Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win 8.1: Avast meldet VBS:Malware-gen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.02.2017, 10:45   #1
Damina1997
 
Win 8.1: Avast meldet VBS:Malware-gen - Unglücklich

Win 8.1: Avast meldet VBS:Malware-gen



Guten Morgen,
seit heute meldet mir Avast ständig eine Bedrohung. Das sieht dann folgendermaßen aus:
Code:
ATTFilter
Bedrohung blockiert
Objekt: https://api.twitch.tv/api/channels/(Name des Streamers)
Infektion: VBS:Malware-gen
Prozess: C:\Program Files(x86)\Google\Chrome\Application\chrome.exe[/B]
Das Objekt variiert nur je nach Streamer (anderer Name) oder das Objekt wird auch manchmal als Chat angegeben.
         
Die FRST.txt:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-02-2017
durchgeführt von Denise (Administrator) auf DENISE-NOTEBOOK (22-02-2017 10:37:44)
Gestartet von C:\Users\Denise\Downloads
Geladene Profile: Denise (Verfügbare Profile: Denise)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Mojang) C:\Users\Denise\Downloads\Minecraft.exe
(Mojang) C:\Users\Denise\Downloads\Minecraft.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-13] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1057848 2017-02-20] ()
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify Web Helper] => C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-21] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify] => C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-02-21] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-09-29] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Discord] => C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
Startup: C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-12-19]
ShortcutTarget: Curse.lnk -> C:\Users\Denise\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BF9CCFC1-6FCA-4ABF-8044-CAB8EB45663B}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E5937EBF-A255-40C3-B2F8-6204570F2CF3}: [DhcpNameServer] 192.168.24.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome: 
=======
CHR Profile: C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default [2017-02-22]
CHR Extension: (Google Präsentationen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-04]
CHR Extension: (Google Docs) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-04]
CHR Extension: (Google Drive) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (YouTube) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-04]
CHR Extension: (Adblock Plus) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-28]
CHR Extension: (Google-Suche) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Avast Online Security) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-12-14]
CHR Extension: (FrankerFaceZ) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2015-12-17]
CHR Extension: (Google Tabellen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-14]
CHR Extension: (Twitch Live) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2017-01-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-25]
CHR Extension: (Google Mail) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-09-10] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-29] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-29] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-29] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-17] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-17] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325112 2017-02-20] (Overwolf LTD)
S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-13] (Plays.tv, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4221952 2014-09-09] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-09-19] (ASUS Corporation)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-29] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-28] (Bluestack System Inc. )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 DfSdkS; kein ImagePath
U0 msahci; system32\drivers\msahci.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-22 10:37 - 2017-02-22 10:38 - 00028397 _____ C:\Users\Denise\Downloads\FRST.txt
2017-02-22 10:37 - 2017-02-22 10:37 - 00000000 ____D C:\FRST
2017-02-22 10:30 - 2017-02-22 10:30 - 02422784 _____ (Farbar) C:\Users\Denise\Downloads\FRST64.exe
2017-02-20 13:20 - 2017-02-20 13:20 - 00178819 _____ C:\Users\Denise\Downloads\Xray Ultimate 1.11 v2.1.2.zip
2017-02-14 16:13 - 2017-02-14 16:13 - 00000000 ____D C:\Windows\LastGood
2017-02-14 16:13 - 2016-04-14 06:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-02-14 16:13 - 2016-04-14 06:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-02-14 16:13 - 2016-04-14 06:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-02-14 13:04 - 2017-02-14 13:04 - 00000000 ____D C:\Users\Denise\AppData\Local\TeamSpeak 3
2017-02-14 13:04 - 2017-02-14 13:04 - 00000000 ____D C:\Users\Denise\.TeamSpeak 3
2017-02-10 12:25 - 2017-02-10 12:25 - 00104441 _____ C:\Users\Denise\Downloads\Baubles-1.10.2-1.3.6.jar
2017-02-10 12:22 - 2017-02-10 12:23 - 00000000 ____D C:\Users\Denise\Downloads\game
2017-02-10 12:22 - 2017-02-10 12:22 - 38810496 _____ (Mojang) C:\Users\Denise\Downloads\Minecraft.exe
2017-02-10 12:21 - 2017-02-10 12:21 - 00000000 ____D C:\Users\Denise\Downloads\BattleTowers-1.10.2
2017-02-10 12:20 - 2017-02-10 12:20 - 00323120 _____ C:\Users\Denise\Downloads\Just-Enough-Items-Mod-1.10.2.jar
2017-02-10 12:16 - 2017-02-10 12:16 - 00152006 _____ C:\Users\Denise\Downloads\CodeChickenCore-1.10.2-2.1.8.79-universal.jar
2017-02-10 12:13 - 2017-02-10 12:13 - 06159026 _____ C:\Users\Denise\Downloads\BiomesOPlenty-1.10.2-5.0.0.2096-universal.jar
2017-02-10 12:12 - 2017-02-10 12:12 - 00108857 _____ C:\Users\Denise\Downloads\XaerosWorldMap_b1.7_Forge_1.10.2.jar
2017-02-10 12:08 - 2017-02-10 12:08 - 00919120 _____ C:\Users\Denise\Downloads\mysticalagriculture[1.10.2]-1.3.8a.jar
2017-02-10 12:06 - 2017-02-10 12:06 - 00504115 _____ C:\Users\Denise\Downloads\ShadowMC-1.10.2-3.6.1.jar
2017-02-10 12:05 - 2017-02-10 12:05 - 00031953 _____ C:\Users\Denise\Downloads\LargeVeins-1.10.2-1.0.0.jar
2017-02-10 12:04 - 2017-02-10 12:04 - 03055612 _____ C:\Users\Denise\Downloads\Pam's HarvestCraft 1.9.4-1.10.2h.jar
2017-02-10 11:59 - 2017-02-10 11:59 - 01700039 _____ C:\Users\Denise\Downloads\BattleTowers-1.10.2.zip
2017-02-10 11:58 - 2017-02-10 11:58 - 01087335 _____ C:\Users\Denise\Downloads\PrimordialCrops-v1.7c_mc1.9.4.jar
2017-02-10 11:58 - 2017-02-10 11:58 - 00557535 _____ C:\Users\Denise\Downloads\StorageDrawers-1.10.2-3.5.17.jar
2017-02-10 11:58 - 2017-02-10 11:58 - 00094810 _____ C:\Users\Denise\Downloads\Chameleon-1.10-2.2.2.jar
2017-02-09 15:32 - 2017-02-09 15:32 - 13854393 _____ C:\Users\Denise\Downloads\Botania r1.9-340.jar
2017-02-09 15:03 - 2017-02-09 15:03 - 00254633 _____ C:\Users\Denise\Downloads\infinitylib-0.6.2.jar
2017-02-09 14:59 - 2017-02-09 14:59 - 04591052 _____ C:\Users\Denise\Downloads\forge-1.10.2-12.18.3.2221-installer.jar
2017-02-09 14:53 - 2017-02-09 14:53 - 04353862 _____ C:\Users\Denise\Downloads\forge-1.10-12.18.0.2000-1.10.0-installer.jar
2017-02-09 14:52 - 2017-02-09 14:53 - 01175727 _____ C:\Users\Denise\Downloads\agricraft-2.0.0-0.6.0-a10.jar
2017-02-08 22:20 - 2017-02-08 22:20 - 00000000 ____D C:\Users\Denise\Documents\BnS
2017-02-08 17:42 - 2017-02-08 17:42 - 00002248 _____ C:\Users\Public\Desktop\Blade & Soul.lnk
2017-02-08 17:42 - 2017-02-08 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2017-02-08 17:42 - 2017-02-08 17:42 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2017-02-08 17:41 - 2017-02-08 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2017-02-08 17:41 - 2017-02-08 17:41 - 00000000 ____D C:\Program Files (x86)\NCWest
2017-02-08 17:30 - 2017-02-08 17:40 - 227200840 _____ (NC Interactive, LLC) C:\Users\Denise\Downloads\BnS_Lite_Installer.exe
2017-02-08 05:42 - 2017-02-08 05:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-05 12:26 - 2017-02-10 12:22 - 00000220 _____ C:\Users\Denise\Downloads\updateLog.txt
2017-02-04 10:39 - 2017-02-04 10:39 - 00068256 _____ C:\Users\Denise\Downloads\2014-10-08 Lebenslauf.pdf
2017-02-04 10:37 - 2017-02-04 10:37 - 00047468 _____ C:\Users\Denise\Downloads\Anschreiben.pdf
2017-02-02 20:38 - 2017-02-10 12:23 - 00000000 ____D C:\Users\Denise\Downloads\tmp
2017-02-02 20:38 - 2017-02-02 20:38 - 00000000 ____D C:\Users\Denise\Downloads\tools

