Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Browser-Hijacker Problem!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.02.2017, 18:41   #1
HollyMoll
 
Browser-Hijacker Problem! - Standard

Browser-Hijacker Problem!



Sehr geehrte Damen und Herren,

wie Sie oben schon im Titel lesen konnten, habe ich folgendes Problem, mein PC wird von Browser-Hijackern heimgesucht.

Einer dieser ist das bekannt SearchPlusNetwork das z. B. bei YouTube immer aufploppt. Ich hatte davor noch viel mehr von diesen Hijackern auf meinem PC konnte aber ein paar entfernen.

Ich hoffe Sie können mir mit dieser mir viel zu schweren Aufgabe helfen und eine Lösung finden.

Mit freundlichen Grüßen

HollyMoll

Alt 01.02.2017, 21:03   #2
M-K-D-B
/// TB-Ausbilder
 
Browser-Hijacker Problem! - Standard

Browser-Hijacker Problem!






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 01.02.2017, 21:58   #3
HollyMoll
 
Browser-Hijacker Problem! - Standard

Browser-Hijacker Problem!



FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
durchgeführt von Holly (Administrator) auf HOLLY_MOLLY_PC (01-02-2017 21:47:33)
Gestartet von C:\Users\Holly\Downloads
Geladene Profile: Holly (Verfügbare Profile: Holly & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\ns.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\ns.exe
(Hammer & Chisel, Inc.) C:\Users\Holly\AppData\Local\Discord\app-0.0.297\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hammer & Chisel, Inc.) C:\Users\Holly\AppData\Local\Discord\app-0.0.297\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp.exe
(Hammer & Chisel, Inc.) C:\Users\Holly\AppData\Local\Discord\app-0.0.297\Discord.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11340752 2016-07-19] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [GammingApp] => C:\Program Files (x86)\MSI\Gaming APP\SGamingApp.exe [1149904 2016-05-10] (Micro-Star Int'l Co., Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218248 2016-11-15] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-11-04] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2256983288-4039232147-3337602895-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-2256983288-4039232147-3337602895-1000\...\Run: [Spotify Web Helper] => C:\Users\Holly\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1552496 2016-06-15] (Spotify Ltd)
HKU\S-1-5-21-2256983288-4039232147-3337602895-1000\...\Run: [Discord] => C:\Users\Holly\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2256983288-4039232147-3337602895-1000\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [611584 2016-03-09] (NETGEAR Inc.)
HKU\S-1-5-21-2256983288-4039232147-3337602895-1000\...\MountPoints2: {bd92abea-84f0-11e6-b613-d8cb8adeae25} - "E:\LaunchU3.exe" -a
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2016-02-04]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 213.153.32.129 213.153.32.1
Tcpip\..\Interfaces\{1e006edd-fffb-467a-b6a0-1f4fd5998afc}: [DhcpNameServer] 213.153.32.129 213.153.32.1
Tcpip\..\Interfaces\{54c170f1-e8ab-4ac5-9a3b-d2b9af884c7b}: [DhcpNameServer] 213.153.32.129 213.153.32.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-25] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-27] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-27] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-25] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-27] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-27] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2256983288-4039232147-3337602895-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-25] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFAddon [2016-12-04]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFAddon
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-27] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2016-03-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-25] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-01-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-01-20] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.at/"
CHR Profile: C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default [2017-02-01]
CHR Extension: (Google Präsentationen) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-04]
CHR Extension: (Google Docs) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-04]
CHR Extension: (Google Drive) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-04]
CHR Extension: (YouTube) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-04]
CHR Extension: (Adblock Plus) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (Google-Suche) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-04]
CHR Extension: (Google Tabellen) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-04]
CHR Extension: (LoungeDestroyer) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2017-01-30]
CHR Extension: (Google Docs Offline) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-04]
CHR Extension: (Chrome Media Router) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-19]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2016-12-16] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-12-25] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [392976 2017-01-25] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [39888 2016-05-19] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-05-16] (Micro-Star INT'L CO., LTD.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [54200 2016-07-22] (Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2227152 2016-07-19] (Micro-Star INT'L CO., LTD.)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2016-03-09] (NETGEAR)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\NS.exe [289080 2016-11-12] (Symantec Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-01-20] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [218248 2016-11-15] (Geek Software GmbH)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20170125.003_a68\BHDrvx64.sys [1874136 2017-01-25] (Symantec Corporation)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\1608010.00E\ccSetx64.sys [174328 2016-06-02] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-25] (Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [54736 2017-02-01] ()
R3 iaLPSS2_UART2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [281896 2015-07-20] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20170130.001\IDSvia64.sys [1038024 2017-01-27] (Symantec Corporation)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45208 2016-03-05] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-01-30] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-01-31] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-31] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-01-31] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-31] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2016-12-23] (CACE Technologies, Inc.)
S3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI)
R3 NTIOLib_MB; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [13808 2014-03-13] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_02838dee03d82b94\nvlddmkm.sys [14427064 2017-01-21] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2016-03-12] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek                                            )
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R1 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\1608010.00E\SRTSP64.SYS [784624 2016-11-12] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\1608010.00E\SRTSPX64.SYS [49400 2016-11-12] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\1608010.00E\SYMEFASI64.SYS [1628888 2016-11-12] (Symantec Corporation)
S4 SymELAM; C:\WINDOWS\system32\drivers\NSx64\1608010.00E\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2016-10-17] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\1608010.00E\Ironx64.SYS [289520 2016-11-12] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\1608010.00E\SYMNETS.SYS [567512 2016-11-12] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\SDSDefs\20161118.009\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\SDSDefs\20161118.009\EX64.SYS [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-01 21:47 - 2017-02-01 21:48 - 00027059 _____ C:\Users\Holly\Downloads\FRST.txt
2017-02-01 21:46 - 2017-02-01 21:47 - 00000000 ____D C:\FRST
2017-02-01 21:45 - 2017-02-01 21:45 - 02420736 _____ (Farbar) C:\Users\Holly\Downloads\FRST64.exe
2017-02-01 18:10 - 2017-02-01 18:10 - 00054736 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2017-01-31 20:58 - 2017-01-31 20:58 - 00001978 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2017-01-31 20:58 - 2017-01-31 20:58 - 00000000 ____D C:\Program Files\HitmanPro
2017-01-31 20:57 - 2017-01-31 21:16 - 00000000 ____D C:\ProgramData\HitmanPro
2017-01-31 20:56 - 2017-01-31 20:56 - 11581544 _____ (SurfRight B.V.) C:\Users\Holly\Downloads\hitmanpro_x64.exe
2017-01-30 22:19 - 2017-02-01 18:20 - 00000000 ____D C:\AdwCleaner
2017-01-30 22:15 - 2017-01-30 22:16 - 04015056 _____ C:\Users\Holly\Downloads\adwcleaner_6.043.exe
2017-01-30 19:24 - 2017-01-30 19:24 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-30 19:23 - 2017-01-31 21:51 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-30 19:23 - 2017-01-31 21:51 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-30 19:23 - 2017-01-31 21:51 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-30 19:23 - 2017-01-31 21:51 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-30 19:23 - 2017-01-30 19:23 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-30 19:23 - 2017-01-30 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-30 19:23 - 2017-01-30 19:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-30 19:23 - 2017-01-30 19:23 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-30 19:23 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-30 19:22 - 2017-01-30 19:22 - 55566792 _____ (Malwarebytes ) C:\Users\Holly\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-01-30 19:07 - 2017-01-30 19:11 - 00000000 ____D C:\Users\Holly\AppData\Local\NPE
2017-01-30 19:06 - 2017-01-30 19:06 - 03435768 _____ (Symantec Corporation) C:\Users\Holly\Downloads\NPE.exe
2017-01-30 15:36 - 2017-01-30 15:36 - 00003400 _____ C:\WINDOWS\System32\Tasks\WiperSoft Startup
2017-01-30 15:36 - 2017-01-30 15:36 - 00000000 ____D C:\Users\Holly\AppData\Local\CrashRpt
2017-01-30 15:35 - 2017-01-30 15:35 - 00023032 _____ (Wiper Software) C:\WINDOWS\system32\wiperrm.exe
2017-01-29 21:40 - 2017-01-30 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-01-29 21:40 - 2017-01-30 13:57 - 00000000 ____D C:\Program Files\CCleaner
2017-01-27 16:11 - 2017-01-27 16:10 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2017-01-26 21:05 - 2017-01-29 16:33 - 00518392 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-01-26 21:05 - 2017-01-26 21:05 - 00000000 ____D C:\ProgramData\For Honor
2017-01-26 21:04 - 2017-01-25 16:19 - 00392976 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-01-25 22:40 - 2017-01-30 15:14 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-25 22:40 - 2017-01-20 15:07 - 00134080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-01-25 22:40 - 2016-12-16 01:33 - 00273696 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-01-25 22:40 - 2016-12-16 01:33 - 00266528 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-01-25 22:40 - 2016-12-16 01:33 - 00111392 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-01-25 22:40 - 2016-12-16 01:32 - 00125728 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-01-25 22:38 - 2017-01-30 15:24 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-25 22:36 - 2017-01-24 01:00 - 00047664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 34974656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 28239928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 19008576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 14677272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 11123936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 11019192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 09308896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 08990584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 03167288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 02715072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 01985080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437849.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437849.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 01051584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00988608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00960568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00944224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00909760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00719160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00618232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00609216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00606776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00573120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00447800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-01-25 22:36 - 2017-01-20 17:38 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-01-25 22:36 - 2017-01-20 17:38 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-01-25 22:21 - 2017-01-20 19:39 - 00156608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-01-25 22:21 - 2017-01-20 19:39 - 00124352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-01-25 22:21 - 2017-01-20 19:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-01-25 19:02 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 19:02 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-25 16:50 - 2017-01-25 16:50 - 00000000 ____D C:\Users\Holly\AppData\Local\TeamSpeak 3
2017-01-25 16:50 - 2017-01-25 16:50 - 00000000 ____D C:\Users\Holly\.TeamSpeak 3
2017-01-25 16:50 - 2017-01-25 16:50 - 00000000 ____D C:\Users\Holly\.QtWebEngineProcess
2017-01-24 21:26 - 2017-01-24 21:27 - 234822570 _____ C:\Users\Holly\Downloads\New 1 hour mix.m4a
2017-01-24 21:07 - 2017-01-24 21:07 - 00000234 _____ C:\Users\Holly\Desktop\For Honor.url
2017-01-24 21:05 - 2017-01-30 15:23 - 00000000 ____D C:\Users\Holly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-01-24 21:05 - 2017-01-24 21:05 - 00001278 _____ C:\Users\Holly\Desktop\Uplay.lnk
2017-01-15 23:02 - 2017-01-15 23:15 - 00022046 _____ C:\Users\Holly\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2017-01-11 18:00 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 18:00 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 18:00 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 18:00 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 18:00 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 18:00 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 18:00 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 18:00 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 18:00 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 18:00 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 18:00 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 18:00 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 18:00 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 18:00 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 18:00 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 18:00 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 18:00 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 18:00 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 17:59 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 17:59 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 17:59 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 17:59 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 17:59 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 17:59 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 17:59 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 17:59 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 17:59 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 17:59 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 17:59 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 17:59 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 17:59 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 17:59 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 17:59 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 17:59 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 17:59 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 17:59 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 17:59 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 17:59 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 17:59 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 17:59 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 17:59 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 17:59 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 17:59 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 17:59 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 17:59 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 17:59 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 17:59 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 17:59 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 17:59 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 17:59 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 17:59 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 17:59 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 17:59 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 17:59 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 17:59 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 17:59 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 17:59 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 17:59 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 17:59 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 17:59 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 17:59 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 17:59 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 17:59 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 17:59 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 17:59 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 17:59 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 17:59 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 17:59 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 17:59 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 17:59 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 17:59 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 17:59 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 17:59 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 17:59 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 17:59 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 17:59 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 17:59 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 17:59 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 17:59 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 17:59 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:59 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 17:59 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 17:59 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 17:59 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 17:59 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 17:59 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 17:59 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 17:59 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 17:59 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 17:59 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 17:59 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 17:59 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 17:59 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 17:59 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 17:59 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 17:59 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 17:59 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 17:59 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 17:59 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 17:59 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 17:59 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 17:59 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 17:59 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-11 17:59 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 17:59 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 17:59 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 17:59 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-11 17:59 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 17:59 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 17:59 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 17:59 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 17:59 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 17:59 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 17:59 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 17:59 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 17:59 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 17:59 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 17:59 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 17:59 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 17:59 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 17:59 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 17:59 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 17:59 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 17:59 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 17:59 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 17:59 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 17:59 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 17:59 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:59 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 17:59 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 17:59 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 17:59 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 17:59 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 17:59 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 17:59 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:59 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 17:59 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 17:59 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 17:59 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 17:59 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 17:59 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 17:59 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 17:59 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 17:59 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 17:59 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 17:59 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 17:59 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 17:59 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 17:59 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 17:59 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 17:59 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 17:59 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 17:59 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 17:59 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 17:59 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 17:59 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 17:59 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 17:59 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 17:59 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 17:59 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 17:59 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 17:59 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 17:59 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 17:59 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 17:59 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 17:59 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 17:59 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:59 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 17:59 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 17:59 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-09 17:50 - 2017-01-09 17:50 - 00031434 _____ C:\Users\Holly\Downloads\We_are_number_one.rar
2017-01-06 23:48 - 2017-01-30 15:23 - 00000000 ____D C:\Users\Holly\AppData\LocalLow\Heroes and Generals
2017-01-06 23:44 - 2017-01-06 23:44 - 00000000 ____D C:\Users\Holly\AppData\Roaming\HeroesAndGeneralsDesktop
2017-01-06 23:37 - 2017-01-06 23:37 - 00000222 _____ C:\Users\Holly\Desktop\Heroes & Generals.url

