Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Avast - svchost geblockt Malware Link

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 15.02.2017, 16:54   #1
pitti911
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



Liebes Team,

Ich habe heute folgende Warnung von Avast! bekommen:

Code:
ATTFilter
15.02.2017 13:43:56	https://131.253.61.84/ [L] URL:Mal (0)
15.02.2017 13:44:30	https://131.253.61.84/ [L] URL:Mal (0)
15.02.2017 13:45:02	https://131.253.61.84/ [L] URL:Mal (0)
15.02.2017 13:45:34	https://131.253.61.84/ [L] URL:Mal (0)
         
mit der Information, dass ein svchost-Prozess versucht hat, diese IP-Adressen aufzurufen.
Dabei habe ich zu diesem Zeitpunkt nicht am Rechner gesessen und wurde nur durch die Audio-Meldung auf die Warnung aufmerksam.

Danke im Voraus für eure Hilfe!
Daniel

EDIT sagt:
Mein Betriebssystem ist Windows 10. Das habe ich vergessen mit zu schreiben.
EDIT Ende

Ich habe bisher den FRST-Scan gemacht, dazu hier die Log-Dateien:

FRST.TXT (Anmerkung: Ich habe den Klarnamen eines bekannten im Bereich erstellte Dateien und Ordner zensiert, sowie meinen microsoft-Login-Namen zensiert)
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 01
durchgeführt von danie (Administrator) auf DESKTOP-9T9O37C (15-02-2017 16:06:09)
Gestartet von C:\Users\danie\Desktop
Geladene Profile: danie (Verfügbare Profile: defaultuser0 & danie)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2085160 2010-03-05] (Synaptics Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15853176 2016-08-03] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6806144 2010-06-24] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [OneDrive] => C:\Users\danie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1517280 2017-02-07] (Microsoft Corporation) <===== ACHTUNG
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify Web Helper] => C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify] => C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe [7133808 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [GoogleChromeAutoLaunch_1DE2210685523D121EF41F74D365AD10] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [22982848 2016-12-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PixelRuler.lnk [2016-08-11]
ShortcutTarget: PixelRuler.lnk -> C:\Program Files (x86)\PixelRuler\PixelRuler.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{65b17e8d-7930-436e-a952-581958886376}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{90200e0b-80c6-4e80-8828-16c1b94ed4fe}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-12]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\Chem3D\npChem3DPlugin.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\npcdp32.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2017-02-15]
CHR Extension: (Google Präsentationen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-04]
CHR Extension: (Flash Video Downloader) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-12-03]
CHR Extension: (Google Docs) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-04]
CHR Extension: (Google Drive) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-04]
CHR Extension: (YouTube) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-04]
CHR Extension: (Adblock Plus) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-28]
CHR Extension: (Video Downloader professional) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-22]
CHR Extension: (Google Tabellen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-04]
CHR Extension: (Full Screen Weather) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-04]
CHR Extension: (Hide My AdBlocker) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2016-11-10]
CHR Extension: (Avast Online Security) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Beebs - Access BBC iPlayer) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmliiafmgjkgkfadkpomlefdllhajdi [2017-01-08]
CHR Extension: (Weather Underground) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2016-08-04]
CHR Extension: (Google Mail) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-08]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
S2 IBG_gds_db; C:\Program Files (x86)\Embarcadero\Studio\18.0\InterBaseXE7\bin\ibguard.exe [636744 2016-02-25] (Embarcadero Technologies, Inc.)
S3 IBS_gds_db; C:\Program Files (x86)\Embarcadero\Studio\18.0\InterBaseXE7\bin\ibserver.exe [5587272 2016-02-25] (Embarcadero Technologies, Inc.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-03] (Logitech Inc.)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-17] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-01-16] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-15 16:06 - 2017-02-15 16:06 - 00029608 _____ C:\Users\danie\Desktop\FRST.txt
2017-02-15 16:05 - 2017-02-15 16:06 - 00000000 ____D C:\FRST
2017-02-15 16:03 - 2017-02-15 16:05 - 02422272 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2017-02-15 14:17 - 2017-02-15 14:17 - 00000000 ____D C:\Program Files (x86)\ESET
2017-02-13 21:58 - 2017-02-13 21:58 - 00000000 ___HD C:\OneDriveTemp
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Users\danie\AppData\Roaming\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Program Files\IrfanView
2017-02-13 07:10 - 2017-02-13 07:10 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\Users\danie\Tracing
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-12 17:44 - 2017-02-12 18:30 - 00000000 ____D C:\Phone
2017-02-12 17:13 - 2017-02-12 17:17 - 00000000 ____D C:\Users\danie\AppData\Roaming\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00002126 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2017-02-12 17:07 - 2017-02-12 17:24 - 00000000 ____D C:\Card
2017-02-12 16:12 - 2017-02-12 16:12 - 00000000 ____D C:\Users\danie\Documents\Samsung
2017-02-12 16:11 - 2017-02-12 16:12 - 00000000 ____D C:\Windows\LastGood
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-02-12 16:10 - 2017-02-12 16:11 - 00000000 ____D C:\Users\danie\AppData\Roaming\Samsung
2017-02-12 16:10 - 2016-09-05 05:47 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00716920 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2017-02-12 16:10 - 2016-09-05 05:47 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2017-02-12 16:10 - 2016-07-22 08:21 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\SET3DA.tmp
2017-02-12 16:10 - 2016-07-22 08:21 - 00716928 _____ (Microsoft Corporation) C:\Windows\system32\SET399.tmp
2017-02-12 16:10 - 2016-07-22 08:21 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SETE6F9.tmp
2017-02-12 16:10 - 2016-07-22 08:21 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SETBBB3.tmp
2017-02-12 16:09 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2017-02-09 13:28 - 2017-02-09 13:28 - 02099905 _____ C:\Users\danie\Downloads\Wohnung_an-ummelden_Hinw_de+en.pdf
2017-02-09 13:28 - 2017-02-09 13:28 - 00334768 _____ C:\Users\danie\Downloads\Bestaetigung_BMG.pdf
2017-02-08 01:29 - 2017-02-08 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-08 00:13 - 2017-02-08 00:13 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE (1).pdf
2017-02-08 00:03 - 2017-02-08 00:03 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE.pdf
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-06 23:48 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments_online_converter#.pdf
2017-02-06 23:42 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Downloads\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.pdf
2017-02-06 23:30 - 2017-02-06 18:31 - 17294189 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu
2017-02-06 23:09 - 2017-02-06 23:09 - 01616807 ____R C:\Users\danie\Documents\koehler_lehmann_2011.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 01102598 ____R C:\Users\danie\Documents\Practical laboratory course_***********.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00783869 ____R C:\Users\danie\Documents\lecture 12.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00680777 ____R C:\Users\danie\Documents\9783319055879-c2.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00664591 ____R C:\Users\danie\Documents\Otting_G_2010_Reiview.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00313885 ____R C:\Users\danie\Documents\bertini2001.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00046833 ____R C:\Users\danie\Documents\L_6b_NOE_web.pdf
2017-02-06 18:41 - 2017-02-06 18:42 - 01824882 _____ C:\Users\danie\Documents\product_operator_formalism.pdf
2017-02-06 18:40 - 2017-02-06 18:40 - 02809960 _____ C:\Users\danie\Documents\relaxation_Enhancement.pdf
2017-02-06 18:27 - 2017-02-06 18:27 - 00680777 _____ C:\Users\danie\Downloads\9783319055879-c2.pdf
2017-02-06 18:20 - 2017-02-06 18:21 - 46049143 _____ C:\Users\danie\Downloads\Matthias Findeisen,Stefan Berger 50 and More Essential NMR Experiments. A Detailed Guide.pdf
2017-02-06 16:15 - 2017-02-06 16:15 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495
2017-02-06 16:14 - 2017-02-06 16:14 - 00026285 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495.zip
2017-02-05 21:39 - 2017-02-05 21:50 - 149068460 _____ C:\Users\danie\Downloads\lucifer.213.hdtv-lol.mkv.mp4.mp4
2017-02-05 20:34 - 2017-02-05 20:34 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201
2017-02-05 20:33 - 2017-02-05 20:33 - 00024770 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201.zip
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Users\danie\AppData\Local\Remove_Empty_Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories
2017-02-05 15:13 - 2017-02-05 15:15 - 00404482 _____ (Jonas John ) C:\Users\danie\Downloads\red-v2.2-setup.exe
2017-02-05 12:21 - 2017-02-05 12:21 - 00026159 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991.zip
2017-02-05 12:21 - 2017-02-05 12:21 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991
2017-02-04 22:34 - 2017-02-04 22:56 - 124549923 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2- Episode 11- Stewardess Interruptus.mp4
2017-02-04 22:30 - 2017-02-04 22:51 - 143374537 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2 Episode 12 - Love Handles.mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (5).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (4).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (3).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (2).mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video.mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video (1).mp4
2017-02-04 10:02 - 2016-07-15 19:29 - 05739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2017-02-04 10:02 - 2016-07-15 19:29 - 02629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 19:14 - 06354944 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2017-02-04 10:02 - 2016-07-15 18:45 - 02629120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 18:29 - 05489664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2017-02-04 10:01 - 2017-02-04 10:01 - 00001047 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-01 16:14 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Local\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Roaming\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:13 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00001100 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-30 12:59 - 2017-01-30 12:59 - 36727147 _____ C:\Users\danie\Downloads\Laborarbeit_2016_170130.pdf
2017-01-29 10:49 - 2017-01-29 10:49 - 00450814 _____ C:\Users\danie\Downloads\AGB_208_Strom_Privat_2017_01_NK.pdf
2017-01-25 21:42 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-01-25 21:42 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-01-25 14:50 - 2017-01-25 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-01-23 20:55 - 2017-01-23 20:55 - 00218282 _____ C:\Users\danie\Downloads\Medikamente_Formular.pdf
2017-01-23 19:42 - 2017-01-23 19:51 - 12095930 _____ C:\Users\danie\Downloads\[Manfred_Hesse,_Herbert_Meier,_Bernd_Zeeh]_Spektro(BookFi).pdf
2017-01-23 14:43 - 2017-01-23 14:43 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe_Systems_Incorporate
2017-01-23 14:42 - 2017-01-23 15:04 - 00000000 ____D C:\Users\danie\Documents\My Digital Editions
2017-01-23 14:42 - 2017-01-23 14:42 - 00002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2017-01-23 14:42 - 2017-01-23 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-01-23 14:32 - 2017-01-23 14:50 - 01977054 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_spectroscopy(BookFi) (1).pdf
2017-01-23 14:32 - 2017-01-23 14:41 - 02199824 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_Spectroscopy(BookFi).pdf
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Users\danie\AppData\Local\Passbild_Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Program Files (x86)\Passbild-Generator
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\Program Files\Oracle
2017-01-22 14:31 - 2017-01-22 14:53 - 00000000 ____D C:\Users\danie\Documents\Dateien_script
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\Users\danie\AppData\Roaming\GraphPad Software
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\ProgramData\GraphPad Software
2017-01-19 19:38 - 2017-01-19 19:38 - 00000000 ____D C:\Users\danie\Downloads\Django Unchained-kinox to(44884)-bySGexx
2017-01-16 17:38 - 2017-01-16 17:38 - 00205440 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2017-01-16 17:38 - 2017-01-16 17:38 - 00137920 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSB.sys
2017-01-16 17:38 - 2017-01-16 17:38 - 00131144 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-15 16:03 - 2016-08-15 20:57 - 00000000 ____D C:\Users\danie\AppData\Roaming\Skype
2017-02-15 15:54 - 2016-08-04 20:16 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-02-15 14:28 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Local\Spotify
2017-02-15 14:27 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Roaming\Spotify
2017-02-15 14:16 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF
2017-02-15 13:55 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-02-15 11:37 - 2016-09-19 20:06 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{116B86B5-D81A-4122-817A-8BCA9244C3FC}
2017-02-15 08:58 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-15 02:00 - 2016-08-04 22:19 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe
2017-02-14 21:36 - 2016-09-29 21:40 - 00000000 ____D C:\Users\danie\.VirtualBox
2017-02-13 22:05 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\Documents\Calibre-Bibliothek
2017-02-13 21:58 - 2016-08-04 20:25 - 00000000 ___RD C:\Users\danie\OneDrive
2017-02-13 21:58 - 2016-08-04 20:22 - 00000000 ____D C:\Users\danie
2017-02-13 16:31 - 2016-08-04 21:52 - 00000000 ____D C:\Users\danie\AppData\Roaming\vlc
2017-02-13 01:17 - 2016-08-04 23:15 - 00007911 _____ C:\Windows\BRRBCOM.INI
2017-02-13 01:03 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Local\Packages
2017-02-12 23:54 - 2016-10-26 20:47 - 00000000 ____D C:\Users\danie\AppData\Roaming\Apple Computer
2017-02-12 21:41 - 2016-08-06 18:00 - 00004278 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-02-12 17:17 - 2016-08-13 12:08 - 00000000 ____D C:\Users\danie\.android
2017-02-12 17:03 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-02-12 16:11 - 2016-08-05 21:12 - 00000000 ____D C:\ProgramData\Samsung
2017-02-12 16:10 - 2016-08-05 21:12 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-02-12 16:09 - 2016-08-04 23:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-08 01:29 - 2016-08-19 13:44 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 16:14 - 2016-12-06 07:37 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-07 16:14 - 2016-08-04 20:25 - 00002383 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-06 22:30 - 2016-08-04 20:45 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-04 21:17 - 2016-12-05 17:01 - 00000000 ____D C:\Users\danie\AppData\Local\calibre-cache
2017-02-04 21:17 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\AppData\Roaming\calibre
2017-02-04 21:16 - 2017-01-12 16:13 - 00000000 ____D C:\Bio_Linux
2017-02-04 10:02 - 2016-07-16 23:52 - 00000000 ____D C:\Windows\OCR
2017-02-04 10:02 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2017-02-02 13:59 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-01 20:57 - 2016-08-04 20:24 - 01004544 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-01 20:57 - 2016-07-16 23:51 - 00550294 _____ C:\Windows\system32\perfh007.dat
2017-02-01 20:57 - 2016-07-16 23:51 - 00156908 _____ C:\Windows\system32\perfc007.dat
2017-02-01 20:50 - 2016-08-12 14:42 - 00000000 ____D C:\ProgramData\Embarcadero
2017-02-01 20:50 - 2016-08-04 20:16 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-01 20:45 - 2016-08-04 20:16 - 05014704 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-26 18:07 - 2016-07-16 07:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-01-25 14:50 - 2016-08-05 21:13 - 00003352 _____ C:\Windows\System32\Tasks\SamsungMagician
2017-01-23 14:52 - 2016-12-05 16:54 - 00000999 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\Program Files\Calibre2
2017-01-23 14:47 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Roaming\Adobe
2017-01-23 14:42 - 2016-08-04 22:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-21 21:40 - 2016-08-04 22:05 - 00000000 ____D C:\TMP
2017-01-19 18:15 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-19 18:14 - 2016-08-04 23:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-19 18:05 - 2016-08-04 22:38 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-01-18 21:42 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Oracle
2017-01-18 21:10 - 2016-08-12 15:26 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\Program Files\Java
2017-01-16 17:38 - 2017-01-12 18:23 - 00959720 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2017-01-16 17:38 - 2016-09-29 21:37 - 00149304 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-08-05 17:44 - 2017-01-06 11:58 - 0000034 _____ () C:\Users\danie\AppData\Roaming\AdobeWLCMCache.dat
2016-11-30 10:50 - 2016-11-30 11:36 - 0001456 _____ () C:\Users\danie\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-09-21 20:12 - 2017-01-25 20:15 - 0009668 _____ () C:\Users\danie\AppData\Local\CDXLExtendedShim.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\danie\AppData\Local\Microsoft\OneDrive\OneDrive.exe


Einige Dateien in TEMP:
====================
2016-08-10 18:42 - 2016-08-10 18:42 - 36403960 _____ (AppWork GmbH) C:\Users\danie\AppData\Local\Temp\JDSetup131153245463239802.exe
2016-08-13 07:56 - 2016-08-13 07:56 - 0741440 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u101-windows-au.exe
2017-01-18 21:04 - 2017-01-18 21:04 - 0739904 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-09-19 18:45 - 2016-09-19 18:45 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\M9MYQW4AVM.DLL
2017-01-05 10:04 - 2017-01-05 10:05 - 2858376 _____ () C:\Users\danie\AppData\Local\Temp\npp.7.2.2.Installer.exe
2017-02-10 15:31 - 2017-02-10 15:31 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole3735512050020065073.dll
2017-02-10 15:31 - 2017-02-10 15:31 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole5825304206742508178.dll
2017-02-10 15:31 - 2017-02-10 15:31 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole6305030320323710800.dll
2016-09-19 18:47 - 2016-09-19 18:47 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\QD62A0GERA.DLL
2016-11-23 23:47 - 2016-11-23 23:47 - 14700056 _____ (Samsung Electronics                                         ) C:\Users\danie\AppData\Local\Temp\Samsung_Magician_Installer.exe
2015-08-03 00:58 - 2015-08-03 00:58 - 0118784 _____ () C:\Users\danie\AppData\Local\Temp\xmlUpdater.exe
2016-09-19 18:46 - 2016-09-19 18:46 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YJMCG40G3G.DLL
2016-09-19 18:54 - 2016-09-19 18:54 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YR6884GKNC.DLL

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-09 22:03

==================== Ende von FRST.txt ============================
         
Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-02-2017 01
durchgeführt von danie (15-02-2017 16:06:50)
Gestartet von C:\Users\danie\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-04 19:21:16)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2044849159-1042748084-43516897-500 - Administrator - Disabled)
danie (S-1-5-21-2044849159-1042748084-43516897-1001 - Administrator - Enabled) => C:\Users\danie
DefaultAccount (S-1-5-21-2044849159-1042748084-43516897-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2044849159-1042748084-43516897-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2044849159-1042748084-43516897-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ActivePerl 5.24.0 Build 2400 (64-bit) (HKLM\...\{C89FA3E7-29C4-4A60-AFB9-40E04715AE78}) (Version: 5.24.2400 - ActiveState)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.3 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Verifier x64 External Package (Version: 10.1.10586.212 - Microsoft) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0005 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avogadro (HKLM-x32\...\Avogadro) (Version: 1.2.0 - Humanity)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
calibre 64bit (HKLM\...\{35E6D951-3B09-4FF3-BE67-EAEC919ADCCF}) (Version: 2.77.0 - Kovid Goyal)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
Embarcadero InterBase XE7 (HKLM-x32\...\Embarcadero InterBase XE7) (Version: Embarcadero InterBase XE7 - Embarcadero Technologies, Inc.)
Embarcadero RAD Studio 10.1 Berlin (HKLM-x32\...\Embarcadero RAD Studio 10.1 Berlin) (Version: 18.0 - Embarcadero Technologies, Inc.)
Embarcadero RAD Studio Berlin (x32 Version: 18.0 - Embarcadero Technologies, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FastReport 5 Embarcadero edition (HKLM-x32\...\{7FBAEA0A-5C1A-4a2e-8BD1-275A0C3755BB}) (Version: Embarcadero Edition - FastReports)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Logitech Gaming Software 8.84 (HKLM\...\Logitech Gaming Software) (Version: 8.84.15 - Logitech Inc.)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{BA62A9E2-7BB4-4D4A-8C5F-CC03C35491BD}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{6C8591F8-C4FC-4A64-9E21-7F35F1D51D09}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\OneDriveSetup.exe) (Version: 17.3.6764.0111 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows 10 SDK Installer (HKLM-x32\...\Microsoft Windows 10 SDK Installer) (Version: 18.0 - Embarcadero Technologies Inc.)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mp3tag v2.80 (HKLM-x32\...\Mp3tag) (Version: v2.80 - Florian Heidenreich)
MSI Development Tools (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.14 (HKLM\...\{6AE61854-0F78-49E3-ABCC-586FB43CE709}) (Version: 5.1.14 - Oracle Corporation)
Passbild-Generator v4.0b (HKLM-x32\...\Passbild-Generator_is1) (Version:  - Passbild-Generator)
PeaZip 6.1.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PerkinElmer ChemOffice Professional 2015 (HKLM-x32\...\{83DBA37B-B24C-431B-9D7B-8331D28A067C}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 15.0 (HKLM-x32\...\{2623D946-2CA9-4E69-A6C1-DDFA46C87EFF}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PixelRuler v9.2.0.0 (HKLM-x32\...\PixelRuler_is1) (Version:  - pixelruler.de)
Python 3.2 pywin32-217 (HKLM-x32\...\pywin32-py3.2) (Version:  - )
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SDK Debuggers (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.) Hidden
SpeedCommander 16 (x64) (HKLM\...\SpeedCommander 16 (x64)) (Version: 16.10.8200 - SWE Sven Ritter)
Spotify (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TeXstudio 2.11.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.11.2 - Benito van der Zander)
Ttf2Pt1-3.4.4 Complete package, except sources (GnuWin32) (HKLM-x32\...\Ttf2Pt1-3.4.4_is1) (Version: 3.4.4 - GnuWin32)
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMD 1.9.2 (HKLM-x32\...\{089F161A-EFCE-44D8-8D38-C401835D93E4}) (Version: 1.9.2 - University of Illinois)
WinAppDeploy (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WPT Redistributables (x32 Version: 10.1.10586.212 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Zortam Mp3 Media Studio 21.35 (HKLM-x32\...\Zortam Mp3 Media Studio_is1) (Version:  - Zortam)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2044849159-1042748084-43516897-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {192D2D98-33A9-4EC4-9896-6FF0C2F8F337} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {21FAC54D-1678-4675-8BC9-4CFB8004D976} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {2493413F-9C60-497D-8DA3-AE1DA66A2B3D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-09] (AVAST Software)
Task: {2A46A2EC-BEC1-4EF0-AB35-CF4026FF8DFC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {2F9B9EB7-8613-4AB6-89EA-193DCB9B5FB8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {32D51965-AA80-4FDA-8DB7-1781EB4FB623} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*************************** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {43415A32-378E-4EB8-9888-7CC810B35503} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {7AB6AA19-0881-4D27-8734-95F1B6164C0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {A0D5D4A8-1C95-4B18-95E6-3B7B9B03B510} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {A7A917FF-05B5-4013-AF77-89757CB96BF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {B95FFCBA-EC40-4792-96F7-42EC9FCFB7F8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {BAC026DE-071D-4FA8-A31D-F272109D4A64} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {C77C0E0B-0D42-475D-BC83-4156B05B7D05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {DA460F4D-3A1E-443A-A492-F52BA5AA3B65} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E1DB79CC-94D1-436F-8912-85669F1E4F76} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {E6A3C464-5455-47C3-B476-5E347A934207} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E90A764A-D783-42CA-9F23-796C2E800325} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-01] (AVAST Software)
Task: {EB55E557-F628-48AC-AEAC-F6E76FAC4A7A} - System32\Tasks\SafeZone scheduled Autoupdate 1470502893 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {EE42846D-A85E-4918-8320-349AF43E2871} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-08-04 23:41 - 2016-06-25 07:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2016-10-05 17:17 - 2016-10-05 17:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-04 23:14 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-09-13 23:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 22:58 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 22:58 - 2016-12-21 08:08 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-01-11 22:58 - 2016-12-21 07:55 - 07843840 _____ () C:\Windows\ShellExperiences\QuickConnectUI.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-08-03 19:06 - 2016-08-03 19:06 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-08-03 19:06 - 2016-08-03 19:06 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-02-06 09:09 - 2017-02-06 09:09 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-06 09:09 - 2017-02-06 09:09 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-06 09:09 - 2017-02-06 09:09 - 42895872 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 09:09 - 2017-02-06 09:09 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\roottools.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 22:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 22:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 08:42 - 2016-11-23 08:42 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-04 20:47 - 2016-08-04 20:47 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2016-07-17 00:01 - 2016-07-17 00:01 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-02-15 08:57 - 2017-02-15 08:58 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-01-23 08:04 - 2017-01-23 08:04 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.25.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-09-09 20:30 - 2016-09-09 20:30 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-09 20:30 - 2016-09-09 20:30 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-02-14 19:11 - 2017-02-14 19:11 - 06350848 _____ () C:\Program Files\AVAST Software\Avast\defs\17021400\algo.dll
2017-02-15 11:12 - 2017-02-15 11:12 - 06350848 _____ () C:\Program Files\AVAST Software\Avast\defs\17021500\algo.dll
2016-08-04 23:14 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-08-04 23:41 - 2015-05-26 18:54 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2015-03-17 00:34 - 2015-03-17 00:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2016-08-04 23:14 - 2013-04-05 12:23 - 00954880 _____ () C:\Program Files (x86)\ControlCenter4\BrImgProc.dll
2016-08-06 18:00 - 2016-08-06 18:00 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-08 01:29 - 2017-02-07 05:48 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-08-19 13:45 - 2017-01-14 00:53 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-08-19 13:45 - 2017-01-14 00:54 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-02-08 01:29 - 2017-01-14 00:54 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-08-19 13:45 - 2017-01-14 00:56 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00052544 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-02-08 01:29 - 2017-01-14 00:56 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-19 13:45 - 2017-01-14 00:55 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-08-19 13:45 - 2017-01-14 00:54 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-02-08 01:29 - 2017-01-14 00:51 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-02-08 01:29 - 2016-12-22 07:58 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-02-08 01:29 - 2017-01-14 01:02 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-02-08 01:29 - 2017-01-14 01:02 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu:com.dropbox.attributes [168]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\sharepoint.com -> hxxps://campussachsen-files.sharepoint.com