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-22 10:27 - 2015-11-04 18:24 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-22 09:40 - 2015-11-04 15:20 - 00001246 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-02-21 22:53 - 2015-11-04 16:10 - 00000000 ____D C:\Users\Denise\AppData\Local\Spotify
2017-02-21 22:53 - 2015-11-04 16:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Spotify
2017-02-21 22:08 - 2015-11-04 15:27 - 00000000 ____D C:\Users\Denise\AppData\Roaming\TS3Client
2017-02-21 20:42 - 2016-12-19 15:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.minecraft
2017-02-21 20:40 - 2016-11-17 16:10 - 00001312 _____ C:\Users\Denise\Downloads\nativelog.txt
2017-02-21 19:40 - 2015-11-04 15:20 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-02-21 12:00 - 2016-08-01 11:33 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-02-21 12:00 - 2015-11-04 15:14 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-02-21 03:28 - 2015-11-04 15:27 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-02-19 18:19 - 2015-11-04 15:11 - 00000165 _____ C:\Users\Denise\AppData\Roaming\sp_data.sys
2017-02-19 10:36 - 2016-09-10 12:49 - 02234368 ___SH C:\Users\Denise\Downloads\Thumbs.db
2017-02-18 15:56 - 2015-11-04 15:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2606138470-3405722970-712637843-1001
2017-02-18 05:16 - 2016-12-09 19:49 - 00002370 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-02-18 05:16 - 2016-12-06 02:32 - 00003188 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-18 05:16 - 2016-02-21 13:41 - 00003196 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2606138470-3405722970-712637843-1001
2017-02-17 13:23 - 2016-07-25 09:11 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Origin
2017-02-17 11:48 - 2016-07-25 09:11 - 00000000 ____D C:\ProgramData\Origin
2017-02-17 11:45 - 2016-07-25 09:10 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-16 16:42 - 2016-01-08 16:39 - 00000000 ____D C:\Users\Denise\Documents\Euro Truck Simulator 2
2017-02-15 16:01 - 2015-11-21 23:37 - 00001495 _____ C:\Users\Denise\Desktop\Shuffle Fanfiction ab Teil 20.lnk
2017-02-15 15:48 - 2016-02-16 01:18 - 00000000 ____D C:\Users\Denise\Documents\American Truck Simulator
2017-02-14 16:15 - 2015-11-07 13:31 - 00000000 ____D C:\Users\Denise\AppData\Local\NVIDIA Corporation
2017-02-14 16:15 - 2015-11-04 15:09 - 00000000 ____D C:\Users\Denise\AppData\Local\NVIDIA
2017-02-14 16:14 - 2015-11-07 13:31 - 00001395 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-02-14 16:14 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-02-14 13:15 - 2016-11-16 14:27 - 00000000 ____D C:\Users\Denise\Documents\Texte
2017-02-14 13:04 - 2015-11-04 15:05 - 00000000 ____D C:\Users\Denise
2017-02-14 13:03 - 2015-11-04 15:27 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-02-12 14:51 - 2015-12-27 22:36 - 00000000 ____D C:\Users\Denise\AppData\Local\CrashDumps
2017-02-12 11:28 - 2016-08-30 14:36 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Temp
2017-02-12 11:27 - 2016-10-29 22:36 - 00000000 ____D C:\Windows\Minidump
2017-02-11 21:53 - 2016-12-19 13:07 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Curse Client
2017-02-11 21:53 - 2015-11-04 15:13 - 00001539 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2017-02-11 21:53 - 2015-11-04 15:13 - 00000000 ____D C:\Users\Denise\OneDrive
2017-02-11 21:51 - 2015-11-04 15:27 - 00000000 ____D C:\Users\Denise\AppData\Local\Overwolf
2017-02-11 21:48 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-11 21:48 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-08 22:39 - 2016-09-13 10:24 - 00000000 ____D C:\Users\Denise\AppData\Roaming\discord
2017-02-08 22:34 - 2015-11-04 15:20 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-08 17:42 - 2015-03-18 13:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-06 20:53 - 2015-11-04 15:18 - 00002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-04 11:16 - 2016-10-01 21:14 - 00000000 ____D C:\Users\Denise\Downloads\Bilder für Schatz
2017-02-03 01:29 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-25 16:05 - 2014-10-29 13:02 - 00767018 _____ C:\Windows\system32\perfh007.dat
2017-01-25 16:05 - 2014-10-29 13:02 - 00159786 _____ C:\Windows\system32\perfc007.dat
2017-01-25 16:05 - 2014-03-18 16:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-04 15:11 - 2017-02-19 18:19 - 0000165 _____ () C:\Users\Denise\AppData\Roaming\sp_data.sys
2016-07-12 22:15 - 2016-07-12 22:15 - 0001454 _____ () C:\Users\Denise\AppData\Local\recently-used.xbel
2016-02-29 23:33 - 2016-05-28 13:10 - 0007606 _____ () C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2015-03-18 13:53 - 2015-03-18 13:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 07:25 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 07:25 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 07:25 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Einige Dateien in TEMP:
====================
2017-02-13 13:31 - 2017-02-13 13:31 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2942103387282646387.dll
2017-02-12 11:29 - 2017-02-12 11:29 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5506774322074654494.dll
2017-02-13 13:12 - 2017-02-13 13:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-7103026082983069715.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-08 04:36