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-01 21:43 - 2016-12-13 18:17 - 00000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2017-02-01 21:07 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-01 20:54 - 2016-02-04 19:52 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-01 20:02 - 2016-09-24 11:03 - 00000000 ____D C:\Users\Holly
2017-02-01 18:26 - 2016-11-24 14:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2017-02-01 18:25 - 2016-02-04 19:13 - 00000000 ____D C:\MSI
2017-02-01 18:23 - 2016-09-24 10:58 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-01 18:21 - 2016-09-24 11:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-01 18:20 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-01 18:19 - 2016-02-04 21:21 - 00000000 ____D C:\Users\Holly\AppData\Local\CrashDumps
2017-02-01 18:07 - 2016-10-03 20:49 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-02-01 17:24 - 2016-09-24 10:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-01 16:58 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-01 16:58 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-30 19:40 - 2016-09-24 11:02 - 02225858 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-30 19:40 - 2016-07-16 23:51 - 00860664 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-30 19:40 - 2016-07-16 23:51 - 00203736 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-30 19:07 - 2016-02-04 19:24 - 00000000 ____D C:\ProgramData\Norton
2017-01-30 18:55 - 2016-09-24 11:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-01-30 15:25 - 2016-02-04 21:28 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2017-01-30 15:24 - 2016-12-23 15:03 - 00000000 ____D C:\Users\DefaultAppPool
2017-01-30 15:24 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-01-30 15:23 - 2016-11-08 15:59 - 00000000 ____D C:\Program Files (x86)\Diablo III
2017-01-30 15:23 - 2016-09-24 10:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-30 15:23 - 2016-09-24 10:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-30 15:23 - 2016-08-24 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-30 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Help
2017-01-30 15:23 - 2016-05-09 20:33 - 00000000 ____D C:\Users\Holly\Documents\Overwatch
2017-01-30 15:23 - 2016-05-09 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2017-01-30 15:23 - 2016-05-09 19:00 - 00000000 ____D C:\Program Files (x86)\Overwatch
2017-01-30 15:23 - 2016-03-12 12:32 - 00000000 ____D C:\Users\Holly\AppData\Roaming\Battle.net
2017-01-30 15:23 - 2016-02-11 18:10 - 00000000 ____D C:\Users\Holly\Documents\My games
2017-01-30 15:23 - 2016-02-04 21:28 - 00000000 ____D C:\Users\Holly\AppData\Roaming\TS3Client
2017-01-30 15:23 - 2016-02-04 19:43 - 00000000 ____D C:\Users\Holly\AppData\Roaming\TP-LINK
2017-01-30 15:23 - 2016-02-04 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-01-30 15:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
2017-01-30 15:15 - 2016-09-24 10:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-01-30 15:15 - 2016-02-05 19:19 - 00000000 ____D C:\ProgramData\Oracle
2017-01-30 15:15 - 2016-02-04 19:39 - 00000000 ____D C:\Users\Holly\AppData\Local\NVIDIA
2017-01-30 15:14 - 2016-08-31 12:16 - 00000000 ____D C:\Program Files\Java
2017-01-30 15:13 - 2016-08-24 12:15 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-30 15:13 - 2016-03-12 12:32 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-30 14:48 - 2016-12-18 00:14 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2017-01-29 21:48 - 2016-09-24 11:54 - 00000000 ___DC C:\WINDOWS\Panther
2017-01-29 21:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-29 19:18 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI(1387)
2017-01-29 17:07 - 2016-10-30 13:18 - 00000000 ____D C:\Users\Holly\AppData\Local\Ubisoft Game Launcher
2017-01-29 14:01 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-27 16:10 - 2016-08-31 12:17 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-01-27 16:10 - 2016-08-24 12:16 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-01-26 14:14 - 2016-02-10 14:20 - 00000000 ____D C:\Users\Holly\Desktop\Alles
2017-01-25 23:09 - 2016-03-12 12:34 - 00000000 ____D C:\Users\Holly\AppData\Local\Battle.net
2017-01-25 22:33 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-25 22:22 - 2016-09-24 11:25 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 22:22 - 2016-09-08 13:16 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-01-25 22:21 - 2016-12-18 00:10 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 22:21 - 2016-09-24 11:25 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 22:21 - 2016-09-24 11:25 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 22:21 - 2016-09-24 11:25 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 22:21 - 2016-09-24 11:25 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 22:21 - 2016-09-24 11:25 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 16:48 - 2016-02-05 19:13 - 00000000 ____D C:\Users\Holly\AppData\Roaming\.minecraft
2017-01-24 23:49 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-24 14:41 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI(92)
2017-01-24 14:41 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI(1290)
2017-01-24 14:41 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI(1174)
2017-01-24 01:00 - 2016-08-26 23:30 - 01600056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-01-24 01:00 - 2016-08-26 23:30 - 00217528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-01-23 15:42 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-20 19:39 - 2016-09-08 13:16 - 01872320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-01-20 19:39 - 2016-09-08 13:16 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-01-20 19:39 - 2016-09-08 13:16 - 01464768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-01-20 19:39 - 2016-09-08 13:16 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-01-20 19:39 - 2016-09-08 13:16 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-01-20 19:39 - 2016-09-08 13:15 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-01-20 17:38 - 2016-09-24 11:48 - 00514616 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-01-20 17:38 - 2016-09-08 13:57 - 04079032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-01-20 17:38 - 2016-09-08 13:57 - 03597640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-01-20 17:38 - 2016-09-08 13:57 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-01-20 17:38 - 2016-07-16 23:57 - 00420408 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-01-20 16:13 - 2016-09-24 10:58 - 06401984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-01-20 16:13 - 2016-09-24 10:58 - 02479160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-01-20 16:13 - 2016-09-24 10:58 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-01-20 16:13 - 2016-09-24 10:58 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-01-20 16:13 - 2016-09-24 10:58 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-01-20 16:13 - 2016-09-24 10:58 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-01-20 16:13 - 2016-09-24 10:58 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-01-20 15:04 - 2016-09-08 13:15 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-01-20 14:36 - 2016-12-18 00:08 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-01-19 21:04 - 2016-04-21 17:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-18 13:57 - 2016-09-24 10:58 - 07755067 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-01-16 15:07 - 2016-02-04 20:00 - 00000000 ____D C:\Users\Holly\AppData\Local\ElevatedDiagnostics
2017-01-16 14:16 - 2016-02-10 14:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-14 13:16 - 2016-11-07 12:33 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2017-01-12 22:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-12 14:14 - 2016-12-21 18:29 - 00000000 ____D C:\Users\Holly\AppData\Roaming\discord
2017-01-12 14:13 - 2016-12-21 18:29 - 00002237 _____ C:\Users\Holly\Desktop\Discord.lnk
2017-01-12 14:13 - 2016-12-21 18:29 - 00000000 ____D C:\Users\Holly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-01-12 14:12 - 2016-12-21 18:28 - 00000000 ____D C:\Users\Holly\AppData\Local\Discord
2017-01-12 14:10 - 2016-02-06 14:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-12 13:58 - 2016-02-04 21:16 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-12 13:57 - 2016-09-24 10:55 - 00341848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-11 22:21 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI(1303)
2017-01-11 22:20 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 22:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 22:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 22:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 22:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 22:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-11 19:30 - 2016-02-06 17:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 19:27 - 2016-02-06 17:12 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-11 17:23 - 2016-03-12 12:52 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2017-01-10 17:35 - 2016-09-24 11:25 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-10 17:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-10 17:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-07 18:25 - 2016-02-06 14:44 - 00000000 ____D C:\Users\Holly\AppData\Local\Packages
2017-01-04 20:30 - 2016-02-18 20:20 - 00000000 ____D C:\Users\Holly\AppData\Roaming\Skype
2017-01-03 22:07 - 2016-02-10 14:20 - 00000000 ____D C:\Users\Holly\Desktop\Schule

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-01-15 23:02 - 2017-01-15 23:15 - 0022046 _____ () C:\Users\Holly\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2016-08-24 12:48 - 2016-09-09 10:13 - 0007602 _____ () C:\Users\Holly\AppData\Local\Resmon.ResmonCfg
2016-09-24 10:58 - 2016-09-24 10:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-18 00:14 - 2017-01-30 15:10 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-18 00:14 - 2017-01-30 14:48 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Einige Dateien in TEMP:
====================
2017-01-27 16:08 - 2017-01-27 16:08 - 0739904 _____ (Oracle Corporation) C:\Users\Holly\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-12-21 18:28 - 2016-12-11 19:23 - 0747648 _____ (NVIDIA Corporation) C:\Users\Holly\AppData\Local\Temp\nvSCPAPI.dll
2016-12-21 18:28 - 2016-12-11 19:23 - 0860776 _____ (NVIDIA Corporation) C:\Users\Holly\AppData\Local\Temp\nvSCPAPI64.dll
2017-01-25 22:37 - 2016-12-11 19:23 - 0353336 _____ (NVIDIA Corporation) C:\Users\Holly\AppData\Local\Temp\nvStInst.exe
2016-09-08 13:15 - 2016-12-13 00:36 - 0253376 _____ (NVIDIA Corporation) C:\Users\Holly\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-09-08 13:15 - 2016-12-13 00:36 - 0334272 _____ (NVIDIA Corporation) C:\Users\Holly\AppData\Local\Temp\NvTelemetryAPI64.dll
2017-01-22 12:12 - 2017-01-22 12:12 - 1042784 _____ (Microsoft Corporation) C:\Users\Holly\AppData\Local\Temp\PidGenX.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-23 18:01

==================== Ende von FRST.txt ============================
         
TDSS:

