:09 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-29 20:11 - 2012-10-13 13:39 - 00000000 __SHD C:\Windows\Installer
2016-12-29 20:11 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-29 20:11 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-29 20:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Tasks
2016-12-29 20:06 - 2015-05-22 10:39 - 00000000 ____D C:\Users\Lauritz\AppData\Local\Avg
2016-12-29 20:06 - 2013-01-13 22:07 - 00000000 ____D C:\ProgramData\MFAData
2016-12-29 20:06 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files
2016-12-29 19:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-29 19:57 - 2012-10-13 13:29 - 00000000 ____D C:\Users\Lauritz\AppData\Local
2016-12-29 19:52 - 2015-04-12 11:44 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-12-29 19:51 - 2015-04-12 11:44 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-12-29 19:51 - 2009-07-14 04:20 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-29 18:46 - 2016-09-23 16:29 - 00524288 ___SH C:\Windows\system32\config\components{a316c984-81a1-11e6-be2e-bc5ff4450f04}.TMContainer00000000000000000002.regtrans-ms
2016-12-29 18:46 - 2016-09-23 16:29 - 00065536 ___SH C:\Windows\system32\config\components{a316c984-81a1-11e6-be2e-bc5ff4450f04}.TM.blf
2016-12-28 20:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Drivers\etc
2016-12-28 20:30 - 2009-07-14 03:34 - 00453906 ____R C:\Windows\system32\Drivers\etc\hosts
2016-12-28 20:07 - 2016-09-23 18:56 - 00009979 _____ C:\Users\Lauritz\Desktop\hijackthis.log
2016-12-28 20:06 - 2016-09-23 18:53 - 00000000 ____D C:\Users\Lauritz\Desktop\backups
2016-12-22 20:54 - 2012-11-06 22:27 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\vlc
2016-12-18 12:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-18 01:39 - 2016-03-22 21:40 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-17 20:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Microsoft.NET
2016-12-17 19:15 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\assembly
2016-12-15 19:07 - 2011-04-12 08:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-12-15 19:07 - 2011-04-12 08:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-12-15 19:07 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-15 19:07 - 2009-07-14 03:36 - 00653930 _____ C:\Windows\system32\perfh009.dat
2016-12-15 19:07 - 2009-07-14 03:36 - 00121802 _____ C:\Windows\system32\perfc009.dat
2016-12-15 19:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\winsxs
2016-12-15 19:02 - 2009-07-14 03:34 - 00189440 ____H C:\Users\Default\NTUSER.DAT.LOG1
2016-12-15 19:01 - 2009-07-14 05:45 - 00483768 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\en-US
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\de-DE
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\en-US
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\de-DE
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Boot
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppPatch
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-14 13:55 - 2013-08-15 11:53 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 13:53 - 2012-10-13 15:30 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 13:53 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\debug
2016-12-14 13:51 - 2013-04-25 06:52 - 01592628 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-13 20:06 - 2015-02-19 19:36 - 00000000 ____D C:\Users\Lauritz\AppData\Local\Steam
2016-12-13 16:32 - 2012-11-05 08:18 - 00000000 ____D C:\Users\Lauritz\Documents\My Games
2016-12-13 16:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Logs
2016-12-11 00:52 - 2014-04-14 16:36 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-10 17:11 - 2016-04-06 02:05 - 00000000 ____D C:\Users\Lauritz\Documents\Project Aura
2016-12-03 13:27 - 2016-09-23 16:29 - 00524288 ___SH C:\Windows\system32\config\components{a316c984-81a1-11e6-be2e-bc5ff4450f04}.TMContainer00000000000000000001.regtrans-ms

Einige Dateien in TEMP:
====================
C:\Users\Lauritz\AppData\Local\Temp\libeay32.dll
C:\Users\Lauritz\AppData\Local\Temp\msvcr120.dll
C:\Users\Lauritz\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-12-30 22:15

==================== Ende von FRST.txt ============================
         

Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Lauritz (2017-01-02 17:21:20)
Gestartet von C:\Users\Lauritz\Desktop
Windows 7 Professional Service Pack 1 (X64) (2012-10-13 12:29:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2922099021-443059803-3302965599-500 - Administrator - Disabled)
Gast (S-1-5-21-2922099021-443059803-3302965599-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2922099021-443059803-3302965599-1009 - Limited - Enabled)
Lauritz (S-1-5-21-2922099021-443059803-3302965599-1000 - Administrator - Enabled) => C:\Users\Lauritz