==================== Ende von FRST.txt
         
Und die Additions.txt:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-02-2017
durchgeführt von Denise (22-02-2017 10:39:05)
Gestartet von C:\Users\Denise\Downloads
Windows 8.1 (Update) (X64) (2015-11-04 14:07:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2606138470-3405722970-712637843-500 - Administrator - Disabled)
Denise (S-1-5-21-2606138470-3405722970-712637843-1001 - Administrator - Enabled) => C:\Users\Denise
Gast (S-1-5-21-2606138470-3405722970-712637843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2606138470-3405722970-712637843-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.39 - Ashampoo GmbH & Co. KG)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.61.6289 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Car Mechanic Simulator 2015 (HKLM-x32\...\Steam App 320300) (Version:  - Red Dot Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Diesel Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 World Adventures) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.24.102.1020 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.293.1110 - Electronic Arts Inc.)
Digimon Masters Online (HKLM\...\Steam App 537180) (Version:  - Move Games Co., Ltd.)
Discord (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
Farming Simulator 17 (HKLM\...\Steam App 447020) (Version:  - Giants Software)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version:  - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hello Kitty Online POD Installer (HKLM-x32\...\{0150D55C-0FEE-4F1D-BEE5-085C0DD2B476}_is1) (Version: 1.9.9.0.2 - SANRIODIGITAL GAMES & ENTERTAINMENT INC)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Layers of Fear (HKLM\...\Steam App 391720) (Version:  - Bloober Team SA)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version:  - )
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3c3ba69a-df4e-4526-88e4-04f1ff87fc0d}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.102.217.0 - Overwolf Ltd.)
Parkitect (HKLM\...\Steam App 453090) (Version:  - Texel Raptor)
Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.23) (Version: 2.0.23 - Ikara Software Limited)
Pixelmon Launcher (Beta) (x32 Version: 2.0.23 - Ikara Software Limited) Hidden
Plantera (HKLM\...\Steam App 421040) (Version:  - VaragtP)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.3-r114511-release - Plays.tv, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc)
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Slime Rancher (HKLM\...\Steam App 433340) (Version:  - Monomi Park)
Spotify (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Bunker (HKLM\...\Steam App 481110) (Version:  - Splendy Interactive)
The Guest (HKLM\...\Steam App 402040) (Version:  - Team Gotham)
The Walking Dead (HKLM\...\Steam App 207610) (Version:  - Telltale Games)
TruckersMP 0.2.1.3.5 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.3.5 Alpha - TruckersMP Team)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unreal Development Kit: 2012-07 (HKLM\...\UDK-85b1f5f2-c617-4d5a-942e-760c69695908) (Version:  - Epic Games, Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Viscera Cleanup Detail (HKLM\...\Steam App 246900) (Version:  - RuneStorm)
Viscera Cleanup Detail: Shadow Warrior (HKLM\...\Steam App 255520) (Version:  - RuneStorm)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zoo Tycoon 2 (HKLM-x32\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2606138470-3405722970-712637843-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Denise\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileCoAuthLib64.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07321C46-5DD2-47DA-BA1C-EFB16558C116} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {19322365-6413-495C-B6B3-587BB1FDA412} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-12] (Microsoft Corporation)
Task: {24903DAB-555C-44AD-B392-68D313BA773A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {2E7D7964-FBA0-4755-BE9C-5B2D86AFE095} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {3A1F1DDC-02BA-45AB-9A82-ECD4902A6552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {401F971E-3089-45D6-8760-58EB4216B3F2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {4438B3D2-206C-48AA-9028-CA480F4D5768} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {55F9F674-3A2E-4C68-BF66-58AA1955A108} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {62687EC0-BB73-4EA9-8F8E-A800049FE0D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {83E8A086-C6C3-47AA-AB55-4393D5D1DC5E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-09] (AVAST Software)
Task: {911D73C4-9DE2-46B8-B701-59970283A9CF} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
Task: {983DD468-029B-4F16-A77A-310293C8F729} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-02-20] (Overwolf LTD)
Task: {AB6DFF50-8E3D-419E-9173-D8DC9D6AF47B} - System32\Tasks\{F4B0E50F-1D1D-49E4-A13D-11BAF2D67674} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/de/abandoninstall?page=tsProgressBar
Task: {B847F2D4-38DE-46D7-ABE1-0C0479CAECEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {C7BC1FBC-F945-4AE4-9085-6C1B363A0A18} - System32\Tasks\SafeZone scheduled Autoupdate 1458924489 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {D1F5C5CF-4FF7-4A25-8165-75DEB8385C6A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {D66A24C1-B98B-4B82-9873-5C95D27B7780} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {D9298A94-FF7B-4008-B247-DC3F13B8B46E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {DD3036A7-097E-4B04-A710-EFE3E721B2F2} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {E81BCDCC-2BD4-422C-B3D3-FA24F205F188} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {F2987583-C64B-4210-8369-6D05BCDC321D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek)
Task: {F349EF15-C2F3-46B0-8189-E5FF70116D2B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-18 13:49 - 2016-01-23 02:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-16 11:17 - 2016-03-16 11:17 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-01-14 03:24 - 2014-12-15 06:26 - 00392592 _____ () C:\Windows\system32\igfxTray.exe
2016-06-10 16:22 - 2016-06-10 16:22 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-01 12:35 - 2016-06-15 02:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-01 12:35 - 2016-06-15 02:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-09-09 02:23 - 2016-09-09 02:23 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-09 02:23 - 2016-09-09 02:23 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-02-22 02:05 - 2017-02-22 02:05 - 05989072 _____ () C:\Program Files\AVAST Software\Avast\defs\17022101\algo.dll
2014-11-05 13:44 - 2014-11-05 13:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-05 13:44 - 2014-11-05 13:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-11-04 18:26 - 2016-12-23 19:28 - 00657184 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-11-04 18:26 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-11-04 18:26 - 2017-01-19 02:30 - 02327840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-11-04 18:26 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-11-04 18:26 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-11-04 18:26 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-11-04 18:26 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-11-04 18:26 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-11-04 18:26 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-11-04 18:26 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-04 18:26 - 2017-01-19 02:30 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 20:47 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-01-11 22:22 - 2017-01-04 14:28 - 01958912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-25 16:02 - 2017-01-25 16:02 - 01082880 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-25 16:02 - 2017-01-25 16:02 - 03750400 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-25 16:02 - 2017-01-25 16:02 - 00914432 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-25 16:02 - 2017-01-25 16:02 - 01127424 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2016-06-30 23:52 - 2016-06-30 23:52 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-01-11 22:22 - 2017-01-04 14:28 - 02278912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 22:22 - 2017-01-04 14:28 - 00096768 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-02-11 21:50 - 2017-02-11 21:50 - 00148992 _____ () \\?\C:\Users\Denise\AppData\Local\Temp\2E69.tmp.node
2017-01-25 16:02 - 2017-01-25 16:02 - 02658304 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-25 16:03 - 2017-01-25 16:03 - 02130432 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2016-12-13 21:35 - 2017-01-05 04:12 - 68813088 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-11-04 18:26 - 2017-01-19 02:30 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-01-06 16:40 - 2015-01-06 16:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-02-06 20:53 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 20:53 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2015-11-04 18:26 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2015-11-07 13:31 - 2016-06-15 02:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-02-10 12:22 - 2017-02-10 12:22 - 05912064 _____ () C:\Users\Denise\Downloads\game\launcher.dll
2017-02-10 12:22 - 2017-02-10 12:22 - 63805440 _____ () C:\Users\Denise\Downloads\game\libcef.dll
2017-02-10 12:23 - 2017-02-10 12:23 - 01872896 _____ () C:\Users\Denise\Downloads\game\libglesv2.dll
2017-02-10 12:23 - 2017-02-10 12:23 - 00078848 _____ () C:\Users\Denise\Downloads\game\libegl.dll
2017-02-14 22:00 - 2017-02-02 12:30 - 17840216 _____ () C:\Users\Denise\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Denise\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Spotify"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C852CC74-3AB4-4C98-941B-BE20D823E1A1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0EA8F599-958B-4D85-A13E-12C272DD6E06}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{692D9FC0-DB01-4E87-B382-E26EF1BC663B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0F62AF29-AE03-4711-B9C8-962924E57F03}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CFCD695A-B70B-4899-88EB-6D98EEDFDB01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe
FirewallRules: [{76DCA23A-E0EE-4AA5-A85C-4818EBD2E7CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe
FirewallRules: [{50F34949-4DD3-4672-9DE9-83CE38D0B294}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8FEAF39F-D717-4E2F-A0E3-FC65F540E1C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2B36FE30-2449-46D2-B4FA-4785C2ACF641}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FD1B3530-E5D5-4CAA-9697-80927BF9D090}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E76FD92-8B5C-4994-9F60-4C88D5550984}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90E74E70-64DE-48C4-BE2B-959AC2D01AB5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CE2C69F0-5BFA-4864-9383-A69102073E9A}] => (Allow) LPort=2869
FirewallRules: [{A9573006-EB2F-4A65-BC7D-3B02D79A1BF6}] => (Allow) LPort=1900
FirewallRules: [{A578AC21-C9B0-471D-BE1D-BBF5724C4243}] => (Allow) C:\Users\Denise\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{410E767A-7BF5-479C-B8A5-A844F49BD32F}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2FB2C07B-FB74-4F3B-8F9C-CB9AADD39FB5}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{44825738-657D-4781-AF8B-B5C7CC9381E6}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FF89640C-415A-44C1-AADB-70BE7BC0ED32}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{74272E56-A37C-4C78-B2DA-A7D38918C2C8}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{B99E8C7E-64E1-4474-9A55-965F4D04A0D6}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{077305C1-6CA4-4440-91E3-91796E37AB6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{6E3F84AE-0C97-46DF-AE27-1352183502C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{B5D1D315-B367-43CE-ABAA-F2D8C74A0E9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{D512DE21-B79F-4BFC-9DA1-E3C9DA92231B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{ACFCD07C-A033-433D-9F94-3B083F2EB158}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{26C769EE-C490-41E2-8E33-F982AED27D12}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8C024486-2A32-43B1-A337-FBED48E33D47}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D930DBF9-1A2C-44E4-853F-65D36BE9DE58}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5950631D-9FD3-4C0F-ABEE-5E0DE5246796}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{E750D3D9-3B8D-49EF-B230-62ACFF1F2E48}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7BC0AB2F-3B7B-494E-8688-3E7D21578809}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{28E642CB-E2A6-4754-98C7-7EB68F2C0B33}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B4F9A977-F23C-43E4-B86C-6B8C91C6E9C7}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{0EE0F3F7-8294-4435-BCC2-1FFF90E6E88E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9FBE8FE5-0ADC-400E-BA2D-D2ED09058820}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{92E232EB-4B0E-4347-A41E-E460E26E85F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06892A54-0D32-485D-A00D-49ABC63F7332}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DC610AF3-702C-433E-A1CA-736B1B623405}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{D812B741-A175-44EE-A9C6-76EA5E676A00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [TCP Query User{C4FA9BF0-5E5C-4E45-B8E9-4F6B5120A016}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{98CEC8B7-2C3C-4E2C-8987-FCB57ECD6178}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{C11653EC-C768-44C7-8A23-BD0C119B6B6A}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{156FAF76-F16C-4092-81E3-09DC85623F9E}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{AD9A4297-C8E7-4AF0-9498-F0622D07BBD3}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{82E23260-2925-4537-A54B-EBF1A3C5271B}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{DE027E83-8DCC-4970-851F-86A6745E6B0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{04E8BAB4-AD3F-4D79-8027-A0E8DFB20515}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{4A029489-CDBE-468C-902E-F602E935DF52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{7CBCDFD0-1264-4F98-8308-810F0C77898D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{4DB9C503-2104-4B3B-B489-AA87B971EC78}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{09B490A0-33CD-408E-8DAA-85107302ED4E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{82CBB81C-28C5-46B4-80D0-293ABC1A243F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{7AFB2B2F-5EBE-4C43-AE3F-022ABD259DAE}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{264DE989-FF16-44C1-91E9-B3909E7FDA3C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{AEF8F3B9-A84E-4102-9236-9A734296C033}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{46CE26BD-3ABB-4695-BD53-437ABD8EA23F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{CEF7B75C-B74A-4217-A65D-4E5C0563D67C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [TCP Query User{260EDB40-7783-4AB7-B696-F33C1D7AE530}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{6EC3281C-C5FE-4622-81BB-04393E9B100E}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [{80813FC3-E378-4F33-B6D9-4661F48F0ACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{95039B5D-1CAE-4E1C-BB8E-E757A475B700}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [TCP Query User{C0254287-BA1C-46AC-82B5-BCD9421E7610}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{ED5F17EC-ED5B-4B5C-8683-163C1FF19047}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{1D309B50-8114-4341-8204-B0F6D792DBCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Plantera\Plantera.exe
FirewallRules: [{8F8C8879-A857-4F5B-86EE-52C7D4BE036A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Plantera\Plantera.exe
FirewallRules: [{E1236C48-44F5-4D86-A2FB-DFC66F6BD649}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Guest\TheGuestSteam_Test.exe
FirewallRules: [{CB2E6E50-E365-4C56-9065-08484F7395F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Guest\TheGuestSteam_Test.exe
FirewallRules: [{17EC79A6-35B4-4E06-BEB0-D88B3265C76A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CFE9155A-1F52-4E45-B10B-3926AACE054A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{15CD06B2-9A60-4B00-A53B-A8F5480AEC00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{311613AD-925A-4187-BEBF-1BDB64EE445F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{263035E6-FB7E-4700-B650-C3D91BADD530}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{C05A21D5-F7D4-4AA7-9F56-111F832E4527}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{3D6ED0DB-18CF-47B6-B94C-0E3A5543B52D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9A5FE8C4-E35A-42D6-A362-9BCF984CBC52}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FEB60B57-D58C-4EFA-9A65-C2BC94A20E76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{2964DDF6-846B-4405-A169-7C8BBF4643DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{23FF6FA8-2E72-4881-921E-9F020FC9A397}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{51CA4EE6-B381-400B-A3D6-AAAAA3F11B91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{F39F3E71-32A1-42C1-9FCC-DAF01388E44A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{88BE5797-3782-4A5F-B95D-7D27DB95CD9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{C69DE373-590B-4BA2-B555-7715B351C8E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Bunker\TheBunker.exe
FirewallRules: [{68CA7CDD-47A2-434C-9220-57AEC86DDCE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Bunker\TheBunker.exe
FirewallRules: [{E8AA1BEE-10F5-4240-A606-6BD3BBB6B026}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Layers of Fear\Layers of Fear.exe
FirewallRules: [{897DA43B-3B01-4A5E-876F-837F3A379D1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Layers of Fear\Layers of Fear.exe
FirewallRules: [{224862FC-11A3-49C3-A064-67B50891F1EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{F4C9D8E8-4702-4844-ADFB-B994F15FF368}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{4C5C6399-2D38-4FE9-927B-71121C860FA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{6CF354BA-CD3D-4D3D-84A5-3D151CADAC9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{3238C134-3485-4894-8933-6745E9B17A9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe
FirewallRules: [{8286DB86-74C8-4889-B5A1-9FB8FF6F319F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe
FirewallRules: [{F9A9F768-DE8B-41B3-9AB2-DD480AB8DEEE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F11AEBF6-A5C7-4DD8-A5D7-621BE26D3ED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1C0CE1ED-483C-48C8-9D91-3186D683C8D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B9A10D24-6A35-4974-80B7-C777CC25C3A7}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{0292F494-D298-46CB-9199-FF9ECAF6F878}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{AB28006D-B2E0-4BF0-96CC-444EC61537E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{ECC94EDD-9B5C-4923-852A-F97357194624}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{C040E497-9E19-48D6-8EFB-0E67C12B1EF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{136E67A8-0F02-4F6A-8EA4-0D3B81AE393D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{9C89A31A-2BD6-4A17-BC71-B40BCF51E384}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{80D1D381-368D-4DB6-B19D-11AB1DE90FE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{49E4E6F3-A10C-4D85-A390-B30DB5CCBABB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9EC8ED41-3DC9-460D-941B-69886CF388EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D271B157-EC56-4F0E-8C3D-92EBAF9BE0C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

==================== Wiederherstellungspunkte =========================

07-02-2017 19:15:48 DirectX wurde installiert
10-02-2017 19:50:53 DirectX wurde installiert
14-02-2017 18:43:33 DirectX wurde installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/22/2017 06:05:10 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/21/2017 06:04:58 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/20/2017 06:04:58 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/19/2017 06:05:00 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/18/2017 06:04:58 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/17/2017 06:04:59 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/16/2017 06:04:59 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/15/2017 06:04:56 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/14/2017 04:15:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   25 C.0.2.4.0.8.6.0.D.6.9.C.C.7.9.B.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Denise-Notebook-2.local.