Code:
ATTFilter
21:52:47.0680 0x1b2c  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
21:52:52.0937 0x1b2c  ============================================================
21:52:52.0937 0x1b2c  Current date / time: 2017/02/01 21:52:52.0937
21:52:52.0937 0x1b2c  SystemInfo:
21:52:53.0056 0x1b2c  
21:52:53.0056 0x1b2c  OS Version: 10.0.14393 ServicePack: 0.0
21:52:53.0056 0x1b2c  Product type: Workstation
21:52:53.0056 0x1b2c  ComputerName: HOLLY_MOLLY_PC
21:52:53.0056 0x1b2c  UserName: Holly
21:52:53.0056 0x1b2c  Windows directory: C:\WINDOWS
21:52:53.0056 0x1b2c  System windows directory: C:\WINDOWS
21:52:53.0056 0x1b2c  Running under WOW64
21:52:53.0056 0x1b2c  Processor architecture: Intel x64
21:52:53.0056 0x1b2c  Number of processors: 4
21:52:53.0056 0x1b2c  Page size: 0x1000
21:52:53.0056 0x1b2c  Boot type: Normal boot
21:52:53.0056 0x1b2c  CodeIntegrityOptions = 0x00000001
21:52:53.0056 0x1b2c  ============================================================
21:52:54.0623 0x1b2c  KLMD registered as C:\WINDOWS\system32\drivers\60843684.sys
21:52:54.0623 0x1b2c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
21:53:00.0399 0x1b2c  System UUID: {7F51FB71-C375-4EF6-C917-669A24FF2C29}
21:53:07.0650 0x1b2c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:53:07.0659 0x1b2c  ============================================================
21:53:07.0659 0x1b2c  \Device\Harddisk0\DR0:
21:53:07.0660 0x1b2c  MBR partitions:
21:53:07.0660 0x1b2c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:53:07.0660 0x1b2c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x745F2800
21:53:07.0660 0x1b2c  ============================================================
21:53:07.0677 0x1b2c  C: <-> \Device\Harddisk0\DR0\Partition2
21:53:07.0677 0x1b2c  ============================================================
21:53:07.0677 0x1b2c  Initialize success
21:53:07.0677 0x1b2c  ============================================================
21:53:38.0138 0x2e38  ============================================================
21:53:38.0138 0x2e38  Scan started
21:53:38.0138 0x2e38  Mode: Manual; SigCheck; TDLFS; 
21:53:38.0138 0x2e38  ============================================================
21:53:38.0138 0x2e38  KSN ping started
21:53:38.0261 0x2e38  KSN ping finished: true
21:53:43.0793 0x2e38  ================ Scan system memory ========================
21:53:43.0793 0x2e38  System memory - ok
21:53:43.0794 0x2e38  ================ Scan services =============================
21:53:43.0908 0x2e38  1394ohci - ok
21:53:43.0911 0x2e38  3ware - ok
21:53:44.0089 0x2e38  ACPI - ok
21:53:44.0119 0x2e38  AcpiDev - ok
21:53:44.0122 0x2e38  acpiex - ok
21:53:44.0214 0x2e38  acpipagr - ok
21:53:44.0236 0x2e38  AcpiPmi - ok
21:53:44.0239 0x2e38  acpitime - ok
21:53:44.0298 0x2e38  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:53:44.0374 0x2e38  AdobeARMservice - ok
21:53:44.0453 0x2e38  [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:53:44.0503 0x2e38  AdobeFlashPlayerUpdateSvc - ok
21:53:44.0525 0x2e38  ADP80XX - ok
21:53:44.0542 0x2e38  AFD - ok
21:53:44.0553 0x2e38  ahcache - ok
21:53:44.0569 0x2e38  AJRouter - ok
21:53:44.0574 0x2e38  ALG - ok
21:53:44.0576 0x2e38  AmdK8 - ok
21:53:44.0579 0x2e38  AmdPPM - ok
21:53:44.0581 0x2e38  amdsata - ok
21:53:44.0586 0x2e38  amdsbs - ok
21:53:44.0589 0x2e38  amdxata - ok
21:53:44.0631 0x2e38  AppHostSvc - ok
21:53:44.0638 0x2e38  AppID - ok
21:53:44.0641 0x2e38  AppIDSvc - ok
21:53:44.0651 0x2e38  Appinfo - ok
21:53:44.0661 0x2e38  applockerfltr - ok
21:53:44.0664 0x2e38  AppMgmt - ok
21:53:44.0684 0x2e38  AppReadiness - ok
21:53:44.0715 0x2e38  AppVClient - ok
21:53:44.0732 0x2e38  AppvStrm - ok
21:53:44.0764 0x2e38  AppvVemgr - ok
21:53:44.0773 0x2e38  AppvVfs - ok
21:53:44.0798 0x2e38  AppXSvc - ok
21:53:44.0817 0x2e38  arcsas - ok
21:53:44.0899 0x2e38  aspnet_state - ok
21:53:44.0902 0x2e38  AsyncMac - ok
21:53:44.0922 0x2e38  atapi - ok
21:53:44.0944 0x2e38  athr - ok
21:53:44.0947 0x2e38  AudioEndpointBuilder - ok
21:53:44.0966 0x2e38  Audiosrv - ok
21:53:44.0978 0x2e38  AxInstSV - ok
21:53:44.0985 0x2e38  b06bdrv - ok
21:53:44.0989 0x2e38  BasicDisplay - ok
21:53:44.0992 0x2e38  BasicRender - ok
21:53:44.0995 0x2e38  bcmfn - ok
21:53:44.0998 0x2e38  bcmfn2 - ok
21:53:45.0005 0x2e38  BDESVC - ok
21:53:45.0008 0x2e38  Beep - ok
21:53:45.0084 0x2e38  [ D6BD4AE897D0DF163832AC75DF361BD0, E5F57A907EC557B2F29F49AA0A98AC90261DC44674F3066798AD622ECB24DBBE ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
21:53:45.0115 0x2e38  BEService - ok
21:53:45.0152 0x2e38  BFE - ok
21:53:45.0650 0x2e38  [ CE27F2268497E57A94A48F8D1B47A1B6, 459A2A5C7E1CA27E720AFA95B342CDFD52224467DC4FC54AF870BA5781643F88 ] BHDrvx64        C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20170125.003_a68\BHDrvx64.sys
21:53:45.0691 0x2e38  BHDrvx64 - ok
21:53:45.0708 0x2e38  BITS - ok
21:53:45.0721 0x2e38  bowser - ok
21:53:45.0736 0x2e38  BrokerInfrastructure - ok
21:53:45.0754 0x2e38  Browser - ok
21:53:45.0770 0x2e38  BthAvrcpTg - ok
21:53:45.0773 0x2e38  BthHFEnum - ok
21:53:45.0776 0x2e38  bthhfhid - ok
21:53:45.0786 0x2e38  BthHFSrv - ok
21:53:45.0789 0x2e38  BTHMODEM - ok
21:53:45.0793 0x2e38  bthserv - ok
21:53:45.0818 0x2e38  buttonconverter - ok
21:53:45.0821 0x2e38  CapImg - ok
21:53:45.0867 0x2e38  [ 03427B8FF618BE50EB5027B4E549C0D8, 3C3815FE3C847B992E794B1BB0FDB87B8D18AEC95BA9E916591CF43EB8169D15 ] ccSet_NS        C:\WINDOWS\system32\drivers\NSx64\1608010.00E\ccSetx64.sys
21:53:45.0878 0x2e38  ccSet_NS - ok
21:53:45.0881 0x2e38  cdfs - ok
21:53:45.0895 0x2e38  CDPSvc - ok
21:53:45.0914 0x2e38  CDPUserSvc - ok
21:53:45.0951 0x2e38  cdrom - ok
21:53:45.0978 0x2e38  CertPropSvc - ok
21:53:45.0981 0x2e38  cht4iscsi - ok
21:53:45.0986 0x2e38  cht4vbd - ok
21:53:46.0012 0x2e38  circlass - ok
21:53:46.0019 0x2e38  CLFS - ok
21:53:46.0129 0x2e38  [ AD02A66E8A76692EB4ECC108D9384393, C07EA28B70BAC9BE4B65C2E35C307493DDA694FC425C01D54F1150555C17CC73 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
21:53:46.0187 0x2e38  ClickToRunSvc - ok
21:53:46.0205 0x2e38  ClipSVC - ok
21:53:46.0207 0x2e38  clreg - ok
21:53:46.0226 0x2e38  CmBatt - ok
21:53:46.0239 0x2e38  CNG - ok
21:53:46.0241 0x2e38  cnghwassist - ok
21:53:46.0437 0x2e38  CompositeBus - ok
21:53:46.0440 0x2e38  COMSysApp - ok
21:53:46.0442 0x2e38  condrv - ok
21:53:46.0511 0x2e38  CoreMessagingRegistrar - ok
21:53:46.0629 0x2e38  CryptSvc - ok
21:53:46.0631 0x2e38  CSC - ok
21:53:46.0633 0x2e38  CscService - ok
21:53:46.0644 0x2e38  dam - ok
21:53:46.0648 0x2e38  DcomLaunch - ok
21:53:46.0651 0x2e38  DcpSvc - ok
21:53:46.0662 0x2e38  defragsvc - ok
21:53:46.0670 0x2e38  DeviceAssociationService - ok
21:53:46.0676 0x2e38  DeviceInstall - ok
21:53:46.0682 0x2e38  DevQueryBroker - ok
21:53:46.0693 0x2e38  Dfsc - ok
21:53:46.0723 0x2e38  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:53:46.0737 0x2e38  dg_ssudbus - ok
21:53:46.0763 0x2e38  Dhcp - ok
21:53:46.0810 0x2e38  diagnosticshub.standardcollector.service - ok
21:53:46.0833 0x2e38  DiagTrack - ok
21:53:46.0851 0x2e38  disk - ok
21:53:46.0869 0x2e38  DmEnrollmentSvc - ok
21:53:46.0873 0x2e38  dmvsc - ok
21:53:46.0900 0x2e38  dmwappushservice - ok
21:53:46.0911 0x2e38  Dnscache - ok
21:53:46.0926 0x2e38  dot3svc - ok
21:53:46.0928 0x2e38  DPS - ok
21:53:46.0951 0x2e38  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
21:53:46.0966 0x2e38  drmkaud - ok
21:53:46.0999 0x2e38  DsmSvc - ok
21:53:47.0002 0x2e38  DsSvc - ok
21:53:47.0010 0x2e38  DXGKrnl - ok
21:53:47.0013 0x2e38  EapHost - ok
21:53:47.0015 0x2e38  EasyAntiCheat - ok
21:53:47.0020 0x2e38  ebdrv - ok
21:53:47.0085 0x2e38  [ 6266BAEDF00023684B10E101E9FBB89B, 720B66721BD9BAE476A0CA9037C5452FB1CC645DC00E6205051C7AF84550051C ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:53:47.0101 0x2e38  eeCtrl - ok
21:53:47.0133 0x2e38  EFS - ok
21:53:47.0151 0x2e38  EhStorClass - ok
21:53:47.0168 0x2e38  EhStorTcgDrv - ok
21:53:47.0185 0x2e38  embeddedmode - ok
21:53:47.0210 0x2e38  EntAppSvc - ok
21:53:47.0243 0x2e38  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc64.exe
21:53:47.0256 0x2e38  EpsonScanSvc - ok
21:53:47.0279 0x2e38  [ 3180E3A3EFDA196DE5B9980291CFE685, 31B735F04AC80D3BDA3872C77BC361D7E02DF081E31A3581A6C1A5B542EACF4F ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:53:47.0289 0x2e38  EraserUtilRebootDrv - ok
21:53:47.0295 0x2e38  ErrDev - ok
21:53:47.0314 0x2e38  [ BE8117569CAA36E03683CC1BACEA1347, F4C55264838166EFC8A05ED1BA36F13B9BAD500CC17204D4C814050B8C18E107 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
21:53:47.0325 0x2e38  ESProtectionDriver - ok
21:53:47.0329 0x2e38  EventSystem - ok
21:53:47.0345 0x2e38  exfat - ok
21:53:47.0347 0x2e38  fastfat - ok
21:53:47.0353 0x2e38  Fax - ok
21:53:47.0356 0x2e38  fdc - ok
21:53:47.0358 0x2e38  fdPHost - ok
21:53:47.0361 0x2e38  FDResPub - ok
21:53:47.0382 0x2e38  fhsvc - ok
21:53:47.0395 0x2e38  FileCrypt - ok
21:53:47.0398 0x2e38  FileInfo - ok
21:53:47.0470 0x2e38  Filetrace - ok
21:53:47.0565 0x2e38  flpydisk - ok
21:53:47.0568 0x2e38  FltMgr - ok
21:53:47.0598 0x2e38  FontCache - ok
21:53:47.0877 0x2e38  FontCache3.0.0.0 - ok
21:53:47.0902 0x2e38  FrameServer - ok
21:53:47.0905 0x2e38  FsDepends - ok
21:53:47.0907 0x2e38  Fs_Rec - ok
21:53:47.0920 0x2e38  fvevol - ok
21:53:47.0967 0x2e38  [ FFF0F0492B78CD0607D95E1819D05C4F, 5F6B6EE32BF62F394E02DB4BB00138B57FDCE02E73E63F1F3C623B85CDBE1072 ] GamingApp_Service C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
21:53:47.0976 0x2e38  GamingApp_Service - ok
21:53:48.0030 0x2e38  [ 4716347F3BE7BFE99DF197D1407E8966, 513CBE08992E172D7759442D272B5CF00411589BC601861AE71A9791B3A72EE0 ] GamingHotkey_Service C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
21:53:48.0085 0x2e38  GamingHotkey_Service - ok
21:53:48.0121 0x2e38  gencounter - ok
21:53:48.0135 0x2e38  genericusbfn - ok
21:53:48.0149 0x2e38  GPIOClx0101 - ok
21:53:48.0164 0x2e38  gpsvc - ok
21:53:48.0167 0x2e38  GpuEnergyDrv - ok
21:53:48.0213 0x2e38  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:53:48.0224 0x2e38  gupdate - ok
21:53:48.0230 0x2e38  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:53:48.0239 0x2e38  gupdatem - ok
21:53:48.0241 0x2e38  HDAudBus - ok
21:53:48.0244 0x2e38  HidBatt - ok
21:53:48.0256 0x2e38  HidBth - ok
21:53:48.0259 0x2e38  hidi2c - ok