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2016-08-04 22:48 - 00001050 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\StartupApproved\StartupFolder: => "PixelRuler.lnk"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1E52F9A0-5820-47E5-8672-581F7A139665}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{C760F8E6-1F3E-4303-85A1-D7D7DB698AC7}] => (Allow) LPort=54925
FirewallRules: [{CDD216A4-B2B0-4EDA-AE45-F71EBAA4CD0C}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{119E2607-1EE9-40CF-B1BD-2C344119A791}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{1DF0FA43-BD46-4CA8-9B4F-1ADF0D4F4E4E}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{07EC27C9-3E14-433C-A2A0-C403AD5B5BAE}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{29D3A4D9-75EE-48E5-9E6B-9C58606AD4FE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F7BE5DE8-B108-4817-8518-4ED78E78DE22}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{542D9C41-4F9E-44AC-8520-DB38A6F29DF2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A847E550-A2C4-4C24-B245-3C03AD9813FC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{49841A41-40C0-4730-83B6-6DF320171517}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5F130595-1397-4E60-A7CC-6AFC28052F4D}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DB9B22F4-7909-489B-859B-BFD5764AAF13}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [UDP Query User{F2A88DBE-BFE0-4B54-9CBA-BEAC9A26F1E3}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [TCP Query User{E183CA1A-F191-4A9F-B161-DAFAD52679FC}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [UDP Query User{C668A88D-4CD0-498C-A458-7AAC9F0AFFC3}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [{9186B335-8F0C-479A-A177-4B8FCE56AE09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C35D2E0E-F8C4-4FCB-BFEE-C35010B929E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{09761B78-77BE-49E1-AAC8-C2D198097C5E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E84533B9-C293-426C-AE30-EE6021FADE42}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C17E3F4B-84A0-44A1-A35E-C579D68D3032}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08503169-D484-4A9E-8BB1-E5FA2C814D3E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DEBAD8D2-6378-49E7-A0CA-8D8CAB4B9F44}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4646391F-477D-4873-84C6-0EEE30A07566}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3B66BF7C-967C-48C2-9A30-6D1CD1253433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9DBFAEF7-75AF-4A58-9E8A-BFAA3F1712A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AA630F4F-BF9C-421A-8167-16690F5535B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{033A785A-04DF-4328-8713-FE0B4EE558B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3780DA59-0B92-4A18-A096-DE153E950AFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{51508A9E-D29B-40A9-85C5-F551CE724B2D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{5D15864C-AC2E-4DFB-83BC-92E57F81009A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Wiederherstellungspunkte =========================

23-01-2017 14:51:59 Installed calibre 64bit
02-02-2017 02:44:55 Geplanter Prüfpunkt
12-02-2017 16:09:16 Installed Smart Switch

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/15/2017 04:03:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "F:\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/15/2017 03:50:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/15/2017 03:50:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/15/2017 03:50:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/15/2017 03:49:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\oleview.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/15/2017 03:49:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\filetypeverifier.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/15/2017 03:49:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\14.0\Debugger\target\armv4i\vsgraphicsremoteengine.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/15/2017 03:49:27 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/15/2017 03:49:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/15/2017 02:18:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.


Systemfehler:
=============
Error: (02/15/2017 03:53:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/15/2017 03:51:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/15/2017 03:51:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/15/2017 03:49:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/15/2017 03:46:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (02/15/2017 03:46:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\danie\AppData\Local\Temp\ehdrv.sys

Error: (02/15/2017 03:46:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (02/15/2017 03:46:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\danie\AppData\Local\Temp\ehdrv.sys

Error: (02/15/2017 03:46:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (02/15/2017 03:46:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\danie\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-12-07 16:02:25.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-07 16:02:25.973
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-01 10:03:52.930
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-01 10:03:52.928
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-25 14:43:23.529
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-25 14:43:23.527
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-18 13:06:10.559
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-18 13:06:10.557
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 8116.55 MB
Verfügbarer physikalischer RAM: 3860.96 MB
Summe virtueller Speicher: 9396.55 MB
Verfügbarer virtueller Speicher: 3789.86 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:209.11 GB) (Free:57.85 GB) NTFS
Drive d: (OS) (Fixed) (Total:115.98 GB) (Free:7.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (DATA) (Fixed) (Total:329.79 GB) (Free:3.64 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=464 MB) - (Type=27)
Partition 4: (Not Active) - (Size=329.8 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 6B8C4C4B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=209.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 16.02.2017, 12:32   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



Zitat:
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.co

Du hast gecrackte Software von Adobe auf dem Rechner.


Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________

__________________

Alt 16.02.2017, 17:00   #3
pitti911
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



Hallo Cosinus,

ich hoffe ich habe jetzt alles entfernt.

Anbei wieder die beiden logs - erneut mit zensierten Namen.

FRST.txt

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 02
durchgeführt von danie (Administrator) auf DESKTOP-9T9O37C (16-02-2017 16:47:52)
Gestartet von C:\Users\danie\Desktop
Geladene Profile: danie (Verfügbare Profile: defaultuser0 & danie)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2085160 2010-03-05] (Synaptics Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15853176 2016-08-03] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6806144 2010-06-24] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify Web Helper] => C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify] => C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe [7133808 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [GoogleChromeAutoLaunch_1DE2210685523D121EF41F74D365AD10] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PixelRuler.lnk [2016-08-11]
ShortcutTarget: PixelRuler.lnk -> C:\Program Files (x86)\PixelRuler\PixelRuler.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{65b17e8d-7930-436e-a952-581958886376}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{90200e0b-80c6-4e80-8828-16c1b94ed4fe}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\Chem3D\npChem3DPlugin.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\npcdp32.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2017-02-16]
CHR Extension: (Google Präsentationen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-04]
CHR Extension: (Flash Video Downloader) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-12-03]
CHR Extension: (Google Docs) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-04]
CHR Extension: (Google Drive) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-04]
CHR Extension: (YouTube) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-04]
CHR Extension: (Adblock Plus) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-28]
CHR Extension: (Video Downloader professional) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-22]
CHR Extension: (Google Tabellen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-04]
CHR Extension: (Full Screen Weather) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-04]
CHR Extension: (Hide My AdBlocker) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2016-11-10]
CHR Extension: (Avast Online Security) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (uMatrix) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2017-02-15]
CHR Extension: (Beebs - Access BBC iPlayer) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmliiafmgjkgkfadkpomlefdllhajdi [2017-01-08]
CHR Extension: (Weather Underground) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2016-08-04]
CHR Extension: (Google Mail) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-08]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-03] (Logitech Inc.)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-17] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [51104 2016-08-02] (USBPcap)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-01-16] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-16 16:47 - 2017-02-16 16:48 - 00025945 _____ C:\Users\danie\Desktop\FRST.txt
2017-02-16 16:47 - 2017-02-16 16:47 - 00000000 ___HD C:\OneDriveTemp
2017-02-16 16:47 - 2017-02-16 16:47 - 00000000 ____D C:\Users\danie\Desktop\FRST-OlderVersion
2017-02-16 16:31 - 2017-02-16 16:31 - 00000000 ____D C:\Users\danie\AppData\Local\{FE8BEBBE-9A66-4252-9271-3B862ED0CA94}
2017-02-15 19:20 - 2017-02-15 19:20 - 00000000 ____D C:\Users\danie\AppData\Roaming\Wireshark
2017-02-15 18:13 - 2017-02-15 18:13 - 00001827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-02-15 18:13 - 2017-02-15 18:13 - 00001569 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files\USBPcap
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files (x86)\WinPcap
2017-02-15 18:12 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files\Wireshark
2017-02-15 18:08 - 2017-02-15 18:11 - 49360976 _____ (Wireshark development team) C:\Users\danie\Desktop\Wireshark-win64-2.2.4.exe
2017-02-15 16:05 - 2017-02-16 16:47 - 00000000 ____D C:\FRST
2017-02-15 16:03 - 2017-02-16 16:47 - 02422272 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2017-02-15 14:17 - 2017-02-15 14:17 - 00000000 ____D C:\Program Files (x86)\ESET
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Users\danie\AppData\Roaming\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Program Files\IrfanView
2017-02-13 07:10 - 2017-02-13 07:10 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\Users\danie\Tracing
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-12 17:44 - 2017-02-12 18:30 - 00000000 ____D C:\Phone
2017-02-12 17:13 - 2017-02-12 17:17 - 00000000 ____D C:\Users\danie\AppData\Roaming\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00002126 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2017-02-12 17:07 - 2017-02-12 17:24 - 00000000 ____D C:\Card
2017-02-12 16:12 - 2017-02-12 16:12 - 00000000 ____D C:\Users\danie\Documents\Samsung
2017-02-12 16:11 - 2017-02-12 16:12 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-02-12 16:10 - 2017-02-12 16:11 - 00000000 ____D C:\Users\danie\AppData\Roaming\Samsung
2017-02-12 16:10 - 2016-09-05 05:47 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00716920 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2017-02-12 16:10 - 2016-09-05 05:47 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2017-02-12 16:09 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2017-02-09 13:28 - 2017-02-09 13:28 - 02099905 _____ C:\Users\danie\Downloads\Wohnung_an-ummelden_Hinw_de+en.pdf
2017-02-09 13:28 - 2017-02-09 13:28 - 00334768 _____ C:\Users\danie\Downloads\Bestaetigung_BMG.pdf
2017-02-08 01:29 - 2017-02-08 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-08 00:13 - 2017-02-08 00:13 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE (1).pdf
2017-02-08 00:03 - 2017-02-08 00:03 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE.pdf
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-06 23:48 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments_online_converter#.pdf
2017-02-06 23:42 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Downloads\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.pdf
2017-02-06 23:30 - 2017-02-06 18:31 - 17294189 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu
2017-02-06 23:09 - 2017-02-06 23:09 - 01616807 ____R C:\Users\danie\Documents\koehler_lehmann_2011.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 01102598 ____R C:\Users\danie\Documents\Practical laboratory course_***********.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00783869 ____R C:\Users\danie\Documents\lecture 12.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00680777 ____R C:\Users\danie\Documents\9783319055879-c2.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00664591 ____R C:\Users\danie\Documents\Otting_G_2010_Reiview.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00313885 ____R C:\Users\danie\Documents\bertini2001.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00046833 ____R C:\Users\danie\Documents\L_6b_NOE_web.pdf
2017-02-06 18:41 - 2017-02-06 18:42 - 01824882 _____ C:\Users\danie\Documents\product_operator_formalism.pdf
2017-02-06 18:40 - 2017-02-06 18:40 - 02809960 _____ C:\Users\danie\Documents\relaxation_Enhancement.pdf
2017-02-06 18:27 - 2017-02-06 18:27 - 00680777 _____ C:\Users\danie\Downloads\9783319055879-c2.pdf
2017-02-06 18:20 - 2017-02-06 18:21 - 46049143 _____ C:\Users\danie\Downloads\Matthias Findeisen,Stefan Berger 50 and More Essential NMR Experiments. A Detailed Guide.pdf
2017-02-06 16:15 - 2017-02-06 16:15 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495
2017-02-06 16:14 - 2017-02-06 16:14 - 00026285 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495.zip
2017-02-05 21:39 - 2017-02-05 21:50 - 149068460 _____ C:\Users\danie\Downloads\lucifer.213.hdtv-lol.mkv.mp4.mp4
2017-02-05 20:34 - 2017-02-05 20:34 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201
2017-02-05 20:33 - 2017-02-05 20:33 - 00024770 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201.zip
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Users\danie\AppData\Local\Remove_Empty_Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories
2017-02-05 15:13 - 2017-02-05 15:15 - 00404482 _____ (Jonas John ) C:\Users\danie\Downloads\red-v2.2-setup.exe
2017-02-05 12:21 - 2017-02-05 12:21 - 00026159 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991.zip
2017-02-05 12:21 - 2017-02-05 12:21 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991
2017-02-04 22:34 - 2017-02-04 22:56 - 124549923 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2- Episode 11- Stewardess Interruptus.mp4
2017-02-04 22:30 - 2017-02-04 22:51 - 143374537 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2 Episode 12 - Love Handles.mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (5).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (4).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (3).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (2).mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video.mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video (1).mp4
2017-02-04 10:02 - 2016-07-15 19:29 - 05739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2017-02-04 10:02 - 2016-07-15 19:29 - 02629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 19:14 - 06354944 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2017-02-04 10:02 - 2016-07-15 18:45 - 02629120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 18:29 - 05489664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2017-02-04 10:01 - 2017-02-04 10:01 - 00001047 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-01 16:14 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Local\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Roaming\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:13 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00001100 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-30 12:59 - 2017-01-30 12:59 - 36727147 _____ C:\Users\danie\Downloads\Laborarbeit_2016_170130.pdf
2017-01-29 10:49 - 2017-01-29 10:49 - 00450814 _____ C:\Users\danie\Downloads\AGB_208_Strom_Privat_2017_01_NK.pdf
2017-01-25 21:42 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-01-25 21:42 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-01-25 14:50 - 2017-01-25 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-01-23 20:55 - 2017-01-23 20:55 - 00218282 _____ C:\Users\danie\Downloads\Medikamente_Formular.pdf
2017-01-23 19:42 - 2017-01-23 19:51 - 12095930 _____ C:\Users\danie\Downloads\[Manfred_Hesse,_Herbert_Meier,_Bernd_Zeeh]_Spektro(BookFi).pdf
2017-01-23 14:43 - 2017-01-23 14:43 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe_Systems_Incorporate
2017-01-23 14:42 - 2017-01-23 15:04 - 00000000 ____D C:\Users\danie\Documents\My Digital Editions
2017-01-23 14:42 - 2017-01-23 14:42 - 00002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2017-01-23 14:42 - 2017-01-23 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-01-23 14:32 - 2017-01-23 14:50 - 01977054 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_spectroscopy(BookFi) (1).pdf
2017-01-23 14:32 - 2017-01-23 14:41 - 02199824 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_Spectroscopy(BookFi).pdf
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Users\danie\AppData\Local\Passbild_Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Program Files (x86)\Passbild-Generator
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\Program Files\Oracle
2017-01-22 14:31 - 2017-01-22 14:53 - 00000000 ____D C:\Users\danie\Documents\Dateien_script
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\Users\danie\AppData\Roaming\GraphPad Software
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\ProgramData\GraphPad Software
2017-01-19 19:38 - 2017-01-19 19:38 - 00000000 ____D C:\Users\danie\Downloads\Django Unchained-kinox to(44884)-bySGexx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-16 16:48 - 2016-08-15 20:57 - 00000000 ____D C:\Users\danie\AppData\Roaming\Skype
2017-02-16 16:48 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Roaming\Spotify
2017-02-16 16:47 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Local\Spotify
2017-02-16 16:47 - 2016-08-04 20:25 - 00000000 ___RD C:\Users\danie\OneDrive
2017-02-16 16:46 - 2016-08-04 20:24 - 01097934 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-16 16:46 - 2016-07-16 23:51 - 00601120 _____ C:\Windows\system32\perfh007.dat
2017-02-16 16:46 - 2016-07-16 23:51 - 00171116 _____ C:\Windows\system32\perfc007.dat
2017-02-16 16:42 - 2016-08-04 20:16 - 05002832 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-16 16:42 - 2016-08-04 20:16 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-16 16:41 - 2016-07-16 07:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-02-16 16:26 - 2016-08-12 14:42 - 00000000 ____D C:\Users\danie\AppData\Roaming\Embarcadero
2017-02-16 16:26 - 2016-08-12 14:42 - 00000000 ____D C:\ProgramData\Embarcadero
2017-02-16 16:15 - 2016-08-05 17:25 - 00000000 ____D C:\Program Files\Adobe
2017-02-16 16:15 - 2016-08-05 17:24 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-02-16 16:14 - 2016-08-04 22:19 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-02-16 16:14 - 2016-08-04 20:16 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-02-16 16:09 - 2016-08-04 22:18 - 00000000 ____D C:\ProgramData\Adobe
2017-02-16 15:51 - 2016-08-04 22:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-02-16 15:51 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Roaming\Adobe
2017-02-16 14:37 - 2016-09-19 20:06 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{116B86B5-D81A-4122-817A-8BCA9244C3FC}
2017-02-16 14:33 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-16 12:29 - 2016-08-04 20:22 - 00000000 ____D C:\Users\danie
2017-02-16 09:50 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-02-16 08:49 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-16 02:00 - 2016-08-04 22:19 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe
2017-02-15 22:28 - 2016-08-04 21:52 - 00000000 ____D C:\Users\danie\AppData\Roaming\vlc
2017-02-15 18:13 - 2016-08-04 20:25 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-15 14:16 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF
2017-02-14 21:36 - 2016-09-29 21:40 - 00000000 ____D C:\Users\danie\.VirtualBox
2017-02-13 22:05 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\Documents\Calibre-Bibliothek
2017-02-13 01:17 - 2016-08-04 23:15 - 00007911 _____ C:\Windows\BRRBCOM.INI
2017-02-13 01:03 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Local\Packages
2017-02-12 23:54 - 2016-10-26 20:47 - 00000000 ____D C:\Users\danie\AppData\Roaming\Apple Computer
2017-02-12 21:41 - 2016-08-06 18:00 - 00004278 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-02-12 17:17 - 2016-08-13 12:08 - 00000000 ____D C:\Users\danie\.android
2017-02-12 17:03 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-02-12 16:11 - 2016-08-05 21:12 - 00000000 ____D C:\ProgramData\Samsung
2017-02-12 16:10 - 2016-08-05 21:12 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-02-12 16:09 - 2016-08-04 23:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-08 01:29 - 2016-08-19 13:44 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 16:14 - 2016-12-06 07:37 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-07 16:14 - 2016-08-04 20:25 - 00002383 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-06 22:30 - 2016-08-04 20:45 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-04 21:17 - 2016-12-05 17:01 - 00000000 ____D C:\Users\danie\AppData\Local\calibre-cache
2017-02-04 21:17 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\AppData\Roaming\calibre
2017-02-04 21:16 - 2017-01-12 16:13 - 00000000 ____D C:\Bio_Linux
2017-02-04 10:02 - 2016-07-16 23:52 - 00000000 ____D C:\Windows\OCR
2017-02-04 10:02 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2017-01-25 14:50 - 2016-08-05 21:13 - 00003352 _____ C:\Windows\System32\Tasks\SamsungMagician
2017-01-23 14:52 - 2016-12-05 16:54 - 00000999 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\Program Files\Calibre2
2017-01-21 21:40 - 2016-08-04 22:05 - 00000000 ____D C:\TMP
2017-01-19 18:15 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-19 18:14 - 2016-08-04 23:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-18 21:42 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Oracle
2017-01-18 21:10 - 2016-08-12 15:26 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\Program Files\Java