Error: (02/14/2017 04:15:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.101:5353   23 C.0.2.4.0.8.6.0.D.6.9.C.C.7.9.B.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Denise-Notebook.local.


Systemfehler:
=============
Error: (02/11/2017 09:50:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/11/2017 09:50:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.

Error: (02/11/2017 09:50:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/11/2017 09:50:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (02/11/2017 09:46:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst FontCache3.0.0.0 erreicht.

Error: (02/11/2017 09:46:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst NvNetworkService erreicht.

Error: (02/11/2017 09:46:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Asus WebStorage Windows Service erreicht.

Error: (02/11/2017 09:46:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ClickToRunSvc erreicht.

Error: (02/08/2017 10:39:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/08/2017 10:39:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.


CodeIntegrity:
===================================
  Date: 2016-08-11 15:35:14.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 66%
Installierter physikalischer RAM: 8094.8 MB
Verfügbarer physikalischer RAM: 2687.39 MB
Summe virtueller Speicher: 18334.8 MB
Verfügbarer virtueller Speicher: 10624.56 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:745.21 GB) (Free:521.79 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:1101.7 GB) (Free:1100.1 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 510BFD71)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Geändert von cosinus (22.02.2017 um 10:52 Uhr) Grund: CODE-Tags

Alt 22.02.2017, 10:53   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 8.1: Avast meldet VBS:Malware-gen - Standard

Win 8.1: Avast meldet VBS:Malware-gen



hi,

Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________

__________________

Alt 22.02.2017, 11:28   #3
Damina1997
 
Win 8.1: Avast meldet VBS:Malware-gen - Standard

Win 8.1: Avast meldet VBS:Malware-gen



Zitat:
Zitat von cosinus Beitrag anzeigen

Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
Avast ist jetzt deinstalliert.
__________________

Alt 22.02.2017, 11:32   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 8.1: Avast meldet VBS:Malware-gen - Standard

Win 8.1: Avast meldet VBS:Malware-gen



1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.02.2017, 12:06   #5
Damina1997
 
Win 8.1: Avast meldet VBS:Malware-gen - Standard

Win 8.1: Avast meldet VBS:Malware-gen



Die mbar-log:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.02.22.02
  rootkit: v2017.02.15.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18538
Denise :: DENISE-NOTEBOOK [administrator]