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Age of Wonders III (HKLM\...\Steam App 226840) (Version:  - Triumph Studios)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle Realms (HKLM-x32\...\{9AA761E6-CA51-4FF2-A552-D51638BF0595}) (Version: 0.10.000 - Liquid Entertainment)
Black and White (HKLM-x32\...\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}) (Version:  - )
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Capitalism 2 (HKLM-x32\...\Capitalism 2_is1) (Version:  - GOG.com)
Capitalism II (nur deinstallation) (HKLM-x32\...\Capitalism II) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Conquest of Elysium 3 (HKLM\...\Steam App 211900) (Version:  - Illwinter Game Design)
Conquest of Elysium 4 (HKLM\...\Steam App 403950) (Version:  - Illwinter Game Design)
Cossacks: Back to War (HKLM-x32\...\Steam App 4850) (Version:  - GSC Game World)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Democracy 3 (HKLM\...\Steam App 245470) (Version:  - Positech Games)
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
EVE Online (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\{4c47d6a1-0c58-4e9b-8cf8-216262d26f37}) (Version: 1.0.0 - CCP)
EVEMon (HKLM-x32\...\EVEMon) (Version: 2.1.0 - battleclinic.com)
Evil Genius (HKLM-x32\...\Steam App 3720) (Version:  - Elixir Studios)
Forged Alliance Forever (HKLM-x32\...\{EF37C7C0-1281-4452-8A3F-D71215478D63}) (Version: 240.10.122 - FAF Community)
Fractured Space (HKLM-x32\...\Steam App 310380) (Version:  - Edge Case Games Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version:  - Robotronic Games)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studios)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Little Fighter 2 version 2.0a (HKLM-x32\...\Little Fighter 2) (Version: version 2.0a - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mumble 1.2.15 (HKLM-x32\...\{3320748F-375E-4A80-BD48-EC42124FB502}) (Version: 1.2.15 - Thorvald Natvig)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OpenTTD 1.6.1 (HKLM-x32\...\OpenTTD) (Version: 1.6.1 - OpenTTD)
Pirates of the Caribbean (HKLM-x32\...\{C388D147-CCBA-411C-B9FC-2CC1B4EFB240}) (Version:  - )
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
Planetbase (HKLM-x32\...\Steam App 403190) (Version:  - Madruga Works)
Port Royale 3 (HKLM\...\Steam App 205610) (Version:  - Gaming Minds)
Project AURA (HKLM\...\Steam App 305940) (Version:  - Pixel Quality Games)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PULSAR: Lost Colony (HKLM-x32\...\Steam App 252870) (Version:  - Leafy Games)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Seven Kingdoms 2 HD (HKLM\...\Steam App 338800) (Version:  - Enlight Software Limited)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SRWare Iron (64-Bit) Version 48.2550.2 (HKLM\...\{BA85A29D-B48E-4826-BAEE-817024E52E29}_is1) (Version: 48.2550.2 - SRWare)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version:  - Star Gem Inc.)
Star Ruler (HKLM-x32\...\StarRuler) (Version:  - )
Star Ruler 2 (HKLM-x32\...\Steam App 282590) (Version:  - Blind Mind Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellaris (HKLM\...\Steam App 281990) (Version:  - Paradox Development Studio)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.0001 - Firefly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Thea: The Awakening (HKLM\...\Steam App 378720) (Version:  - MuHa Games)
Unity Web Player (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Vodafone Mobile Broadband (HKLM-x32\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.3.409.46933 - Vodafone)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WordPerfect Office X3 (HKLM-x32\...\_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}) (Version:  - Corel Corporation)