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-08-05 17:44 - 2017-01-06 11:58 - 0000034 _____ () C:\Users\danie\AppData\Roaming\AdobeWLCMCache.dat
2016-11-30 10:50 - 2016-11-30 11:36 - 0001456 _____ () C:\Users\danie\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-09-21 20:12 - 2017-01-25 20:15 - 0009668 _____ () C:\Users\danie\AppData\Local\CDXLExtendedShim.log

Einige Dateien in TEMP:
====================
2016-08-10 18:42 - 2016-08-10 18:42 - 36403960 _____ (AppWork GmbH) C:\Users\danie\AppData\Local\Temp\JDSetup131153245463239802.exe
2016-08-13 07:56 - 2016-08-13 07:56 - 0741440 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u101-windows-au.exe
2017-01-18 21:04 - 2017-01-18 21:04 - 0739904 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-09-19 18:45 - 2016-09-19 18:45 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\M9MYQW4AVM.DLL
2017-01-05 10:04 - 2017-01-05 10:05 - 2858376 _____ () C:\Users\danie\AppData\Local\Temp\npp.7.2.2.Installer.exe
2017-02-15 20:32 - 2017-02-15 20:32 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole2050292058776030906.dll
2017-02-15 20:32 - 2017-02-15 20:32 - 0040448 _____ () C:\Users\danie\AppData\Local\Temp\proxy_vole4484201258717203537.dll
2016-09-19 18:47 - 2016-09-19 18:47 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\QD62A0GERA.DLL
2016-11-23 23:47 - 2016-11-23 23:47 - 14700056 _____ (Samsung Electronics                                         ) C:\Users\danie\AppData\Local\Temp\Samsung_Magician_Installer.exe
2015-08-03 00:58 - 2015-08-03 00:58 - 0118784 _____ () C:\Users\danie\AppData\Local\Temp\xmlUpdater.exe
2016-09-19 18:46 - 2016-09-19 18:46 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YJMCG40G3G.DLL
2016-09-19 18:54 - 2016-09-19 18:54 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YR6884GKNC.DLL

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-09 22:03

==================== Ende von FRST.txt ============================
         
--- --- ---


Additions.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-02-2017 02
durchgeführt von danie (16-02-2017 16:48:44)
Gestartet von C:\Users\danie\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-04 19:21:16)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2044849159-1042748084-43516897-500 - Administrator - Disabled)
danie (S-1-5-21-2044849159-1042748084-43516897-1001 - Administrator - Enabled) => C:\Users\danie
DefaultAccount (S-1-5-21-2044849159-1042748084-43516897-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2044849159-1042748084-43516897-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2044849159-1042748084-43516897-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ActivePerl 5.24.0 Build 2400 (64-bit) (HKLM\...\{C89FA3E7-29C4-4A60-AFB9-40E04715AE78}) (Version: 5.24.2400 - ActiveState)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.3 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Verifier x64 External Package (Version: 10.1.10586.212 - Microsoft) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0005 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avogadro (HKLM-x32\...\Avogadro) (Version: 1.2.0 - Humanity)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
calibre 64bit (HKLM\...\{35E6D951-3B09-4FF3-BE67-EAEC919ADCCF}) (Version: 2.77.0 - Kovid Goyal)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Logitech Gaming Software 8.84 (HKLM\...\Logitech Gaming Software) (Version: 8.84.15 - Logitech Inc.)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{BA62A9E2-7BB4-4D4A-8C5F-CC03C35491BD}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{6C8591F8-C4FC-4A64-9E21-7F35F1D51D09}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\OneDriveSetup.exe) (Version: 17.3.6764.0111 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MSI Development Tools (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.14 (HKLM\...\{6AE61854-0F78-49E3-ABCC-586FB43CE709}) (Version: 5.1.14 - Oracle Corporation)
Passbild-Generator v4.0b (HKLM-x32\...\Passbild-Generator_is1) (Version:  - Passbild-Generator)
PeaZip 6.1.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PerkinElmer ChemOffice Professional 2015 (HKLM-x32\...\{83DBA37B-B24C-431B-9D7B-8331D28A067C}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 15.0 (HKLM-x32\...\{2623D946-2CA9-4E69-A6C1-DDFA46C87EFF}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PixelRuler v9.2.0.0 (HKLM-x32\...\PixelRuler_is1) (Version:  - pixelruler.de)
Python 3.2 pywin32-217 (HKLM-x32\...\pywin32-py3.2) (Version:  - )
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SDK Debuggers (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.) Hidden
SpeedCommander 16 (x64) (HKLM\...\SpeedCommander 16 (x64)) (Version: 16.10.8200 - SWE Sven Ritter)
Spotify (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TeXstudio 2.11.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.11.2 - Benito van der Zander)
Ttf2Pt1-3.4.4 Complete package, except sources (GnuWin32) (HKLM-x32\...\Ttf2Pt1-3.4.4_is1) (Version: 3.4.4 - GnuWin32)
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
USBPcap 1.1.0.0-g794bf26-5 (HKLM\...\USBPcap) (Version: 1.1.0.0-g794bf26-5 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMD 1.9.2 (HKLM-x32\...\{089F161A-EFCE-44D8-8D38-C401835D93E4}) (Version: 1.9.2 - University of Illinois)
WinAppDeploy (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Wireshark 2.2.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.4 - The Wireshark developer community, hxxps://www.wireshark.org)
WPT Redistributables (x32 Version: 10.1.10586.212 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.10586.212 - Microsoft) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2044849159-1042748084-43516897-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {192D2D98-33A9-4EC4-9896-6FF0C2F8F337} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {21FAC54D-1678-4675-8BC9-4CFB8004D976} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {2493413F-9C60-497D-8DA3-AE1DA66A2B3D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-09] (AVAST Software)
Task: {2A46A2EC-BEC1-4EF0-AB35-CF4026FF8DFC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {2F9B9EB7-8613-4AB6-89EA-193DCB9B5FB8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {43415A32-378E-4EB8-9888-7CC810B35503} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {7AB6AA19-0881-4D27-8734-95F1B6164C0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {A0D5D4A8-1C95-4B18-95E6-3B7B9B03B510} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {A7A917FF-05B5-4013-AF77-89757CB96BF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {B95FFCBA-EC40-4792-96F7-42EC9FCFB7F8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {BAC026DE-071D-4FA8-A31D-F272109D4A64} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {C77C0E0B-0D42-475D-BC83-4156B05B7D05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {DA460F4D-3A1E-443A-A492-F52BA5AA3B65} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E1DB79CC-94D1-436F-8912-85669F1E4F76} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {E6A3C464-5455-47C3-B476-5E347A934207} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E90A764A-D783-42CA-9F23-796C2E800325} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-01] (AVAST Software)
Task: {EB55E557-F628-48AC-AEAC-F6E76FAC4A7A} - System32\Tasks\SafeZone scheduled Autoupdate 1470502893 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-04 23:41 - 2016-06-25 07:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2016-08-04 23:14 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-09-13 23:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 22:58 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 22:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 22:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-11 22:58 - 2016-12-21 07:47 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-08-03 19:06 - 2016-08-03 19:06 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-08-03 19:06 - 2016-08-03 19:06 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2016-09-09 20:30 - 2016-09-09 20:30 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-16 14:47 - 2017-02-16 14:47 - 05833216 _____ () C:\Program Files\AVAST Software\Avast\defs\17021600\algo.dll
2016-09-09 20:30 - 2016-09-09 20:30 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-08-04 23:41 - 2015-05-26 18:54 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2016-08-06 19:43 - 2017-02-07 21:11 - 51777648 _____ () C:\Users\danie\AppData\Roaming\Spotify\libcef.dll
2016-10-28 13:50 - 2017-02-07 21:11 - 00110192 _____ () C:\Users\danie\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-08-06 19:43 - 2017-02-07 21:11 - 01803888 _____ () C:\Users\danie\AppData\Roaming\Spotify\libglesv2.dll
2016-08-06 19:43 - 2017-02-07 21:11 - 00086128 _____ () C:\Users\danie\AppData\Roaming\Spotify\libegl.dll
2016-08-04 23:14 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-08-06 18:00 - 2016-08-06 18:00 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-08 01:29 - 2017-02-07 05:48 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-08-19 13:45 - 2017-01-14 00:53 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-08-19 13:45 - 2017-01-14 00:54 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-02-08 01:29 - 2017-01-14 00:54 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-08-19 13:45 - 2017-01-14 00:56 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00052544 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-02-08 01:29 - 2017-01-14 00:56 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-19 13:45 - 2017-01-14 00:55 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-08-19 13:45 - 2017-01-14 00:54 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-02-08 01:29 - 2017-01-14 00:51 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-02-08 01:29 - 2016-12-22 07:58 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-02-08 01:29 - 2017-01-14 01:02 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-02-08 01:29 - 2017-01-14 01:02 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu:com.dropbox.attributes [168]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\sharepoint.com -> hxxps://campussachsen-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2017-02-16 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\StartupApproved\StartupFolder: => "PixelRuler.lnk"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1E52F9A0-5820-47E5-8672-581F7A139665}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{C760F8E6-1F3E-4303-85A1-D7D7DB698AC7}] => (Allow) LPort=54925
FirewallRules: [{CDD216A4-B2B0-4EDA-AE45-F71EBAA4CD0C}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{119E2607-1EE9-40CF-B1BD-2C344119A791}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{1DF0FA43-BD46-4CA8-9B4F-1ADF0D4F4E4E}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{07EC27C9-3E14-433C-A2A0-C403AD5B5BAE}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{29D3A4D9-75EE-48E5-9E6B-9C58606AD4FE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F7BE5DE8-B108-4817-8518-4ED78E78DE22}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{542D9C41-4F9E-44AC-8520-DB38A6F29DF2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A847E550-A2C4-4C24-B245-3C03AD9813FC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{49841A41-40C0-4730-83B6-6DF320171517}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5F130595-1397-4E60-A7CC-6AFC28052F4D}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DB9B22F4-7909-489B-859B-BFD5764AAF13}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [UDP Query User{F2A88DBE-BFE0-4B54-9CBA-BEAC9A26F1E3}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [TCP Query User{E183CA1A-F191-4A9F-B161-DAFAD52679FC}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [UDP Query User{C668A88D-4CD0-498C-A458-7AAC9F0AFFC3}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [{9186B335-8F0C-479A-A177-4B8FCE56AE09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C35D2E0E-F8C4-4FCB-BFEE-C35010B929E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{09761B78-77BE-49E1-AAC8-C2D198097C5E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E84533B9-C293-426C-AE30-EE6021FADE42}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C17E3F4B-84A0-44A1-A35E-C579D68D3032}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08503169-D484-4A9E-8BB1-E5FA2C814D3E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DEBAD8D2-6378-49E7-A0CA-8D8CAB4B9F44}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4646391F-477D-4873-84C6-0EEE30A07566}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3B66BF7C-967C-48C2-9A30-6D1CD1253433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9DBFAEF7-75AF-4A58-9E8A-BFAA3F1712A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AA630F4F-BF9C-421A-8167-16690F5535B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{033A785A-04DF-4328-8713-FE0B4EE558B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3780DA59-0B92-4A18-A096-DE153E950AFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{51508A9E-D29B-40A9-85C5-F551CE724B2D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{5D15864C-AC2E-4DFB-83BC-92E57F81009A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Wiederherstellungspunkte =========================

23-01-2017 14:51:59 Installed calibre 64bit
02-02-2017 02:44:55 Geplanter Prüfpunkt
12-02-2017 16:09:16 Installed Smart Switch
15-02-2017 18:12:46 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/16/2017 04:42:03 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (02/16/2017 03:46:33 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (02/16/2017 03:21:14 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-9T9O37C)
Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005.

Error: (02/15/2017 06:45:37 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0006; CorrelationId: {80EF0F66-32CE-4ED2-AFF6-39D526F42E76}

Error: (02/15/2017 06:42:19 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (02/15/2017 06:41:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/15/2017 06:15:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/15/2017 06:15:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/15/2017 06:14:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/15/2017 06:14:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\oleview.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (02/16/2017 04:47:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/16/2017 04:47:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/16/2017 04:47:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/16/2017 04:44:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/16/2017 04:41:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/16/2017 04:20:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "InterBase XE7 Guardian gds_db" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (02/16/2017 03:48:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/16/2017 03:46:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/16/2017 03:46:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/16/2017 03:46:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2016-12-07 16:02:25.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-07 16:02:25.973
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-01 10:03:52.930
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-01 10:03:52.928
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-25 14:43:23.529
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-25 14:43:23.527
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-18 13:06:10.559
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-18 13:06:10.557
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8116.55 MB
Verfügbarer physikalischer RAM: 5195.79 MB
Summe virtueller Speicher: 9396.55 MB
Verfügbarer virtueller Speicher: 6401.64 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:209.11 GB) (Free:92.65 GB) NTFS
Drive d: (OS) (Fixed) (Total:115.98 GB) (Free:7.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (DATA) (Fixed) (Total:329.79 GB) (Free:43.94 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=464 MB) - (Type=27)
Partition 4: (Not Active) - (Size=329.8 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 6B8C4C4B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=209.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 16.02.2017, 19:06   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.02.2017, 19:11   #5
pitti911
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



Avast ist deinstalliert. Sorry, da hätte ich auch vorher dran denken können. Brauchst du einen neuen Suchlauf von FRST?


Alt 16.02.2017, 19:55   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
--> Avast - svchost geblockt Malware Link

Alt 16.02.2017, 20:43   #7
pitti911
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



Beide Programme haben nichts gefunden. Malwarebytes habe ich vorher aktualisiert wie beschrieben, im TDSSKiller gab es allerdings keine Option zum Update - ich hoffe das hat trotzdem automatisch stattgefunden.

Vllt kannst du ja mehr aus den logs lesen (Oder mir sagen, dass der Recherner clean ist ... ich gehe einfach mal davon aus, dass es kein gänzlich unbekannter virus/Trojaner ist, das kann man ja eh nie ausschließen)

EDIT: Der TDSS-Killer log ist zu groß um ihn hier einzufügen. Ich habe ihn daher als ZIP-File angehangen... Tut mir leid für die Unannehmlichkeiten.

mbar-log:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.02.16.10
  rootkit: v2017.02.15.01

Windows 10 x64 NTFS
Internet Explorer 11.576.14393.0
danie :: DESKTOP-9T9O37C [administrator]

16.02.2017 20:00:25
mbar-log-2017-02-16 (20-00-25).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 364817
Time elapsed: 18 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Angehängte Dateien
Dateityp: zip TDSSKiller_log.zip (59,4 KB, 2x aufgerufen)

Geändert von pitti911 (16.02.2017 um 20:48 Uhr)

Alt 16.02.2017, 21:55   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



Bitte lies den Lesetoff richtig!! Es wurde ausdrücklich geschrieben, dass Anhänge unerwünscht sind!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.02.2017, 21:58   #9
pitti911
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



Das habe ich auch gelesen, sonst hätte ich mich nicht dafür entschuldigt, dass ich den Log angehängt habe...
Der TDSSKiller-Log ist auch zu lang um ihn in einem separaten Post zu posten.

Wenn ich ihn irgendwo zwischendrin unterbrechen soll und auf zwei Posts aufteilen, kann ich das auch machen - das ist aber die einzige Alternative zum Anhang.