22.02.2017 11:36:16
mbar-log-2017-02-22 (11-36-16).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 315159
Time elapsed: 22 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Und die TDSSKiller-Log:
Code:
ATTFilter
12:00:39.0594 0x1d14  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
12:00:39.0594 0x1d14  UEFI system
12:00:47.0405 0x1d14  ============================================================
12:00:47.0405 0x1d14  Current date / time: 2017/02/22 12:00:47.0405
12:00:47.0405 0x1d14  SystemInfo:
12:00:47.0405 0x1d14  
12:00:47.0405 0x1d14  OS Version: 6.3.9600 ServicePack: 0.0
12:00:47.0405 0x1d14  Product type: Workstation
12:00:47.0405 0x1d14  ComputerName: DENISE-NOTEBOOK
12:00:47.0405 0x1d14  UserName: Denise
12:00:47.0405 0x1d14  Windows directory: C:\Windows
12:00:47.0405 0x1d14  System windows directory: C:\Windows
12:00:47.0405 0x1d14  Running under WOW64
12:00:47.0405 0x1d14  Processor architecture: Intel x64
12:00:47.0405 0x1d14  Number of processors: 4
12:00:47.0405 0x1d14  Page size: 0x1000
12:00:47.0405 0x1d14  Boot type: Normal boot
12:00:47.0405 0x1d14  CodeIntegrityOptions = 0x00000001
12:00:47.0405 0x1d14  ============================================================
12:00:47.0812 0x1d14  KLMD registered as C:\Windows\system32\drivers\41825582.sys
12:00:47.0812 0x1d14  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18505, osProperties = 0x19
12:00:48.0671 0x1d14  System UUID: {87C47AFB-BC0C-FD50-874D-AAADF320F6F8}
12:00:49.0296 0x1d14  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:00:49.0296 0x1d14  ============================================================
12:00:49.0296 0x1d14  \Device\Harddisk0\DR0:
12:00:49.0296 0x1d14  GPT partitions:
12:00:49.0296 0x1d14  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {97B903BD-5F53-4E7A-9FA1-606DDCA081C8}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
12:00:49.0296 0x1d14  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2ABB7EE7-7C9E-4FA2-9183-5C83C802894B}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000
12:00:49.0296 0x1d14  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A65EDFED-FE47-470C-B9BB-8A24FB1995A2}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000
12:00:49.0296 0x1d14  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B86E7570-AABD-4474-82AE-DDED9B0E406A}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x5D269000
12:00:49.0296 0x1d14  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AA171FE6-1FD0-4E2E-A595-907A18DE113D}, Name: Basic data partition, StartLBA 0x5D49D800, BlocksNum 0x89B66000
12:00:49.0296 0x1d14  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7945A28C-2B26-4FE8-90D6-0ADF54A33D82}, Name: Basic data partition, StartLBA 0xE7003800, BlocksNum 0x1E05000
12:00:49.0296 0x1d14  MBR partitions:
12:00:49.0296 0x1d14  ============================================================
12:00:49.0327 0x1d14  C: <-> \Device\Harddisk0\DR0\Partition4
12:00:49.0421 0x1d14  D: <-> \Device\Harddisk0\DR0\Partition5
12:00:49.0421 0x1d14  ============================================================
12:00:49.0421 0x1d14  Initialize success
12:00:49.0421 0x1d14  ============================================================
12:01:51.0923 0x0060  ============================================================
12:01:51.0923 0x0060  Scan started
12:01:51.0923 0x0060  Mode: Manual; SigCheck; TDLFS; 
12:01:51.0923 0x0060  ============================================================
12:01:51.0923 0x0060  KSN ping started
12:01:52.0022 0x0060  KSN ping finished: true
12:01:56.0804 0x0060  ================ Scan system memory ========================
12:01:56.0804 0x0060  System memory - ok
12:01:56.0805 0x0060  ================ Scan services =============================
12:01:57.0265 0x0060  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
12:01:57.0457 0x0060  1394ohci - ok
12:01:57.0484 0x0060  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
12:01:57.0509 0x0060  3ware - ok
12:01:57.0671 0x0060  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:01:57.0700 0x0060  ACPI - ok
12:01:57.0714 0x0060  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
12:01:57.0724 0x0060  acpiex - ok
12:01:57.0732 0x0060  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
12:01:57.0740 0x0060  acpipagr - ok
12:01:57.0774 0x0060  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
12:01:57.0835 0x0060  AcpiPmi - ok
12:01:57.0839 0x0060  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
12:01:57.0862 0x0060  acpitime - ok
12:01:57.0890 0x0060  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
12:01:57.0917 0x0060  ADP80XX - ok
12:01:58.0025 0x0060  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:01:58.0107 0x0060  AeLookupSvc - ok
12:01:58.0146 0x0060  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
12:01:58.0202 0x0060  AFD - ok
12:01:58.0256 0x0060  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
12:01:58.0363 0x0060  AgereSoftModem - ok
12:01:58.0378 0x0060  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:01:58.0387 0x0060  agp440 - ok
12:01:58.0415 0x0060  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
12:01:58.0453 0x0060  ahcache - ok
12:01:58.0473 0x0060  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
12:01:58.0486 0x0060  AiCharger - ok
12:01:58.0512 0x0060  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
12:01:58.0566 0x0060  ALG - ok
12:01:58.0595 0x0060  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
12:01:58.0623 0x0060  AmdK8 - ok
12:01:58.0638 0x0060  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
12:01:58.0664 0x0060  AmdPPM - ok
12:01:58.0676 0x0060  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:01:58.0686 0x0060  amdsata - ok
12:01:58.0694 0x0060  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:01:58.0708 0x0060  amdsbs - ok
12:01:58.0737 0x0060  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:01:58.0744 0x0060  amdxata - ok
12:01:58.0783 0x0060  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
12:01:58.0816 0x0060  AppID - ok
12:01:58.0829 0x0060  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:01:58.0855 0x0060  AppIDSvc - ok
12:01:58.0885 0x0060  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\Windows\System32\appinfo.dll
12:01:58.0945 0x0060  Appinfo - ok
12:01:58.0985 0x0060  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
12:01:59.0052 0x0060  AppReadiness - ok
12:01:59.0102 0x0060  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
12:01:59.0188 0x0060  AppXSvc - ok
12:01:59.0200 0x0060  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:01:59.0210 0x0060  arcsas - ok
12:01:59.0494 0x0060  [ 564CB886D1A968B9798C1AB03F4EB54F, F7F73E5C17C0848462860E367215F5D9D4C52E1AA26B3154EC60BA14CBD56556 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
12:01:59.0502 0x0060  ASLDRService - ok
12:01:59.0556 0x0060  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
12:01:59.0572 0x0060  ASMMAP64 - ok
12:01:59.0597 0x0060  [ DB5610839DBEBE48AA963DFA96FD7103, AADB0D5BFE8C28E31266FA48FEE41B82DC8B5D6F3E12238AD3E06C800F2D72A8 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
12:01:59.0618 0x0060  Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 )
12:01:59.0809 0x0060  Asus WebStorage Windows Service ( UnsignedFile.Multi.Generic ) - warning
12:01:59.0946 0x0060  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:01:59.0967 0x0060  atapi - ok
12:02:00.0431 0x0060  [ D9627C9671ECC9F808503102CA7AD6C9, 42E93B12367313A1847FAEFDE51B60AFC282309111B77167D7D5E6F1D8FA4A25 ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
12:02:00.0565 0x0060  athr - ok
12:02:00.0599 0x0060  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
12:02:00.0605 0x0060  ATKGFNEXSrv - ok
12:02:00.0659 0x0060  [ C435191FAD19B43E5C3082E4275DCE75, 12D8AF471CA89FE59790092EF3274D638B4B978F1F061423F8D70F270121CF7A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
12:02:00.0678 0x0060  ATKWMIACPIIO - ok
12:02:00.0707 0x0060  [ 356DF170C97E3E52D027CFF5812CBFD4, 02AB1861FFEC4EB1971E77C7677C7947C9C8D4CD192A8CBB5C99E3FDDD57EEA5 ] ATP             C:\Windows\System32\drivers\AsusTP.sys
12:02:00.0714 0x0060  ATP - ok
12:02:00.0750 0x0060  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
12:02:00.0828 0x0060  AudioEndpointBuilder - ok
12:02:00.0861 0x0060  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:02:00.0903 0x0060  Audiosrv - ok
12:02:00.0942 0x0060  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:02:00.0981 0x0060  AxInstSV - ok
12:02:01.0010 0x0060  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:02:01.0031 0x0060  b06bdrv - ok
12:02:01.0043 0x0060  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
12:02:01.0096 0x0060  BasicDisplay - ok
12:02:01.0101 0x0060  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
12:02:01.0201 0x0060  BasicRender - ok
12:02:01.0225 0x0060  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
12:02:01.0236 0x0060  bcmfn2 - ok
12:02:01.0265 0x0060  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\Windows\System32\bdesvc.dll
12:02:01.0329 0x0060  BDESVC - ok
12:02:01.0343 0x0060  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
12:02:01.0398 0x0060  Beep - ok
12:02:01.0490 0x0060  [ E543472B75FC78B3205273AE1E8CFE5F, 97CCA65B2BD59DF45B069DE66522E768968CD03B377F797691429E14D448BE9F ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
12:02:01.0525 0x0060  BEService - ok
12:02:01.0573 0x0060  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
12:02:01.0650 0x0060  BFE - ok
12:02:01.0692 0x0060  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
12:02:01.0757 0x0060  BITS - ok
12:02:01.0934 0x0060  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:02:01.0947 0x0060  Bonjour Service - ok
12:02:01.0992 0x0060  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:02:02.0028 0x0060  bowser - ok
12:02:02.0052 0x0060  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
12:02:02.0104 0x0060  BrokerInfrastructure - ok
12:02:02.0129 0x0060  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
12:02:02.0164 0x0060  Browser - ok
12:02:02.0298 0x0060  [ 6BCB49FC7819FD27FF1D58DC501B3AFF, 67D75A259B1246B2D03036919279386CBC10A4781CDE32DD0C52F013CF0F4E31 ] BstHdAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Service.exe
12:02:02.0318 0x0060  BstHdAndroidSvc - ok
12:02:02.0345 0x0060  [ 165CE3A95700E82E68C008386A485737, 9926F260E3F8589A38E65ED474A347FB59A5256F2B84B61612A13165E2E96152 ] BstHdDrv        C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys
12:02:02.0354 0x0060  BstHdDrv - ok
12:02:02.0372 0x0060  [ 8E82A346573847BB2EE786AEE01A7059, 3C870FF83F1EF5F13C8257422EC8DE5ABDE7C0CDFFBE3AA8E1995F9824E29AA6 ] BstHdLogRotatorSvc C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
12:02:02.0385 0x0060  BstHdLogRotatorSvc - ok
12:02:02.0451 0x0060  [ AC50E24F12AE6E26F2262BFEEBFAB7F6, 9E52A2AE91093104E76189B3336047CBAD4C3A4AAE10B83B991EE01A01275AD5 ] BstHdPlusAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
12:02:02.0476 0x0060  BstHdPlusAndroidSvc - ok
12:02:02.0512 0x0060  [ 2C6666644FD22060F6B887C70C3F1D6C, 625E7BF27487564BBBB5F08DBE78D282D026F22C97F7B0E4A2FF8DF3F58ECA99 ] BstkDrv         C:\Program Files (x86)\Bluestacks\BstkDrv.sys
12:02:02.0523 0x0060  BstkDrv - ok
12:02:02.0548 0x0060  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
12:02:02.0604 0x0060  BthAvrcpTg - ok
12:02:02.0636 0x0060  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
12:02:02.0678 0x0060  BthEnum - ok
12:02:02.0704 0x0060  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
12:02:02.0762 0x0060  BthHFEnum - ok
12:02:02.0767 0x0060  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
12:02:02.0782 0x0060  bthhfhid - ok
12:02:02.0812 0x0060  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