21:53:48.0263 0x2e38  hidinterrupt - ok
21:53:48.0265 0x2e38  HidIr - ok
21:53:48.0271 0x2e38  hidserv - ok
21:53:48.0300 0x2e38  HidUsb - ok
21:53:48.0336 0x2e38  [ E7EF785213EB121023E670B4D28BC745, F1CFD528DC52F00FE738FDADFD285F4241702F41CE58A45F5A86A98AE066A19D ] hitmanpro37     C:\WINDOWS\system32\drivers\hitmanpro37.sys
21:53:48.0346 0x2e38  hitmanpro37 - ok
21:53:48.0365 0x2e38  HomeGroupListener - ok
21:53:48.0382 0x2e38  HomeGroupProvider - ok
21:53:48.0394 0x2e38  HpSAMD - ok
21:53:48.0410 0x2e38  HTTP - ok
21:53:48.0430 0x2e38  HvHost - ok
21:53:48.0446 0x2e38  hvservice - ok
21:53:48.0456 0x2e38  hwpolicy - ok
21:53:48.0458 0x2e38  hyperkbd - ok
21:53:48.0474 0x2e38  i8042prt - ok
21:53:48.0477 0x2e38  iagpio - ok
21:53:48.0480 0x2e38  iai2c - ok
21:53:48.0484 0x2e38  iaLPSS2i_GPIO2 - ok
21:53:48.0486 0x2e38  iaLPSS2i_I2C - ok
21:53:48.0532 0x2e38  [ 6BF4EA53040AAC9D42A6C4603F1EA069, 3951F7CE5E71D07E4CB3B29FDEA33F3B11403D228A12783BE062C1105EC29740 ] iaLPSS2_UART2   C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys
21:53:48.0549 0x2e38  iaLPSS2_UART2 - ok
21:53:48.0554 0x2e38  iaLPSSi_GPIO - ok
21:53:48.0556 0x2e38  iaLPSSi_I2C - ok
21:53:48.0561 0x2e38  iaStorAV - ok
21:53:48.0564 0x2e38  iaStorV - ok
21:53:48.0567 0x2e38  ibbus - ok
21:53:48.0762 0x2e38  icssvc - ok
21:53:49.0065 0x2e38  [ C30DB515D52B027A5D68D5B617F04C47, E2FBA5C736CF79C6052C28C703F99AB895DB8D3E5E7006425CEB7558AA8B0B83 ] IDSVia64        C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20170130.001\IDSvia64.sys
21:53:49.0088 0x2e38  IDSVia64 - ok
21:53:49.0105 0x2e38  IKEEXT - ok
21:53:49.0108 0x2e38  IndirectKmd - ok
21:53:49.0223 0x2e38  [ C90987B09CF3873F6444D577050D19EB, 44E2C63C57581A0F71A32E0F65E820E8E67879C375DB5B8E91CFF0ED51877DED ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:53:49.0341 0x2e38  IntcAzAudAddService - ok
21:53:49.0435 0x2e38  [ AE32376564771525DCDD2F0280619E1A, 233B7B272DCD9080DE7C9593EB7993745D1037EA87B69617E7176F074DFD5968 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:53:49.0478 0x2e38  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:53:49.0528 0x2e38  [ 618667DFB3E9E8D8AB98FD2ED8F6577C, 6F5FF6D710329E2B0FC390B29660B51FF73F41870F36EE567B2B34AD5044632A ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
21:53:49.0552 0x2e38  Intel(R) Security Assist - detected UnsignedFile.Multi.Generic ( 1 )
21:53:49.0930 0x2e38  Detect skipped due to KSN trusted
21:53:49.0930 0x2e38  Intel(R) Security Assist - ok
21:53:49.0952 0x2e38  intelide - ok
21:53:49.0963 0x2e38  intelpep - ok
21:53:50.0021 0x2e38  intelppm - ok
21:53:50.0144 0x2e38  iorate - ok
21:53:50.0156 0x2e38  IpFilterDriver - ok
21:53:50.0173 0x2e38  iphlpsvc - ok
21:53:50.0176 0x2e38  IPMIDRV - ok
21:53:50.0178 0x2e38  IPNAT - ok
21:53:50.0181 0x2e38  irda - ok
21:53:50.0183 0x2e38  IRENUM - ok
21:53:50.0199 0x2e38  irmon - ok
21:53:50.0218 0x2e38  [ 8E3D5F919D6FB66557219343BD948B3D, BCE103FA09C75BB705C029356BBBB921584B166813162424D8E3CED0D20CF24E ] isaHelperSvc    C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
21:53:50.0225 0x2e38  isaHelperSvc - detected UnsignedFile.Multi.Generic ( 1 )
21:53:50.0398 0x2e38  Detect skipped due to KSN trusted
21:53:50.0398 0x2e38  isaHelperSvc - ok
21:53:50.0401 0x2e38  isapnp - ok
21:53:50.0404 0x2e38  iScsiPrt - ok
21:53:50.0456 0x2e38  [ 4D9CACDAA9A538857C90A2066C74D258, 810473B5BE929A98EF867FDA59299AA796C621312EAFD257B0D8E4C16DF93F4A ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:53:50.0469 0x2e38  jhi_service - ok
21:53:50.0479 0x2e38  kbdclass - ok
21:53:50.0491 0x2e38  kbdhid - ok
21:53:50.0498 0x2e38  kdnic - ok
21:53:50.0501 0x2e38  KeyIso - ok
21:53:50.0513 0x2e38  KSecDD - ok
21:53:50.0539 0x2e38  KSecPkg - ok
21:53:50.0542 0x2e38  ksthunk - ok
21:53:50.0560 0x2e38  KtmRm - ok
21:53:50.0588 0x2e38  [ A4F66F1079129D44570F600BE3930298, 27319C82BE20DE62F0FA6C8415A4880B134832AEC52ECBAD92124C1706B92196 ] ladfGSS         C:\WINDOWS\system32\drivers\ladfGSS.sys
21:53:50.0597 0x2e38  ladfGSS - ok
21:53:50.0618 0x2e38  LanmanServer - ok
21:53:50.0630 0x2e38  LanmanWorkstation - ok
21:53:50.0644 0x2e38  lfsvc - ok
21:53:50.0655 0x2e38  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
21:53:50.0669 0x2e38  LGBusEnum - ok
21:53:50.0708 0x2e38  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
21:53:50.0717 0x2e38  LGCoreTemp - ok
21:53:50.0727 0x2e38  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
21:53:50.0740 0x2e38  LGJoyXlCore - ok
21:53:50.0757 0x2e38  LicenseManager - ok
21:53:50.0765 0x2e38  lltdio - ok
21:53:50.0768 0x2e38  lltdsvc - ok
21:53:50.0773 0x2e38  lmhosts - ok
21:53:50.0825 0x2e38  [ 706F68BC43A5B46A37009FA32C78ED10, 27847B5C50694902A3EB01BAC3432D42825EE9C98411DCB718A3B0C60CC0A4DB ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:53:50.0842 0x2e38  LMS - ok
21:53:50.0866 0x2e38  [ 4849FAB87E35A6396819B0FF65E2687E, C037E6AA44AFB93DC98E4BB0EF780381918F846C0B3E957902C5CFA8D4652CD4 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
21:53:50.0877 0x2e38  LogiRegistryService - ok
21:53:50.0953 0x2e38  LSI_SAS - ok
21:53:51.0058 0x2e38  LSI_SAS2i - ok
21:53:51.0061 0x2e38  LSI_SAS3i - ok
21:53:51.0063 0x2e38  LSI_SSS - ok
21:53:51.0086 0x2e38  LSM - ok
21:53:51.0089 0x2e38  luafv - ok
21:53:51.0102 0x2e38  MapsBroker - ok
21:53:51.0126 0x2e38  [ 0E4AD4D8C0A8048C00CAD9CFA082A26E, 77DE05486CA6A3DFAF7DDF249C27BE0CED7B678623D19419FE2B414BBA1E6F8E ] MBAMChameleon   C:\WINDOWS\system32\drivers\MBAMChameleon.sys
21:53:51.0181 0x2e38  MBAMChameleon - ok
21:53:51.0331 0x2e38  [ E8922903632E78D9E60375E117089088, DE4E17E923AF1DAE0F42990BFBBD35CE9E0FD0483059FEDAA7B5F98034ED23AF ] MBAMFarflt      C:\WINDOWS\system32\drivers\farflt.sys
21:53:51.0342 0x2e38  MBAMFarflt - ok
21:53:51.0361 0x2e38  [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection  C:\WINDOWS\system32\drivers\mbam.sys
21:53:51.0371 0x2e38  MBAMProtection - ok
21:53:51.0496 0x2e38  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
21:53:51.0635 0x2e38  MBAMService - ok
21:53:51.0664 0x2e38  [ BDE2FC7213C0897524C1357BAAE30239, 1E1AB68145107429217E07A662477C86406E0188BE9F01CAC416AC13054D1A5E ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:53:51.0694 0x2e38  MBAMSwissArmy - ok
21:53:51.0770 0x2e38  [ D6067E2128F6AE309F9F39EE69DE85A0, 9D172FF4CA5AED9FB7CAE8E75151A25AC34251202C4ECF563535C0DD2500AC3A ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
21:53:51.0807 0x2e38  MBAMWebProtection - ok
21:53:51.0828 0x2e38  megasas - ok
21:53:51.0849 0x2e38  megasas2i - ok
21:53:51.0881 0x2e38  megasr - ok
21:53:51.0933 0x2e38  [ 220B49994DCFAC3BB242A8C3047E58A2, B01EA1751CE80E357DB643938F603DAE11A7F88B7B1187D769C5A3209A932E64 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
21:53:51.0948 0x2e38  MEIx64 - ok
21:53:52.0003 0x2e38  MessagingService - ok
21:53:52.0061 0x2e38  mlx4_bus - ok
21:53:52.0124 0x2e38  MMCSS - ok
21:53:52.0268 0x2e38  Modem - ok
21:53:52.0489 0x2e38  monitor - ok
21:53:52.0519 0x2e38  mouclass - ok
21:53:52.0536 0x2e38  mouhid - ok
21:53:52.0552 0x2e38  mountmgr - ok
21:53:52.0555 0x2e38  mpsdrv - ok
21:53:52.0582 0x2e38  MpsSvc - ok
21:53:52.0641 0x2e38  MRxDAV - ok
21:53:52.0729 0x2e38  mrxsmb - ok
21:53:52.0737 0x2e38  mrxsmb10 - ok
21:53:52.0741 0x2e38  mrxsmb20 - ok
21:53:52.0745 0x2e38  MsBridge - ok
21:53:52.0756 0x2e38  MSDTC - ok
21:53:52.0761 0x2e38  Msfs - ok
21:53:52.0764 0x2e38  msgpiowin32 - ok
21:53:52.0766 0x2e38  mshidkmdf - ok
21:53:52.0769 0x2e38  mshidumdf - ok
21:53:52.0772 0x2e38  msisadrv - ok
21:53:52.0797 0x2e38  MSiSCSI - ok
21:53:52.0800 0x2e38  msiserver - ok
21:53:52.0819 0x2e38  [ A64CA10F655604155E1EFCC5463C1A2F, E0BB6F303745E4680C79B1383DD3E50863543C3A0C450B3E3671F5370E97ED9E ] MSI_ActiveX_Service C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
21:53:52.0828 0x2e38  MSI_ActiveX_Service - ok
21:53:52.0977 0x2e38  [ DB78646EBE90E09D61759EBFA0C790F2, 73FA01751CB37368B9B1BD22CFED750011F8A571A9FDAD3709379003CB84DF2F ] MSI_LiveUpdate_Service C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
21:53:53.0038 0x2e38  MSI_LiveUpdate_Service - ok
21:53:53.0044 0x2e38  MSKSSRV - ok
21:53:53.0046 0x2e38  MsLldp - ok
21:53:53.0064 0x2e38  MSPCLOCK - ok
21:53:53.0066 0x2e38  MSPQM - ok
21:53:53.0069 0x2e38  MsRPC - ok
21:53:53.0072 0x2e38  MsSecFlt - ok
21:53:53.0075 0x2e38  mssmbios - ok
21:53:53.0078 0x2e38  MSTEE - ok
21:53:53.0081 0x2e38  MTConfig - ok
21:53:53.0083 0x2e38  Mup - ok
21:53:53.0086 0x2e38  mvumis - ok
21:53:53.0096 0x2e38  NativeWifiP - ok
21:53:53.0112 0x2e38  NAVENG - ok
21:53:53.0113 0x2e38  NAVEX15 - ok
21:53:53.0130 0x2e38  NcaSvc - ok
21:53:53.0138 0x2e38  NcbService - ok
21:53:53.0140 0x2e38  NcdAutoSetup - ok
21:53:53.0143 0x2e38  ndfltr - ok
21:53:53.0151 0x2e38  NDIS - ok
21:53:53.0156 0x2e38  NdisCap - ok
21:53:53.0181 0x2e38  NdisImPlatform - ok
21:53:53.0183 0x2e38  NdisTapi - ok
21:53:53.0186 0x2e38  Ndisuio - ok
21:53:53.0189 0x2e38  NdisVirtualBus - ok
21:53:53.0191 0x2e38  NdisWan - ok
21:53:53.0194 0x2e38  ndiswanlegacy - ok
21:53:53.0197 0x2e38  ndproxy - ok
21:53:53.0200 0x2e38  Ndu - ok
21:53:53.0202 0x2e38  NetAdapterCx - ok
21:53:53.0205 0x2e38  NetBIOS - ok
21:53:53.0208 0x2e38  NetBT - ok
21:53:53.0243 0x2e38  [ 236613650B2E2C0DC59F6C28C60F32E1, A5519DA028BB638A8BCAD82C3BEB9E267B22A0DC7381B389A23FEFED422D44F5 ] NETGEARGenieDaemon C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
21:53:53.0255 0x2e38  NETGEARGenieDaemon - ok
21:53:53.0258 0x2e38  Netlogon - ok
21:53:53.0317 0x2e38  Netman - ok
21:53:53.0682 0x2e38  NetPipeActivator - ok
21:53:53.0697 0x2e38  netprofm - ok
21:53:53.0713 0x2e38  NetSetupSvc - ok
21:53:53.0714 0x2e38  NetTcpActivator - ok
21:53:53.0717 0x2e38  NetTcpPortSharing - ok
21:53:53.0721 0x2e38  NgcCtnrSvc - ok
21:53:53.0739 0x2e38  NgcSvc - ok
21:53:53.0743 0x2e38  NlaSvc - ok
21:53:53.0769 0x2e38  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF             C:\WINDOWS\system32\drivers\npf.sys
21:53:53.0779 0x2e38  NPF - ok
21:53:53.0797 0x2e38  Npfs - ok
21:53:53.0806 0x2e38  npsvctrig - ok
21:53:53.0855 0x2e38  [ 8A2D383AAFE84AFDA07F7E69EC723AD5, C0B36F5048376DCDCF7F6FED0285F5D4962A87A5ECAC391C4DE74D71CA5CAF96 ] NS              C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\NS.exe
21:53:53.0868 0x2e38  NS - ok
21:53:53.0884 0x2e38  nsi - ok