EDIT:
Ich teile den Log auf zwei Posts auf (In der Hoffnung, dass das reicht)
Code:
ATTFilter
20:28:53.0019 0x0be0  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
20:28:57.0154 0x0be0  ============================================================
20:28:57.0154 0x0be0  Current date / time: 2017/02/16 20:28:57.0154
20:28:57.0154 0x0be0  SystemInfo:
20:28:57.0154 0x0be0  
20:28:57.0154 0x0be0  OS Version: 10.0.14393 ServicePack: 0.0
20:28:57.0154 0x0be0  Product type: Workstation
20:28:57.0154 0x0be0  ComputerName: DESKTOP-9T9O37C
20:28:57.0154 0x0be0  UserName: danie
20:28:57.0154 0x0be0  Windows directory: C:\Windows
20:28:57.0154 0x0be0  System windows directory: C:\Windows
20:28:57.0154 0x0be0  Running under WOW64
20:28:57.0154 0x0be0  Processor architecture: Intel x64
20:28:57.0154 0x0be0  Number of processors: 8
20:28:57.0154 0x0be0  Page size: 0x1000
20:28:57.0154 0x0be0  Boot type: Normal boot
20:28:57.0154 0x0be0  CodeIntegrityOptions = 0x00000001
20:28:57.0155 0x0be0  ============================================================
20:28:57.0214 0x0be0  KLMD registered as C:\Windows\system32\drivers\19544463.sys
20:28:57.0214 0x0be0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
20:28:58.0338 0x0be0  System UUID: {830F3899-34E1-81FB-A689-9CCA937CB700}
20:28:59.0064 0x0be0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:28:59.0065 0x0be0  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:28:59.0074 0x0be0  ============================================================
20:28:59.0074 0x0be0  \Device\Harddisk0\DR0:
20:28:59.0075 0x0be0  MBR partitions:
20:28:59.0075 0x0be0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0xE7F7C03
20:28:59.0075 0x0be0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10FF1A15, BlocksNum 0x2939322C
20:28:59.0075 0x0be0  \Device\Harddisk1\DR1:
20:28:59.0075 0x0be0  MBR partitions:
20:28:59.0075 0x0be0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
20:28:59.0075 0x0be0  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1A236800
20:28:59.0075 0x0be0  ============================================================
20:28:59.0076 0x0be0  C: <-> \Device\Harddisk1\DR1\Partition2
20:28:59.0078 0x0be0  D: <-> \Device\Harddisk0\DR0\Partition1
20:28:59.0357 0x0be0  F: <-> \Device\Harddisk0\DR0\Partition2
20:28:59.0357 0x0be0  ============================================================
20:28:59.0358 0x0be0  Initialize success
20:28:59.0358 0x0be0  ============================================================
20:29:21.0744 0x2f04  ============================================================
20:29:21.0744 0x2f04  Scan started
20:29:21.0744 0x2f04  Mode: Manual; SigCheck; TDLFS; 
20:29:21.0744 0x2f04  ============================================================
20:29:21.0744 0x2f04  KSN ping started
20:29:21.0819 0x2f04  KSN ping finished: true
20:29:22.0651 0x2f04  ================ Scan system memory ========================
20:29:22.0651 0x2f04  System memory - ok
20:29:22.0652 0x2f04  ================ Scan services =============================
20:29:22.0714 0x2f04  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
20:29:22.0785 0x2f04  1394ohci - ok
20:29:22.0796 0x2f04  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\Windows\system32\drivers\3ware.sys
20:29:22.0816 0x2f04  3ware - ok
20:29:22.0842 0x2f04  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:29:22.0881 0x2f04  ACPI - ok
20:29:22.0887 0x2f04  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\Windows\System32\drivers\AcpiDev.sys
20:29:22.0906 0x2f04  AcpiDev - ok
20:29:22.0914 0x2f04  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
20:29:22.0934 0x2f04  acpiex - ok
20:29:22.0939 0x2f04  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
20:29:22.0957 0x2f04  acpipagr - ok
20:29:22.0961 0x2f04  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
20:29:22.0981 0x2f04  AcpiPmi - ok
20:29:22.0986 0x2f04  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
20:29:23.0006 0x2f04  acpitime - ok
20:29:23.0045 0x2f04  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
20:29:23.0098 0x2f04  ADP80XX - ok
20:29:23.0121 0x2f04  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\Windows\system32\drivers\afd.sys
20:29:23.0158 0x2f04  AFD - ok
20:29:23.0226 0x2f04  [ F2EB8EB5FC46FB849498BBEF2AD6539D, 6BC9938B3E432963FFAB6A13E9237DA7888A3595522BBE99F2AA556ED06F5651 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
20:29:23.0304 0x2f04  AGSService - ok
20:29:23.0318 0x2f04  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
20:29:23.0353 0x2f04  ahcache - ok
20:29:23.0357 0x2f04  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\Windows\System32\AJRouter.dll
20:29:23.0376 0x2f04  AJRouter - ok
20:29:23.0382 0x2f04  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\Windows\System32\alg.exe
20:29:23.0405 0x2f04  ALG - ok
20:29:23.0417 0x2f04  [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:29:23.0442 0x2f04  AMD External Events Utility - ok
20:29:23.0449 0x2f04  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
20:29:23.0472 0x2f04  AmdK8 - ok
20:29:23.0476 0x2f04  amdkmdag - ok
20:29:23.0500 0x2f04  [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:29:23.0537 0x2f04  amdkmdap - ok
20:29:23.0546 0x2f04  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
20:29:23.0567 0x2f04  AmdPPM - ok
20:29:23.0573 0x2f04  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:29:23.0591 0x2f04  amdsata - ok
20:29:23.0602 0x2f04  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:29:23.0626 0x2f04  amdsbs - ok
20:29:23.0631 0x2f04  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:29:23.0647 0x2f04  amdxata - ok
20:29:23.0655 0x2f04  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\Windows\system32\drivers\appid.sys
20:29:23.0676 0x2f04  AppID - ok
20:29:23.0683 0x2f04  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:29:23.0711 0x2f04  AppIDSvc - ok
20:29:23.0718 0x2f04  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\Windows\System32\appinfo.dll
20:29:23.0749 0x2f04  Appinfo - ok
20:29:23.0758 0x2f04  [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:29:23.0770 0x2f04  Apple Mobile Device Service - ok
20:29:23.0774 0x2f04  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\Windows\system32\drivers\applockerfltr.sys
20:29:23.0804 0x2f04  applockerfltr - ok
20:29:23.0824 0x2f04  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
20:29:23.0873 0x2f04  AppReadiness - ok
20:29:23.0940 0x2f04  [ D70B1453ADA82A92E76EAE72D936A0F6, 439DBC5818025887343D4B5B509C7D2C97ED0FFA4641A5178EA5719C50E5013F ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
20:29:24.0072 0x2f04  AppXSvc - ok
20:29:24.0084 0x2f04  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:29:24.0103 0x2f04  arcsas - ok
20:29:24.0109 0x2f04  [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
20:29:24.0127 0x2f04  ASLDRService - ok
20:29:24.0131 0x2f04  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
20:29:24.0139 0x2f04  ASMMAP64 - ok
20:29:24.0146 0x2f04  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
20:29:24.0165 0x2f04  AsyncMac - ok
20:29:24.0170 0x2f04  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:29:24.0187 0x2f04  atapi - ok
20:29:24.0311 0x2f04  [ D03E551165C72F2A4BBDDC566EAA819E, 8047E2D20724B464B481F06C3AC1FA5734E97F7EC0D86EFEECD76480C84B3959 ] athr            C:\Windows\System32\drivers\athwnx.sys
20:29:24.0524 0x2f04  athr - ok
20:29:24.0538 0x2f04  [ FD9A5BCC3AFB02E87668B749546B6229, 4BE969A11CEE8033F40EDE7E06A5904B328D3FC1842855C0DB38D5EEF458219C ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWT6.sys
20:29:24.0560 0x2f04  AtiHDAudioService - ok
20:29:24.0566 0x2f04  [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
20:29:24.0576 0x2f04  ATKGFNEXSrv - ok
20:29:24.0589 0x2f04  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:29:24.0630 0x2f04  AudioEndpointBuilder - ok
20:29:24.0661 0x2f04  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:29:24.0721 0x2f04  Audiosrv - ok
20:29:24.0732 0x2f04  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:29:24.0756 0x2f04  AxInstSV - ok
20:29:24.0776 0x2f04  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:29:24.0809 0x2f04  b06bdrv - ok
20:29:24.0815 0x2f04  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
20:29:24.0836 0x2f04  BasicDisplay - ok
20:29:24.0841 0x2f04  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
20:29:24.0858 0x2f04  BasicRender - ok
20:29:24.0864 0x2f04  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\Windows\System32\drivers\bcmfn.sys
20:29:24.0882 0x2f04  bcmfn - ok
20:29:24.0886 0x2f04  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
20:29:24.0903 0x2f04  bcmfn2 - ok
20:29:24.0916 0x2f04  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:29:24.0956 0x2f04  BDESVC - ok
20:29:24.0961 0x2f04  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\Windows\system32\drivers\Beep.sys
20:29:24.0978 0x2f04  Beep - ok
20:29:25.0006 0x2f04  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\Windows\System32\bfe.dll
20:29:25.0060 0x2f04  BFE - ok
20:29:25.0094 0x2f04  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\Windows\System32\qmgr.dll
20:29:25.0166 0x2f04  BITS - ok
20:29:25.0184 0x2f04  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:29:25.0205 0x2f04  Bonjour Service - ok
20:29:25.0212 0x2f04  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:29:25.0238 0x2f04  bowser - ok
20:29:25.0263 0x2f04  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:29:25.0325 0x2f04  BrokerInfrastructure - ok
20:29:25.0335 0x2f04  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\Windows\System32\browser.dll
20:29:25.0358 0x2f04  Browser - ok
20:29:25.0370 0x2f04  [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
20:29:25.0388 0x2f04  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:29:25.0488 0x2f04  Detect skipped due to KSN trusted
20:29:25.0488 0x2f04  BrYNSvc - ok
20:29:25.0497 0x2f04  [ A70E09FD082BFA67BE085D41C8B6A85F, 1711163E7BE0DE83701A0293BF5D4D37AAD124D88F6FFA3FCC6CF0F3A7D3B78D ] BthA2DP         C:\Windows\system32\drivers\BthA2DP.sys
20:29:25.0528 0x2f04  BthA2DP - ok
20:29:25.0534 0x2f04  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
20:29:25.0552 0x2f04  BthAvrcpTg - ok
20:29:25.0560 0x2f04  [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
20:29:25.0586 0x2f04  BthEnum - ok
20:29:25.0591 0x2f04  [ 20C63A9CC92CEA8D284C6EA36FED68DC, DA7669CCCA6838269297DD45EDB48149898B3E14648B5DB3B93AF82A3279B411 ] BthHFAud        C:\Windows\System32\drivers\BthHfAud.sys
20:29:25.0610 0x2f04  BthHFAud - ok
20:29:25.0615 0x2f04  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
20:29:25.0636 0x2f04  BthHFEnum - ok
20:29:25.0641 0x2f04  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
20:29:25.0657 0x2f04  bthhfhid - ok
20:29:25.0670 0x2f04  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
20:29:25.0701 0x2f04  BthHFSrv - ok
20:29:25.0707 0x2f04  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
20:29:25.0726 0x2f04  BTHMODEM - ok
20:29:25.0734 0x2f04  [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
20:29:25.0761 0x2f04  BthPan - ok
20:29:25.0793 0x2f04  [ 851ED52AE3E62CD5374BD4BBFF7A9DAB, 381281CB7D8FC4026092330B06E24BC84EEF79EE3C97E21900D950D7D9AB2FC3 ] BTHPORT         C:\Windows\System32\drivers\BTHport.sys
20:29:25.0854 0x2f04  BTHPORT - ok
20:29:25.0863 0x2f04  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\Windows\system32\bthserv.dll
20:29:25.0887 0x2f04  bthserv - ok
20:29:25.0893 0x2f04  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\Windows\System32\drivers\BTHUSB.sys
20:29:25.0914 0x2f04  BTHUSB - ok
20:29:25.0919 0x2f04  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
20:29:25.0939 0x2f04  buttonconverter - ok
20:29:25.0947 0x2f04  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\Windows\System32\drivers\capimg.sys
20:29:25.0988 0x2f04  CapImg - ok
20:29:25.0995 0x2f04  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:29:26.0019 0x2f04  cdfs - ok
20:29:26.0036 0x2f04  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\Windows\System32\CDPSvc.dll
20:29:26.0074 0x2f04  CDPSvc - ok
20:29:26.0088 0x2f04  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\Windows\System32\CDPUserSvc.dll
20:29:26.0119 0x2f04  CDPUserSvc - ok
20:29:26.0131 0x2f04  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\Windows\System32\drivers\cdrom.sys
20:29:26.0154 0x2f04  cdrom - ok
20:29:26.0163 0x2f04  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:29:26.0196 0x2f04  CertPropSvc - ok
20:29:26.0209 0x2f04  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\Windows\system32\drivers\cht4sx64.sys
20:29:26.0235 0x2f04  cht4iscsi - ok
20:29:26.0300 0x2f04  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\Windows\System32\drivers\cht4vx64.sys
20:29:26.0387 0x2f04  cht4vbd - ok
20:29:26.0395 0x2f04  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\Windows\System32\drivers\circlass.sys
20:29:26.0414 0x2f04  circlass - ok
20:29:26.0428 0x2f04  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
20:29:26.0456 0x2f04  CLFS - ok
20:29:26.0564 0x2f04  [ ACFB2A62301C6A903FA6A97DB84E9C31, 7A3089812330B605D2F545374A1A916B6DBA188186EC88DA3348814A95C791F0 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
20:29:26.0686 0x2f04  ClickToRunSvc - ok
20:29:26.0714 0x2f04  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\Windows\System32\ClipSVC.dll
20:29:26.0754 0x2f04  ClipSVC - ok
20:29:26.0761 0x2f04  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\Windows\System32\drivers\registry.sys
20:29:26.0781 0x2f04  clreg - ok
20:29:26.0793 0x2f04  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
20:29:26.0809 0x2f04  CmBatt - ok
20:29:26.0832 0x2f04  [ 90C07EB909C42316982E753BDAA7860D, 438581FD3468FAF01D35529672201A920E8821EC80E30E59A43645DA57738F21 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:29:26.0868 0x2f04  CNG - ok
20:29:26.0874 0x2f04  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
20:29:26.0889 0x2f04  cnghwassist - ok
20:29:26.0914 0x2f04  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
20:29:26.0932 0x2f04  CompositeBus - ok
20:29:26.0936 0x2f04  COMSysApp - ok
20:29:26.0943 0x2f04  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\Windows\system32\drivers\condrv.sys
20:29:26.0958 0x2f04  condrv - ok
20:29:26.0984 0x2f04  [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
20:29:27.0029 0x2f04  CoreMessagingRegistrar - ok
20:29:27.0040 0x2f04  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:29:27.0065 0x2f04  CryptSvc - ok
20:29:27.0071 0x2f04  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\Windows\system32\drivers\dam.sys
20:29:27.0088 0x2f04  dam - ok
20:29:27.0095 0x2f04  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
20:29:27.0109 0x2f04  dbupdate - ok
20:29:27.0116 0x2f04  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
20:29:27.0128 0x2f04  dbupdatem - ok
20:29:27.0131 0x2f04  dbx - ok
20:29:27.0137 0x2f04  [ 2C5A991F0320D95BAC80D0C31F43A79E, CC7887132AF15C77676A3186429FE0071DCC8DC9C6252314D99C02E54867BE10 ] DbxSvc          C:\Windows\system32\DbxSvc.exe
20:29:27.0147 0x2f04  DbxSvc - ok
20:29:27.0179 0x2f04  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:29:27.0240 0x2f04  DcomLaunch - ok
20:29:27.0249 0x2f04  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\Windows\system32\dcpsvc.dll
20:29:27.0285 0x2f04  DcpSvc - ok
20:29:27.0302 0x2f04  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:29:27.0349 0x2f04  defragsvc - ok
20:29:27.0365 0x2f04  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\Windows\system32\das.dll
20:29:27.0406 0x2f04  DeviceAssociationService - ok
20:29:27.0414 0x2f04  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
20:29:27.0442 0x2f04  DeviceInstall - ok
20:29:27.0447 0x2f04  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
20:29:27.0465 0x2f04  DevQueryBroker - ok
20:29:27.0473 0x2f04  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
20:29:27.0502 0x2f04  Dfsc - ok
20:29:27.0511 0x2f04  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
20:29:27.0525 0x2f04  dg_ssudbus - ok
20:29:27.0539 0x2f04  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:29:27.0577 0x2f04  Dhcp - ok
20:29:27.0585 0x2f04  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
20:29:27.0628 0x2f04  diagnosticshub.standardcollector.service - ok
20:29:27.0687 0x2f04  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:29:27.0798 0x2f04  DiagTrack - ok
20:29:27.0808 0x2f04  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\Windows\system32\drivers\disk.sys
20:29:27.0825 0x2f04  disk - ok
20:29:27.0840 0x2f04  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
20:29:27.0881 0x2f04  DmEnrollmentSvc - ok
20:29:27.0889 0x2f04  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
20:29:27.0906 0x2f04  dmvsc - ok
20:29:27.0911 0x2f04  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
20:29:27.0945 0x2f04  dmwappushservice - ok
20:29:27.0956 0x2f04  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:29:27.0990 0x2f04  Dnscache - ok
20:29:28.0005 0x2f04  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\Windows\System32\dot3svc.dll
20:29:28.0035 0x2f04  dot3svc - ok
20:29:28.0044 0x2f04  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\Windows\system32\dps.dll
20:29:28.0068 0x2f04  DPS - ok
20:29:28.0072 0x2f04  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\Windows\system32\DRIVERS\drmkaud.sys
20:29:28.0088 0x2f04  drmkaud - ok
20:29:28.0097 0x2f04  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
20:29:28.0130 0x2f04  DsmSvc - ok
20:29:28.0139 0x2f04  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\Windows\System32\DsSvc.dll
20:29:28.0163 0x2f04  DsSvc - ok
20:29:28.0228 0x2f04  [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:29:28.0322 0x2f04  DXGKrnl - ok
20:29:28.0332 0x2f04  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\Windows\System32\eapsvc.dll
20:29:28.0361 0x2f04  EapHost - ok
20:29:28.0455 0x2f04  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:29:28.0590 0x2f04  ebdrv - ok
20:29:28.0600 0x2f04  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\Windows\System32\lsass.exe
20:29:28.0616 0x2f04  EFS - ok
20:29:28.0623 0x2f04  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
20:29:28.0641 0x2f04  EhStorClass - ok
20:29:28.0648 0x2f04  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:29:28.0666 0x2f04  EhStorTcgDrv - ok
20:29:28.0673 0x2f04  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
20:29:28.0699 0x2f04  embeddedmode - ok
20:29:28.0711 0x2f04  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
20:29:28.0742 0x2f04  EntAppSvc - ok
20:29:28.0746 0x2f04  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
20:29:28.0764 0x2f04  ErrDev - ok
20:29:28.0785 0x2f04  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\Windows\system32\es.dll
20:29:28.0823 0x2f04  EventSystem - ok
20:29:28.0837 0x2f04  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\Windows\system32\drivers\exfat.sys
20:29:28.0868 0x2f04  exfat - ok
20:29:28.0881 0x2f04  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:29:28.0906 0x2f04  fastfat - ok
20:29:28.0928 0x2f04  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\Windows\system32\fxssvc.exe
20:29:28.0975 0x2f04  Fax - ok
20:29:28.0981 0x2f04  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\Windows\System32\drivers\fdc.sys
20:29:29.0001 0x2f04  fdc - ok
20:29:29.0005 0x2f04  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:29:29.0031 0x2f04  fdPHost - ok
20:29:29.0036 0x2f04  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\Windows\system32\fdrespub.dll
20:29:29.0059 0x2f04  FDResPub - ok
20:29:29.0066 0x2f04  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\Windows\system32\fhsvc.dll
20:29:29.0109 0x2f04  fhsvc - ok
20:29:29.0116 0x2f04  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
20:29:29.0136 0x2f04  FileCrypt - ok
20:29:29.0143 0x2f04  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:29:29.0159 0x2f04  FileInfo - ok
20:29:29.0165 0x2f04  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:29:29.0187 0x2f04  Filetrace - ok
20:29:29.0191 0x2f04  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
20:29:29.0208 0x2f04  flpydisk - ok
20:29:29.0222 0x2f04  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:29:29.0248 0x2f04  FltMgr - ok
20:29:29.0303 0x2f04  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\Windows\system32\FntCache.dll
20:29:29.0410 0x2f04  FontCache - ok
20:29:29.0418 0x2f04  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:29:29.0432 0x2f04  FontCache3.0.0.0 - ok
20:29:29.0460 0x2f04  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer     C:\Windows\system32\FrameServer.dll
20:29:29.0518 0x2f04  FrameServer - ok
20:29:29.0524 0x2f04  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:29:29.0540 0x2f04  FsDepends - ok
20:29:29.0544 0x2f04  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:29:29.0559 0x2f04  Fs_Rec - ok
20:29:29.0581 0x2f04  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:29:29.0617 0x2f04  fvevol - ok
20:29:29.0623 0x2f04  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:29:29.0632 0x2f04  GEARAspiWDM - ok
20:29:29.0637 0x2f04  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
20:29:29.0655 0x2f04  gencounter - ok
20:29:29.0659 0x2f04  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\Windows\System32\drivers\genericusbfn.sys
20:29:29.0677 0x2f04  genericusbfn - ok
20:29:29.0686 0x2f04  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
20:29:29.0705 0x2f04  GPIOClx0101 - ok
20:29:29.0746 0x2f04  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:29:29.0820 0x2f04  gpsvc - ok
20:29:29.0826 0x2f04  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
20:29:29.0843 0x2f04  GpuEnergyDrv - ok
20:29:29.0851 0x2f04  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:29:29.0865 0x2f04  gupdate - ok
20:29:29.0873 0x2f04  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:29:29.0885 0x2f04  gupdatem - ok
20:29:29.0900 0x2f04  [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys
20:29:29.0935 0x2f04  HdAudAddService - ok
20:29:29.0941 0x2f04  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