12:02:02.0849 0x0060  BthHFSrv - ok
12:02:02.0864 0x0060  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
12:02:02.0924 0x0060  BTHMODEM - ok
12:02:02.0969 0x0060  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
12:02:03.0027 0x0060  BthPan - ok
12:02:03.0085 0x0060  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
12:02:03.0141 0x0060  BTHPORT - ok
12:02:03.0166 0x0060  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
12:02:03.0245 0x0060  bthserv - ok
12:02:03.0274 0x0060  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
12:02:03.0298 0x0060  BTHUSB - ok
12:02:03.0328 0x0060  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:02:03.0385 0x0060  cdfs - ok
12:02:03.0410 0x0060  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
12:02:03.0428 0x0060  cdrom - ok
12:02:03.0460 0x0060  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:02:03.0500 0x0060  CertPropSvc - ok
12:02:03.0515 0x0060  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
12:02:03.0524 0x0060  circlass - ok
12:02:03.0554 0x0060  [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS            C:\Windows\system32\drivers\CLFS.sys
12:02:03.0570 0x0060  CLFS - ok
12:02:04.0358 0x0060  [ ACFB2A62301C6A903FA6A97DB84E9C31, 7A3089812330B605D2F545374A1A916B6DBA188186EC88DA3348814A95C791F0 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
12:02:04.0435 0x0060  ClickToRunSvc - ok
12:02:04.0467 0x0060  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
12:02:04.0581 0x0060  CmBatt - ok
12:02:04.0606 0x0060  [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:02:04.0628 0x0060  CNG - ok
12:02:04.0649 0x0060  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
12:02:04.0667 0x0060  CompositeBus - ok
12:02:04.0670 0x0060  COMSysApp - ok
12:02:04.0674 0x0060  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
12:02:04.0711 0x0060  condrv - ok
12:02:04.0819 0x0060  [ 914FF716A3F667CD10B7C35630C3DF94, 6BFBFEDF85AA2ADD6C6C77F8D5C54EE1FC85516349763059082CDF840E990BC6 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:02:04.0833 0x0060  cphs - ok
12:02:04.0862 0x0060  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:02:04.0902 0x0060  CryptSvc - ok
12:02:04.0906 0x0060  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
12:02:04.0915 0x0060  dam - ok
12:02:05.0071 0x0060  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
12:02:05.0079 0x0060  dbupdate - ok
12:02:05.0118 0x0060  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
12:02:05.0126 0x0060  dbupdatem - ok
12:02:05.0130 0x0060  dbx - ok
12:02:05.0178 0x0060  [ 2C5A991F0320D95BAC80D0C31F43A79E, CC7887132AF15C77676A3186429FE0071DCC8DC9C6252314D99C02E54867BE10 ] DbxSvc          C:\Windows\system32\DbxSvc.exe
12:02:05.0184 0x0060  DbxSvc - ok
12:02:05.0357 0x0060  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:02:05.0440 0x0060  DcomLaunch - ok
12:02:05.0482 0x0060  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
12:02:05.0547 0x0060  defragsvc - ok
12:02:05.0652 0x0060  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
12:02:05.0706 0x0060  DeviceAssociationService - ok
12:02:05.0739 0x0060  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
12:02:05.0803 0x0060  DeviceInstall - ok
12:02:05.0833 0x0060  [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
12:02:05.0852 0x0060  Dfsc - ok
12:02:05.0880 0x0060  [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
12:02:05.0890 0x0060  dg_ssudbus - ok
12:02:05.0920 0x0060  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:02:06.0008 0x0060  Dhcp - ok
12:02:06.0080 0x0060  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\Windows\system32\diagtrack.dll
12:02:06.0177 0x0060  DiagTrack - ok
12:02:06.0207 0x0060  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
12:02:06.0218 0x0060  disk - ok
12:02:06.0242 0x0060  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
12:02:06.0281 0x0060  dmvsc - ok
12:02:06.0316 0x0060  [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:02:06.0396 0x0060  Dnscache - ok
12:02:06.0429 0x0060  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:02:06.0480 0x0060  dot3svc - ok
12:02:06.0517 0x0060  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
12:02:06.0544 0x0060  DPS - ok
12:02:06.0557 0x0060  [ 4C1DDFC71179C642E86DB4A321724797, 7B57E45C4301F546CB1194FC028BA091D8495B98B5CB0E12F1819371774AF628 ] dptf_cpu        C:\Windows\System32\drivers\dptf_cpu.sys
12:02:06.0564 0x0060  dptf_cpu - ok
12:02:06.0578 0x0060  [ E3F0EE3422AE6448982C4AEB725A09E2, 00A22AA06D6F1BB21F4A7E170604D3FD72E5CDF1B570301454837CC578A1C769 ] dptf_pch        C:\Windows\System32\drivers\dptf_pch.sys
12:02:06.0584 0x0060  dptf_pch - ok
12:02:06.0612 0x0060  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:02:06.0620 0x0060  drmkaud - ok
12:02:06.0652 0x0060  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
12:02:06.0665 0x0060  DsmSvc - ok
12:02:06.0760 0x0060  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:02:06.0812 0x0060  DXGKrnl - ok
12:02:06.0887 0x0060  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\Windows\system32\DRIVERS\e1i63x64.sys
12:02:06.0920 0x0060  e1iexpress - ok
12:02:06.0942 0x0060  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
12:02:07.0011 0x0060  Eaphost - ok
12:02:07.0144 0x0060  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:02:07.0244 0x0060  ebdrv - ok
12:02:07.0285 0x0060  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
12:02:07.0294 0x0060  EFS - ok
12:02:07.0325 0x0060  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
12:02:07.0335 0x0060  EhStorClass - ok
12:02:07.0358 0x0060  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
12:02:07.0369 0x0060  EhStorTcgDrv - ok
12:02:07.0385 0x0060  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
12:02:07.0393 0x0060  ErrDev - ok
12:02:07.0593 0x0060  [ 127C81F616E8CB699CFC16B0A2AF412C, 62C450228BFD0B1C6EB286230E13192F682F9738F8E668E1A390B1A250281FA1 ] esifsvc         C:\Windows\SysWOW64\esif_uf.exe
12:02:07.0623 0x0060  esifsvc - ok
12:02:07.0696 0x0060  [ C7BB8A4F62C7B23D4548B465688A1CCF, FC824630149593FE9D469D5D7536B277EC0138F8B52980822488F9B43DFFFD32 ] esif_lf         C:\Windows\System32\drivers\esif_lf.sys
12:02:07.0717 0x0060  esif_lf - ok
12:02:08.0124 0x0060  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
12:02:08.0192 0x0060  EventSystem - ok
12:02:08.0199 0x0060  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:02:08.0255 0x0060  exfat - ok
12:02:08.0327 0x0060  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:02:08.0344 0x0060  fastfat - ok
12:02:08.0381 0x0060  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
12:02:08.0475 0x0060  Fax - ok
12:02:08.0488 0x0060  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
12:02:08.0509 0x0060  fdc - ok
12:02:08.0529 0x0060  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:02:08.0563 0x0060  fdPHost - ok
12:02:08.0595 0x0060  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:02:08.0604 0x0060  FDResPub - ok
12:02:08.0633 0x0060  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
12:02:08.0698 0x0060  fhsvc - ok
12:02:08.0715 0x0060  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:02:08.0723 0x0060  FileInfo - ok
12:02:08.0727 0x0060  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:02:08.0741 0x0060  Filetrace - ok
12:02:08.0745 0x0060  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
12:02:08.0766 0x0060  flpydisk - ok
12:02:08.0804 0x0060  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:02:08.0819 0x0060  FltMgr - ok
12:02:08.0927 0x0060  [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache       C:\Windows\system32\FntCache.dll
12:02:09.0039 0x0060  FontCache - ok
12:02:09.0229 0x0060  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:02:09.0236 0x0060  FontCache3.0.0.0 - ok
12:02:09.0295 0x0060  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:02:09.0316 0x0060  FsDepends - ok
12:02:09.0320 0x0060  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:02:09.0327 0x0060  Fs_Rec - ok
12:02:09.0365 0x0060  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:02:09.0387 0x0060  fvevol - ok
12:02:09.0408 0x0060  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
12:02:09.0424 0x0060  FxPPM - ok
12:02:09.0429 0x0060  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:02:09.0438 0x0060  gagp30kx - ok
12:02:09.0591 0x0060  [ 4A336C92A790A3F7C2D9952C73FCFA16, 2EB400EBAA2B50A97F442D18107316A172A92660F5D712D1C58D39172C9CD80C ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
12:02:09.0600 0x0060  GamesAppIntegrationService - ok
12:02:09.0636 0x0060  [ A404AE536DD73FC8118A15BFF0BD4FC0, EA24D7866FEB40DD72713601E14DBDA60497324222196B8E0791DA656DBF5DA7 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
12:02:09.0656 0x0060  GamesAppService - ok
12:02:09.0679 0x0060  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
12:02:09.0698 0x0060  gencounter - ok
12:02:09.0861 0x0060  [ C6E1E9A45C8BCFD073148B6A6B038C69, EB421C687BC3A3CF97685AA598EF0C671AA74DC801185D4E3C197C1B5B24EE02 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
12:02:09.0890 0x0060  GfExperienceService - ok
12:02:09.0965 0x0060  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
12:02:09.0981 0x0060  GPIOClx0101 - ok
12:02:10.0057 0x0060  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:02:10.0168 0x0060  gpsvc - ok
12:02:10.0213 0x0060  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:02:10.0220 0x0060  gupdate - ok
12:02:10.0233 0x0060  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:02:10.0240 0x0060  gupdatem - ok
12:02:10.0379 0x0060  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:02:10.0416 0x0060  HdAudAddService - ok
12:02:10.0435 0x0060  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
12:02:10.0499 0x0060  HDAudBus - ok
12:02:10.0516 0x0060  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
12:02:10.0531 0x0060  HidBatt - ok
12:02:10.0559 0x0060  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
12:02:10.0569 0x0060  HidBth - ok
12:02:10.0573 0x0060  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
12:02:10.0590 0x0060  hidi2c - ok
12:02:10.0595 0x0060  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
12:02:10.0604 0x0060  HidIr - ok
12:02:10.0634 0x0060  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
12:02:10.0682 0x0060  hidserv - ok
12:02:10.0699 0x0060  [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch       C:\Windows\System32\drivers\AsHIDSwitch64.sys
12:02:10.0704 0x0060  HIDSwitch - ok
12:02:10.0738 0x0060  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
12:02:10.0774 0x0060  HidUsb - ok
12:02:10.0803 0x0060  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:02:10.0836 0x0060  hkmsvc - ok
12:02:10.0868 0x0060  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:02:10.0907 0x0060  HomeGroupListener - ok
12:02:10.0954 0x0060  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:02:10.0988 0x0060  HomeGroupProvider - ok
12:02:11.0006 0x0060  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:02:11.0015 0x0060  HpSAMD - ok
12:02:11.0069 0x0060  [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:02:11.0107 0x0060  HTTP - ok
12:02:11.0133 0x0060  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:02:11.0163 0x0060  hwpolicy - ok
12:02:11.0187 0x0060  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
12:02:11.0195 0x0060  hyperkbd - ok
12:02:11.0214 0x0060  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
12:02:11.0230 0x0060  HyperVideo - ok
12:02:11.0258 0x0060  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
12:02:11.0335 0x0060  i8042prt - ok
12:02:11.0351 0x0060  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
12:02:11.0357 0x0060  iaLPSSi_GPIO - ok