WordPerfect Office X3 (x32 Version: 13.3 - Corel Corporation) Hidden
World of Tanks (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
XCOM 2 (HKLM-x32\...\Steam App 268500) (Version:  - Firaxis)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2328C447-D3E6-452B-87F9-9EE1E62A4363} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {2D1EC2C2-2DE7-44E3-A2C8-8CA22899DCD0} - System32\Tasks\{BA7EFF60-8789-4118-A88C-2358E2C1CEF7} => pcalua.exe -a D:\HDRII\EP1\EAUninstall.exe
Task: {337F6073-AF3B-4041-A1E2-360F21C9D657} - System32\Tasks\{37BDD613-C6FA-476D-9F6B-0D761860DBF2} => pcalua.exe -a D:\HDRII\EAUninstall.exe
Task: {4F5346FE-3B0F-4162-8D5D-5D4D49517DEA} - System32\Tasks\{02E7FDDD-7C7A-4696-8E9F-71C30DFEFF6B} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/105430
Task: {6440EA78-AF98-4591-B84E-B8859C5D18BA} - System32\Tasks\{62C6544D-7998-4493-9DE7-6498D76BC5B1} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe [2001-03-09] (LionHead Studios Ltd.)
Task: {733182AF-2FF2-441C-982F-8A8769EFFDCB} - System32\Tasks\{9BEA0DF0-7E39-48E3-94BA-D7D1CE9B4D23} => Chrome.exe hxxps://ui.skype.com/ui/0/7.30.80.105/de/abandoninstall?page=tsMain
Task: {78356296-813B-4DAF-A3CE-124F5844CA93} - System32\Tasks\{FC6FACA1-9ECD-412C-9E32-0050FE7386B9} => pcalua.exe -a D:\PlanetSide2\Uninstaller.exe
Task: {7E6D8B7A-4C49-4A0C-824C-FE012F75C383} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {AB73DEAA-DDED-439D-801C-214D922BF39D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {AF731C36-4DAC-43E7-963B-A431A84F7D32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-07] (Adobe Systems Incorporated)
Task: {B0B61FC4-E05F-4262-87F7-688AF5DBB856} - System32\Tasks\{31C26874-D94B-4972-8561-BC0923796AD2} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe [2001-03-09] (LionHead Studios Ltd.)
Task: {BA2D7491-0897-4A20-AE28-2632701CFF54} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Device Center\itype.exe
Task: {BA65C212-7CA6-4723-864D-03D055E04489} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {C8690BF7-AED1-4CDB-84BC-75C49827CDE6} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
Task: {DACD9C03-531E-428C-8D3D-7A51F8FD7B31} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {E22041C3-3C39-4683-B76D-4826B0A998F7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-15] (Adobe Systems Incorporated)
Task: {F86498AF-5BC8-424E-A3DF-BB28882EA2C8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Device Center\ipoint.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-12-18 17:31 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-13 13:53 - 2012-02-07 16:27 - 00121344 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2016-03-16 19:27 - 2016-03-11 15:31 - 02576984 _____ () C:\Program Files\SRWare Iron (64-Bit)\libglesv2.dll
2016-03-16 19:27 - 2016-03-11 15:31 - 00093784 _____ () C:\Program Files\SRWare Iron (64-Bit)\libegl.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-03-12 17:10 - 2016-12-08 16:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 10:49 - 2016-12-20 03:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-10-29 16:31 - 2016-12-20 03:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-12-13 11:21 - 2016-12-05 17:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2012-10-29 16:31 - 2016-12-20 03:25 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-01-20 07:18 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2012-10-13 13:53 - 2012-02-07 16:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:A70A8BB0 [284]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7924 mehr Seiten.

IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7924 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-12-28 20:30 - 00453906 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15574 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lauritz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3525630A-4038-4DA1-8B14-B1BA07B4A112}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EE1F95C1-FE21-4BD8-B1EF-3C3B97F569C2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A054DEDA-1F95-46C5-B435-0E8BB91AAB2C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{4BEB620E-9F8B-4A5F-AD92-663E50414585}D:\world_of_tanks\wotlauncher.exe] => (Allow) D:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B4883DF9-41FF-4A6B-9D9F-3F04E79BC86A}D:\world_of_tanks\wotlauncher.exe] => (Allow) D:\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{1A91BAD5-54D2-45CE-B7CF-22F04942A28D}D:\world_of_tanks\worldoftanks.exe] => (Allow) D:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{2B41D176-6C18-44C8-953F-7CB1DAFE7322}D:\world_of_tanks\worldoftanks.exe] => (Allow) D:\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{73AEEE84-7816-427D-9BD8-C5322DA10A25}C:\program files (x86)\star ruler\starruler.exe] => (Allow) C:\program files (x86)\star ruler\starruler.exe
FirewallRules: [UDP Query User{D9F68E51-CDFE-4084-8D7A-F9902E5B1B16}C:\program files (x86)\star ruler\starruler.exe] => (Allow) C:\program files (x86)\star ruler\starruler.exe
FirewallRules: [TCP Query User{5132D057-4F65-41C8-80FD-2BCCE9254C80}D:\eve online\bin\exefile.exe] => (Allow) D:\eve online\bin\exefile.exe
FirewallRules: [UDP Query User{8E9CA187-C958-440F-92BB-86E1F5EBE698}D:\eve online\bin\exefile.exe] => (Allow) D:\eve online\bin\exefile.exe
FirewallRules: [TCP Query User{64A58C25-74DC-4CC5-88A4-51D4C8CE0465}D:\anno171\anno1701.exe] => (Block) D:\anno171\anno1701.exe
FirewallRules: [UDP Query User{0053AE60-FB63-4AFD-BEB7-44D7F3C7F87A}D:\anno171\anno1701.exe] => (Block) D:\anno171\anno1701.exe
FirewallRules: [{79063EC3-D32F-4609-BA3C-5C6204A378D2}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{11DE37C0-7DEF-4B67-BD6F-1E0173797F95}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{2C78A0C5-39C2-4EB5-B470-6787181B3067}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{369A8CFD-43A6-428F-8F1D-589F4E461759}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{6D59CFA9-DFC8-4DAD-8A15-C05E013E9BE8}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{D35B639C-E5D8-4238-92C8-D88A98B1C8CD}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{2FE5F5E8-21E6-40DD-BB2D-6F39C9D307FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evil Genius\EvilGeniusLauncher.exe
FirewallRules: [{882484F6-FA56-4C13-98D2-8BDE5B124365}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evil Genius\EvilGeniusLauncher.exe
FirewallRules: [TCP Query User{165E54D3-C6F1-4741-B546-FFFC4E29EB99}C:\programdata\faforever\bin\forgedalliance.exe] => (Allow) C:\programdata\faforever\bin\forgedalliance.exe
FirewallRules: [UDP Query User{7D79CDF4-55A3-4FCF-87AA-1D49879BCEC3}C:\programdata\faforever\bin\forgedalliance.exe] => (Allow) C:\programdata\faforever\bin\forgedalliance.exe
FirewallRules: [TCP Query User{FF529BB4-7C9B-4596-B876-6840D87437FF}C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [UDP Query User{24A79DAB-AC2F-4C5D-8C44-53457662FA7B}C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [{1DE14345-D221-44C4-927E-8915EBDC7B0C}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{8C3DC567-10EE-413A-A775-E11810F84692}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{FE6DC594-F56A-44B5-8857-BBD1921EA6BE}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{87578C7C-5CCB-4820-A53A-EA284A55B822}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{7F094403-C09D-4FF8-84AB-024000AB740B}] => (Allow) LPort=80
FirewallRules: [{13455699-4A60-4268-A195-8156A81F90CF}] => (Allow) LPort=443
FirewallRules: [{6F6C0479-487A-4AEB-80C2-F07A64CE7406}] => (Allow) LPort=20010
FirewallRules: [{2E9328CF-89A4-466D-A07C-C8D50FD431F3}] => (Allow) LPort=3478
FirewallRules: [{BEC6AC26-105D-4ED8-B759-09B432CD9F01}] => (Allow) LPort=7850
FirewallRules: [{4F1FE10F-F708-40DE-8194-29E955599F65}] => (Allow) LPort=27022
FirewallRules: [{A1FEE9DF-46B5-4427-803E-5473AA8B14F6}] => (Allow) LPort=6881
FirewallRules: [{63BA6F08-A43D-4E05-B9AA-3FFDF63A65BF}] => (Allow) LPort=33333
FirewallRules: [{90F34B83-0226-4C4D-B0EB-08F80DB47615}] => (Allow) LPort=20443
FirewallRules: [{88299BA2-7499-492C-B6FA-39FC248B0927}] => (Allow) LPort=8090
FirewallRules: [{5A366660-B3A9-4F3B-9FD8-E8C28DB2C0EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{E9164DB0-ACB1-4C50-9D79-3356840DEAC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{FB745F0E-6CB3-493B-A67F-DA62816A9847}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67DD86DB-9070-4AE6-BF7A-FC2F64E5C5B2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F28FC892-C944-4799-A751-E9A912E53383}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{EC27BAA6-6D71-4D21-B93E-4B9CE0220E00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [TCP Query User{7BBB4B05-1A23-45F0-B3E9-DDE3ACBFDC45}C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe] => (Block) C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe
FirewallRules: [UDP Query User{64F90C6B-8DF0-4B73-B60C-73502AC5762B}C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe] => (Block) C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe
FirewallRules: [{F65F83C4-E4AF-4E46-A859-11C6B5A123C0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A7DC8388-128D-411A-A393-964948DDDA54}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{17757A13-4720-4CCD-8708-54F879C3E4C9}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{81D9EFF7-14A2-4C1D-A52A-3286026B729D}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5B033B21-4FBF-4990-940E-8FA557BF284D}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{3DFF6BFE-1E66-440A-8D21-80C9867C8289}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{BEBB5B2A-A4FE-445A-BD53-7516AAF12958}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{B3C16A45-B465-40CF-A310-14D6D8544EC4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{33C63DA3-27BC-4ABB-BC1C-2BC556D8C2CC}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{661A20FA-0891-4694-9CB4-7081E008B9A9}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [TCP Query User{4885F550-D1A7-48E6-9F2D-C3F444A36484}C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe] => (Allow) C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe
FirewallRules: [UDP Query User{01826DC1-531C-47ED-8C99-061E337F951F}C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe] => (Allow) C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe
FirewallRules: [{81F653ED-30F5-459C-BDF7-B797BB43BD31}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{50B022D9-07C7-46AF-97E6-B3ABD881A638}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{C4E340E7-FE79-4C2D-9029-FC4E85871471}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{87AE0554-1480-43C1-957B-A3D0CDCCF464}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{6F224CAE-EEB6-467D-BA7B-CD509E52CA77}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{258F7346-3DBD-403A-A60D-0085524EF75B}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{8ACA1C8F-8910-41D2-AA1B-156A3686DD7B}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{31E17DBD-7450-42BB-A908-B366189C1069}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [TCP Query User{5CF52E34-10DF-4486-9A3C-C93E4349617E}D:\eve test\bin\exefile.exe] => (Allow) D:\eve test\bin\exefile.exe
FirewallRules: [UDP Query User{C0632904-AB4B-4604-9794-C17929791001}D:\eve test\bin\exefile.exe] => (Allow) D:\eve test\bin\exefile.exe
FirewallRules: [{AEDCABFF-6C8C-4EC8-A2C6-3F9D8AAC6E60}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
FirewallRules: [{A5D27DCA-B050-417A-B0CE-96B05374332B}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
FirewallRules: [{728C2563-F377-46BD-9720-CA49545D29A8}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Star Ruler 2\Star Ruler 2.exe
FirewallRules: [{049CBADA-9726-4115-B315-D1BBA4BB4471}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Star Ruler 2\Star Ruler 2.exe
FirewallRules: [{B82976CC-4D75-45E2-B585-87E2C5C6E895}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\star conflict\game.exe
FirewallRules: [{67F59D19-6F28-4A34-BD83-96C9FE22A39E}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\star conflict\game.exe
FirewallRules: [TCP Query User{A66F55DD-678B-4745-94DB-FBE063BEA500}D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Block) D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [UDP Query User{2E1EDA66-F54C-4215-96E0-48C54E37BA42}D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Block) D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [{6EB2C5A9-0078-4002-8374-95AEF3950B25}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Planetbase\Planetbase.exe
FirewallRules: [{29CF51ED-505C-4803-BD72-5840A2BF3AE0}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Planetbase\Planetbase.exe
FirewallRules: [{B268E636-E6DD-4B5C-8292-A619AFF0D449}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{9E4FE6CD-4748-442E-BE13-FDE5E51D4D81}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{6545200B-D399-419C-AE47-BD310CAFF706}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{4F3D9125-81BD-4521-AF7B-82683A0E4F7E}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{AB1629DC-65FB-45AF-BF30-A640F4E604BB}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Gnomoria\Gnomoria.exe
FirewallRules: [{CD394664-A4B4-4221-9A4C-850708DFBF3C}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Gnomoria\Gnomoria.exe
FirewallRules: [TCP Query User{16E5ECC8-E241-4C67-8130-0581BC3FF300}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Block) D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{87735BB3-28FC-4A9E-8DFB-C53D11BC5DCB}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Block) D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{96CC5490-34B7-42C0-A395-A1A4351E9674}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{611DE6F4-D6F4-41AD-912B-4B60D2EB37C2}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{27C6D0CC-AA3A-44E8-B3D8-94FB961E420D}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Project Aura\Project Aura.exe
FirewallRules: [{455A754F-9ED1-4CFB-9172-7F08E27D45C1}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Project Aura\Project Aura.exe
FirewallRules: [TCP Query User{25652C2E-F1EA-4AF4-8D02-119B20FBC5B1}D:\eve online test server\sharedcache\tq\bin\exefile.exe] => (Allow) D:\eve online test server\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{337327AF-1C04-4E9F-BFF0-6C0C9A6F571C}D:\eve online test server\sharedcache\tq\bin\exefile.exe] => (Allow) D:\eve online test server\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{4586FD53-0545-4E21-AF9F-AFBC84778177}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe] => (Allow) C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe
FirewallRules: [UDP Query User{605DF62E-D495-4172-9867-775AD6DCFF3E}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe] => (Allow) C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe
FirewallRules: [{3052BF56-A71B-44DF-9B5B-96E8BD796720}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Seven Kingdoms 2 HD\7K2.exe
FirewallRules: [{07CCCFB8-3179-4EB7-B1D1-899C344073C2}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Seven Kingdoms 2 HD\7K2.exe
FirewallRules: [{C283F350-165D-41CB-B179-E3C57A63D50F}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{D029A56B-E110-436A-ACC6-68EFD3628378}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{B60573CB-4959-49B3-BED4-A6134D99D621}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{E61A2755-1C64-4465-B933-3F8C2D8D9781}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{496BDC9A-B6E5-48E2-B473-6748198DFD11}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{1B23D3C4-556A-4BF5-A5A6-C58C1121E450}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [TCP Query User{C60CC3AF-3573-4793-A84B-5A7DC321D718}C:\users\lauritz\proxy\freeproxy\freeproxy.exe] => (Block) C:\users\lauritz\proxy\freeproxy\freeproxy.exe
FirewallRules: [UDP Query User{AA8AF4EE-5F9F-4B77-9C9B-39A213EB0160}C:\users\lauritz\proxy\freeproxy\freeproxy.exe] => (Block) C:\users\lauritz\proxy\freeproxy\freeproxy.exe
FirewallRules: [TCP Query User{30A3F1D6-676A-4FEE-AE6F-C3E36EF18964}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{4A49306D-24EF-4BE6-9646-005110C4D15E}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{FAC251DA-7DC8-47CF-83F7-70C4736B7BF8}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{25E12715-FDCF-4AA8-916D-6F6C14450166}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{643F5760-CC57-46B0-A9AE-383DF3C910C4}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Port Royale 3\PortRoyale3.exe
FirewallRules: [{D2CBEB52-1236-423D-A4B6-F421562DA611}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Port Royale 3\PortRoyale3.exe
FirewallRules: [{588B24E7-4285-4438-9D20-88FED1C77B95}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{FA4380EF-610F-4958-BF9D-EC9947C5A0D2}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{42D08151-42D4-4CA9-A38F-55D8FBCAFDAF}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium3\coe3.exe
FirewallRules: [{4792A8DF-85BC-40EB-8415-79F7C4E664C4}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium3\coe3.exe
FirewallRules: [{96B68FD9-AA35-48B1-92FA-AF006BF45BF7}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium4\coe4.exe
FirewallRules: [{22D48B7B-F53D-4AE2-99FD-874F8C77439A}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium4\coe4.exe
FirewallRules: [{1E090DD7-0BD3-4851-8065-84A2D66DF08F}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [{68C25AAE-A925-449D-8E85-4F23A8C9842B}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [TCP Query User{5A819A13-965B-4BC8-AA48-44F6C99C6337}D:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) D:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{52111DC9-FC00-4D01-9535-649DEBD968AE}D:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) D:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [{ABE4C9A0-BBEB-4BA4-BCAF-50982DF45032}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F4E9BAE7-11E9-4457-9367-2D297456093F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{2FF99247-3D1A-4100-9C91-B62BF7A29EDE}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Graviteam Tactics Operation Star\starter.exe
FirewallRules: [{F97D8E2D-0D85-47D8-A1ED-4312164571A8}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Graviteam Tactics Operation Star\starter.exe
FirewallRules: [{1F2CD0F0-9D78-4991-93E2-4CAC962F5993}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{9665F274-E12D-479C-892D-DED6AACB8EC6}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{2A48A080-E8CE-48E9-8870-19D099A7BB48}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{EE3F296C-20C8-4481-9259-E96AF41D9210}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{F3BDC4CE-09F0-4B6B-AADA-8433B44D8C48}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{DD967720-A505-4A03-AB01-5E28F690D581}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{2134553F-60B9-4A6F-BE40-6476FF122012}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{124204E2-2440-4C3E-AFBA-687ED0A10DD3}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{6CD9EA87-4346-4DC2-9436-766EF704371F}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{D773CF05-81FD-4946-B5DF-8DC702470628}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{47D8A7BC-BB55-46F4-847A-4C0A80C0FF3B}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{C2D8725A-E936-4D61-8A97-2EE36FBF607E}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{76A16BF0-2535-43EE-AF51-470D66DBD8DB}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\MP\TheaMP.exe
FirewallRules: [{23FF5B09-6085-4895-A10C-317E3A328A63}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\MP\TheaMP.exe
FirewallRules: [{72AFA9A7-7EA2-4BFE-B4F9-7D0FAF3A6D57}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FCC03A1B-03CF-4BEA-91A2-E03C6FE794BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B37515D0-0248-49C0-A81D-93666DC4AF7B}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E96B7DB4-85CA-4C18-93C2-1B81DABA92DC}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{885685D8-B0BE-40AE-AD73-486B0C381C07}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{6F80B370-1CFE-461C-A1D6-396B0DE93DD3}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe

==================== Wiederherstellungspunkte =========================

12-11-2016 12:48:22 Installed AVG 2016
12-11-2016 12:49:58 Installed AVG
19-11-2016 16:30:02 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
19-11-2016 17:03:22 Windows Update
01-12-2016 04:40:03 Geplanter Prüfpunkt
11-12-2016 00:49:11 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210
11-12-2016 00:50:00 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
11-12-2016 00:50:23 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210
11-12-2016 00:51:34 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
13-12-2016 16:26:51 Microsoft Visual C++ 2005 Redistributable wird installiert
13-12-2016 16:28:22 Microsoft Visual C++ 2005 Redistributable wird installiert
13-12-2016 16:30:54 DirectX wurde installiert
14-12-2016 13:45:34 Windows Update
29-12-2016 19:58:16 Removed AVG
29-12-2016 20:04:08 Removed AVG 2016
30-12-2016 15:32:30 Windows Update
30-12-2016 18:11:46 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel(R) HD Graphics
Description: Intel(R) HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/02/2017 05:01:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2016 06:09:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2016 06:00:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2016 03:26:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/29/2016 08:07:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/29/2016 07:53:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/29/2016 06:18:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/28/2016 10:04:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d78

Startzeit: 01d2614814a8d107

Endzeit: 138

Anwendungspfad: D:\AgeofEmpires Online\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Berichts-ID:

Error: (12/28/2016 07:57:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mmc.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1dd4

Startzeit: 01d2613b939ec2d6

Endzeit: 3

Anwendungspfad: C:\Windows\system32\mmc.exe

Berichts-ID: 7e760e4b-cd2f-11e6-b90a-bc5ff4450f04

Error: (12/28/2016 07:54:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b54

Startzeit: 01d2613a25a06fee

Endzeit: 186

Anwendungspfad: D:\AgeofEmpires Online\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Berichts-ID:


Systemfehler:
=============
Error: (12/30/2016 11:28:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (12/30/2016 11:28:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/30/2016 06:13:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/30/2016 06:07:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (12/30/2016 05:57:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/30/2016 05:57:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/30/2016 05:57:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/30/2016 05:57:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/30/2016 05:57:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Vodafone-Mobile-Broadband-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/30/2016 05:57:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2012-10-13 16:48:13.632
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-13 16:48:13.621
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-13 16:48:13.337
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-13 16:48:13.328
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8079.21 MB
Verfügbarer physikalischer RAM: 5904.31 MB
Summe virtueller Speicher: 16156.6 MB
Verfügbarer virtueller Speicher: 13849.92 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:150.98 GB) (Free:29.51 GB) NTFS
Drive d: () (Fixed) (Total:176.27 GB) (Free:28.8 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 335.4 GB) (Disk ID: 429D211B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=176.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)

==================== Ende von Addition.txt ============================
         

Wenn ich mir so den Log anschaue sieht es schon ein bisschen komisch aus. An der Hard oder Software habe ich jedenfalls nichts mehr getan.

Alt 02.01.2017, 20:40   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.01.2017, 21:27   #13
Krossof
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Schritt 1

keine Ergebnisse, ist etwas kurz ist das so richtig?

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 03.01.2017
Suchlaufzeit: 12:04
Protokolldatei:  Malwarebytes Anti-Malware .txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.01.03.05
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Lauritz

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 297422
Abgelaufene Zeit: 29 Min., 2 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
         
Leider beim ersten mal einen Haken nicht gesetzt. der Zweite Scan hat auch ca. 3 Std gedauert deswegen so spät geantwortet.
Die 2 infizierten Dateien wurden entfernt und ersetzt.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0ff1021345763445a4789e712e1c73f9
# end=init
# utc_time=2017-01-03 11:55:38
# local_time=2017-01-03 12:55:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 31940
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0ff1021345763445a4789e712e1c73f9
# end=updated
# utc_time=2017-01-03 11:59:09
# local_time=2017-01-03 12:59:09 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=0ff1021345763445a4789e712e1c73f9
# engine=31940
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-01-03 03:20:39
# local_time=2017-01-03 04:20:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 352053 235086689 0 0
# scanned=848055
# found=2
# cleaned=0
# scan_time=12089
sh=92B359D33855BF27D6F0C1F58510D7B493A1162B ft=1 fh=4d6af7cbc920e55f vn="Variante von Win32/LoadTubes.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\ewaxkbbcewhlyczptnxrljzwvzgbzreq\uninstall.exe"
sh=F210BF96111D55D0CA93981B1499C0B77CD4D326 ft=1 fh=8088520b93b220b0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lauritz\Downloads\Raccoon - CHIP-Installer.exe"
Update Init
Update Download
Update Finalize
Updated modules version: 31942
         
Hier Schritt 3:

Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 DH Driver Cleaner Professional Edition 
 Adobe Flash Player 21.0.0.182  
 Adobe Reader XI  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Hoffe hab alles richtig gemacht

Alt 03.01.2017, 21:49   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Zitat:
C:\Users\Lauritz\Downloads\Raccoon - CHIP-Installer.exe
Keine Downloads mehr von CHIP.de!!!