20:29:29.0961 0x2f04  HDAudBus - ok
20:29:29.0967 0x2f04  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\System32\drivers\HECIx64.sys
20:29:29.0976 0x2f04  HECIx64 - ok
20:29:29.0982 0x2f04  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
20:29:29.0999 0x2f04  HidBatt - ok
20:29:30.0007 0x2f04  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\Windows\System32\drivers\hidbth.sys
20:29:30.0028 0x2f04  HidBth - ok
20:29:30.0033 0x2f04  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
20:29:30.0051 0x2f04  hidi2c - ok
20:29:30.0056 0x2f04  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
20:29:30.0072 0x2f04  hidinterrupt - ok
20:29:30.0076 0x2f04  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\Windows\System32\drivers\hidir.sys
20:29:30.0095 0x2f04  HidIr - ok
20:29:30.0101 0x2f04  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\Windows\system32\hidserv.dll
20:29:30.0119 0x2f04  hidserv - ok
20:29:30.0124 0x2f04  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
20:29:30.0159 0x2f04  HidUsb - ok
20:29:30.0171 0x2f04  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:29:30.0205 0x2f04  HomeGroupListener - ok
20:29:30.0221 0x2f04  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:29:30.0259 0x2f04  HomeGroupProvider - ok
20:29:30.0266 0x2f04  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:29:30.0283 0x2f04  HpSAMD - ok
20:29:30.0319 0x2f04  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:29:30.0374 0x2f04  HTTP - ok
20:29:30.0381 0x2f04  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\Windows\System32\hvhostsvc.dll
20:29:30.0402 0x2f04  HvHost - ok
20:29:30.0408 0x2f04  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\Windows\system32\drivers\hvservice.sys
20:29:30.0424 0x2f04  hvservice - ok
20:29:30.0429 0x2f04  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:29:30.0444 0x2f04  hwpolicy - ok
20:29:30.0449 0x2f04  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
20:29:30.0465 0x2f04  hyperkbd - ok
20:29:30.0472 0x2f04  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
20:29:30.0494 0x2f04  i8042prt - ok
20:29:30.0499 0x2f04  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\Windows\System32\drivers\iagpio.sys
20:29:30.0518 0x2f04  iagpio - ok
20:29:30.0524 0x2f04  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\Windows\System32\drivers\iai2c.sys
20:29:30.0545 0x2f04  iai2c - ok
20:29:30.0550 0x2f04  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
20:29:30.0569 0x2f04  iaLPSS2i_GPIO2 - ok
20:29:30.0578 0x2f04  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
20:29:30.0595 0x2f04  iaLPSS2i_I2C - ok
20:29:30.0600 0x2f04  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
20:29:30.0611 0x2f04  iaLPSSi_GPIO - ok
20:29:30.0619 0x2f04  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
20:29:30.0642 0x2f04  iaLPSSi_I2C - ok
20:29:30.0664 0x2f04  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
20:29:30.0701 0x2f04  iaStorAV - ok
20:29:30.0718 0x2f04  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:29:30.0746 0x2f04  iaStorV - ok
20:29:30.0766 0x2f04  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\Windows\System32\drivers\ibbus.sys
20:29:30.0798 0x2f04  ibbus - ok
20:29:30.0809 0x2f04  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\Windows\System32\tetheringservice.dll
20:29:30.0837 0x2f04  icssvc - ok
20:29:30.0867 0x2f04  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:29:30.0926 0x2f04  IKEEXT - ok
20:29:30.0931 0x2f04  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\Windows\System32\drivers\IndirectKmd.sys
20:29:30.0949 0x2f04  IndirectKmd - ok
20:29:31.0083 0x2f04  [ A15C6143EED6F615C4BBD28796C6BD49, 5D3E50F29FAA94F9EBCFE675A32E392367C4385CD3594CF37940B41D3F0A2810 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:29:31.0238 0x2f04  IntcAzAudAddService - ok
20:29:31.0247 0x2f04  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\Windows\system32\drivers\intelide.sys
20:29:31.0261 0x2f04  intelide - ok
20:29:31.0267 0x2f04  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\Windows\system32\drivers\intelpep.sys
20:29:31.0283 0x2f04  intelpep - ok
20:29:31.0291 0x2f04  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
20:29:31.0312 0x2f04  intelppm - ok
20:29:31.0318 0x2f04  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\Windows\system32\drivers\iorate.sys
20:29:31.0335 0x2f04  iorate - ok
20:29:31.0341 0x2f04  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:29:31.0362 0x2f04  IpFilterDriver - ok
20:29:31.0393 0x2f04  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:29:31.0458 0x2f04  iphlpsvc - ok
20:29:31.0466 0x2f04  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
20:29:31.0482 0x2f04  IPMIDRV - ok
20:29:31.0492 0x2f04  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:29:31.0519 0x2f04  IPNAT - ok
20:29:31.0541 0x2f04  [ 913B3F329D1561411B19EF3DF4F85871, 0F503B1584499EC4DC4A55303AB55E8D04E024E48748874E830992DD93BC491B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:29:31.0566 0x2f04  iPod Service - ok
20:29:31.0571 0x2f04  [ 45F14ACEA013C63A070AC5DB19677620, F60D48E7456800E311B2B7FABB3C03919D47971230C743A118982FDE07E04847 ] IpOverUsbSvc    C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
20:29:31.0584 0x2f04  IpOverUsbSvc - ok
20:29:31.0593 0x2f04  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\Windows\system32\drivers\irda.sys
20:29:31.0615 0x2f04  irda - ok
20:29:31.0620 0x2f04  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:29:31.0639 0x2f04  IRENUM - ok
20:29:31.0645 0x2f04  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\Windows\System32\irmon.dll
20:29:31.0663 0x2f04  irmon - ok
20:29:31.0667 0x2f04  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:29:31.0682 0x2f04  isapnp - ok
20:29:31.0694 0x2f04  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
20:29:31.0717 0x2f04  iScsiPrt - ok
20:29:31.0723 0x2f04  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
20:29:31.0739 0x2f04  kbdclass - ok
20:29:31.0744 0x2f04  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
20:29:31.0769 0x2f04  kbdhid - ok
20:29:31.0774 0x2f04  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\Windows\System32\drivers\kdnic.sys
20:29:31.0793 0x2f04  kdnic - ok
20:29:31.0798 0x2f04  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\Windows\system32\lsass.exe
20:29:31.0814 0x2f04  KeyIso - ok
20:29:31.0822 0x2f04  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:29:31.0841 0x2f04  KSecDD - ok
20:29:31.0850 0x2f04  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:29:31.0869 0x2f04  KSecPkg - ok
20:29:31.0874 0x2f04  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:29:31.0898 0x2f04  ksthunk - ok
20:29:31.0913 0x2f04  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:29:31.0948 0x2f04  KtmRm - ok
20:29:31.0957 0x2f04  [ 4E444F41E69BBE2E0BAE34D5DFCB5732, ACAEFB839CF7A3113D026B9A715994C3DFF8797D73B991253959EF606C4FBC00 ] L1C             C:\Windows\System32\drivers\L1C63x64.sys
20:29:31.0978 0x2f04  L1C - ok
20:29:31.0991 0x2f04  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:29:32.0025 0x2f04  LanmanServer - ok
20:29:32.0038 0x2f04  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:29:32.0072 0x2f04  LanmanWorkstation - ok
20:29:32.0079 0x2f04  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\Windows\System32\lfsvc.dll
20:29:32.0098 0x2f04  lfsvc - ok
20:29:32.0103 0x2f04  [ 5E7641AECAC4CFC7B4B442B461A25C83, 1F6AF4ED863C17A1A326A4CB0D289EAABFAD748A6B0A7CE40CF842694572FDB7 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
20:29:32.0116 0x2f04  LGBusEnum - ok
20:29:32.0121 0x2f04  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
20:29:32.0130 0x2f04  LGCoreTemp - ok
20:29:32.0137 0x2f04  [ 7D24DEBE7BC0C01A30A9A65806B61453, 342E758AD6F88E3FA83B69F26836A9F54D1A3BE344D1D2F9C6394E085E5FCA92 ] LGJoyXlCore     C:\Windows\system32\drivers\LGJoyXlCore.sys
20:29:32.0149 0x2f04  LGJoyXlCore - ok
20:29:32.0154 0x2f04  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
20:29:32.0165 0x2f04  LGSHidFilt - ok
20:29:32.0170 0x2f04  [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt      C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
20:29:32.0179 0x2f04  LGSUsbFilt - ok
20:29:32.0185 0x2f04  [ DBEAB45BA2B47C057F3BAE5AD0654173, 9660B803F4AD4BD3427F1A24D09B2712E4DC0E25A18942984AF01750D77C118C ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
20:29:32.0196 0x2f04  LGVirHid - ok
20:29:32.0201 0x2f04  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
20:29:32.0226 0x2f04  LicenseManager - ok
20:29:32.0232 0x2f04  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\Windows\system32\drivers\lltdio.sys
20:29:32.0251 0x2f04  lltdio - ok
20:29:32.0262 0x2f04  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:29:32.0296 0x2f04  lltdsvc - ok
20:29:32.0301 0x2f04  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:29:32.0321 0x2f04  lmhosts - ok
20:29:32.0329 0x2f04  [ 7159380FEF0F34EEBFEACF261F25EB76, 78E7AE140C80A6C3BBF93F87DFB0BD3D9456A4C8F386758ED2A2FD544A10D494 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
20:29:32.0342 0x2f04  LogiRegistryService - ok
20:29:32.0352 0x2f04  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:29:32.0371 0x2f04  LSI_SAS - ok
20:29:32.0377 0x2f04  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
20:29:32.0395 0x2f04  LSI_SAS2i - ok
20:29:32.0402 0x2f04  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
20:29:32.0420 0x2f04  LSI_SAS3i - ok
20:29:32.0425 0x2f04  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
20:29:32.0442 0x2f04  LSI_SSS - ok
20:29:32.0466 0x2f04  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\Windows\System32\lsm.dll
20:29:32.0522 0x2f04  LSM - ok
20:29:32.0530 0x2f04  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:29:32.0556 0x2f04  luafv - ok
20:29:32.0563 0x2f04  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\Windows\System32\moshost.dll
20:29:32.0590 0x2f04  MapsBroker - ok
20:29:32.0595 0x2f04  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\Windows\system32\drivers\megasas.sys
20:29:32.0612 0x2f04  megasas - ok
20:29:32.0617 0x2f04  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\Windows\system32\drivers\MegaSas2i.sys
20:29:32.0634 0x2f04  megasas2i - ok
20:29:32.0654 0x2f04  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\Windows\system32\drivers\megasr.sys
20:29:32.0689 0x2f04  megasr - ok
20:29:32.0696 0x2f04  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\Windows\System32\MessagingService.dll
20:29:32.0716 0x2f04  MessagingService - ok
20:29:32.0747 0x2f04  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
20:29:32.0791 0x2f04  mlx4_bus - ok
20:29:32.0798 0x2f04  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
20:29:32.0817 0x2f04  MMCSS - ok
20:29:32.0822 0x2f04  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\Windows\system32\drivers\modem.sys
20:29:32.0845 0x2f04  Modem - ok
20:29:32.0851 0x2f04  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\Windows\System32\drivers\monitor.sys
20:29:32.0869 0x2f04  monitor - ok
20:29:32.0874 0x2f04  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
20:29:32.0890 0x2f04  mouclass - ok
20:29:32.0895 0x2f04  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\Windows\System32\drivers\mouhid.sys
20:29:32.0913 0x2f04  mouhid - ok
20:29:32.0920 0x2f04  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:29:32.0938 0x2f04  mountmgr - ok
20:29:32.0944 0x2f04  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:29:32.0963 0x2f04  mpsdrv - ok
20:29:32.0992 0x2f04  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:29:33.0052 0x2f04  MpsSvc - ok
20:29:33.0061 0x2f04  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:29:33.0105 0x2f04  MRxDAV - ok
20:29:33.0122 0x2f04  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:29:33.0150 0x2f04  mrxsmb - ok
20:29:33.0162 0x2f04  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:29:33.0196 0x2f04  mrxsmb10 - ok
20:29:33.0207 0x2f04  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:29:33.0227 0x2f04  mrxsmb20 - ok
20:29:33.0236 0x2f04  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\Windows\system32\drivers\bridge.sys
20:29:33.0257 0x2f04  MsBridge - ok
20:29:33.0265 0x2f04  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\Windows\System32\msdtc.exe
20:29:33.0290 0x2f04  MSDTC - ok
20:29:33.0298 0x2f04  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:29:33.0316 0x2f04  Msfs - ok
20:29:33.0321 0x2f04  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
20:29:33.0337 0x2f04  msgpiowin32 - ok
20:29:33.0342 0x2f04  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:29:33.0359 0x2f04  mshidkmdf - ok
20:29:33.0364 0x2f04  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
20:29:33.0380 0x2f04  mshidumdf - ok
20:29:33.0385 0x2f04  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:29:33.0400 0x2f04  msisadrv - ok
20:29:33.0409 0x2f04  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:29:33.0455 0x2f04  MSiSCSI - ok
20:29:33.0460 0x2f04  msiserver - ok
20:29:33.0465 0x2f04  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\Windows\system32\DRIVERS\MSKSSRV.sys
20:29:33.0489 0x2f04  MSKSSRV - ok
20:29:33.0495 0x2f04  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
20:29:33.0517 0x2f04  MsLldp - ok
20:29:33.0521 0x2f04  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\Windows\system32\DRIVERS\MSPCLOCK.sys
20:29:33.0544 0x2f04  MSPCLOCK - ok
20:29:33.0549 0x2f04  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\Windows\system32\DRIVERS\MSPQM.sys
20:29:33.0572 0x2f04  MSPQM - ok
20:29:33.0587 0x2f04  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:29:33.0612 0x2f04  MsRPC - ok
20:29:33.0620 0x2f04  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
20:29:33.0635 0x2f04  mssmbios - ok
20:29:33.0639 0x2f04  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\Windows\system32\DRIVERS\MSTEE.sys
20:29:33.0663 0x2f04  MSTEE - ok
20:29:33.0668 0x2f04  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
20:29:33.0685 0x2f04  MTConfig - ok
20:29:33.0690 0x2f04  [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
20:29:33.0697 0x2f04  MTsensor - ok
20:29:33.0704 0x2f04  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:29:33.0722 0x2f04  Mup - ok
20:29:33.0728 0x2f04  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
20:29:33.0745 0x2f04  mvumis - ok
20:29:33.0764 0x2f04  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:29:33.0811 0x2f04  NativeWifiP - ok
20:29:33.0820 0x2f04  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\Windows\System32\ncasvc.dll
20:29:33.0847 0x2f04  NcaSvc - ok
20:29:33.0861 0x2f04  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\Windows\System32\ncbservice.dll
20:29:33.0895 0x2f04  NcbService - ok
20:29:33.0901 0x2f04  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
20:29:33.0937 0x2f04  NcdAutoSetup - ok
20:29:33.0944 0x2f04  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
20:29:33.0961 0x2f04  ndfltr - ok
20:29:34.0002 0x2f04  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:29:34.0060 0x2f04  NDIS - ok
20:29:34.0067 0x2f04  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
20:29:34.0085 0x2f04  NdisCap - ok
20:29:34.0092 0x2f04  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
20:29:34.0133 0x2f04  NdisImPlatform - ok
20:29:34.0138 0x2f04  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:29:34.0161 0x2f04  NdisTapi - ok
20:29:34.0167 0x2f04  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
20:29:34.0185 0x2f04  Ndisuio - ok
20:29:34.0189 0x2f04  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
20:29:34.0207 0x2f04  NdisVirtualBus - ok
20:29:34.0216 0x2f04  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
20:29:34.0250 0x2f04  NdisWan - ok
20:29:34.0258 0x2f04  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
20:29:34.0289 0x2f04  ndiswanlegacy - ok
20:29:34.0295 0x2f04  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
20:29:34.0320 0x2f04  ndproxy - ok
20:29:34.0328 0x2f04  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
20:29:34.0358 0x2f04  Ndu - ok
20:29:34.0363 0x2f04  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\System32\drivers\netaapl64.sys
20:29:34.0404 0x2f04  Netaapl - ok
20:29:34.0410 0x2f04  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\Windows\system32\drivers\NetAdapterCx.sys
20:29:34.0431 0x2f04  NetAdapterCx - ok
20:29:34.0437 0x2f04  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
20:29:34.0453 0x2f04  NetBIOS - ok
20:29:34.0467 0x2f04  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:29:34.0496 0x2f04  NetBT - ok
20:29:34.0502 0x2f04  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\Windows\system32\lsass.exe
20:29:34.0519 0x2f04  Netlogon - ok
20:29:34.0530 0x2f04  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\Windows\System32\netman.dll
20:29:34.0559 0x2f04  Netman - ok
20:29:34.0578 0x2f04  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\Windows\System32\netprofmsvc.dll
20:29:34.0619 0x2f04  netprofm - ok
20:29:34.0632 0x2f04  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\Windows\System32\NetSetupSvc.dll
20:29:34.0669 0x2f04  NetSetupSvc - ok
20:29:34.0680 0x2f04  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:29:34.0700 0x2f04  NetTcpPortSharing - ok
20:29:34.0715 0x2f04  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
20:29:34.0750 0x2f04  NgcCtnrSvc - ok
20:29:34.0782 0x2f04  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\Windows\system32\ngcsvc.dll
20:29:34.0852 0x2f04  NgcSvc - ok
20:29:34.0866 0x2f04  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:29:34.0899 0x2f04  NlaSvc - ok
20:29:34.0905 0x2f04  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
20:29:34.0914 0x2f04  NPF - ok
20:29:34.0920 0x2f04  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:29:34.0938 0x2f04  Npfs - ok
20:29:34.0943 0x2f04  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
20:29:34.0960 0x2f04  npsvctrig - ok
20:29:34.0965 0x2f04  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\Windows\system32\nsisvc.dll
20:29:34.0984 0x2f04  nsi - ok
20:29:34.0989 0x2f04  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:29:35.0008 0x2f04  nsiproxy - ok
20:29:35.0078 0x2f04  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\Windows\system32\drivers\NTFS.sys
20:29:35.0163 0x2f04  NTFS - ok
20:29:35.0171 0x2f04  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\Windows\system32\drivers\Null.sys
20:29:35.0188 0x2f04  Null - ok
20:29:35.0197 0x2f04  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:29:35.0215 0x2f04  nvraid - ok
20:29:35.0224 0x2f04  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:29:35.0244 0x2f04  nvstor - ok
20:29:35.0258 0x2f04  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\Windows\System32\APHostService.dll
20:29:35.0293 0x2f04  OneSyncSvc - ok
20:29:35.0307 0x2f04  [ AC0F1B7B71D9D435EC33456F7EDF6FF1, 8FEFF5F99F1AFF21CF9415D4BF26936EF3A7347DA06F30ADD1DD1B14916F2585 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:29:35.0326 0x2f04  ose - ok
20:29:35.0339 0x2f04  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:29:35.0375 0x2f04  p2pimsvc - ok
20:29:35.0392 0x2f04  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\Windows\system32\p2psvc.dll
20:29:35.0428 0x2f04  p2psvc - ok
20:29:35.0437 0x2f04  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\Windows\System32\drivers\parport.sys
20:29:35.0457 0x2f04  Parport - ok
20:29:35.0465 0x2f04  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:29:35.0483 0x2f04  partmgr - ok
20:29:35.0501 0x2f04  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:29:35.0534 0x2f04  PcaSvc - ok
20:29:35.0547 0x2f04  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci             C:\Windows\system32\drivers\pci.sys
20:29:35.0573 0x2f04  pci - ok
20:29:35.0578 0x2f04  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\Windows\system32\drivers\pciide.sys
20:29:35.0593 0x2f04  pciide - ok
20:29:35.0601 0x2f04  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:29:35.0618 0x2f04  pcmcia - ok
20:29:35.0623 0x2f04  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:29:35.0641 0x2f04  pcw - ok
20:29:35.0647 0x2f04  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\Windows\system32\drivers\pdc.sys
20:29:35.0666 0x2f04  pdc - ok
20:29:35.0691 0x2f04  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:29:35.0745 0x2f04  PEAUTH - ok
20:29:35.0752 0x2f04  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
20:29:35.0768 0x2f04  percsas2i - ok
20:29:35.0776 0x2f04  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
20:29:35.0792 0x2f04  percsas3i - ok
20:29:35.0825 0x2f04  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:29:35.0846 0x2f04  PerfHost - ok
20:29:35.0877 0x2f04  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\Windows\System32\PhoneService.dll
20:29:35.0930 0x2f04  PhoneSvc - ok
20:29:35.0941 0x2f04  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
20:29:35.0973 0x2f04  PimIndexMaintenanceSvc - ok
20:29:36.0021 0x2f04  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\Windows\system32\pla.dll
20:29:36.0104 0x2f04  pla - ok
20:29:36.0113 0x2f04  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:29:36.0140 0x2f04  PlugPlay - ok
20:29:36.0144 0x2f04  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:29:36.0162 0x2f04  PNRPAutoReg - ok
20:29:36.0174 0x2f04  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:29:36.0206 0x2f04  PNRPsvc - ok
20:29:36.0221 0x2f04  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:29:36.0256 0x2f04  PolicyAgent - ok
20:29:36.0265 0x2f04  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\Windows\system32\umpo.dll
20:29:36.0292 0x2f04  Power - ok
20:29:36.0300 0x2f04  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
20:29:36.0326 0x2f04  PptpMiniport - ok
20:29:36.0430 0x2f04  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:29:36.0604 0x2f04  PrintNotify - ok
20:29:36.0616 0x2f04  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\Windows\System32\drivers\processr.sys
20:29:36.0639 0x2f04  Processor - ok
         