12:02:11.0373 0x0060  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
12:02:11.0381 0x0060  iaLPSSi_I2C - ok
12:02:11.0414 0x0060  [ 9863EC0FB887C0AD0C3A20AC3BF91629, B695048C370CB91BB0CFF2E29641636225B23347B08F7E451FB91CF8B1A0120A ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
12:02:11.0432 0x0060  iaStorA - ok
12:02:11.0480 0x0060  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
12:02:11.0499 0x0060  iaStorAV - ok
12:02:11.0542 0x0060  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:02:11.0562 0x0060  iaStorV - ok
12:02:11.0646 0x0060  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
12:02:11.0707 0x0060  ICCS - ok
12:02:11.0711 0x0060  IEEtwCollectorService - ok
12:02:12.0194 0x0060  [ ECB36AF6AD46914933CA3F0FBA8937C1, 865204BABD6C9715C80B97E86BC93F86FEE0F16E145A1F652CAA7632FDCD424E ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
12:02:12.0323 0x0060  igfx - ok
12:02:12.0363 0x0060  [ 302725501C5A7C788BDDF13E123E02F0, 8B3994A2F9C032080E9A7A5D3478F2FBDAC55E1D5817AF2A891C0E1947EFBDAB ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
12:02:12.0376 0x0060  igfxCUIService1.0.0.0 - ok
12:02:12.0585 0x0060  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\Windows\System32\ikeext.dll
12:02:12.0630 0x0060  IKEEXT - ok
12:02:12.0659 0x0060  [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
12:02:12.0666 0x0060  intaud_WaveExtensible - ok
12:02:13.0044 0x0060  [ 32ECEDDBE016E7131124559A7D461054, 08E865788DAF10D055DBDE3A701F8C0DD92A7B4A2803D4B5C48D44B682C9C66E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:02:13.0157 0x0060  IntcAzAudAddService - ok
12:02:13.0301 0x0060  [ EA26AE512C63026756D2ACA0711BA7E5, EF77823BE2B7ED8276D04D9427354512B162D907DE68327AEC0E7208B64A61E3 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
12:02:13.0326 0x0060  IntcDAud - ok
12:02:13.0454 0x0060  [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:02:13.0478 0x0060  Intel(R) Capability Licensing Service TCP IP Interface - ok
12:02:13.0489 0x0060  [ 02555C6B4BFC2934E9C7E5B83E4C62CF, 8E6AC57322A5B6DB38009A811702C19C2DF621A5519D0D2EB8B264A9A8F1147B ] IntelHSWPcc     C:\Windows\system32\drivers\IntelPcc.sys
12:02:13.0497 0x0060  IntelHSWPcc - ok
12:02:13.0514 0x0060  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:02:13.0521 0x0060  intelide - ok
12:02:13.0552 0x0060  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
12:02:13.0559 0x0060  intelpep - ok
12:02:13.0570 0x0060  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
12:02:13.0597 0x0060  intelppm - ok
12:02:13.0617 0x0060  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:02:13.0665 0x0060  IpFilterDriver - ok
12:02:13.0751 0x0060  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:02:13.0824 0x0060  iphlpsvc - ok
12:02:13.0848 0x0060  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
12:02:13.0879 0x0060  IPMIDRV - ok
12:02:13.0915 0x0060  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:02:13.0970 0x0060  IPNAT - ok
12:02:13.0973 0x0060  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:02:14.0000 0x0060  IRENUM - ok
12:02:14.0003 0x0060  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:02:14.0011 0x0060  isapnp - ok
12:02:14.0045 0x0060  [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
12:02:14.0061 0x0060  iScsiPrt - ok
12:02:14.0072 0x0060  [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
12:02:14.0079 0x0060  iwdbus - ok
12:02:14.0118 0x0060  [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:02:14.0127 0x0060  jhi_service - ok
12:02:14.0174 0x0060  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
12:02:14.0202 0x0060  kbdclass - ok
12:02:14.0225 0x0060  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
12:02:14.0239 0x0060  kbdhid - ok
12:02:14.0261 0x0060  [ 6C6F4A5FC5A2343995D1B0F111D5CF06, 62282992D3B1634C7BBDD1BCFC13F77FC806AD85B2C667FA09D73355825D19A8 ] kbfiltr         C:\Windows\System32\drivers\kbfiltr.sys
12:02:14.0267 0x0060  kbfiltr - ok
12:02:14.0279 0x0060  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
12:02:14.0322 0x0060  kdnic - ok
12:02:14.0351 0x0060  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
12:02:14.0360 0x0060  KeyIso - ok
12:02:14.0405 0x0060  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:02:14.0429 0x0060  KSecDD - ok
12:02:14.0458 0x0060  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:02:14.0470 0x0060  KSecPkg - ok
12:02:14.0474 0x0060  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:02:14.0483 0x0060  ksthunk - ok
12:02:14.0525 0x0060  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:02:14.0563 0x0060  KtmRm - ok
12:02:14.0604 0x0060  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:02:14.0669 0x0060  LanmanServer - ok
12:02:14.0696 0x0060  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:02:14.0728 0x0060  LanmanWorkstation - ok
12:02:14.0759 0x0060  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
12:02:14.0826 0x0060  lfsvc - ok
12:02:14.0846 0x0060  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:02:14.0857 0x0060  lltdio - ok
12:02:14.0892 0x0060  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:02:14.0921 0x0060  lltdsvc - ok
12:02:14.0943 0x0060  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:02:14.0989 0x0060  lmhosts - ok
12:02:15.0081 0x0060  [ DBA3BC9C377A867350099D693E8A3413, F3BDF96C8A3749DDD24FB60F3220A404450C043154F49AB64B3A433EED2906FE ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:02:15.0095 0x0060  LMS - ok
12:02:15.0127 0x0060  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:02:15.0151 0x0060  LSI_SAS - ok
12:02:15.0175 0x0060  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:02:15.0184 0x0060  LSI_SAS2 - ok
12:02:15.0189 0x0060  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
12:02:15.0198 0x0060  LSI_SAS3 - ok
12:02:15.0205 0x0060  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
12:02:15.0214 0x0060  LSI_SSS - ok
12:02:15.0256 0x0060  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
12:02:15.0315 0x0060  LSM - ok
12:02:15.0337 0x0060  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:02:15.0390 0x0060  luafv - ok
12:02:15.0394 0x0060  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
12:02:15.0402 0x0060  megasas - ok
12:02:15.0416 0x0060  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
12:02:15.0438 0x0060  megasr - ok
12:02:15.0464 0x0060  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
12:02:15.0473 0x0060  MEIx64 - ok
12:02:15.0501 0x0060  [ 24AEBF843F88CF0A5B455F483F8F0100, 5E29549F6074997910271B838A77EDF2878D2D3B4B751813592F1C6EEA8112E7 ] mfeelamk        C:\Windows\system32\drivers\mfeelamk.sys
12:02:15.0511 0x0060  mfeelamk - ok
12:02:15.0533 0x0060  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
12:02:15.0563 0x0060  MMCSS - ok
12:02:15.0566 0x0060  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
12:02:15.0577 0x0060  Modem - ok
12:02:15.0583 0x0060  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
12:02:15.0625 0x0060  monitor - ok
12:02:15.0641 0x0060  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
12:02:15.0650 0x0060  mouclass - ok
12:02:15.0714 0x0060  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
12:02:15.0777 0x0060  mouhid - ok
12:02:15.0810 0x0060  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:02:15.0820 0x0060  mountmgr - ok
12:02:15.0852 0x0060  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:02:15.0903 0x0060  mpsdrv - ok
12:02:15.0953 0x0060  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:02:16.0030 0x0060  MpsSvc - ok
12:02:16.0067 0x0060  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:02:16.0107 0x0060  MRxDAV - ok
12:02:16.0132 0x0060  [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:02:16.0169 0x0060  mrxsmb - ok
12:02:16.0208 0x0060  [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:02:16.0298 0x0060  mrxsmb10 - ok
12:02:16.0312 0x0060  [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:02:16.0360 0x0060  mrxsmb20 - ok
12:02:16.0390 0x0060  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
12:02:16.0417 0x0060  MsBridge - ok
12:02:16.0449 0x0060  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
12:02:16.0461 0x0060  MSDTC - ok
12:02:16.0475 0x0060  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:02:16.0516 0x0060  Msfs - ok
12:02:16.0533 0x0060  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
12:02:16.0542 0x0060  msgpiowin32 - ok
12:02:16.0558 0x0060  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:02:16.0567 0x0060  mshidkmdf - ok
12:02:16.0582 0x0060  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
12:02:16.0605 0x0060  mshidumdf - ok
12:02:16.0623 0x0060  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:02:16.0630 0x0060  msisadrv - ok
12:02:16.0664 0x0060  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:02:16.0714 0x0060  MSiSCSI - ok
12:02:16.0718 0x0060  msiserver - ok
12:02:16.0725 0x0060  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:02:16.0733 0x0060  MSKSSRV - ok
12:02:16.0770 0x0060  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
12:02:16.0831 0x0060  MsLldp - ok
12:02:16.0850 0x0060  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:02:16.0866 0x0060  MSPCLOCK - ok
12:02:16.0869 0x0060  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:02:16.0886 0x0060  MSPQM - ok
12:02:16.0908 0x0060  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:02:16.0924 0x0060  MsRPC - ok
12:02:16.0931 0x0060  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
12:02:16.0939 0x0060  mssmbios - ok
12:02:16.0950 0x0060  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:02:16.0966 0x0060  MSTEE - ok
12:02:16.0970 0x0060  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
12:02:16.0978 0x0060  MTConfig - ok
12:02:17.0008 0x0060  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\Windows\system32\Drivers\mup.sys
12:02:17.0017 0x0060  Mup - ok
12:02:17.0033 0x0060  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
12:02:17.0042 0x0060  mvumis - ok
12:02:17.0077 0x0060  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
12:02:17.0106 0x0060  napagent - ok
12:02:17.0148 0x0060  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:02:17.0198 0x0060  NativeWifiP - ok
12:02:17.0232 0x0060  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
12:02:17.0267 0x0060  NcaSvc - ok
12:02:17.0306 0x0060  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
12:02:17.0333 0x0060  NcbService - ok
12:02:17.0359 0x0060  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
12:02:17.0403 0x0060  NcdAutoSetup - ok
12:02:17.0453 0x0060  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:02:17.0492 0x0060  NDIS - ok
12:02:17.0520 0x0060  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:02:17.0560 0x0060  NdisCap - ok
12:02:17.0590 0x0060  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
12:02:17.0653 0x0060  NdisImPlatform - ok
12:02:17.0670 0x0060  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:02:17.0705 0x0060  NdisTapi - ok
12:02:17.0736 0x0060  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:02:17.0785 0x0060  Ndisuio - ok
12:02:17.0801 0x0060  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
12:02:17.0821 0x0060  NdisVirtualBus - ok
12:02:17.0853 0x0060  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:02:17.0897 0x0060  NdisWan - ok
12:02:17.0902 0x0060  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
12:02:17.0914 0x0060  NdisWanLegacy - ok
12:02:17.0959 0x0060  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:02:17.0975 0x0060  NDProxy - ok
12:02:17.0994 0x0060  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
12:02:18.0066 0x0060  Ndu - ok
12:02:18.0098 0x0060  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:02:18.0119 0x0060  NetBIOS - ok