21:53:53.0886 0x2e38  nsiproxy - ok
21:53:53.0898 0x2e38  NTFS - ok
21:53:53.0932 0x2e38  [ 6126065AF2FC2639473D12EE3C0C198E, 09BEDBF7A41E0F8DABE4F41D331DB58373CE15B2E9204540873A1884F38BDDE1 ] NTIOLib_ACTIVE_X C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys
21:53:53.0940 0x2e38  NTIOLib_ACTIVE_X - ok
21:53:53.0967 0x2e38  [ 361A598D8BB92C13B18ABB7CAC850B01, EF86C4E5EE1DBC4F81CD864E8CD2F4A2A85EE4475B9A9AB698A4AE1CC71FBEB0 ] NTIOLib_MB      C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys
21:53:53.0975 0x2e38  NTIOLib_MB - ok
21:53:53.0989 0x2e38  Null - ok
21:53:54.0053 0x2e38  [ 62D705A1C4F8FBDD2941CCD2E9DEC206, 2E1F6127737D764AE6A35655C54ADE554333C3156CAA322C0FE5704A693A1BD7 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
21:53:54.0068 0x2e38  NvContainerLocalSystem - ok
21:53:54.0077 0x2e38  [ 62D705A1C4F8FBDD2941CCD2E9DEC206, 2E1F6127737D764AE6A35655C54ADE554333C3156CAA322C0FE5704A693A1BD7 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
21:53:54.0092 0x2e38  NvContainerNetworkService - ok
21:53:54.0108 0x2e38  [ 207A78939B7BBA0EFE8BFA947A35E71C, BB7DDFED575F81CAB958DDC7CFF2D798EB14DAE633F49FA2229D98BDC489C0EE ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
21:53:54.0120 0x2e38  NVHDA - ok
21:53:54.0132 0x2e38  NVIDIA Wireless Controller Service - ok
21:53:54.0462 0x2e38  [ B360CFC497FF8070E37AEEA92CEF14BC, 3172A296192640474E9B78A83C66079D916523F04D950AA56B65D570BED633FA ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_02838dee03d82b94\nvlddmkm.sys
21:53:54.0909 0x2e38  nvlddmkm - ok
21:53:54.0963 0x2e38  nvraid - ok
21:53:54.0966 0x2e38  nvstor - ok
21:53:55.0007 0x2e38  [ 6C672A80B4FBF160E2814EAE0AB3020B, FD5BDE067D29AA9FC20D7C571607D3AC351BFD65EF6E0C75374A2D9C0B17FED3 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:53:55.0016 0x2e38  NvStreamKms - ok
21:53:55.0092 0x2e38  [ 282423AA3B0648082647103A5C42B66C, 5C8DBE5A95C1232E7D0F84E6A8749550C0026F2139D136E94347C2FB2E772950 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
21:53:55.0108 0x2e38  NvTelemetryContainer - ok
21:53:55.0126 0x2e38  [ 47E9348591CAACC64E41C9FD88D17A5B, 5B7AECFD5D35F55BDA8E6137D80B72166EA7AA0DF075BF4615D8EE50656CDDAF ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
21:53:55.0136 0x2e38  nvvad_WaveExtensible - ok
21:53:55.0140 0x2e38  [ 61BD2E2560FD1C5E0A8B8738816A0B93, 1057A6C4F7D04E81BFFD5B806295B3A5D12DE4D13F66E8542426D83D97E68C97 ] nvvhci          C:\WINDOWS\System32\drivers\nvvhci.sys
21:53:55.0150 0x2e38  nvvhci - ok
21:53:55.0170 0x2e38  OneSyncSvc - ok
21:53:55.0251 0x2e38  [ D0C53C3BDEEA55C62028B47FB339C72E, BD12A20FCEB1FE96C9727A542CF56CC70A19DB3E1C01B86CFA7F32B8ABF81DB7 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:53:55.0264 0x2e38  ose - ok
21:53:55.0275 0x2e38  p2pimsvc - ok
21:53:55.0282 0x2e38  p2psvc - ok
21:53:55.0297 0x2e38  Parport - ok
21:53:55.0309 0x2e38  partmgr - ok
21:53:55.0328 0x2e38  PcaSvc - ok
21:53:55.0339 0x2e38  pci - ok
21:53:55.0350 0x2e38  pciide - ok
21:53:55.0353 0x2e38  pcmcia - ok
21:53:55.0356 0x2e38  pcw - ok
21:53:55.0373 0x2e38  pdc - ok
21:53:55.0417 0x2e38  [ A590C560859893891911111CA874A83D, AC7F8DA22268E061B5D97C505F2244864C9BFAA3397C32537B0012C6EA8D5EDE ] PDF24           C:\Program Files (x86)\PDF24\pdf24.exe
21:53:55.0437 0x2e38  PDF24 - ok
21:53:55.0451 0x2e38  PEAUTH - ok
21:53:55.0475 0x2e38  PeerDistSvc - ok
21:53:55.0479 0x2e38  percsas2i - ok
21:53:55.0482 0x2e38  percsas3i - ok
21:53:55.0524 0x2e38  PerfHost - ok
21:53:55.0537 0x2e38  PhoneSvc - ok
21:53:55.0546 0x2e38  PimIndexMaintenanceSvc - ok
21:53:55.0550 0x2e38  pla - ok
21:53:55.0562 0x2e38  PlugPlay - ok
21:53:55.0644 0x2e38  [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv          C:\WINDOWS\system32\drivers\pmxdrv.sys
21:53:55.0778 0x2e38  pmxdrv - ok
21:53:55.0782 0x2e38  PNRPAutoReg - ok
21:53:55.0785 0x2e38  PNRPsvc - ok
21:53:55.0799 0x2e38  PolicyAgent - ok
21:53:55.0805 0x2e38  Power - ok
21:53:55.0809 0x2e38  PptpMiniport - ok
21:53:56.0103 0x2e38  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:53:56.0230 0x2e38  PrintNotify - ok
21:53:56.0256 0x2e38  Processor - ok
21:53:56.0268 0x2e38  ProfSvc - ok
21:53:56.0275 0x2e38  Psched - ok
21:53:56.0285 0x2e38  QWAVE - ok
21:53:56.0289 0x2e38  QWAVEdrv - ok
21:53:56.0292 0x2e38  RasAcd - ok
21:53:56.0322 0x2e38  RasAgileVpn - ok
21:53:56.0352 0x2e38  RasAuto - ok
21:53:56.0355 0x2e38  Rasl2tp - ok
21:53:56.0362 0x2e38  RasMan - ok
21:53:56.0366 0x2e38  RasPppoe - ok
21:53:56.0370 0x2e38  RasSstp - ok
21:53:56.0417 0x2e38  [ 5753CD9159718444F6D9E1634B984BF5, A4D6FB6583724F3DDDBA768D7786EB7E3AB1C8074F66DA9462BBB159CDFA2868 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
21:53:56.0431 0x2e38  Razer Game Scanner Service - ok
21:53:56.0435 0x2e38  rdbss - ok
21:53:56.0452 0x2e38  rdpbus - ok
21:53:56.0456 0x2e38  RDPDR - ok
21:53:56.0489 0x2e38  RdpVideoMiniport - ok
21:53:56.0492 0x2e38  rdyboost - ok
21:53:56.0496 0x2e38  ReFSv1 - ok
21:53:56.0511 0x2e38  RemoteAccess - ok
21:53:56.0519 0x2e38  RemoteRegistry - ok
21:53:56.0534 0x2e38  RetailDemo - ok
21:53:56.0548 0x2e38  RmSvc - ok
21:53:56.0578 0x2e38  RpcEptMapper - ok
21:53:56.0590 0x2e38  RpcLocator - ok
21:53:56.0593 0x2e38  RpcSs - ok
21:53:56.0596 0x2e38  rspndr - ok
21:53:56.0633 0x2e38  [ D23AF14A8C26855B3D6CB5F8E32B08F3, 6B903B9C97CECE2AD41614F5129EB9E5DC5BC3AB6A3E28D51940CD1F414041FA ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
21:53:56.0675 0x2e38  rt640x64 - ok
21:53:56.0721 0x2e38  [ 4EAC4109FF3DD488C0F8D1D57588210E, A51E0F9EAB0B4C2B3284398916A10E12D45EB154CF7746C94AA90CE79DA0668E ] RTL8167         C:\WINDOWS\system32\DRIVERS\Rt64win7.sys
21:53:56.0765 0x2e38  RTL8167 - ok
21:53:56.0955 0x2e38  [ 30A186D6A2A2853EEFAD7011E212E41B, 367B8FCCF29470C9237FC1F0EAEB59AE51E33778BC9914A2730AC7DDBC84942B ] rzpmgrk         C:\WINDOWS\system32\drivers\rzpmgrk.sys
21:53:56.0965 0x2e38  rzpmgrk - ok
21:53:56.0987 0x2e38  [ B4598C05D5440250633E25933FFF42B0, A66D2FB7EF7350EA74D4290C57FB62BC59C6EA93F759D4CA93C3FEBCA7AEB512 ] rzpnk           C:\WINDOWS\system32\drivers\rzpnk.sys
21:53:56.0997 0x2e38  rzpnk - ok
21:53:57.0177 0x2e38  [ 9B07BB39BE7B684492EDDF4AA7CB3149, E9643182380BA2C02B6119B4A4E385C3C7E49B9C7F0B6A990E9E279F3D2BD648 ] RZSURROUNDVADService C:\WINDOWS\system32\drivers\RzSurroundVAD.sys
21:53:57.0188 0x2e38  RZSURROUNDVADService - ok
21:53:57.0344 0x2e38  [ BE5ACB5C994335037E5780F8BF1B2E42, 80755FF3E34F08AD3701AACE0A813C53DFF15C7CA128501F683F5340AB4CDB8B ] RzSurroundVADStreamingService C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
21:53:57.0464 0x2e38  RzSurroundVADStreamingService - ok
21:53:57.0491 0x2e38  s3cap - ok
21:53:57.0512 0x2e38  SamSs - ok
21:53:57.0531 0x2e38  sbp2port - ok
21:53:57.0552 0x2e38  SCardSvr - ok
21:53:57.0581 0x2e38  ScDeviceEnum - ok
21:53:57.0585 0x2e38  scfilter - ok
21:53:57.0588 0x2e38  Schedule - ok
21:53:57.0591 0x2e38  scmbus - ok
21:53:57.0594 0x2e38  scmdisk0101 - ok
21:53:57.0607 0x2e38  SCPolicySvc - ok
21:53:57.0621 0x2e38  [ 0447065A6E10774EFCECFDD0EB970A79, 384A9AC72E756F96D43EE4B144A466564476AFD8778092C979116BB29A514433 ] ScpVBus         C:\WINDOWS\System32\drivers\ScpVBus.sys
21:53:57.0631 0x2e38  ScpVBus - ok
21:53:57.0655 0x2e38  [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys
21:53:57.0664 0x2e38  ScreamBAudioSvc - ok
21:53:57.0681 0x2e38  sdbus - ok
21:53:57.0691 0x2e38  SDRSVC - ok
21:53:57.0694 0x2e38  sdstor - ok
21:53:57.0697 0x2e38  seclogon - ok
21:53:57.0709 0x2e38  SENS - ok
21:53:57.0711 0x2e38  Sense - ok
21:53:57.0729 0x2e38  SensorDataService - ok
21:53:57.0739 0x2e38  SensorService - ok
21:53:57.0742 0x2e38  SensrSvc - ok
21:53:57.0745 0x2e38  SerCx - ok
21:53:57.0747 0x2e38  SerCx2 - ok
21:53:57.0761 0x2e38  Serenum - ok
21:53:57.0765 0x2e38  Serial - ok
21:53:57.0769 0x2e38  sermouse - ok
21:53:57.0853 0x2e38  SessionEnv - ok
21:53:57.0863 0x2e38  sfloppy - ok
21:53:57.0878 0x2e38  SharedAccess - ok
21:53:57.0882 0x2e38  ShellHWDetection - ok
21:53:57.0895 0x2e38  shpamsvc - ok
21:53:57.0902 0x2e38  SiSRaid2 - ok
21:53:57.0906 0x2e38  SiSRaid4 - ok
21:53:57.0942 0x2e38  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:53:58.0005 0x2e38  SkypeUpdate - ok
21:53:58.0162 0x2e38  smphost - ok
21:53:58.0316 0x2e38  SmsRouter - ok
21:53:58.0325 0x2e38  SNMPTRAP - ok
21:53:58.0344 0x2e38  spaceport - ok
21:53:58.0348 0x2e38  SpbCx - ok
21:53:58.0362 0x2e38  Spooler - ok
21:53:58.0367 0x2e38  sppsvc - ok
21:53:58.0420 0x2e38  [ 77B9B8AAEEA1E6DECC53F7473A0B5C1E, 8B61E30B67C8CAEC4C61EBF9B34FB85105B36DF25F7A61294517EB394EFCAEC7 ] SRTSP           C:\WINDOWS\System32\Drivers\NSx64\1608010.00E\SRTSP64.SYS
21:53:58.0473 0x2e38  SRTSP - ok
21:53:58.0494 0x2e38  [ 95A3FB783462DB5D197E270EEA7DF531, DDF045A36D88AD10351D8AAEAC4A56FEB341DAA2CE2EAD1FF00CEB154816E4D3 ] SRTSPX          C:\WINDOWS\system32\drivers\NSx64\1608010.00E\SRTSPX64.SYS
21:53:58.0504 0x2e38  SRTSPX - ok
21:53:58.0524 0x2e38  srv - ok
21:53:58.0538 0x2e38  srv2 - ok
21:53:58.0555 0x2e38  srvnet - ok
21:53:58.0566 0x2e38  SSDPSRV - ok
21:53:58.0579 0x2e38  SstpSvc - ok
21:53:58.0613 0x2e38  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:53:58.0630 0x2e38  ssudmdm - ok
21:53:58.0656 0x2e38  StateRepository - ok
21:53:58.0722 0x2e38  [ 596DC69BB40A96FCA4B19D9D1E221E34, 3469D3B2E9A88E39C14AE2E3DD5EC3D91FBB88CA568D794555B397B50E64AB15 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:53:58.0771 0x2e38  Steam Client Service - ok
21:53:58.0798 0x2e38  stexstor - ok
21:53:58.0808 0x2e38  stisvc - ok
21:53:58.0824 0x2e38  storahci - ok
21:53:58.0827 0x2e38  storflt - ok
21:53:58.0831 0x2e38  stornvme - ok
21:53:58.0836 0x2e38  storqosflt - ok
21:53:58.0849 0x2e38  StorSvc - ok
21:53:58.0853 0x2e38  storufs - ok
21:53:58.0857 0x2e38  storvsc - ok
21:53:58.0863 0x2e38  svsvc - ok
21:53:58.0866 0x2e38  swenum - ok
21:53:58.0870 0x2e38  swprv - ok
21:53:58.0939 0x2e38  [ 81EAACC92D94E05AC1AC6019C0C6530D, 88A667FCE37751062A251383A44E1010B4C127D0E116C0C12EC1402A69F61434 ] SymEFASI        C:\WINDOWS\system32\drivers\NSx64\1608010.00E\SYMEFASI64.SYS
21:53:58.0993 0x2e38  SymEFASI - ok
21:53:59.0013 0x2e38  [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM         C:\WINDOWS\system32\drivers\NSx64\1608010.00E\SymELAM.sys
21:53:59.0027 0x2e38  SymELAM - ok