Geändert von pitti911 (16.02.2017 um 22:03 Uhr)

Alt 16.02.2017, 22:04   #10
pitti911
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



Teil 2:
Code:
ATTFilter
20:29:36.0652 0x2f04  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:29:36.0692 0x2f04  ProfSvc - ok
20:29:36.0701 0x2f04  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\Windows\system32\drivers\pacer.sys
20:29:36.0720 0x2f04  Psched - ok
20:29:36.0732 0x2f04  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\Windows\system32\qwave.dll
20:29:36.0761 0x2f04  QWAVE - ok
20:29:36.0767 0x2f04  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:29:36.0785 0x2f04  QWAVEdrv - ok
20:29:36.0790 0x2f04  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:29:36.0805 0x2f04  RasAcd - ok
20:29:36.0812 0x2f04  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
20:29:36.0839 0x2f04  RasAgileVpn - ok
20:29:36.0846 0x2f04  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\Windows\System32\rasauto.dll
20:29:36.0868 0x2f04  RasAuto - ok
20:29:36.0874 0x2f04  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
20:29:36.0904 0x2f04  Rasl2tp - ok
20:29:36.0927 0x2f04  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\Windows\System32\rasmans.dll
20:29:36.0982 0x2f04  RasMan - ok
20:29:36.0989 0x2f04  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:29:37.0010 0x2f04  RasPppoe - ok
20:29:37.0017 0x2f04  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
20:29:37.0042 0x2f04  RasSstp - ok
20:29:37.0061 0x2f04  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:29:37.0090 0x2f04  rdbss - ok
20:29:37.0097 0x2f04  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
20:29:37.0114 0x2f04  rdpbus - ok
20:29:37.0123 0x2f04  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:29:37.0148 0x2f04  RDPDR - ok
20:29:37.0157 0x2f04  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:29:37.0174 0x2f04  RdpVideoMiniport - ok
20:29:37.0192 0x2f04  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:29:37.0220 0x2f04  rdyboost - ok
20:29:37.0251 0x2f04  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys
20:29:37.0295 0x2f04  ReFSv1 - ok
20:29:37.0315 0x2f04  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:29:37.0360 0x2f04  RemoteAccess - ok
20:29:37.0365 0x2f04  [ 10E4D1F67A369A3F6E9CE00AC4A43BE0, D41D7DD9CBFB718AFE94883AE8E79832D4DA3321878BEAB81F4382DC1DFAB8A7 ] RemoteMouseService C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
20:29:37.0371 0x2f04  RemoteMouseService - detected UnsignedFile.Multi.Generic ( 1 )
20:29:37.0465 0x2f04  Detect skipped due to KSN trusted
20:29:37.0465 0x2f04  RemoteMouseService - ok
20:29:37.0473 0x2f04  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:29:37.0505 0x2f04  RemoteRegistry - ok
20:29:37.0527 0x2f04  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\Windows\system32\RDXService.dll
20:29:37.0579 0x2f04  RetailDemo - ok
20:29:37.0589 0x2f04  [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
20:29:37.0612 0x2f04  RFCOMM - ok
20:29:37.0621 0x2f04  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\Windows\System32\RMapi.dll
20:29:37.0645 0x2f04  RmSvc - ok
20:29:37.0652 0x2f04  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
20:29:37.0663 0x2f04  rpcapd - ok
20:29:37.0669 0x2f04  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:29:37.0691 0x2f04  RpcEptMapper - ok
20:29:37.0695 0x2f04  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\Windows\system32\locator.exe
20:29:37.0712 0x2f04  RpcLocator - ok
20:29:37.0740 0x2f04  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\Windows\system32\rpcss.dll
20:29:37.0796 0x2f04  RpcSs - ok
20:29:37.0804 0x2f04  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\Windows\system32\drivers\rspndr.sys
20:29:37.0824 0x2f04  rspndr - ok
20:29:37.0828 0x2f04  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
20:29:37.0844 0x2f04  s3cap - ok
20:29:37.0849 0x2f04  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\Windows\system32\lsass.exe
20:29:37.0865 0x2f04  SamSs - ok
20:29:37.0872 0x2f04  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:29:37.0890 0x2f04  sbp2port - ok
20:29:37.0901 0x2f04  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:29:37.0946 0x2f04  SCardSvr - ok
20:29:37.0955 0x2f04  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
20:29:37.0982 0x2f04  ScDeviceEnum - ok
20:29:37.0987 0x2f04  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:29:38.0020 0x2f04  scfilter - ok
20:29:38.0052 0x2f04  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\Windows\system32\schedsvc.dll
20:29:38.0117 0x2f04  Schedule - ok
20:29:38.0125 0x2f04  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\Windows\system32\drivers\scmbus.sys
20:29:38.0142 0x2f04  scmbus - ok
20:29:38.0150 0x2f04  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\Windows\System32\drivers\scmdisk0101.sys
20:29:38.0172 0x2f04  scmdisk0101 - ok
20:29:38.0182 0x2f04  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:29:38.0204 0x2f04  SCPolicySvc - ok
20:29:38.0216 0x2f04  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\Windows\System32\drivers\sdbus.sys
20:29:38.0240 0x2f04  sdbus - ok
20:29:38.0249 0x2f04  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:29:38.0273 0x2f04  SDRSVC - ok
20:29:38.0280 0x2f04  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
20:29:38.0298 0x2f04  sdstor - ok
20:29:38.0303 0x2f04  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\Windows\system32\seclogon.dll
20:29:38.0321 0x2f04  seclogon - ok
20:29:38.0327 0x2f04  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\Windows\System32\sens.dll
20:29:38.0352 0x2f04  SENS - ok
20:29:38.0396 0x2f04  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\Windows\System32\SensorDataService.exe
20:29:38.0475 0x2f04  SensorDataService - ok
20:29:38.0493 0x2f04  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\Windows\system32\SensorService.dll
20:29:38.0534 0x2f04  SensorService - ok
20:29:38.0543 0x2f04  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:29:38.0569 0x2f04  SensrSvc - ok
20:29:38.0575 0x2f04  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
20:29:38.0592 0x2f04  SerCx - ok
20:29:38.0600 0x2f04  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
20:29:38.0618 0x2f04  SerCx2 - ok
20:29:38.0623 0x2f04  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\Windows\System32\drivers\serenum.sys
20:29:38.0641 0x2f04  Serenum - ok
20:29:38.0648 0x2f04  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\Windows\System32\drivers\serial.sys
20:29:38.0667 0x2f04  Serial - ok
20:29:38.0673 0x2f04  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\Windows\System32\drivers\sermouse.sys
20:29:38.0689 0x2f04  sermouse - ok
20:29:38.0709 0x2f04  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\Windows\system32\sessenv.dll
20:29:38.0748 0x2f04  SessionEnv - ok
20:29:38.0753 0x2f04  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
20:29:38.0769 0x2f04  sfloppy - ok
20:29:38.0790 0x2f04  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:29:38.0836 0x2f04  SharedAccess - ok
20:29:38.0859 0x2f04  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:29:38.0912 0x2f04  ShellHWDetection - ok
20:29:38.0921 0x2f04  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\Windows\system32\Windows.SharedPC.AccountManager.dll
20:29:38.0947 0x2f04  shpamsvc - ok
20:29:38.0952 0x2f04  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:29:38.0969 0x2f04  SiSRaid2 - ok
20:29:38.0975 0x2f04  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:29:38.0991 0x2f04  SiSRaid4 - ok
20:29:39.0004 0x2f04  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:29:39.0037 0x2f04  SkypeUpdate - ok
20:29:39.0043 0x2f04  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\Windows\System32\smphost.dll
20:29:39.0068 0x2f04  smphost - ok
20:29:39.0089 0x2f04  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
20:29:39.0134 0x2f04  SmsRouter - ok
20:29:39.0143 0x2f04  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:29:39.0162 0x2f04  SNMPTRAP - ok
20:29:39.0181 0x2f04  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\Windows\system32\drivers\spaceport.sys
20:29:39.0214 0x2f04  spaceport - ok
20:29:39.0221 0x2f04  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
20:29:39.0238 0x2f04  SpbCx - ok
20:29:39.0266 0x2f04  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\Windows\System32\spoolsv.exe
20:29:39.0327 0x2f04  Spooler - ok
20:29:39.0490 0x2f04  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\Windows\system32\sppsvc.exe
20:29:39.0706 0x2f04  sppsvc - ok
20:29:39.0727 0x2f04  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:29:39.0760 0x2f04  srv - ok
20:29:39.0784 0x2f04  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:29:39.0838 0x2f04  srv2 - ok
20:29:39.0850 0x2f04  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:29:39.0876 0x2f04  srvnet - ok
20:29:39.0887 0x2f04  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:29:39.0915 0x2f04  SSDPSRV - ok
20:29:39.0925 0x2f04  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:29:39.0952 0x2f04  SstpSvc - ok
20:29:39.0961 0x2f04  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
20:29:39.0976 0x2f04  ssudmdm - ok
20:29:40.0002 0x2f04  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
20:29:40.0032 0x2f04  ss_conn_service - ok
20:29:40.0152 0x2f04  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\Windows\system32\windows.staterepository.dll
20:29:40.0366 0x2f04  StateRepository - ok
20:29:40.0375 0x2f04  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:29:40.0391 0x2f04  stexstor - ok
20:29:40.0395 0x2f04  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
20:29:40.0413 0x2f04  StillCam - ok
20:29:40.0435 0x2f04  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\Windows\System32\wiaservc.dll
20:29:40.0483 0x2f04  stisvc - ok
20:29:40.0491 0x2f04  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\Windows\system32\drivers\storahci.sys
20:29:40.0509 0x2f04  storahci - ok
20:29:40.0514 0x2f04  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
20:29:40.0529 0x2f04  storflt - ok
20:29:40.0536 0x2f04  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\Windows\system32\drivers\stornvme.sys
20:29:40.0553 0x2f04  stornvme - ok
20:29:40.0559 0x2f04  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
20:29:40.0579 0x2f04  storqosflt - ok
20:29:40.0593 0x2f04  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\Windows\system32\storsvc.dll
20:29:40.0635 0x2f04  StorSvc - ok
20:29:40.0641 0x2f04  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\Windows\system32\drivers\storufs.sys
20:29:40.0655 0x2f04  storufs - ok
20:29:40.0660 0x2f04  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:29:40.0675 0x2f04  storvsc - ok
20:29:40.0679 0x2f04  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\Windows\system32\svsvc.dll
20:29:40.0700 0x2f04  svsvc - ok
20:29:40.0710 0x2f04  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\Windows\System32\drivers\swenum.sys
20:29:40.0726 0x2f04  swenum - ok
20:29:40.0741 0x2f04  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\Windows\System32\swprv.dll
20:29:40.0785 0x2f04  swprv - ok
20:29:40.0791 0x2f04  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
20:29:40.0809 0x2f04  Synth3dVsc - ok
20:29:40.0822 0x2f04  [ 01A658167619075BAAD31C96074C0B38, B1113D6DAF15C62FF1A0D1D108D0C83660829B09E984DBB7AC2D7EFF0138A38A ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:29:40.0840 0x2f04  SynTP - ok
20:29:40.0871 0x2f04  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\Windows\system32\sysmain.dll
20:29:40.0936 0x2f04  SysMain - ok
20:29:40.0951 0x2f04  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:29:40.0985 0x2f04  SystemEventsBroker - ok
20:29:40.0993 0x2f04  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:29:41.0020 0x2f04  TabletInputService - ok
20:29:41.0034 0x2f04  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:29:41.0065 0x2f04  TapiSrv - ok
20:29:41.0138 0x2f04  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:29:41.0239 0x2f04  Tcpip - ok
20:29:41.0315 0x2f04  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
20:29:41.0408 0x2f04  Tcpip6 - ok
20:29:41.0419 0x2f04  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:29:41.0439 0x2f04  tcpipreg - ok
20:29:41.0450 0x2f04  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:29:41.0468 0x2f04  tdx - ok
20:29:41.0476 0x2f04  [ 2625DD0C44FEB294E4096E129938C618, 50CD1F8618C46911A1A5DF62797AC16BD88E1915288D62B09BF2BDB44472C68B ] Te.Service      C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
20:29:41.0510 0x2f04  Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
20:29:41.0610 0x2f04  Detect skipped due to KSN trusted
20:29:41.0610 0x2f04  Te.Service - ok
20:29:41.0892 0x2f04  [ 44449A0EB8EBD8DCBC3ED4BB62BA3A5F, 168197015D1E5ED71775250084C224A1100E0F989A6D1CC4102004E5AAD74F3A ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
20:29:42.0185 0x2f04  TeamViewer - ok
20:29:42.0202 0x2f04  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
20:29:42.0217 0x2f04  terminpt - ok
20:29:42.0250 0x2f04  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\Windows\System32\termsrv.dll
20:29:42.0317 0x2f04  TermService - ok
20:29:42.0325 0x2f04  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\Windows\system32\themeservice.dll
20:29:42.0353 0x2f04  Themes - ok
20:29:42.0365 0x2f04  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
20:29:42.0399 0x2f04  TieringEngineService - ok
20:29:42.0419 0x2f04  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
20:29:42.0463 0x2f04  tiledatamodelsvc - ok
20:29:42.0474 0x2f04  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\Windows\System32\TimeBrokerServer.dll
20:29:42.0499 0x2f04  TimeBrokerSvc - ok
20:29:42.0508 0x2f04  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\Windows\System32\drivers\tpm.sys
20:29:42.0530 0x2f04  TPM - ok
20:29:42.0538 0x2f04  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\Windows\System32\trkwks.dll
20:29:42.0559 0x2f04  TrkWks - ok
20:29:42.0567 0x2f04  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:29:42.0595 0x2f04  TrustedInstaller - ok
20:29:42.0603 0x2f04  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\Windows\system32\drivers\TsUsbFlt.sys
20:29:42.0623 0x2f04  tsusbflt - ok
20:29:42.0628 0x2f04  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
20:29:42.0645 0x2f04  TsUsbGD - ok
20:29:42.0654 0x2f04  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\Windows\System32\drivers\tunnel.sys
20:29:42.0676 0x2f04  tunnel - ok
20:29:42.0683 0x2f04  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
20:29:42.0711 0x2f04  tzautoupdate - ok
20:29:42.0717 0x2f04  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
20:29:42.0733 0x2f04  UASPStor - ok
20:29:42.0739 0x2f04  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
20:29:42.0760 0x2f04  UcmCx0101 - ok
20:29:42.0767 0x2f04  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\Windows\system32\Drivers\UcmTcpciCx.sys
20:29:42.0788 0x2f04  UcmTcpciCx0101 - ok
20:29:42.0793 0x2f04  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\Windows\System32\drivers\UcmUcsi.sys
20:29:42.0810 0x2f04  UcmUcsi - ok
20:29:42.0820 0x2f04  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
20:29:42.0841 0x2f04  Ucx01000 - ok
20:29:42.0845 0x2f04  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\Windows\system32\drivers\udecx.sys
20:29:42.0864 0x2f04  UdeCx - ok
20:29:42.0877 0x2f04  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:29:42.0913 0x2f04  udfs - ok
20:29:42.0919 0x2f04  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
20:29:42.0933 0x2f04  UEFI - ok
20:29:42.0944 0x2f04  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
20:29:42.0967 0x2f04  Ufx01000 - ok
20:29:42.0974 0x2f04  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\Windows\System32\drivers\UfxChipidea.sys
20:29:42.0991 0x2f04  UfxChipidea - ok
20:29:42.0999 0x2f04  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
20:29:43.0019 0x2f04  ufxsynopsys - ok
20:29:43.0028 0x2f04  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:29:43.0050 0x2f04  UI0Detect - ok
20:29:43.0055 0x2f04  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\Windows\System32\drivers\umbus.sys
20:29:43.0074 0x2f04  umbus - ok
20:29:43.0078 0x2f04  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\Windows\System32\drivers\umpass.sys
20:29:43.0093 0x2f04  UmPass - ok
20:29:43.0105 0x2f04  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:29:43.0134 0x2f04  UmRdpService - ok
20:29:43.0172 0x2f04  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\Windows\System32\unistore.dll
20:29:43.0243 0x2f04  UnistoreSvc - ok
20:29:43.0263 0x2f04  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\Windows\System32\upnphost.dll
20:29:43.0307 0x2f04  upnphost - ok
20:29:43.0312 0x2f04  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\Windows\System32\drivers\urschipidea.sys
20:29:43.0327 0x2f04  UrsChipidea - ok
20:29:43.0333 0x2f04  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
20:29:43.0349 0x2f04  UrsCx01000 - ok
20:29:43.0354 0x2f04  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\Windows\System32\drivers\urssynopsys.sys
20:29:43.0369 0x2f04  UrsSynopsys - ok
20:29:43.0374 0x2f04  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
20:29:43.0426 0x2f04  USBAAPL64 - ok
20:29:43.0435 0x2f04  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
20:29:43.0455 0x2f04  usbccgp - ok
20:29:43.0463 0x2f04  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\Windows\System32\drivers\usbcir.sys
20:29:43.0484 0x2f04  usbcir - ok
20:29:43.0491 0x2f04  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
20:29:43.0508 0x2f04  usbehci - ok
20:29:43.0526 0x2f04  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
20:29:43.0558 0x2f04  usbhub - ok
20:29:43.0576 0x2f04  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
20:29:43.0609 0x2f04  USBHUB3 - ok
20:29:43.0614 0x2f04  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
20:29:43.0632 0x2f04  usbohci - ok
20:29:43.0638 0x2f04  [ BC26F06004E97CFBC8C04E995A320881, 400844A3BD36FCF8C35D1B56D90DACDF8F445D94DF3DF352AB448C26F132D565 ] USBPcap         C:\Windows\system32\DRIVERS\USBPcap.sys
20:29:43.0650 0x2f04  USBPcap - ok
20:29:43.0654 0x2f04  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
20:29:43.0672 0x2f04  usbprint - ok
20:29:43.0678 0x2f04  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\Windows\System32\drivers\usbser.sys
20:29:43.0696 0x2f04  usbser - ok
20:29:43.0704 0x2f04  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
20:29:43.0723 0x2f04  USBSTOR - ok
20:29:43.0728 0x2f04  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
20:29:43.0744 0x2f04  usbuhci - ok
20:29:43.0755 0x2f04  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:29:43.0788 0x2f04  usbvideo - ok
20:29:43.0802 0x2f04  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
20:29:43.0829 0x2f04  USBXHCI - ok
20:29:43.0875 0x2f04  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\Windows\System32\userdataservice.dll
20:29:43.0960 0x2f04  UserDataSvc - ok
20:29:43.0997 0x2f04  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\Windows\System32\usermgr.dll
20:29:44.0069 0x2f04  UserManager - ok
20:29:44.0090 0x2f04  [ EBF9E40845362DBE2AD0DB3077269488, A6363006350D097F95B03A2F44E1D3FBD3BC40048BE57C715CD7CBC22D1EE70B ] UsoSvc          C:\Windows\system32\usocore.dll
20:29:44.0137 0x2f04  UsoSvc - ok
20:29:44.0143 0x2f04  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\Windows\system32\lsass.exe
20:29:44.0159 0x2f04  VaultSvc - ok
20:29:44.0190 0x2f04  [ 0D9780E8495C84911491AE1603711E39, 4D9E1157CA84E0DE1A1BFB9A75576AA49B37BD02F780CC84012A79720B183F0F ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
20:29:44.0229 0x2f04  VBoxDrv - ok
20:29:44.0238 0x2f04  [ 45633D58D5DB28E5F210CF51588E537D, DF88F66E360535966557249127AC17EC11746F478DC73210526E2545422C77FF ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
20:29:44.0250 0x2f04  VBoxNetAdp - ok
20:29:44.0259 0x2f04  [ B802AC859F5BEF61FFB24F1513755106, 54A75B61946D7B8B4A61C15BE79D81E8D10B08D8BE4F6F02BB6A4DC0DF9A6B76 ] VBoxNetLwf      C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
20:29:44.0273 0x2f04  VBoxNetLwf - ok
20:29:44.0282 0x2f04  [ B79F4C1E062395A5724C89919EBE3144, 413D31B9433AA92695A4F32FE003176ACC17E588C8DF4AE8BC404621A0FC9185 ] VBoxUSB         C:\Windows\System32\Drivers\VBoxUSB.sys
20:29:44.0317 0x2f04  VBoxUSB - ok
20:29:44.0326 0x2f04  [ FEB686C223F7EA10B530108C81BB110B, 79AAAE2345694617F7A35068F0614E256B179A803C14639591B1DC796CB92F47 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
20:29:44.0339 0x2f04  VBoxUSBMon - ok
20:29:44.0344 0x2f04  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:29:44.0360 0x2f04  vdrvroot - ok
20:29:44.0383 0x2f04  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\Windows\System32\vds.exe
20:29:44.0433 0x2f04  vds - ok
20:29:44.0444 0x2f04  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
20:29:44.0465 0x2f04  VerifierExt - ok
20:29:44.0490 0x2f04  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
20:29:44.0529 0x2f04  vhdmp - ok
20:29:44.0535 0x2f04  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\Windows\System32\drivers\vhf.sys
20:29:44.0552 0x2f04  vhf - ok
20:29:44.0558 0x2f04  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:29:44.0576 0x2f04  vmbus - ok
20:29:44.0580 0x2f04  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
20:29:44.0596 0x2f04  VMBusHID - ok
20:29:44.0601 0x2f04  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\Windows\System32\drivers\vmgid.sys
20:29:44.0617 0x2f04  vmgid - ok
20:29:44.0632 0x2f04  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\Windows\System32\icsvc.dll
20:29:44.0667 0x2f04  vmicguestinterface - ok
20:29:44.0678 0x2f04  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\Windows\System32\icsvc.dll
20:29:44.0705 0x2f04  vmicheartbeat - ok
20:29:44.0718 0x2f04  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\Windows\System32\icsvc.dll
20:29:44.0745 0x2f04  vmickvpexchange - ok
20:29:44.0759 0x2f04  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\Windows\System32\icsvcext.dll
20:29:44.0797 0x2f04  vmicrdv - ok
20:29:44.0809 0x2f04  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\Windows\System32\icsvc.dll
20:29:44.0838 0x2f04  vmicshutdown - ok
20:29:44.0849 0x2f04  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\Windows\System32\icsvc.dll
20:29:44.0877 0x2f04  vmictimesync - ok
20:29:44.0889 0x2f04  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\Windows\System32\icsvc.dll
20:29:44.0917 0x2f04  vmicvmsession - ok
20:29:44.0932 0x2f04  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\Windows\System32\icsvcext.dll
20:29:44.0962 0x2f04  vmicvss - ok
20:29:44.0968 0x2f04  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:29:44.0985 0x2f04  volmgr - ok
20:29:44.0998 0x2f04  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:29:45.0027 0x2f04  volmgrx - ok
20:29:45.0042 0x2f04  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:29:45.0070 0x2f04  volsnap - ok
20:29:45.0075 0x2f04  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\Windows\system32\drivers\volume.sys
20:29:45.0089 0x2f04  volume - ok
20:29:45.0096 0x2f04  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\Windows\System32\drivers\vpci.sys
20:29:45.0112 0x2f04  vpci - ok
20:29:45.0121 0x2f04  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:29:45.0142 0x2f04  vsmraid - ok
20:29:45.0187 0x2f04  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\Windows\system32\vssvc.exe
20:29:45.0275 0x2f04  VSS - ok
20:29:45.0289 0x2f04  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
20:29:45.0314 0x2f04  VSTXRAID - ok
20:29:45.0320 0x2f04  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:29:45.0338 0x2f04  vwifibus - ok
20:29:45.0344 0x2f04  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
20:29:45.0364 0x2f04  vwififlt - ok
20:29:45.0369 0x2f04  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\Windows\System32\drivers\vwifimp.sys
20:29:45.0385 0x2f04  vwifimp - ok
20:29:45.0404 0x2f04  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\Windows\system32\w32time.dll
20:29:45.0451 0x2f04  W32Time - ok
20:29:45.0461 0x2f04  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
20:29:45.0478 0x2f04  WacomPen - ok
20:29:45.0494 0x2f04  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\Windows\system32\WalletService.dll
20:29:45.0531 0x2f04  WalletService - ok
20:29:45.0539 0x2f04  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:29:45.0565 0x2f04  wanarp - ok
20:29:45.0571 0x2f04  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:29:45.0595 0x2f04  wanarpv6 - ok
20:29:45.0645 0x2f04  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\Windows\system32\wbengine.exe
20:29:45.0737 0x2f04  wbengine - ok
20:29:45.0766 0x2f04  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:29:45.0826 0x2f04  WbioSrvc - ok
20:29:45.0835 0x2f04  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\Windows\system32\drivers\wcifs.sys
20:29:45.0852 0x2f04  wcifs - ok
20:29:45.0876 0x2f04  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
20:29:45.0933 0x2f04  Wcmsvc - ok
20:29:45.0951 0x2f04  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:29:45.0990 0x2f04  wcncsvc - ok
20:29:45.0997 0x2f04  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\Windows\system32\drivers\wcnfs.sys
20:29:46.0017 0x2f04  wcnfs - ok
20:29:46.0022 0x2f04  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
20:29:46.0038 0x2f04  WdBoot - ok
20:29:46.0044 0x2f04  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\Windows\System32\drivers\wdcsam64.sys
20:29:46.0062 0x2f04  WDC_SAM - ok
20:29:46.0089 0x2f04  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:29:46.0131 0x2f04  Wdf01000 - ok
20:29:46.0144 0x2f04  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
20:29:46.0168 0x2f04  WdFilter - ok
20:29:46.0174 0x2f04  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:29:46.0200 0x2f04  WdiServiceHost - ok
20:29:46.0206 0x2f04  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:29:46.0232 0x2f04  WdiSystemHost - ok
20:29:46.0258 0x2f04  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
20:29:46.0331 0x2f04  wdiwifi - ok
20:29:46.0340 0x2f04  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
20:29:46.0358 0x2f04  WdNisDrv - ok
20:29:46.0363 0x2f04  WdNisSvc - ok
20:29:46.0375 0x2f04  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\Windows\System32\webclnt.dll
20:29:46.0406 0x2f04  WebClient - ok
20:29:46.0416 0x2f04  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:29:46.0448 0x2f04  Wecsvc - ok
20:29:46.0453 0x2f04  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
20:29:46.0475 0x2f04  WEPHOSTSVC - ok
20:29:46.0482 0x2f04  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:29:46.0511 0x2f04  wercplsupport - ok
20:29:46.0520 0x2f04  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:29:46.0545 0x2f04  WerSvc - ok
20:29:46.0554 0x2f04  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
20:29:46.0573 0x2f04  WFPLWFS - ok
20:29:46.0580 0x2f04  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\Windows\System32\wiarpc.dll
20:29:46.0601 0x2f04  WiaRpc - ok
20:29:46.0606 0x2f04  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:29:46.0622 0x2f04  WIMMount - ok
20:29:46.0626 0x2f04  WinDefend - ok
20:29:46.0640 0x2f04  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
20:29:46.0657 0x2f04  WindowsTrustedRT - ok
20:29:46.0662 0x2f04  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
20:29:46.0676 0x2f04  WindowsTrustedRTProxy - ok
20:29:46.0703 0x2f04  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:29:46.0759 0x2f04  WinHttpAutoProxySvc - ok
20:29:46.0765 0x2f04  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\Windows\System32\drivers\winmad.sys
20:29:46.0780 0x2f04  WinMad - ok
20:29:46.0796 0x2f04  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:29:46.0825 0x2f04  Winmgmt - ok
20:29:46.0904 0x2f04  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:29:47.0056 0x2f04  WinRM - ok
20:29:47.0070 0x2f04  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\Windows\System32\drivers\WinUSB.SYS
20:29:47.0103 0x2f04  WINUSB - ok
20:29:47.0109 0x2f04  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
20:29:47.0125 0x2f04  WinVerbs - ok
20:29:47.0148 0x2f04  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc           C:\Windows\system32\flightsettings.dll
20:29:47.0198 0x2f04  wisvc - ok
20:29:47.0270 0x2f04  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\Windows\System32\wlansvc.dll
20:29:47.0398 0x2f04  WlanSvc - ok
20:29:47.0464 0x2f04  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
20:29:47.0583 0x2f04  wlidsvc - ok
20:29:47.0590 0x2f04  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
20:29:47.0607 0x2f04  WmiAcpi - ok
20:29:47.0619 0x2f04  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:29:47.0645 0x2f04  wmiApSrv - ok
20:29:47.0648 0x2f04  WMPNetworkSvc - ok
20:29:47.0660 0x2f04  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\Windows\system32\drivers\Wof.sys
20:29:47.0678 0x2f04  Wof - ok
20:29:47.0737 0x2f04  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
20:29:47.0842 0x2f04  workfolderssvc - ok
20:29:47.0851 0x2f04  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:29:47.0873 0x2f04  WPDBusEnum - ok
20:29:47.0878 0x2f04  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
20:29:47.0893 0x2f04  WpdUpFltr - ok
20:29:47.0904 0x2f04  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\Windows\system32\WpnService.dll
20:29:47.0932 0x2f04  WpnService - ok
20:29:47.0938 0x2f04  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\Windows\System32\WpnUserService.dll
20:29:47.0960 0x2f04  WpnUserService - ok
20:29:47.0967 0x2f04  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:29:47.0985 0x2f04  ws2ifsl - ok
20:29:47.0995 0x2f04  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:29:48.0027 0x2f04  wscsvc - ok
20:29:48.0031 0x2f04  [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
20:29:48.0049 0x2f04  WSDPrintDevice - ok
20:29:48.0054 0x2f04  [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
20:29:48.0071 0x2f04  WSDScan - ok
20:29:48.0075 0x2f04  WSearch - ok
20:29:48.0145 0x2f04  [ DDB7E452A99E0E5244105C6D2CF4BC9E, 1364B03AFFD20D339A2EBA303575BCCBC2D122D89810B1E3593CC55F93F9B79A ] wuauserv        C:\Windows\system32\wuaueng.dll
20:29:48.0274 0x2f04  wuauserv - ok
20:29:48.0284 0x2f04  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:29:48.0306 0x2f04  WudfPf - ok
20:29:48.0316 0x2f04  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\Windows\system32\drivers\WudfRd.sys
20:29:48.0344 0x2f04  WUDFRd - ok
20:29:48.0351 0x2f04  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:29:48.0374 0x2f04  wudfsvc - ok
20:29:48.0384 0x2f04  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
20:29:48.0408 0x2f04  WUDFWpdFs - ok
20:29:48.0418 0x2f04  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
20:29:48.0444 0x2f04  WUDFWpdMtp - ok
20:29:48.0484 0x2f04  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:29:48.0566 0x2f04  WwanSvc - ok
20:29:48.0601 0x2f04  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
20:29:48.0669 0x2f04  XblAuthManager - ok
20:29:48.0708 0x2f04  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\Windows\System32\XblGameSave.dll
20:29:48.0817 0x2f04  XblGameSave - ok
20:29:48.0830 0x2f04  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
20:29:48.0882 0x2f04  xboxgip - ok
20:29:48.0916 0x2f04  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
20:29:48.0989 0x2f04  XboxNetApiSvc - ok
20:29:48.0996 0x2f04  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
20:29:49.0029 0x2f04  xinputhid - ok
20:29:49.0032 0x2f04  ================ Scan global ===============================
20:29:49.0037 0x2f04  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\Windows\system32\basesrv.dll
20:29:49.0046 0x2f04  [ 4C08BF958476A137C78B62B22B5F90A4, 11DDD033896C96F8F7F1A1EDD0F4E0F07AFBB3202DC8A2E5E3ADB51C4D0700D4 ] C:\Windows\system32\winsrv.dll
20:29:49.0057 0x2f04  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\Windows\system32\sxssrv.dll
20:29:49.0074 0x2f04  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\Windows\system32\services.exe
20:29:49.0086 0x2f04  [ Global ] - ok
20:29:49.0087 0x2f04  ================ Scan MBR ==================================
20:29:49.0090 0x2f04  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:29:49.0542 0x2f04  \Device\Harddisk0\DR0 - ok
20:29:49.0544 0x2f04  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:29:49.0731 0x2f04  \Device\Harddisk1\DR1 - ok
20:29:49.0732 0x2f04  ================ Scan VBR ==================================
20:29:49.0734 0x2f04  [ B9D42396F0482A2F773CEA3382098C0F ] \Device\Harddisk0\DR0\Partition1
20:29:49.0736 0x2f04  \Device\Harddisk0\DR0\Partition1 - ok
20:29:49.0740 0x2f04  [ A388C5BF3EFB7CE41BFA0310E07B8A3A ] \Device\Harddisk0\DR0\Partition2
20:29:49.0742 0x2f04  \Device\Harddisk0\DR0\Partition2 - ok
20:29:49.0745 0x2f04  [ AEE8DDD2AB6D786F5C59556FC00A4055 ] \Device\Harddisk1\DR1\Partition1
20:29:49.0746 0x2f04  \Device\Harddisk1\DR1\Partition1 - ok
20:29:49.0749 0x2f04  [ 2584DA317D12776FA37A90AD8A22011E ] \Device\Harddisk1\DR1\Partition2
20:29:49.0751 0x2f04  \Device\Harddisk1\DR1\Partition2 - ok
20:29:49.0752 0x2f04  ================ Scan generic autorun ======================
20:29:50.0192 0x2f04  [ 701646DF00C80E3DB7ABBE111C2213F7, C75FABE4716D43C212935E6DC095AAF3D46DEDE6323978763B3CA213FB70579B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:29:50.0641 0x2f04  RtHDVCpl - ok
20:29:50.0657 0x2f04  SynTPEnh - ok
20:29:51.0102 0x2f04  [ 5D36AEE2E912402F4ABAB2C55182E3E1, 791D2562776C8E9F309990F1DDA96D51FA9E562EBC1158930C1B9D190EE54FEB ] C:\Program Files\Logitech Gaming Software\LCore.exe
20:29:51.0540 0x2f04  Launch LCore - ok
20:29:51.0563 0x2f04  [ 57D87F3F731632E706F203023C3C9CD8, 5B7131EB940D3A043C33E75C0F06CECEA3FB235677F45F143F2E67E84AB4673D ] C:\Program Files\iTunes\iTunesHelper.exe
20:29:51.0575 0x2f04  iTunesHelper - ok
20:29:51.0576 0x2f04  WindowsDefender - ok
20:29:51.0609 0x2f04  [ 4C6AAABB264526A9C845A39AEBB79B69, B27F869E8B44CC5F1F9ADCA53AA848C16D706587ED9C7F995AE59BF9B0426523 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
20:29:51.0639 0x2f04  StartCCC - ok
20:29:51.0648 0x2f04  [ 799312CDAA79E65DB21AA9F56D0BE1C7, FCB2D5F213F82BAB4C320EFF3BF988B7609A7E8EBAF85DAAF63F1A92826323CA ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
20:29:51.0660 0x2f04  ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
20:29:51.0777 0x2f04  Detect skipped due to KSN trusted
20:29:51.0777 0x2f04  ControlCenter4 - ok
20:29:51.0909 0x2f04  [ 22310E2C6AE375142ABBB9EF384ECD40, A8673DF56546E4CDD7A0099D8CCB889415125089F786D0637E8D9B21CE53AB4D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
20:29:52.0112 0x2f04  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
20:29:52.0218 0x2f04  Detect skipped due to KSN trusted
20:29:52.0218 0x2f04  BrStsMon00 - ok
20:29:52.0274 0x2f04  [ 0C0DD390CF53D506414AC2CAA68E7F34, C64A9BAF0FDA5161B9361FC454CA36E7595E6BC969A6FA03993C5949373D8A00 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
20:29:52.0366 0x2f04  BrHelp - detected UnsignedFile.Multi.Generic ( 1 )
20:29:52.0459 0x2f04  Detect skipped due to KSN trusted
20:29:52.0459 0x2f04  BrHelp - ok
20:29:52.0648 0x2f04  [ A092258F26296C791D982E83814685BD, C66F8D8A6C0049BC5ED60198C8B9AE2B7F74B901C1D780E294ECF3D6599EAA50 ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
20:29:52.0837 0x2f04  ATKOSD2 - ok
20:29:52.0852 0x2f04  [ D98BC64645C2DAEDC1E79B4CCCCBBC8E, BB3090F5EF68F1F786D37675CF42DA8363762FEF958F88ECFF82FDB183842A5E ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
20:29:52.0861 0x2f04  ATKMEDIA - ok
20:29:52.0868 0x2f04  [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
20:29:52.0876 0x2f04  HControlUser - ok
20:29:52.0881 0x2f04  Dropbox - ok
20:29:52.0901 0x2f04  [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:29:52.0924 0x2f04  SunJavaUpdateSched - ok
20:29:53.0199 0x2f04  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:29:53.0481 0x2f04  OneDriveSetup - ok
20:29:53.0732 0x2f04  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:29:53.0983 0x2f04  OneDriveSetup - ok
20:29:54.0235 0x2f04  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:29:54.0489 0x2f04  OneDriveSetup - ok
20:29:54.0547 0x2f04  [ 3CB5F3430BFE5E0C89A0803EF32C8DD4, 9E8247BC7933C2F6F451D756D79CB37A3FB027F7A48DF0511FC56CA368C4B662 ] C:\Users\danie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:29:54.0601 0x2f04  OneDrive - ok
20:29:54.0650 0x2f04  [ 39F07FEA9532CD88F388ECABEFE37CD2, 59A73628DE72CAFA0B8A3E22054EEEF85820AD012BC68E279A4B5E0B728E9621 ] C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:29:54.0698 0x2f04  Spotify Web Helper - ok
20:29:54.0897 0x2f04  [ DC1C4722F9414B9D3858A6BAB0E234D6, 7EFBCCC6AA69ABF2FA41D6EBEC523EBE8B72B4FF20F05C266D2A54F74ED03C8B ] C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe
20:29:55.0101 0x2f04  Spotify - ok
20:29:55.0141 0x2f04  [ 642D464F0EDE1B3C81BC20C3E3A3ECC6, C8B01DD0153BBE4527630FB002F9EF8B4E04127BDFF212831FF67BD6AB0EA265 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:29:55.0184 0x2f04  GoogleChromeAutoLaunch_1DE2210685523D121EF41F74D365AD10 - ok
20:29:55.0188 0x2f04  Skype - ok
20:29:55.0190 0x2f04  Waiting for KSN requests completion. In queue: 243
20:29:56.0205 0x2f04  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
20:29:56.0209 0x2f04  Win FW state via NFP2: enabled ( trusted )
20:29:56.0308 0x2f04  ============================================================
20:29:56.0308 0x2f04  Scan finished
20:29:56.0308 0x2f04  ============================================================
20:29:56.0315 0x0bac  Detected object count: 0
20:29:56.0315 0x0bac  Actual detected object count: 0
         