Die verarschen ihre Kunden aus reiner Profitgier. Siehe auch http://www.trojaner-board.de/168364-...mpfehlung.html und CHIP-Installer - was ist das? - Anleitungen


Zitat:
Adobe Flash Player 21.0.0.182
Adobe Reader XI
Alles deinstallieren.

Adobe Reader: Verwende stattdessen lieber PDF-X-Change Viewer; der interne PDF-Betrachter vom Firefox reicht meist auch aus.

Flash Player: Was Adobe mit seinem Flash Player veranstaltet, ist irgendwo zwischen Frechheit und Inkompetenz einzustufen; in dem Teil werden ständig neue dicke Sicherheitslücken gefunden - für YT reicht meistens HTML5 aus, das ist der Standardplayer wenn der Flash Player inaktiv oder nicht installiert ist; für spezielle Browsergames kann es aber sein, dass du den Flash Player brauchst. Nutze Flash so sparsam wie möglich und wenn dann immer aktuell halten
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.01.2017, 13:05   #15
Krossof
 
Windows 7: PC ist auffällig langsamer - Standard

Windows 7: PC ist auffällig langsamer



Hallo cosinus,

den Flash Player und Adobe bin ich los geworden, der Chip-Installer ist aber nicht zu finden. Wo kann ich den denn aus meinem Download Ordner löschen bzw. das Programm wenn ich es ausversehen installiert habe?

Antwort

Themen zu Windows 7: PC ist auffällig langsamer
antivirus, cpu-z, defender, desktop, explorer, fehler, firewall, flash player, internet, internet explorer, launch, log, opera, pixel, problem gelöst, proxy, registry, scan, schließen, software, suche, temp, trojaner, trojaner board, udp, usb, viren, windows



Ähnliche Themen: Windows 7: PC ist auffällig langsamer


  1. Windows 10 - bootet langsamer - System insg. deutlich langsamer
    Log-Analyse und Auswertung - 05.12.2016 (2)
  2. Windows 8.1, Windows startet ohne Internetverbindung 2x mal, erheblich langsamer, versucht verdächtige Seiten selbstständig aufzurufen
    Log-Analyse und Auswertung - 26.11.2016 (9)
  3. Windows 7: Probleme mit Internet/Spiele; Auffällig: LavasoftTcpService.dll
    Plagegeister aller Art und deren Bekämpfung - 17.09.2015 (14)
  4. PC mit Win7 64: Booten dauert lang / Programme starten auffällig langsam Teil 1
    Log-Analyse und Auswertung - 21.06.2015 (22)
  5. Firefox IE verhalten sich auffällig
    Log-Analyse und Auswertung - 05.06.2015 (9)
  6. PC schaltet plötzlich komplett ab, Ereignisanzeige + Zuverlässigkeitsüberwachung auffällig
    Plagegeister aller Art und deren Bekämpfung - 12.12.2014 (15)
  7. Windows startet auffällig langsam nach SearchProtect Installation
    Plagegeister aller Art und deren Bekämpfung - 07.11.2013 (13)
  8. Windows 7: Kaspersky findet nichts aber der Rechner verhält sich sehr auffällig
    Log-Analyse und Auswertung - 31.05.2013 (20)
  9. Auffällig viele Ereignisse im Ruhezustand
    Alles rund um Windows - 25.09.2012 (2)
  10. Rechner verhält sich auffällig
    Log-Analyse und Auswertung - 12.09.2012 (5)
  11. Computer auffällig langsamer und Passwort geknackt
    Plagegeister aller Art und deren Bekämpfung - 26.06.2012 (6)
  12. Cpu Auslastung schwankt auffällig! trojaner?
    Log-Analyse und Auswertung - 04.11.2009 (0)
  13. PC geht auffällig langsam :(
    Log-Analyse und Auswertung - 09.11.2008 (2)
  14. Irgend etwas auffällig?
    Mülltonne - 25.06.2008 (0)
  15. iexplore.exe frisst auffällig viel Speicher
    Plagegeister aller Art und deren Bekämpfung - 23.10.2007 (6)
  16. Habe Ich einen virus? Der PC verhält sich auffällig!!
    Log-Analyse und Auswertung - 23.05.2007 (11)
  17. Ist hier was auffällig?
    Log-Analyse und Auswertung - 02.02.2006 (3)

Zum Thema Windows 7: PC ist auffällig langsamer - Hallo Trojaner Board, beim PC-Spielen ist mir das spiel eingefroren, die Hintergrundprogramme liefen weiter. Allerdings stellte ich auch bei Videos und Bildern sowie beim erneuten Start des Spiels ein sehr - Windows 7: PC ist auffällig langsamer...
Archiv
Du betrachtest: Windows 7: PC ist auffällig langsamer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.