21:53:59.0048 0x2e38  [ E542C084F75E441550FB5D27B3557E96, 61691BD0587CD11DBA674F1C48F4C50049D964DC1C8B949925EA51097B89AA14 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:53:59.0058 0x2e38  SymEvent - ok
21:53:59.0075 0x2e38  [ 33F2551E1A387BC0FA69FB1D34C7F981, 00B6CADDA89C443479008DCF4D95E4B04D3F1CB5CE7BE7F53D9740FA57D397DE ] SymIRON         C:\WINDOWS\system32\drivers\NSx64\1608010.00E\Ironx64.SYS
21:53:59.0089 0x2e38  SymIRON - ok
21:53:59.0112 0x2e38  [ 7BBF917EBDBD1099410B90DA3B3E5D66, E5725B6FDDF57E32A8465E278A56FAD366E443C77B8DDDE594D8AB6602B05320 ] SymNetS         C:\WINDOWS\System32\Drivers\NSx64\1608010.00E\SYMNETS.SYS
21:53:59.0177 0x2e38  SymNetS - ok
21:53:59.0416 0x2e38  Synth3dVsc - ok
21:53:59.0550 0x2e38  SysMain - ok
21:53:59.0580 0x2e38  SystemEventsBroker - ok
21:53:59.0605 0x2e38  TabletInputService - ok
21:53:59.0608 0x2e38  TapiSrv - ok
21:53:59.0622 0x2e38  Tcpip - ok
21:53:59.0625 0x2e38  Tcpip6 - ok
21:53:59.0630 0x2e38  tcpipreg - ok
21:53:59.0649 0x2e38  tdx - ok
21:53:59.0653 0x2e38  terminpt - ok
21:53:59.0656 0x2e38  TermService - ok
21:53:59.0666 0x2e38  Themes - ok
21:53:59.0685 0x2e38  TieringEngineService - ok
21:53:59.0688 0x2e38  tiledatamodelsvc - ok
21:53:59.0691 0x2e38  TimeBrokerSvc - ok
21:53:59.0699 0x2e38  TPM - ok
21:53:59.0703 0x2e38  TrkWks - ok
21:53:59.0730 0x2e38  TrustedInstaller - ok
21:53:59.0734 0x2e38  tsusbflt - ok
21:53:59.0750 0x2e38  TsUsbGD - ok
21:53:59.0754 0x2e38  tsusbhub - ok
21:53:59.0757 0x2e38  tunnel - ok
21:53:59.0767 0x2e38  tzautoupdate - ok
21:53:59.0774 0x2e38  UASPStor - ok
21:53:59.0778 0x2e38  UcmCx0101 - ok
21:53:59.0781 0x2e38  UcmTcpciCx0101 - ok
21:53:59.0785 0x2e38  UcmUcsi - ok
21:53:59.0788 0x2e38  Ucx01000 - ok
21:53:59.0792 0x2e38  UdeCx - ok
21:53:59.0794 0x2e38  udfs - ok
21:53:59.0797 0x2e38  UEFI - ok
21:53:59.0801 0x2e38  UevAgentDriver - ok
21:53:59.0804 0x2e38  UevAgentService - ok
21:53:59.0808 0x2e38  Ufx01000 - ok
21:53:59.0810 0x2e38  UfxChipidea - ok
21:53:59.0815 0x2e38  ufxsynopsys - ok
21:53:59.0835 0x2e38  UI0Detect - ok
21:53:59.0838 0x2e38  umbus - ok
21:53:59.0841 0x2e38  UmPass - ok
21:53:59.0848 0x2e38  UmRdpService - ok
21:53:59.0860 0x2e38  UnistoreSvc - ok
21:53:59.0878 0x2e38  upnphost - ok
21:53:59.0932 0x2e38  UrsChipidea - ok
21:53:59.0937 0x2e38  UrsCx01000 - ok
21:53:59.0986 0x2e38  UrsSynopsys - ok
21:54:00.0035 0x2e38  usbaudio - ok
21:54:00.0059 0x2e38  usbccgp - ok
21:54:00.0064 0x2e38  usbcir - ok
21:54:00.0083 0x2e38  usbehci - ok
21:54:00.0087 0x2e38  usbhub - ok
21:54:00.0104 0x2e38  USBHUB3 - ok
21:54:00.0112 0x2e38  usbohci - ok
21:54:00.0116 0x2e38  usbprint - ok
21:54:00.0125 0x2e38  usbser - ok
21:54:00.0154 0x2e38  USBSTOR - ok
21:54:00.0157 0x2e38  usbuhci - ok
21:54:00.0161 0x2e38  USBXHCI - ok
21:54:00.0217 0x2e38  UserDataSvc - ok
21:54:00.0249 0x2e38  UserManager - ok
21:54:00.0283 0x2e38  UsoSvc - ok
21:54:00.0287 0x2e38  VaultSvc - ok
21:54:00.0291 0x2e38  vdrvroot - ok
21:54:00.0324 0x2e38  vds - ok
21:54:00.0366 0x2e38  VerifierExt - ok
21:54:00.0507 0x2e38  vhdmp - ok
21:54:00.0512 0x2e38  vhf - ok
21:54:00.0518 0x2e38  vmbus - ok
21:54:00.0521 0x2e38  VMBusHID - ok
21:54:00.0525 0x2e38  vmgid - ok
21:54:00.0531 0x2e38  vmicguestinterface - ok
21:54:00.0535 0x2e38  vmicheartbeat - ok
21:54:00.0538 0x2e38  vmickvpexchange - ok
21:54:00.0613 0x2e38  vmicrdv - ok
21:54:00.0617 0x2e38  vmicshutdown - ok
21:54:00.0623 0x2e38  vmictimesync - ok
21:54:00.0627 0x2e38  vmicvmsession - ok
21:54:00.0630 0x2e38  vmicvss - ok
21:54:00.0728 0x2e38  volmgr - ok
21:54:00.0732 0x2e38  volmgrx - ok
21:54:00.0735 0x2e38  volsnap - ok
21:54:00.0763 0x2e38  volume - ok
21:54:00.0772 0x2e38  vpci - ok
21:54:00.0776 0x2e38  vsmraid - ok
21:54:00.0780 0x2e38  VSS - ok
21:54:00.0786 0x2e38  VSTXRAID - ok
21:54:00.0802 0x2e38  vwifibus - ok
21:54:00.0805 0x2e38  vwififlt - ok
21:54:00.0810 0x2e38  vwifimp - ok
21:54:00.0821 0x2e38  W32Time - ok
21:54:00.0859 0x2e38  w3logsvc - ok
21:54:00.0866 0x2e38  W3SVC - ok
21:54:00.0869 0x2e38  WacomPen - ok
21:54:00.0877 0x2e38  WalletService - ok
21:54:00.0881 0x2e38  wanarp - ok
21:54:00.0886 0x2e38  wanarpv6 - ok
21:54:00.0903 0x2e38  WAS - ok
21:54:00.0909 0x2e38  wbengine - ok
21:54:00.0937 0x2e38  WbioSrvc - ok
21:54:00.0953 0x2e38  wcifs - ok
21:54:00.0958 0x2e38  Wcmsvc - ok
21:54:00.0963 0x2e38  wcncsvc - ok
21:54:00.0966 0x2e38  wcnfs - ok
21:54:00.0971 0x2e38  WdBoot - ok
21:54:00.0974 0x2e38  Wdf01000 - ok
21:54:00.0978 0x2e38  WdFilter - ok
21:54:00.0982 0x2e38  WdiServiceHost - ok
21:54:00.0985 0x2e38  WdiSystemHost - ok
21:54:00.0997 0x2e38  wdiwifi - ok
21:54:01.0001 0x2e38  WdNisDrv - ok
21:54:01.0024 0x2e38  WdNisSvc - ok
21:54:01.0028 0x2e38  WebClient - ok
21:54:01.0032 0x2e38  Wecsvc - ok
21:54:01.0036 0x2e38  WEPHOSTSVC - ok
21:54:01.0040 0x2e38  wercplsupport - ok
21:54:01.0044 0x2e38  WerSvc - ok
21:54:01.0048 0x2e38  WFPLWFS - ok
21:54:01.0067 0x2e38  WiaRpc - ok
21:54:01.0072 0x2e38  WIMMount - ok
21:54:01.0075 0x2e38  WinDefend - ok
21:54:01.0092 0x2e38  WindowsTrustedRT - ok
21:54:01.0096 0x2e38  WindowsTrustedRTProxy - ok
21:54:01.0108 0x2e38  WinHttpAutoProxySvc - ok
21:54:01.0125 0x2e38  WinMad - ok
21:54:01.0165 0x2e38  Winmgmt - ok
21:54:01.0184 0x2e38  WinRM - ok
21:54:01.0217 0x2e38  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
21:54:01.0254 0x2e38  WINUSB - ok
21:54:01.0258 0x2e38  WinVerbs - ok
21:54:01.0281 0x2e38  wisvc - ok
21:54:01.0300 0x2e38  WlanSvc - ok
21:54:01.0309 0x2e38  wlidsvc - ok
21:54:01.0313 0x2e38  WmiAcpi - ok
21:54:01.0319 0x2e38  wmiApSrv - ok
21:54:01.0343 0x2e38  WMPNetworkSvc - ok
21:54:01.0352 0x2e38  Wof - ok
21:54:01.0391 0x2e38  workfolderssvc - ok
21:54:01.0395 0x2e38  WPDBusEnum - ok
21:54:01.0409 0x2e38  WpdUpFltr - ok
21:54:01.0413 0x2e38  WpnService - ok
21:54:01.0417 0x2e38  WpnUserService - ok
21:54:01.0425 0x2e38  ws2ifsl - ok
21:54:01.0429 0x2e38  wscsvc - ok
21:54:01.0444 0x2e38  WSDPrintDevice - ok
21:54:01.0448 0x2e38  WSDScan - ok
21:54:01.0452 0x2e38  WSearch - ok
21:54:01.0478 0x2e38  wuauserv - ok
21:54:01.0481 0x2e38  WudfPf - ok
21:54:01.0486 0x2e38  WUDFRd - ok
21:54:01.0490 0x2e38  wudfsvc - ok
21:54:01.0493 0x2e38  WUDFWpdFs - ok
21:54:01.0497 0x2e38  WUDFWpdMtp - ok
21:54:01.0567 0x2e38  WwanSvc - ok
21:54:01.0691 0x2e38  XblAuthManager - ok
21:54:01.0710 0x2e38  XblGameSave - ok
21:54:01.0713 0x2e38  xboxgip - ok
21:54:01.0717 0x2e38  XboxNetApiSvc - ok
21:54:01.0789 0x2e38  xinputhid - ok
21:54:01.0916 0x2e38  xusb22 - ok
21:54:01.0917 0x2e38  ================ Scan global ===============================
21:54:01.0968 0x2e38  [ Global ] - ok
21:54:01.0973 0x2e38  ================ Scan MBR ==================================
21:54:01.0984 0x2e38  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:54:02.0459 0x2e38  \Device\Harddisk0\DR0 - ok
21:54:02.0459 0x2e38  ================ Scan VBR ==================================
21:54:02.0461 0x2e38  [ 589C5FE2AB859186A66EE43406A17513 ] \Device\Harddisk0\DR0\Partition1
21:54:02.0462 0x2e38  \Device\Harddisk0\DR0\Partition1 - ok
21:54:02.0486 0x2e38  [ 19DA33AA5D67B25C4DC1FC08D33FD13C ] \Device\Harddisk0\DR0\Partition2
21:54:02.0488 0x2e38  \Device\Harddisk0\DR0\Partition2 - ok
21:54:02.0488 0x2e38  ================ Scan generic autorun ======================
21:54:02.0705 0x2e38  [ 7F6A71A4E0C8D99679C780F4AF2AE8CD, ADB754096A0C74632BA8FF1014CCB6C5CE69CD60F1C8B7256F29900D51D2766F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:54:02.0916 0x2e38  RTHDVCPL - ok
21:54:02.0950 0x2e38  Logitech Download Assistant - ok
21:54:03.0380 0x2e38  [ 235C24048A1D641569E8F3A840229533, 662EA0EE64E94CE6EFF742C7E2230646C7E246690772DD666775CD68C34A5534 ] C:\Program Files\Logitech Gaming Software\LCore.exe
21:54:03.0715 0x2e38  Launch LCore - ok
21:54:03.0729 0x2e38  ShadowPlay - ok
21:54:03.0754 0x2e38  USB3MON - ok
21:54:03.0989 0x2e38  [ 89722F863034C0FAF1993912565BC4C8, 3EE88375882F91B04898922D7B03CF1A98A80EC09CC5386402E80F8EBE91A836 ] C:\Program Files (x86)\MSI\Live Update\Live Update.exe
21:54:04.0304 0x2e38  Live Update - ok
21:54:04.0360 0x2e38  [ 5BC25455079499A67A9D5F1CBBD692D7, 4B90A874F7583DD9C3D6275FA3D41E87934FC05AC28F90055BBF62A760F3ACA7 ] C:\Program Files (x86)\MSI\Gaming APP\SGamingApp.exe
21:54:04.0393 0x2e38  GammingApp - ok
21:54:04.0428 0x2e38  [ A590C560859893891911111CA874A83D, AC7F8DA22268E061B5D97C505F2244864C9BFAA3397C32537B0012C6EA8D5EDE ] C:\Program Files (x86)\PDF24\pdf24.exe
21:54:04.0438 0x2e38  PDFPrint - ok
21:54:04.0492 0x2e38  OneDriveSetup - ok
21:54:04.0494 0x2e38  OneDriveSetup - ok
21:54:04.0616 0x2e38  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\Holly\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:54:04.0642 0x2e38  OneDrive - ok
21:54:04.0854 0x2e38  [ 5710E80EAB62305C4FD4D968567448D2, BDC26F7A2313AB637FDBEEFCA705C5DF5C6F73F28F4BBB4C5FF2BB6B3F551CE6 ] C:\Program Files (x86)\Steam\steam.exe
21:54:04.0919 0x2e38  Steam - ok
21:54:04.0998 0x2e38  [ E11775E9CC132A91A0918E3C8A536343, 85FAB7BF6B69DA7992E216B230D62520F5F5F87EB003AC4B98394CD60AE369FC ] C:\Users\Holly\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:54:05.0043 0x2e38  Spotify Web Helper - ok
21:54:05.0408 0x2e38  Discord - ok
21:54:05.0442 0x2e38  [ 96FDEFF9E6351CDE97677F54D19B9BE3, 76BF8F27BDD4EE97B29BB6B64DAC2CAE5DCE8F988E41D90A491B50F9DC41AA75 ] C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
21:54:05.0465 0x2e38  NETGEARGenie - ok
21:54:05.0467 0x2e38  OneDriveSetup - ok
21:54:05.0467 0x2e38  Waiting for KSN requests completion. In queue: 83
21:54:06.0480 0x2e38  AV detected via SS2: Norton Security, C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\WSCStub.exe ( 22.8.0.0 ), 0x51000 ( enabled : updated )
21:54:06.0632 0x2e38  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
21:54:06.0661 0x2e38  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.138 ), 0x60000 ( disabled : updated )
21:54:06.0662 0x2e38  FW detected via SS2: Norton Security, C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\WSCStub.exe ( 22.8.0.0 ), 0x51010 ( enabled )
21:54:06.0806 0x2e38  ============================================================
21:54:06.0806 0x2e38  Scan finished
21:54:06.0806 0x2e38  ============================================================
21:54:06.0811 0x2b0c  Detected object count: 0
21:54:06.0811 0x2b0c  Actual detected object count: 0
         