Alt 16.02.2017, 22:25   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



geht doch!


Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.02.2017, 22:53   #12
pitti911
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



adwCleaner:
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v6.043 - Bericht erstellt am 16/02/2017 um 22:41:55
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-13.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : danie - DESKTOP-9T9O37C
# Gestartet von : C:\Users\danie\Desktop\AdwCleaner_6.043.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Ordner Gefunden: C:\Users\danie\AppData\Local\PackageAware
Ordner Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mgmiemnjjchgkmgbeljfocdjjnpjnmcg


***** [ Dateien ] *****

Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihbiedpeaicgipncdnnkikeehnjiddck_0.localstorage
Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihbiedpeaicgipncdnnkikeehnjiddck_0.localstorage-journal
Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgmiemnjjchgkmgbeljfocdjjnpjnmcg_0.localstorage
Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgmiemnjjchgkmgbeljfocdjjnpjnmcg_0.localstorage-journal


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [2282 Bytes] - [16/02/2017 22:41:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2355 Bytes] ##########
         
--- --- ---


AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v6.043 - Bericht erstellt am 16/02/2017 um 22:43:05
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-13.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : danie - DESKTOP-9T9O37C
# Gestartet von : C:\Users\danie\Desktop\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\danie\AppData\Local\PackageAware
[-] Ordner gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mgmiemnjjchgkmgbeljfocdjjnpjnmcg


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihbiedpeaicgipncdnnkikeehnjiddck_0.localstorage
[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihbiedpeaicgipncdnnkikeehnjiddck_0.localstorage-journal
[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgmiemnjjchgkmgbeljfocdjjnpjnmcg_0.localstorage
[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgmiemnjjchgkmgbeljfocdjjnpjnmcg_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2169 Bytes] - [16/02/2017 22:43:05]
C:\AdwCleaner\AdwCleaner[S0].txt - [2434 Bytes] - [16/02/2017 22:41:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2315 Bytes] ##########
         
--- --- ---



JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64 
Ran by danie (Administrator) on 16.02.2017 at 22:47:31,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_1DE2210685523D121EF41F74D365AD10 (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.02.2017 at 22:49:17,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 19.02.2017, 13:41   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 19.02.2017, 14:10   #14
pitti911
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2017 01
durchgeführt von danie (Administrator) auf DESKTOP-9T9O37C (19-02-2017 13:43:38)
Gestartet von C:\Users\danie\Desktop
Geladene Profile: danie (Verfügbare Profile: defaultuser0 & danie)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2085160 2010-03-05] (Synaptics Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15853176 2016-08-03] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6806144 2010-06-24] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify Web Helper] => C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify] => C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe [7133808 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [GoogleChromeAutoLaunch_1DE2210685523D121EF41F74D365AD10] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PixelRuler.lnk [2016-08-11]
ShortcutTarget: PixelRuler.lnk -> C:\Program Files (x86)\PixelRuler\PixelRuler.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{65b17e8d-7930-436e-a952-581958886376}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{90200e0b-80c6-4e80-8828-16c1b94ed4fe}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\Chem3D\npChem3DPlugin.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\npcdp32.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2017-02-19]
CHR Extension: (Google Präsentationen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-04]
CHR Extension: (Flash Video Downloader) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-12-03]
CHR Extension: (Google Docs) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-04]
CHR Extension: (Google Drive) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-04]
CHR Extension: (YouTube) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-04]
CHR Extension: (Adblock Plus) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-28]
CHR Extension: (Video Downloader professional) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-10-28]
CHR Extension: (Google Tabellen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-04]
CHR Extension: (Full Screen Weather) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-04]
CHR Extension: (Hide My AdBlocker) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2016-11-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (uMatrix) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2017-02-15]
CHR Extension: (Beebs - Access BBC iPlayer) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmliiafmgjkgkfadkpomlefdllhajdi [2017-01-08]
CHR Extension: (Weather Underground) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2016-08-04]
CHR Extension: (Google Mail) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-03] (Logitech Inc.)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [51104 2016-08-02] (USBPcap)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-01-16] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U0 aswVmm; kein ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-18 13:29 - 2017-02-18 13:29 - 00000000 ____D C:\Users\danie\AppData\Local\ElevatedDiagnostics
2017-02-17 01:10 - 2017-02-17 01:10 - 00000000 ____D C:\Users\danie\Documents\lisa_Versicherung
2017-02-16 22:49 - 2017-02-16 22:49 - 00000696 _____ C:\Users\danie\Desktop\JRT.txt
2017-02-16 22:37 - 2017-02-16 22:43 - 00000000 ____D C:\AdwCleaner
2017-02-16 22:27 - 2017-02-16 22:47 - 01663040 _____ (Malwarebytes) C:\Users\danie\Desktop\JRT.exe
2017-02-16 22:27 - 2017-02-16 22:28 - 04015056 _____ C:\Users\danie\Desktop\AdwCleaner_6.043.exe
2017-02-16 20:46 - 2017-02-16 20:46 - 00060873 _____ C:\Users\danie\Desktop\TDSSKiller_log.zip
2017-02-16 20:45 - 2017-02-16 20:45 - 00270262 _____ C:\Users\danie\Desktop\TDSSKiller_log.txt
2017-02-16 20:28 - 2017-02-16 20:45 - 00270354 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_20.28.53_log.txt
2017-02-16 20:27 - 2017-02-16 20:28 - 00005760 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_20.27.27_log.txt
2017-02-16 20:23 - 2017-02-16 20:27 - 04747704 _____ (AO Kaspersky Lab) C:\Users\danie\Desktop\tdsskiller.exe
2017-02-16 20:00 - 2017-02-16 20:20 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-16 20:00 - 2017-02-16 20:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-16 20:00 - 2017-02-16 20:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-16 19:58 - 2017-02-16 20:20 - 00000000 ____D C:\Users\danie\Desktop\mbar
2017-02-16 19:58 - 2017-02-16 19:58 - 16563352 _____ (Malwarebytes Corp.) C:\Users\danie\Desktop\mbar-1.09.3.1001.exe
2017-02-16 19:58 - 2017-02-16 19:58 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-16 19:09 - 2017-02-16 19:09 - 00000000 ___HD C:\OneDriveTemp
2017-02-16 16:48 - 2017-02-16 16:49 - 00049302 _____ C:\Users\danie\Desktop\Addition.txt
2017-02-16 16:47 - 2017-02-19 13:43 - 00022777 _____ C:\Users\danie\Desktop\FRST.txt
2017-02-16 16:47 - 2017-02-19 13:42 - 00000000 ____D C:\Users\danie\Desktop\FRST-OlderVersion
2017-02-16 16:31 - 2017-02-16 16:31 - 00000000 ____D C:\Users\danie\AppData\Local\{FE8BEBBE-9A66-4252-9271-3B862ED0CA94}
2017-02-15 19:20 - 2017-02-15 19:20 - 00000000 ____D C:\Users\danie\AppData\Roaming\Wireshark
2017-02-15 18:13 - 2017-02-15 18:13 - 00001827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-02-15 18:13 - 2017-02-15 18:13 - 00001569 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files\USBPcap
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files (x86)\WinPcap
2017-02-15 18:12 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files\Wireshark
2017-02-15 18:08 - 2017-02-15 18:11 - 49360976 _____ (Wireshark development team) C:\Users\danie\Desktop\Wireshark-win64-2.2.4.exe
2017-02-15 16:05 - 2017-02-19 13:43 - 00000000 ____D C:\FRST
2017-02-15 16:03 - 2017-02-19 13:42 - 02422784 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2017-02-15 14:17 - 2017-02-15 14:17 - 00000000 ____D C:\Program Files (x86)\ESET
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Users\danie\AppData\Roaming\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Program Files\IrfanView
2017-02-13 07:10 - 2017-02-13 07:10 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\Users\danie\Tracing
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-12 17:44 - 2017-02-12 18:30 - 00000000 ____D C:\Phone
2017-02-12 17:13 - 2017-02-12 17:17 - 00000000 ____D C:\Users\danie\AppData\Roaming\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00002126 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2017-02-12 17:07 - 2017-02-12 17:24 - 00000000 ____D C:\Card
2017-02-12 16:12 - 2017-02-12 16:12 - 00000000 ____D C:\Users\danie\Documents\Samsung
2017-02-12 16:11 - 2017-02-12 16:12 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-02-12 16:10 - 2017-02-12 16:11 - 00000000 ____D C:\Users\danie\AppData\Roaming\Samsung
2017-02-12 16:10 - 2016-09-05 05:47 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00716920 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2017-02-12 16:10 - 2016-09-05 05:47 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2017-02-12 16:09 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2017-02-09 13:28 - 2017-02-09 13:28 - 02099905 _____ C:\Users\danie\Downloads\Wohnung_an-ummelden_Hinw_de+en.pdf
2017-02-09 13:28 - 2017-02-09 13:28 - 00334768 _____ C:\Users\danie\Downloads\Bestaetigung_BMG.pdf
2017-02-08 01:29 - 2017-02-08 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-08 00:13 - 2017-02-08 00:13 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE (1).pdf
2017-02-08 00:03 - 2017-02-08 00:03 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE.pdf
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-06 23:48 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments_online_converter#.pdf
2017-02-06 23:42 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Downloads\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.pdf
2017-02-06 23:30 - 2017-02-06 18:31 - 17294189 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu
2017-02-06 23:09 - 2017-02-06 23:09 - 01616807 ____R C:\Users\danie\Documents\koehler_lehmann_2011.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 01102598 ____R C:\Users\danie\Documents\Practical laboratory course_************.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00783869 ____R C:\Users\danie\Documents\lecture 12.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00680777 ____R C:\Users\danie\Documents\9783319055879-c2.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00664591 ____R C:\Users\danie\Documents\Otting_G_2010_Reiview.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00313885 ____R C:\Users\danie\Documents\bertini2001.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00046833 ____R C:\Users\danie\Documents\L_6b_NOE_web.pdf
2017-02-06 18:41 - 2017-02-06 18:42 - 01824882 _____ C:\Users\danie\Documents\product_operator_formalism.pdf
2017-02-06 18:40 - 2017-02-06 18:40 - 02809960 _____ C:\Users\danie\Documents\relaxation_Enhancement.pdf
2017-02-06 18:27 - 2017-02-06 18:27 - 00680777 _____ C:\Users\danie\Downloads\9783319055879-c2.pdf
2017-02-06 18:20 - 2017-02-06 18:21 - 46049143 _____ C:\Users\danie\Downloads\Matthias Findeisen,Stefan Berger 50 and More Essential NMR Experiments. A Detailed Guide.pdf
2017-02-06 16:15 - 2017-02-06 16:15 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495
2017-02-06 16:14 - 2017-02-06 16:14 - 00026285 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495.zip
2017-02-05 21:39 - 2017-02-05 21:50 - 149068460 _____ C:\Users\danie\Downloads\lucifer.213.hdtv-lol.mkv.mp4.mp4
2017-02-05 20:34 - 2017-02-05 20:34 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201
2017-02-05 20:33 - 2017-02-05 20:33 - 00024770 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201.zip
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Users\danie\AppData\Local\Remove_Empty_Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories
2017-02-05 15:13 - 2017-02-05 15:15 - 00404482 _____ (Jonas John ) C:\Users\danie\Downloads\red-v2.2-setup.exe
2017-02-05 12:21 - 2017-02-05 12:21 - 00026159 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991.zip
2017-02-05 12:21 - 2017-02-05 12:21 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991
2017-02-04 22:34 - 2017-02-04 22:56 - 124549923 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2- Episode 11- Stewardess Interruptus.mp4
2017-02-04 22:30 - 2017-02-04 22:51 - 143374537 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2 Episode 12 - Love Handles.mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (5).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (4).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (3).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (2).mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video.mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video (1).mp4
2017-02-04 10:02 - 2016-07-15 19:29 - 05739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2017-02-04 10:02 - 2016-07-15 19:29 - 02629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 19:14 - 06354944 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2017-02-04 10:02 - 2016-07-15 18:45 - 02629120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 18:29 - 05489664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2017-02-04 10:01 - 2017-02-04 10:01 - 00001047 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-01 16:14 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Local\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Roaming\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:13 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00001100 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-30 12:59 - 2017-01-30 12:59 - 36727147 _____ C:\Users\danie\Downloads\Laborarbeit_2016_170130.pdf
2017-01-29 10:49 - 2017-01-29 10:49 - 00450814 _____ C:\Users\danie\Downloads\AGB_208_Strom_Privat_2017_01_NK.pdf
2017-01-25 21:42 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-01-25 21:42 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-01-25 14:50 - 2017-01-25 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-01-23 20:55 - 2017-01-23 20:55 - 00218282 _____ C:\Users\danie\Downloads\Medikamente_Formular.pdf
2017-01-23 19:42 - 2017-01-23 19:51 - 12095930 _____ C:\Users\danie\Downloads\[Manfred_Hesse,_Herbert_Meier,_Bernd_Zeeh]_Spektro(BookFi).pdf
2017-01-23 14:43 - 2017-01-23 14:43 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe_Systems_Incorporate
2017-01-23 14:42 - 2017-01-23 15:04 - 00000000 ____D C:\Users\danie\Documents\My Digital Editions
2017-01-23 14:42 - 2017-01-23 14:42 - 00002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2017-01-23 14:42 - 2017-01-23 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-01-23 14:32 - 2017-01-23 14:50 - 01977054 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_spectroscopy(BookFi) (1).pdf
2017-01-23 14:32 - 2017-01-23 14:41 - 02199824 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_Spectroscopy(BookFi).pdf
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Users\danie\AppData\Local\Passbild_Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Program Files (x86)\Passbild-Generator
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\Program Files\Oracle
2017-01-22 14:31 - 2017-01-22 14:53 - 00000000 ____D C:\Users\danie\Documents\Dateien_script
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\Users\danie\AppData\Roaming\GraphPad Software
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\ProgramData\GraphPad Software