__________________

Alt 01.02.2017, 21:59   #4
HollyMoll
 
Browser-Hijacker Problem! - Standard

Browser-Hijacker Problem!



Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von Holly (01-02-2017 21:49:30)
Gestartet von C:\Users\Holly\Downloads
Windows 10 Pro Version 1607 (X64) (2016-09-24 10:28:47)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2256983288-4039232147-3337602895-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2256983288-4039232147-3337602895-503 - Limited - Disabled)
Gast (S-1-5-21-2256983288-4039232147-3337602895-501 - Limited - Disabled)
Holly (S-1-5-21-2256983288-4039232147-3337602895-1000 - Administrator - Enabled) => C:\Users\Holly

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Ansel (Version: 378.49 - NVIDIA Corporation) Hidden
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version:  - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 7.0.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.2 - Crystal Dew World)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2256983288-4039232147-3337602895-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.52.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ForHonorBETA (HKLM-x32\...\Uplay Install 2184) (Version:  - Ubisoft)
Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
go te.comp-training (HKLM-x32\...\{905BF3AB-9FC8-40F8-8906-1A7C17C1EC48}) (Version: 7.5.6 - te.comp lernsysteme GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
InputMapper (HKLM-x32\...\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}) (Version: 1.6.10.19991 - DSDCS)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6965.2117 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.0.0.17 - MSI)
MSI Kombustor 2.5.9 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.021 - MSI)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.28.00 - NETGEAR Inc.)
Norton Security (HKLM-x32\...\NS) (Version: 22.8.1.14 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.49 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6965.2117 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6965.2117 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6965.2117 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF24 Creator 8.0.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.26 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1104 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7891 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skypeâ„¢ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2256983288-4039232147-3337602895-1000\...\Spotify) (Version: 1.0.31.56.g526cfefe - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader HD (HKLM\...\Steam App 40970) (Version:  - FireFly Studios)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)
Uplay (HKLM-x32\...\Uplay) (Version: 24.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04C42022-8D2D-4D68-8D0F-07EB25F61FC7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {0C020C1C-CAF6-4E5A-B5FE-01D1D3ED8824} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C33BC89-7C72-4A04-A5CE-037A3CABDA29} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-25] (Microsoft Corporation)
Task: {0CCDF6B7-3B2E-4FB2-A09F-252AC65FB916} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {0E31D044-42FD-4AA2-BEFA-BEF2295A9700} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0FE7B8FC-7E03-41E8-99DC-8769D7195393} - System32\Tasks\ExclusiveTool => C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe [2016-10-04] (InputMapper)
Task: {1B1ACBBB-3785-4369-AE08-6CC42BE0A3E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-01-03] (Microsoft Corporation)
Task: {2238F58F-2A86-43FE-B205-45D544AC97CD} - System32\Tasks\Norton Security\Norton Autofix => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation)
Task: {22FC1242-C79C-459D-9738-BB88C163E0B6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {25455349-1465-46AB-AFA9-50D817A2BFB9} - System32\Tasks\WiperSoft Startup => C:\Program Files\WiperSoft\WiperSoft.exe
Task: {26BAA076-7C58-4099-8E02-312A423A2EA5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\WSCStub.exe [2016-11-12] (Symantec Corporation)
Task: {2D9C97E6-E03F-4123-A772-26667F096FDD} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {2FF09123-5270-4EE5-BFF3-654BC693951B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3069E31D-F706-4410-B120-15F943CDE0DF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {40C309DC-7809-4384-83FA-731C7B071FB2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-01-03] (Microsoft Corporation)
Task: {496AD2F2-0351-4FC9-8938-EBD2FEC57EF4} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation)
Task: {4DB67DF2-383F-49C1-B16B-997AA83936D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {4FFA9DD2-1040-4DC6-A380-E590FB87785D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {53474E27-C02A-4998-9D90-707D1BBC66B0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {578947BA-31C1-476E-976B-13CCD13D6566} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {6156868B-0176-4D56-9A71-3ABDC6D425CE} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6715E82A-2AED-4324-8336-16638CE9D1D7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {68C11BAE-70CE-4AC0-8B81-B7A89FC61C5E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6E326184-FC89-4CA2-B949-451FCB309C61} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {71F235D2-C096-44F2-B333-67B914764FAE} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {73E43204-7EC1-4F1B-A27A-2FA5DC3946A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-04] (Google Inc.)
Task: {767086ED-B07F-45EF-98C5-386D0EA26D6F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-11-12] (Symantec Corporation)
Task: {78F74DE1-C2F8-46C1-9915-CC9045612A18} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {7D2C45CF-BADB-44D8-9FC8-219B561FACA5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {7DC76973-858D-4770-8052-E55DC5BE48F9} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {84025861-DD0B-43E5-9294-166F35B71463} - System32\Tasks\EPSON XP-215 217 Series Update {A8DB7131-AABE-43AD-B3E2-CF9C93EC80DD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {86D81BD2-D721-442A-AE12-7D2461EE4339} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {8A0005C1-3D3D-4E66-B484-10F59827F74C} - System32\Tasks\EPSON XP-215 217 Series Invitation {A8DB7131-AABE-43AD-B3E2-CF9C93EC80DD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {8A70491D-8D08-40B4-B4D4-0FA9B8B381C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-01-03] (Microsoft Corporation)
Task: {96AB2196-B000-47D4-95AA-7A409BA7261A} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation)
Task: {9E112784-22A0-407A-A681-316FA70ABC86} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {9E2C14F9-3831-4643-8B34-1BEA70D410C9} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {A8BE6B47-9CC0-4DB3-910B-17EBDA6F08A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-04] (Google Inc.)
Task: {B18A7156-80DD-492F-A3A7-67232AE2CBCD} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C3503D67-9C43-4419-B6CD-76C2C50AD6BF} - System32\Tasks\EPSON XP-215 217 Series Invitation {2E16983D-BC6F-4A93-9DCF-5423C58A5723} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {C4DFDD8B-C15B-4868-83C6-A48C29D54401} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {C67468AA-E9F4-48EC-9FF6-810BD11FE72E} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {C7C3ABCF-727A-4FAF-9854-ED531C6903D0} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {C7D37282-AC0B-4BCE-BF61-ADE43DA3232D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {CA2F00D0-9C1C-418F-811F-D0C24DC78147} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: {CAC68DAB-3150-4AE2-992F-DF5348239FB6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CDDD9C32-E640-45D7-A404-1FD9C371BB42} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-25] (Microsoft Corporation)
Task: {D779215B-9B00-4B73-AD60-BE8C5839778A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D7D4E69A-646F-449E-8B69-041E4E94C536} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {D9BF55E3-BB2C-4B7A-8B84-CB246945FBE7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E8953EAE-5753-4044-A90F-3D9C3DB8FA91} - System32\Tasks\EPSON XP-215 217 Series Update {2E16983D-BC6F-4A93-9DCF-5423C58A5723} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {ED270E20-37F3-43FD-A2B9-6433F9E754A6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EE9543AD-E75D-40BF-90C7-A6E85CD55193} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F15B107A-EEF4-457D-9D56-D13A1F765834} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F3B512A1-0E4B-442D-98A5-8EAA86F1257E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {FD0CCBA8-2BB3-4706-AF19-FCDC82ED85B8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Invitation {2E16983D-BC6F-4A93-9DCF-5423C58A5723}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Invitation {A8DB7131-AABE-43AD-B3E2-CF9C93EC80DD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Update {2E16983D-BC6F-4A93-9DCF-5423C58A5723}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE :/EXE:{2E16983D-BC6F-4A93-9DCF-5423C58A5723} /F:Update  WORKGROUP\HOLLY_MOLLY_PC$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Update {A8DB7131-AABE-43AD-B3E2-CF9C93EC80DD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE :/EXE:{A8DB7131-AABE-43AD-B3E2-CF9C93EC80DD} /F:Update  WORKGROUP\HOLLY_MOLLY_PC$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 19:48 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-08 13:15 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-08 13:15 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-12-13 19:48 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-24 11:35 - 2016-09-24 11:35 - 00959168 _____ () C:\Users\Holly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-24 10:58 - 2017-01-20 16:13 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-13 19:51 - 2016-06-14 15:35 - 00187392 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\D3D11FontDraw.dll
2016-09-24 11:50 - 2016-09-24 11:50 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 17:59 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 17:59 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 17:59 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 17:59 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 17:59 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 17:59 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-23 15:43 - 2017-01-23 15:44 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-01-23 15:43 - 2017-01-23 15:44 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-01-23 15:43 - 2017-01-23 15:44 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 14:14 - 2016-12-14 14:15 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\roottools.dll
2016-12-14 22:44 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 22:44 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-02-04 19:43 - 2013-04-09 11:05 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2016-08-13 18:54 - 2005-07-18 12:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-02-04 19:33 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-08 13:15 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-08 13:15 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-13 19:51 - 2016-06-14 15:35 - 00163328 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\D3D11FontDraw.dll
2016-02-04 19:54 - 2016-12-23 19:28 - 00657184 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-02-04 19:54 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-02-04 19:54 - 2017-01-19 02:30 - 02327840 _____ () C:\Program Files (x86)\Steam\video.dll
2016-02-04 19:54 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-02-04 19:54 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-02-04 19:54 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-02-04 19:54 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-02-04 19:54 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-02-04 19:54 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-02-04 19:54 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-02-04 19:54 - 2017-01-19 02:30 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 17:05 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-01-12 14:12 - 2017-01-04 14:28 - 01958912 _____ () C:\Users\Holly\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-12 14:13 - 2017-01-12 14:13 - 01082880 _____ () \\?\C:\Users\Holly\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-12 14:13 - 2017-01-12 14:13 - 03750400 _____ () \\?\C:\Users\Holly\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-12 14:13 - 2017-01-12 14:13 - 00914432 _____ () \\?\C:\Users\Holly\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-12 14:13 - 2017-01-12 14:13 - 01127424 _____ () \\?\C:\Users\Holly\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2016-07-16 12:42 - 2016-07-16 12:42 - 01872384 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00638976 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSLoc_OneCore.DLL
2016-09-24 11:35 - 2016-09-24 11:35 - 00679624 _____ () C:\Users\Holly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-09-08 13:16 - 2017-01-20 19:38 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-13 16:56 - 2017-01-05 04:12 - 68813088 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-02-04 19:54 - 2017-01-19 02:30 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-02-04 19:43 - 2013-01-22 14:40 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2016-02-04 19:43 - 2013-04-02 13:41 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2016-02-04 19:43 - 2013-05-07 11:16 - 00138752 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2016-02-04 19:43 - 2013-05-07 11:16 - 00115712 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2016-12-01 09:59 - 2016-12-01 09:59 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-01-12 14:12 - 2017-01-04 14:28 - 02278912 _____ () C:\Users\Holly\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-12 14:12 - 2017-01-04 14:28 - 00096768 _____ () C:\Users\Holly\AppData\Local\Discord\app-0.0.297\libegl.dll
2016-08-13 19:51 - 2016-06-01 14:50 - 00785360 _____ () C:\Program Files (x86)\MSI\Gaming APP\Lib\USB_DLL.dll
2017-02-01 18:23 - 2017-02-01 18:23 - 00148992 _____ () \\?\C:\Users\Holly\AppData\Local\Temp\C04D.tmp.node
2017-01-12 14:13 - 2017-01-12 14:13 - 02658304 _____ () \\?\C:\Users\Holly\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-12 14:14 - 2017-01-12 14:14 - 02130432 _____ () \\?\C:\Users\Holly\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2016-09-08 13:16 - 2017-01-20 14:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-08 13:16 - 2017-01-20 14:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-08 13:16 - 2017-01-20 14:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-08 13:16 - 2017-01-20 14:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-08 13:16 - 2017-01-20 14:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-08 13:16 - 2017-01-20 14:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-08 13:16 - 2017-01-20 14:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-18 00:11 - 2017-01-20 14:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2016-03-16 00:54 - 2016-03-16 00:54 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Holly:Heroes & Generals [38]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-04 21:16 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2256983288-4039232147-3337602895-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Holly\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 213.153.32.129 - 213.153.32.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKU\S-1-5-21-2256983288-4039232147-3337602895-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_81F935DA227F112D34979B3A7C535B89"
HKU\S-1-5-21-2256983288-4039232147-3337602895-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2256983288-4039232147-3337602895-1000\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [{D6F9427F-9565-4D37-A0D2-7CB7F417C3C8}] => C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [UDP Query User{815B592F-E1F1-4387-B749-31CB3EFF098C}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{D8EC8BA0-3336-4209-B6D7-DFFC159A65C3}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{3DDAFE98-60C3-4CF9-BF3C-23FA03794857}] => C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{84C9C1C0-E37A-4793-8AC6-C94D31084A90}] => C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{BAE466AC-836B-4A27-A826-E99C7AC536ED}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F4955415-1718-483F-AB49-692E828F2D25}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{78BD5F52-83BA-4D53-9046-E02C0D289F70}] => C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{DC6B8624-52D8-493A-9D06-9A624867DCE8}] => C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{EFF51410-E480-48FB-8EB2-B20D72496503}] => C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{1F133CC1-9DD9-41E5-A0CF-1D62CDEBF645}] => C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [UDP Query User{F9C1DFCE-B30C-4987-B4CD-8BF4DAD1CCDE}C:\program files (x86)\msi\gaming app\gamingapp.exe] => C:\program files (x86)\msi\gaming app\gamingapp.exe
FirewallRules: [TCP Query User{300CC067-6F75-467E-9CCF-344350557506}C:\program files (x86)\msi\gaming app\gamingapp.exe] => C:\program files (x86)\msi\gaming app\gamingapp.exe
FirewallRules: [UDP Query User{8416B869-A902-4B86-9600-CCB9F943308F}C:\program files (x86)\electronic arts\eadm\core.exe] => C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{781D3ED6-F56D-404F-8B30-8EFF586F1CB1}C:\program files (x86)\electronic arts\eadm\core.exe] => C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{43774371-AF01-4CAF-A95F-30055E74A09F}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0339F859-D551-4630-9B65-E87493F8414F}] => D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{8E9D159A-5622-4635-AA95-6783C6E8049B}] => D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{DC6DE814-932B-473A-B81C-1E23F1D6A578}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{EB6C20F6-216F-419E-8776-C320A9DCBE56}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{A9A153EB-C251-4A00-AA64-9DFA947A6831}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{EB0C96EB-7701-456B-A60C-7901A43AFF3C}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{450D259C-A735-454B-9095-2D78DEFD3528}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E6B593CA-14DA-4B78-9ADB-06698C7DDF3B}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A0015DE7-8A1C-4F28-B201-00D290CC4ED7}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{22CEC450-3142-42ED-92C3-AA0F761BA57D}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{51E3DE1B-5C9E-4169-A376-793885DA1EE7}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FD8FED00-B3AB-40C7-BE8B-271E746D5ADB}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B67CA953-D402-4A6D-95DD-2476BBFC3A9C}] => C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{B35097B8-69FD-4435-9D20-9AEF19BA070D}] => C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{6E2138CB-208F-4A2B-9000-8A5AD8E6934F}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{7D022FCB-E237-4F69-BF91-EA8E595C737D}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{16F3F542-0AF7-4352-9860-92C079C882DD}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{8DEC293B-F6CE-4FFE-B86A-4BEE20A383C3}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{80F4F38A-6646-4317-9FB5-B1DC98D7D0E8}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{A6D02F26-6935-48BF-99BB-DF71125D4B4D}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{A5718637-16AA-4E04-AAEF-DDAEDA9944EB}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{EC466CC9-E7D9-49E4-9AE8-80932825EB52}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{95028F3B-F664-41A6-B339-E150FA15B7FF}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{F3001D89-C538-4C64-8831-931480CE23C3}] => C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{A66A4110-DC6F-4957-B089-FE7A9A9F4D4C}] => C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{9099A051-5B33-4687-9143-A3CFC07104AE}] => C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{D04E97FE-3B86-4BDF-AA25-5E472EA62329}] => C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{019B22CA-BEA2-4F0F-848D-9BA6C47C40AB}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B4CBA78D-520B-4D17-8ED4-E55947AEA1C5}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6C76145E-3209-435F-88D9-D6C07950FEC2}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4A7BFEDF-FFE3-4E28-8A8D-9A63258546F7}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{C378D533-FC25-440E-8D2E-3A586724353D}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{39DD7EA9-2093-4981-BA88-0FACB53B3513}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D93D16D6-00DA-423A-913E-6891F6304025}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C1415162-4BA6-43F1-BF3F-B52DD31AD3E6}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F5B84088-A4A3-440A-9831-669EA6DE4E4D}] => C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{6843945F-3808-4F2E-A2B8-3BD2BC32C0A7}] => C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{705B140A-E5DA-4BEC-ABF0-684E16CB6938}] => LPort=26789

==================== Wiederherstellungspunkte =========================

19-01-2017 18:49:23 Geplanter Prüfpunkt
25-01-2017 22:31:35 Windows Update
29-01-2017 20:05:18 Wiederherstellungsvorgang

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/01/2017 06:21:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MSI_ActiveX_Service.exe, Version: 1.0.0.7, Zeitstempel: 0x57917613
Name des fehlerhaften Moduls: ActiveX_Resource_Monitor.dll, Version: 1.0.0.7, Zeitstempel: 0x57917617
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003910
ID des fehlerhaften Prozesses: 0xa40
Startzeit der fehlerhaften Anwendung: 0x01d27cafa4fe9f9b
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\ActiveX_Resource_Monitor.dll
Berichtskennung: 577c7a03-094b-4e51-9fb7-9b822ae01437
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/01/2017 06:21:39 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: MSI_ActiveX_Service.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 6F133910

Error: (02/01/2017 06:19:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HitmanPro.exe, Version: 3.7.15.281, Zeitstempel: 0x57fb56a4
Name des fehlerhaften Moduls: HitmanPro.exe, Version: 3.7.15.281, Zeitstempel: 0x57fb56a4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000002bf385
ID des fehlerhaften Prozesses: 0x9f8
Startzeit der fehlerhaften Anwendung: 0x01d27cae0a5f68ef
Pfad der fehlerhaften Anwendung: C:\Program Files\HitmanPro\HitmanPro.exe
Pfad des fehlerhaften Moduls: C:\Program Files\HitmanPro\HitmanPro.exe
Berichtskennung: 962da795-151e-4f3f-90d0-535aa6ae8f33
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/01/2017 06:07:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Holly_Molly_PC)
Description: Bei der Aktivierung der App „Microsoft.Getstarted_4.4.11.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/01/2017 06:02:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Holly_Molly_PC)
Description: Bei der Aktivierung der App „Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/01/2017 06:00:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MSI_ActiveX_Service.exe, Version: 1.0.0.7, Zeitstempel: 0x57917613
Name des fehlerhaften Moduls: ActiveX_Resource_Monitor.dll, Version: 1.0.0.7, Zeitstempel: 0x57917617
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003910
ID des fehlerhaften Prozesses: 0xa80
Startzeit der fehlerhaften Anwendung: 0x01d27cacbf27c815
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\ActiveX_Resource_Monitor.dll
Berichtskennung: 1d9e4039-c90f-45d1-a01e-634fdaed2f51
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/01/2017 06:00:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: MSI_ActiveX_Service.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 70F53910

Error: (01/31/2017 09:18:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MSI_ActiveX_Service.exe, Version: 1.0.0.7, Zeitstempel: 0x57917613
Name des fehlerhaften Moduls: ActiveX_Resource_Monitor.dll, Version: 1.0.0.7, Zeitstempel: 0x57917617
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003910
ID des fehlerhaften Prozesses: 0xac0
Startzeit der fehlerhaften Anwendung: 0x01d27bff212a54ba
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\ActiveX_Resource_Monitor.dll
Berichtskennung: d5434cd8-e987-487f-9ee1-73503f96bb76
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/31/2017 09:18:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: MSI_ActiveX_Service.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 6ED13910

Error: (01/31/2017 09:16:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


Systemfehler:
=============
Error: (02/01/2017 06:21:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MSI_ActiveX_Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/01/2017 06:21:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/01/2017 06:21:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (02/01/2017 06:20:44 PM) (Source: DCOM) (EventID: 10005) (User: Holly_Molly_PC)
Description: Fehler "1084" in DCOM, als der Dienst "ShellHWDetection" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/01/2017 06:20:35 PM) (Source: DCOM) (EventID: 10005) (User: Holly_Molly_PC)
Description: Fehler "1084" in DCOM, als der Dienst "ShellHWDetection" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/01/2017 06:20:28 PM) (Source: DCOM) (EventID: 10005) (User: Holly_Molly_PC)
Description: Fehler "1084" in DCOM, als der Dienst "ShellHWDetection" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/01/2017 06:19:51 PM) (Source: DCOM) (EventID: 10005) (User: Holly_Molly_PC)
Description: Fehler "1084" in DCOM, als der Dienst "WSearch" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (02/01/2017 06:19:50 PM) (Source: DCOM) (EventID: 10005) (User: Holly_Molly_PC)
Description: Fehler "1084" in DCOM, als der Dienst "ShellHWDetection" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/01/2017 06:19:46 PM) (Source: DCOM) (EventID: 10005) (User: Holly_Molly_PC)
Description: Fehler "1084" in DCOM, als der Dienst "WSearch" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (02/01/2017 06:19:46 PM) (Source: DCOM) (EventID: 10005) (User: Holly_Molly_PC)
Description: Fehler "1084" in DCOM, als der Dienst "WSearch" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


CodeIntegrity:
===================================
  Date: 2016-10-20 22:08:59.639
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-20 22:08:59.610
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-20 22:08:59.588
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-20 22:08:59.540
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-20 22:08:59.509
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-20 22:08:59.469
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-20 22:08:58.316
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-20 22:08:57.878
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-20 22:07:44.119
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-20 22:07:44.080
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 8154.91 MB
Verfügbarer physikalischer RAM: 4440.36 MB
Summe virtueller Speicher: 10714.91 MB
Verfügbarer virtueller Speicher: 5706.67 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:575.7 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 08955EAD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================
         

Alt 02.02.2017, 17:33   #5
M-K-D-B
/// TB-Ausbilder
 
Browser-Hijacker Problem! - Standard

Browser-Hijacker Problem!



Servus,




Du hast da mindestens eine illegale/gecrackte Software auf deinem Rechner:
Microsoft Office 365 ProPlus


Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter, wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 02.02.2017, 20:10   #6
HollyMoll
 
Browser-Hijacker Problem! - Standard

Browser-Hijacker Problem!



Komisch, da die eigentlich von meiner Schule ist...

Ich informier mich dahingegen mal.

Alt 02.02.2017, 21:43   #7
M-K-D-B
/// TB-Ausbilder
 
Browser-Hijacker Problem! - Standard

Browser-Hijacker Problem!



Servus,


mit dieser Software wird Office illegal freigeschalten/aktiviert:
Zitat:
Task: {CA2F00D0-9C1C-418F-811F-D0C24DC78147} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 02.02.2017, 22:02   #8
HollyMoll
 
Browser-Hijacker Problem! - Standard

Browser-Hijacker Problem!



Also lösch ich einfach Office runter, und dann gehts weiter?

Alt 02.02.2017, 22:04   #9
M-K-D-B
/// TB-Ausbilder
 
Browser-Hijacker Problem! - Standard

Browser-Hijacker Problem!



Zitat:
Zitat von HollyMoll Beitrag anzeigen
Also lösch ich einfach Office runter, und dann gehts weiter?
ja. Über die Systemsteuerung deinstallieren, dann nochmal FRST zur Kontrolle.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 05.02.2017, 13:47   #10
M-K-D-B
/// TB-Ausbilder
 
Browser-Hijacker Problem! - Standard

Browser-Hijacker Problem!



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Antwort

Themen zu Browser-Hijacker Problem!
aufgabe, entferne, folge, folgendes, hoffe, konnte, lösung, meinem, problem, schwere, titel, youtube



Ähnliche Themen: Browser-Hijacker Problem!


  1. Browser-Hijacker - Chrome
    Plagegeister aller Art und deren Bekämpfung - 09.10.2016 (10)
  2. Windows 8.1 - Versteckter Adware Browser-Hijacker öffnet Werbefenster in jedem Browser - PS4UX.com
    Log-Analyse und Auswertung - 12.08.2016 (1)
  3. Browser Hijacker Terraclicks
    Log-Analyse und Auswertung - 18.01.2016 (27)
  4. Browser Hijacker?
    Plagegeister aller Art und deren Bekämpfung - 19.11.2013 (17)
  5. 95p.com Browser Hijacker Virus
    Log-Analyse und Auswertung - 13.01.2012 (12)
  6. Problem mit smitfraud Browser Hijacker entfernen
    Log-Analyse und Auswertung - 15.02.2008 (4)
  7. Browser Hijacker ?
    Plagegeister aller Art und deren Bekämpfung - 17.06.2007 (10)
  8. browser hijacker
    Mülltonne - 09.04.2007 (1)
  9. Browser Hijacker 9991.com
    Log-Analyse und Auswertung - 29.04.2006 (7)
  10. cws.loadadv.400 Browser Hijacker
    Plagegeister aller Art und deren Bekämpfung - 11.04.2006 (2)
  11. Browser HiJacker wer weiss Rat?
    Log-Analyse und Auswertung - 18.09.2005 (5)
  12. Browser Hijacker
    Log-Analyse und Auswertung - 31.01.2005 (3)
  13. Browser-Hijacker
    Log-Analyse und Auswertung - 11.11.2004 (13)
  14. was ist das?? browser hijacker??
    Log-Analyse und Auswertung - 09.11.2004 (2)
  15. Hilfe - Browser-Hijacker
    Log-Analyse und Auswertung - 17.09.2004 (18)
  16. Browser Übergreifender Hijacker ??
    Log-Analyse und Auswertung - 22.08.2004 (2)
  17. Browser Hijacker
    Log-Analyse und Auswertung - 30.06.2004 (5)

Zum Thema Browser-Hijacker Problem! - Sehr geehrte Damen und Herren, wie Sie oben schon im Titel lesen konnten, habe ich folgendes Problem, mein PC wird von Browser-Hijackern heimgesucht. Einer dieser ist das bekannt SearchPlusNetwork das - Browser-Hijacker Problem!...
Archiv
Du betrachtest: Browser-Hijacker Problem! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.