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-19 13:41 - 2016-08-04 20:16 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-02-19 13:36 - 2016-08-15 20:57 - 00000000 ____D C:\Users\danie\AppData\Roaming\Skype
2017-02-19 12:42 - 2016-09-19 20:06 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{116B86B5-D81A-4122-817A-8BCA9244C3FC}
2017-02-19 05:16 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-02-18 18:05 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Local\Spotify
2017-02-18 18:00 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Roaming\Spotify
2017-02-18 16:44 - 2016-08-04 21:52 - 00000000 ____D C:\Users\danie\AppData\Roaming\vlc
2017-02-18 03:55 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-16 22:50 - 2016-08-04 20:24 - 01160194 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-16 22:50 - 2016-07-16 23:51 - 00635004 _____ C:\Windows\system32\perfh007.dat
2017-02-16 22:50 - 2016-07-16 23:51 - 00180588 _____ C:\Windows\system32\perfc007.dat
2017-02-16 22:49 - 2016-08-04 20:22 - 00000000 ____D C:\Users\danie
2017-02-16 22:47 - 2016-08-04 20:25 - 00000000 ___RD C:\Users\danie\OneDrive
2017-02-16 22:44 - 2016-08-04 20:16 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-16 22:44 - 2016-07-16 07:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-02-16 19:09 - 2016-08-06 17:56 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-16 16:42 - 2016-08-04 20:16 - 05002832 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-16 16:41 - 2016-08-05 17:25 - 00000000 ____D C:\Program Files\Adobe
2017-02-16 16:26 - 2016-08-12 14:42 - 00000000 ____D C:\Users\danie\AppData\Roaming\Embarcadero
2017-02-16 16:26 - 2016-08-12 14:42 - 00000000 ____D C:\ProgramData\Embarcadero
2017-02-16 16:15 - 2016-08-05 17:24 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-02-16 16:14 - 2016-08-04 22:19 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-02-16 16:09 - 2016-08-04 22:18 - 00000000 ____D C:\ProgramData\Adobe
2017-02-16 15:51 - 2016-08-04 22:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-02-16 15:51 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Roaming\Adobe
2017-02-16 14:33 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-16 02:00 - 2016-08-04 22:19 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe
2017-02-15 18:13 - 2016-08-04 20:25 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-15 14:16 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF
2017-02-14 21:36 - 2016-09-29 21:40 - 00000000 ____D C:\Users\danie\.VirtualBox
2017-02-13 22:05 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\Documents\Calibre-Bibliothek
2017-02-13 01:17 - 2016-08-04 23:15 - 00007911 _____ C:\Windows\BRRBCOM.INI
2017-02-13 01:03 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Local\Packages
2017-02-12 23:54 - 2016-10-26 20:47 - 00000000 ____D C:\Users\danie\AppData\Roaming\Apple Computer
2017-02-12 17:17 - 2016-08-13 12:08 - 00000000 ____D C:\Users\danie\.android
2017-02-12 17:03 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-02-12 16:11 - 2016-08-05 21:12 - 00000000 ____D C:\ProgramData\Samsung
2017-02-12 16:10 - 2016-08-05 21:12 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-02-12 16:09 - 2016-08-04 23:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-08 01:29 - 2016-08-19 13:44 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 16:14 - 2016-12-06 07:37 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-07 16:14 - 2016-08-04 20:25 - 00002383 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-06 22:30 - 2016-08-04 20:45 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-04 21:17 - 2016-12-05 17:01 - 00000000 ____D C:\Users\danie\AppData\Local\calibre-cache
2017-02-04 21:17 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\AppData\Roaming\calibre
2017-02-04 21:16 - 2017-01-12 16:13 - 00000000 ____D C:\Bio_Linux
2017-02-04 10:02 - 2016-07-16 23:52 - 00000000 ____D C:\Windows\OCR
2017-02-04 10:02 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2017-01-25 14:50 - 2016-08-05 21:13 - 00003352 _____ C:\Windows\System32\Tasks\SamsungMagician
2017-01-23 14:52 - 2016-12-05 16:54 - 00000999 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\Program Files\Calibre2
2017-01-21 21:40 - 2016-08-04 22:05 - 00000000 ____D C:\TMP

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-08-05 17:44 - 2017-01-06 11:58 - 0000034 _____ () C:\Users\danie\AppData\Roaming\AdobeWLCMCache.dat
2016-11-30 10:50 - 2016-11-30 11:36 - 0001456 _____ () C:\Users\danie\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-09-21 20:12 - 2017-01-25 20:15 - 0009668 _____ () C:\Users\danie\AppData\Local\CDXLExtendedShim.log

Einige Dateien in TEMP:
====================
2016-08-10 18:42 - 2016-08-10 18:42 - 36403960 _____ (AppWork GmbH) C:\Users\danie\AppData\Local\Temp\JDSetup131153245463239802.exe
2016-08-13 07:56 - 2016-08-13 07:56 - 0741440 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u101-windows-au.exe
2017-01-18 21:04 - 2017-01-18 21:04 - 0739904 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-09-19 18:45 - 2016-09-19 18:45 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\M9MYQW4AVM.DLL
2017-01-05 10:04 - 2017-01-05 10:05 - 2858376 _____ () C:\Users\danie\AppData\Local\Temp\npp.7.2.2.Installer.exe
2017-02-19 13:43 - 2017-02-19 13:43 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole4307819756868102623.dll
2017-02-19 13:43 - 2017-02-19 13:43 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole564696079977486359.dll
2017-02-19 13:42 - 2017-02-19 13:42 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole8957034634630705554.dll
2016-09-19 18:47 - 2016-09-19 18:47 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\QD62A0GERA.DLL
2016-11-23 23:47 - 2016-11-23 23:47 - 14700056 _____ (Samsung Electronics                                         ) C:\Users\danie\AppData\Local\Temp\Samsung_Magician_Installer.exe
2015-08-03 00:58 - 2015-08-03 00:58 - 0118784 _____ () C:\Users\danie\AppData\Local\Temp\xmlUpdater.exe
2016-09-19 18:46 - 2016-09-19 18:46 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YJMCG40G3G.DLL
2016-09-19 18:54 - 2016-09-19 18:54 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YR6884GKNC.DLL

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-09 22:03

==================== Ende von FRST.txt ============================
         
Additions.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-02-2017 01
durchgeführt von danie (19-02-2017 13:44:38)
Gestartet von C:\Users\danie\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-04 19:21:16)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2044849159-1042748084-43516897-500 - Administrator - Disabled)
danie (S-1-5-21-2044849159-1042748084-43516897-1001 - Administrator - Enabled) => C:\Users\danie
DefaultAccount (S-1-5-21-2044849159-1042748084-43516897-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2044849159-1042748084-43516897-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2044849159-1042748084-43516897-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ActivePerl 5.24.0 Build 2400 (64-bit) (HKLM\...\{C89FA3E7-29C4-4A60-AFB9-40E04715AE78}) (Version: 5.24.2400 - ActiveState)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.3 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Verifier x64 External Package (Version: 10.1.10586.212 - Microsoft) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0005 - ASUS)
Avogadro (HKLM-x32\...\Avogadro) (Version: 1.2.0 - Humanity)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
calibre 64bit (HKLM\...\{35E6D951-3B09-4FF3-BE67-EAEC919ADCCF}) (Version: 2.77.0 - Kovid Goyal)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Logitech Gaming Software 8.84 (HKLM\...\Logitech Gaming Software) (Version: 8.84.15 - Logitech Inc.)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{BA62A9E2-7BB4-4D4A-8C5F-CC03C35491BD}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{6C8591F8-C4FC-4A64-9E21-7F35F1D51D09}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\OneDriveSetup.exe) (Version: 17.3.6764.0111 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MSI Development Tools (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.14 (HKLM\...\{6AE61854-0F78-49E3-ABCC-586FB43CE709}) (Version: 5.1.14 - Oracle Corporation)
Passbild-Generator v4.0b (HKLM-x32\...\Passbild-Generator_is1) (Version:  - Passbild-Generator)
PeaZip 6.1.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PerkinElmer ChemOffice Professional 2015 (HKLM-x32\...\{83DBA37B-B24C-431B-9D7B-8331D28A067C}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 15.0 (HKLM-x32\...\{2623D946-2CA9-4E69-A6C1-DDFA46C87EFF}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PixelRuler v9.2.0.0 (HKLM-x32\...\PixelRuler_is1) (Version:  - pixelruler.de)
Python 3.2 pywin32-217 (HKLM-x32\...\pywin32-py3.2) (Version:  - )
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SDK Debuggers (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.) Hidden
SpeedCommander 16 (x64) (HKLM\...\SpeedCommander 16 (x64)) (Version: 16.10.8200 - SWE Sven Ritter)
Spotify (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TeXstudio 2.11.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.11.2 - Benito van der Zander)
Ttf2Pt1-3.4.4 Complete package, except sources (GnuWin32) (HKLM-x32\...\Ttf2Pt1-3.4.4_is1) (Version: 3.4.4 - GnuWin32)
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
USBPcap 1.1.0.0-g794bf26-5 (HKLM\...\USBPcap) (Version: 1.1.0.0-g794bf26-5 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMD 1.9.2 (HKLM-x32\...\{089F161A-EFCE-44D8-8D38-C401835D93E4}) (Version: 1.9.2 - University of Illinois)
WinAppDeploy (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Wireshark 2.2.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.4 - The Wireshark developer community, hxxps://www.wireshark.org)
WPT Redistributables (x32 Version: 10.1.10586.212 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.10586.212 - Microsoft) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2044849159-1042748084-43516897-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {192D2D98-33A9-4EC4-9896-6FF0C2F8F337} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {21FAC54D-1678-4675-8BC9-4CFB8004D976} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {2A46A2EC-BEC1-4EF0-AB35-CF4026FF8DFC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {2F9B9EB7-8613-4AB6-89EA-193DCB9B5FB8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {33E73081-717D-48AC-9FE4-D126E55A4431} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {43415A32-378E-4EB8-9888-7CC810B35503} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {7136E34E-8CFD-4EEB-A47C-2221B55774CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {7AB6AA19-0881-4D27-8734-95F1B6164C0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {A0D5D4A8-1C95-4B18-95E6-3B7B9B03B510} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {A7A917FF-05B5-4013-AF77-89757CB96BF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {B95FFCBA-EC40-4792-96F7-42EC9FCFB7F8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {BAC026DE-071D-4FA8-A31D-F272109D4A64} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {C52BC44A-09E4-4F94-AAD5-965EFF8915ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {C77C0E0B-0D42-475D-BC83-4156B05B7D05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {DA460F4D-3A1E-443A-A492-F52BA5AA3B65} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {DD017D0F-4CB4-44C9-8DB1-CA13F34F5A70} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {E1DB79CC-94D1-436F-8912-85669F1E4F76} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {E6A3C464-5455-47C3-B476-5E347A934207} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E90A764A-D783-42CA-9F23-796C2E800325} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-01] (AVAST Software)
Task: {EB55E557-F628-48AC-AEAC-F6E76FAC4A7A} - System32\Tasks\SafeZone scheduled Autoupdate 1470502893 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-04 23:14 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2016-08-04 23:41 - 2016-06-25 07:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-09-13 23:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 22:58 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 22:58 - 2016-12-21 08:08 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-02-10 05:19 - 2017-02-10 05:19 - 13170368 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-02-10 05:19 - 2017-02-10 05:19 - 01200840 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-18 03:55 - 2017-02-18 03:55 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-18 03:55 - 2017-02-18 03:55 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-18 03:55 - 2017-02-18 03:55 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 09:09 - 2017-02-06 09:09 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\roottools.dll
2017-02-18 03:55 - 2017-02-18 03:55 - 00132608 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.Proxies.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 08:42 - 2016-11-23 08:42 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-04 20:47 - 2016-08-04 20:47 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2016-07-17 00:01 - 2016-07-17 00:01 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-01-11 22:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 22:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-14 22:04 - 2017-02-14 22:04 - 31178840 _____ () C:\Users\danie\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll
2016-08-04 23:14 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-08-04 23:41 - 2015-05-26 18:54 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu:com.dropbox.attributes [168]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\sharepoint.com -> hxxps://campussachsen-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2017-02-16 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\StartupApproved\StartupFolder: => "PixelRuler.lnk"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1E52F9A0-5820-47E5-8672-581F7A139665}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{C760F8E6-1F3E-4303-85A1-D7D7DB698AC7}] => (Allow) LPort=54925
FirewallRules: [{CDD216A4-B2B0-4EDA-AE45-F71EBAA4CD0C}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{119E2607-1EE9-40CF-B1BD-2C344119A791}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{1DF0FA43-BD46-4CA8-9B4F-1ADF0D4F4E4E}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{07EC27C9-3E14-433C-A2A0-C403AD5B5BAE}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{29D3A4D9-75EE-48E5-9E6B-9C58606AD4FE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F7BE5DE8-B108-4817-8518-4ED78E78DE22}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{542D9C41-4F9E-44AC-8520-DB38A6F29DF2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A847E550-A2C4-4C24-B245-3C03AD9813FC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{49841A41-40C0-4730-83B6-6DF320171517}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5F130595-1397-4E60-A7CC-6AFC28052F4D}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DB9B22F4-7909-489B-859B-BFD5764AAF13}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [UDP Query User{F2A88DBE-BFE0-4B54-9CBA-BEAC9A26F1E3}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [TCP Query User{E183CA1A-F191-4A9F-B161-DAFAD52679FC}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [UDP Query User{C668A88D-4CD0-498C-A458-7AAC9F0AFFC3}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [{9186B335-8F0C-479A-A177-4B8FCE56AE09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C35D2E0E-F8C4-4FCB-BFEE-C35010B929E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{09761B78-77BE-49E1-AAC8-C2D198097C5E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E84533B9-C293-426C-AE30-EE6021FADE42}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C17E3F4B-84A0-44A1-A35E-C579D68D3032}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08503169-D484-4A9E-8BB1-E5FA2C814D3E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DEBAD8D2-6378-49E7-A0CA-8D8CAB4B9F44}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4646391F-477D-4873-84C6-0EEE30A07566}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3B66BF7C-967C-48C2-9A30-6D1CD1253433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9DBFAEF7-75AF-4A58-9E8A-BFAA3F1712A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AA630F4F-BF9C-421A-8167-16690F5535B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{033A785A-04DF-4328-8713-FE0B4EE558B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3780DA59-0B92-4A18-A096-DE153E950AFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{51508A9E-D29B-40A9-85C5-F551CE724B2D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{5D15864C-AC2E-4DFB-83BC-92E57F81009A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Wiederherstellungspunkte =========================

02-02-2017 02:44:55 Geplanter Prüfpunkt
12-02-2017 16:09:16 Installed Smart Switch
15-02-2017 18:12:46 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649
16-02-2017 22:47:32 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/19/2017 10:28:08 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/19/2017 10:28:08 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0006; CorrelationId: {C3BA97CF-2C95-4978-A98C-7C1F4E61FE74}

Error: (02/18/2017 04:45:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2953

Error: (02/18/2017 04:45:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2953

Error: (02/18/2017 04:45:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/18/2017 04:45:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1422

Error: (02/18/2017 04:45:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1422

Error: (02/18/2017 04:45:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/18/2017 02:30:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7078

Error: (02/18/2017 02:30:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7078


Systemfehler:
=============
Error: (02/19/2017 01:43:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/19/2017 01:43:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/19/2017 01:41:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/19/2017 10:45:04 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/19/2017 10:43:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/19/2017 10:43:04 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/19/2017 10:41:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/19/2017 04:11:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/19/2017 04:09:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/19/2017 04:09:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-02-16 20:29:22.371
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-16 20:29:22.369
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-16 20:27:56.765
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-16 20:27:56.763
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-07 16:02:25.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-07 16:02:25.973
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-01 10:03:52.930
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-01 10:03:52.928
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-25 14:43:23.529
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-25 14:43:23.527
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8116.55 MB
Verfügbarer physikalischer RAM: 4233.66 MB
Summe virtueller Speicher: 9396.55 MB
Verfügbarer virtueller Speicher: 4712.08 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:209.11 GB) (Free:96.19 GB) NTFS
Drive d: (OS) (Fixed) (Total:115.98 GB) (Free:7.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (DATA) (Fixed) (Total:329.79 GB) (Free:44.16 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=464 MB) - (Type=27)
Partition 4: (Not Active) - (Size=329.8 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 6B8C4C4B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=209.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 19.02.2017, 15:14   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast - svchost geblockt Malware Link - Standard

Avast - svchost geblockt Malware Link



Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Avast - svchost geblockt Malware Link
adobe, antivirus, bonjour, converter, defender, device driver, downloader, google, home, installation, launch, malware, monitor, mozilla, popup, proxy, prozesse, realtek, rundll, security, software, svchost, svchost.exe, system, udp, warnung, windows



Ähnliche Themen: Avast - svchost geblockt Malware Link


  1. Win 10 - Sparkasse wird geblockt - Avast zeigt URL:Mal an
    Log-Analyse und Auswertung - 21.03.2016 (39)
  2. Avast erkennt Malware Prozess:prgramme32/svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 16.07.2015 (8)
  3. svchost.exe Avast geblockt
    Plagegeister aller Art und deren Bekämpfung - 17.06.2015 (13)
  4. Trojaner "c:\windows\system32\svchost.exe "Avast - Infektion geblockt"
    Log-Analyse und Auswertung - 07.06.2015 (16)
  5. c:\windows\system32\svchost.exe "Avast - Infektion geblockt"
    Log-Analyse und Auswertung - 07.03.2015 (11)
  6. vermutlich trojaner/ zugriff auf antivirusprogramm avast geblockt / auch nicht möglich zu deinstallieren/ adminrechte wurden verändert
    Plagegeister aller Art und deren Bekämpfung - 17.02.2015 (29)
  7. E-mail Link geöffnet- Virusmeldung von Avast
    Plagegeister aller Art und deren Bekämpfung - 13.11.2014 (5)
  8. Avast blockt Youtube Link
    Plagegeister aller Art und deren Bekämpfung - 10.09.2014 (5)
  9. Avast wurde durch eine Gruppenrichtlinie geblockt
    Plagegeister aller Art und deren Bekämpfung - 01.06.2014 (9)
  10. Avast und Malwarebytes Anti-Malware werdenvon gruppenrichtlinie geblockt + aussergewöhnliche meldung nach dem bootvorgang.
    Plagegeister aller Art und deren Bekämpfung - 16.05.2014 (11)
  11. svchost prozess wird von avast geblockt Win-XP
    Log-Analyse und Auswertung - 31.12.2013 (10)
  12. Avast bösartige Webseite geblockt! URL:Mal
    Plagegeister aller Art und deren Bekämpfung - 02.11.2012 (2)
  13. email link Malware Funde Heur.PE@4294967295, Malware@#nwdk01o66rpro, Malware@#2x6qrvr63cjrw
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (10)
  14. avp.exe von Malewarebytes' Anti-Malware ,,geblockt´´
    Log-Analyse und Auswertung - 04.07.2011 (16)
  15. Verdacht auf Rootkit, Antivirenherstellerseiten werden geblockt, ständ. svchost.exe connects
    Plagegeister aller Art und deren Bekämpfung - 21.08.2010 (7)
  16. unbekannte ip wird von malware bytes geblockt
    Plagegeister aller Art und deren Bekämpfung - 23.03.2010 (2)
  17. IE popup "Nokia link" nicht geblockt.
    Log-Analyse und Auswertung - 16.09.2005 (3)

Zum Thema Avast - svchost geblockt Malware Link - Liebes Team, Ich habe heute folgende Warnung von Avast! bekommen: Code: Alles auswählen Aufklappen ATTFilter 15.02.2017 13:43:56 https://131.253.61.84/ [L] URL:Mal (0) 15.02.2017 13:44:30 https://131.253.61.84/ [L] URL:Mal (0) 15.02.2017 13:45:02 https://131.253.61.84/ - Avast - svchost geblockt Malware Link...
Archiv
Du betrachtest: Avast - svchost geblockt Malware Link auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.