12:02:18.0155 0x0060  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:02:18.0193 0x0060  NetBT - ok
12:02:18.0212 0x0060  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
12:02:18.0221 0x0060  Netlogon - ok
12:02:18.0316 0x0060  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
12:02:18.0350 0x0060  Netman - ok
12:02:18.0498 0x0060  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
12:02:18.0552 0x0060  netprofm - ok
12:02:18.0610 0x0060  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:02:18.0645 0x0060  NetTcpPortSharing - ok
12:02:18.0677 0x0060  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
12:02:18.0740 0x0060  netvsc - ok
12:02:19.0880 0x0060  [ 272BB8C52BE106B5CC69171AF1D281D4, 3D65A772C15440DF5895843185241D890CCDECA0E02DD6CF32CCB9B5849E31A4 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
12:02:20.0140 0x0060  NETwNs64 - ok
12:02:20.0228 0x0060  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:02:20.0264 0x0060  NlaSvc - ok
12:02:20.0288 0x0060  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:02:20.0314 0x0060  Npfs - ok
12:02:20.0317 0x0060  npggsvc - ok
12:02:20.0322 0x0060  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
12:02:20.0359 0x0060  npsvctrig - ok
12:02:20.0394 0x0060  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
12:02:20.0436 0x0060  nsi - ok
12:02:20.0457 0x0060  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:02:20.0476 0x0060  nsiproxy - ok
12:02:20.0646 0x0060  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:02:20.0709 0x0060  Ntfs - ok
12:02:20.0731 0x0060  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
12:02:20.0773 0x0060  Null - ok
12:02:21.0544 0x0060  [ DA35308DEDB50C91EFD46B42F991DE26, 86E72D446014ED655E3DD2BB85A1A21BF0BF3C0EE5266E8E3D893FCDE25F9BE4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:02:21.0823 0x0060  nvlddmkm - ok
12:02:22.0348 0x0060  [ A6102293847A7A2DF01E7BF7AC1C1F12, 14E4E75711C00DA826136FB531E9AD53787502F441103386C5CD37EEFCE27AFC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:02:22.0390 0x0060  NvNetworkService - ok
12:02:22.0468 0x0060  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:02:22.0494 0x0060  nvraid - ok
12:02:22.0517 0x0060  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:02:22.0528 0x0060  nvstor - ok
12:02:22.0553 0x0060  [ 99D42078C9596A20A7B3419159265A25, E9F5380E6597C79B26B2CBAAC534F31C5027F32AAA0FD5876CF7E9BB6658F30C ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:02:22.0559 0x0060  NvStreamKms - ok
12:02:22.0860 0x0060  [ E6A64322EB213AEACBB61584AA6FB032, FA91C89B81DD7F3EC22DF71FFC3A506AD40AE76EC91F1115CCAB6ED39431369D ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
12:02:22.0932 0x0060  NvStreamNetworkSvc - ok
12:02:23.0444 0x0060  [ A8213BF32D2E75ADD362E118AD164749, 6F35210ED11088FE64F13DD63053FFDA4628A5F6397DA33A345970962AB83499 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
12:02:23.0499 0x0060  NvStreamSvc - ok
12:02:23.0579 0x0060  [ A9FE27CA00E66C455520E8B75883B630, D2FEFC75C0881ECC0A80EA2DD92DD9D2A28EB26F81085F8C17DCEA3F717D86E9 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:02:23.0609 0x0060  nvsvc - ok
12:02:23.0683 0x0060  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:02:23.0708 0x0060  nvvad_WaveExtensible - ok
12:02:23.0739 0x0060  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:02:23.0748 0x0060  nv_agp - ok
12:02:24.0212 0x0060  [ 7D331DD034C85FB18DDF028F744FA37B, BF6ADD7AF05732340831CA7DE766B5C93323A190107F7570E2130398846F4430 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
12:02:24.0264 0x0060  Origin Client Service - ok
12:02:24.0651 0x0060  [ 2B099DEBCFCBE33036406739F94C529C, DBBACA632F39530F81D3AC28A350CAE49972156149835197053B8D61E00D8CEA ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
12:02:24.0702 0x0060  Origin Web Helper Service - ok
12:02:24.0838 0x0060  [ AC0F1B7B71D9D435EC33456F7EDF6FF1, 8FEFF5F99F1AFF21CF9415D4BF26936EF3A7347DA06F30ADD1DD1B14916F2585 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:02:24.0864 0x0060  ose - ok
12:02:25.0257 0x0060  [ 17932BD2E354CC79D0B471EF52A1C706, 9AAEBBBAA8EB197871BD7FB095568C9F933D4F94D4091A7949AEFB2FFF146AD5 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
12:02:25.0306 0x0060  OverwolfUpdater - ok
12:02:25.0396 0x0060  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:02:25.0467 0x0060  p2pimsvc - ok
12:02:25.0510 0x0060  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
12:02:25.0555 0x0060  p2psvc - ok
12:02:25.0581 0x0060  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\Windows\System32\drivers\parport.sys
12:02:25.0641 0x0060  Parport - ok
12:02:25.0670 0x0060  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:02:25.0679 0x0060  partmgr - ok
12:02:25.0718 0x0060  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:02:25.0753 0x0060  PcaSvc - ok
12:02:25.0787 0x0060  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
12:02:25.0802 0x0060  pci - ok
12:02:25.0817 0x0060  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:02:25.0825 0x0060  pciide - ok
12:02:25.0839 0x0060  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:02:25.0849 0x0060  pcmcia - ok
12:02:25.0854 0x0060  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:02:25.0862 0x0060  pcw - ok
12:02:25.0899 0x0060  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
12:02:25.0908 0x0060  pdc - ok
12:02:25.0924 0x0060  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:02:25.0979 0x0060  PEAUTH - ok
12:02:26.0059 0x0060  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:02:26.0123 0x0060  PerfHost - ok
12:02:26.0223 0x0060  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
12:02:26.0284 0x0060  pla - ok
12:02:26.0370 0x0060  [ 91B93EF867E5A0D782BEB7C31F29598D, 16E1F87233164E2D3CF24D17F383C96E57A95B215EC46880EF2CD4F139103B1C ] PlaysService    C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
12:02:26.0376 0x0060  PlaysService - ok
12:02:26.0406 0x0060  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:02:26.0417 0x0060  PlugPlay - ok
12:02:26.0482 0x0060  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:02:26.0508 0x0060  PNRPAutoReg - ok
12:02:26.0544 0x0060  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:02:26.0559 0x0060  PNRPsvc - ok
12:02:26.0668 0x0060  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:02:26.0729 0x0060  PolicyAgent - ok
12:02:26.0757 0x0060  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
12:02:26.0795 0x0060  Power - ok
12:02:27.0382 0x0060  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
12:02:27.0505 0x0060  PrintNotify - ok
12:02:27.0614 0x0060  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
12:02:27.0639 0x0060  Processor - ok
12:02:27.0669 0x0060  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
12:02:27.0727 0x0060  ProfSvc - ok
12:02:27.0757 0x0060  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:02:27.0783 0x0060  Psched - ok
12:02:27.0815 0x0060  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
12:02:27.0853 0x0060  QWAVE - ok
12:02:27.0885 0x0060  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:02:27.0902 0x0060  QWAVEdrv - ok
12:02:27.0916 0x0060  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:02:27.0940 0x0060  RasAcd - ok
12:02:27.0972 0x0060  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
12:02:27.0997 0x0060  RasAuto - ok
12:02:28.0036 0x0060  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\Windows\System32\rasmans.dll
12:02:28.0086 0x0060  RasMan - ok
12:02:28.0118 0x0060  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:02:28.0152 0x0060  RasPppoe - ok
12:02:28.0188 0x0060  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:02:28.0257 0x0060  rdbss - ok
12:02:28.0272 0x0060  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
12:02:28.0293 0x0060  rdpbus - ok
12:02:28.0300 0x0060  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:02:28.0347 0x0060  RDPDR - ok
12:02:28.0377 0x0060  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:02:28.0390 0x0060  RdpVideoMiniport - ok
12:02:28.0399 0x0060  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:02:28.0412 0x0060  rdyboost - ok
12:02:28.0578 0x0060  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
12:02:28.0622 0x0060  ReFS - ok
12:02:28.0665 0x0060  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:02:28.0689 0x0060  RemoteAccess - ok
12:02:28.0714 0x0060  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:02:28.0756 0x0060  RemoteRegistry - ok
12:02:28.0786 0x0060  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
12:02:28.0809 0x0060  RFCOMM - ok
12:02:28.0840 0x0060  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:02:28.0868 0x0060  RpcEptMapper - ok
12:02:28.0894 0x0060  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
12:02:28.0934 0x0060  RpcLocator - ok
12:02:28.0986 0x0060  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\Windows\system32\rpcss.dll
12:02:29.0011 0x0060  RpcSs - ok
12:02:29.0016 0x0060  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:02:29.0043 0x0060  rspndr - ok
12:02:29.0071 0x0060  [ 4EC89C0725CE4B98994B88F19B30C288, 4FA73C24A2E18D04CE27EEF17C9AE847D0251B711F60D116139F6166F90CD08F ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
12:02:29.0083 0x0060  RSUSBVSTOR - ok
12:02:29.0110 0x0060  [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
12:02:29.0135 0x0060  RTL8168 - ok
12:02:29.0183 0x0060  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
12:02:29.0190 0x0060  s3cap - ok
12:02:29.0216 0x0060  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
12:02:29.0226 0x0060  SamSs - ok
12:02:29.0268 0x0060  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:02:29.0288 0x0060  sbp2port - ok
12:02:29.0318 0x0060  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:02:29.0338 0x0060  SCardSvr - ok
12:02:29.0360 0x0060  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
12:02:29.0385 0x0060  ScDeviceEnum - ok
12:02:29.0415 0x0060  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:02:29.0425 0x0060  scfilter - ok
12:02:29.0632 0x0060  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
12:02:29.0687 0x0060  Schedule - ok
12:02:29.0718 0x0060  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:02:29.0729 0x0060  SCPolicySvc - ok
12:02:29.0846 0x0060  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
12:02:29.0881 0x0060  sdbus - ok
12:02:29.0888 0x0060  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
12:02:29.0897 0x0060  sdstor - ok
12:02:29.0930 0x0060  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:02:29.0964 0x0060  secdrv - ok
12:02:29.0996 0x0060  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
12:02:30.0035 0x0060  seclogon - ok
12:02:30.0053 0x0060  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
12:02:30.0065 0x0060  SENS - ok
12:02:30.0097 0x0060  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:02:30.0150 0x0060  SensrSvc - ok
12:02:30.0163 0x0060  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
12:02:30.0172 0x0060  SerCx - ok
12:02:30.0178 0x0060  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
12:02:30.0189 0x0060  SerCx2 - ok
12:02:30.0234 0x0060  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\Windows\System32\drivers\serenum.sys
12:02:30.0269 0x0060  Serenum - ok
12:02:30.0284 0x0060  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\Windows\System32\drivers\serial.sys
12:02:30.0309 0x0060  Serial - ok
12:02:30.0332 0x0060  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
12:02:30.0354 0x0060  sermouse - ok
12:02:30.0460 0x0060  [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:02:30.0500 0x0060  SessionEnv - ok
12:02:30.0505 0x0060  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
12:02:30.0519 0x0060  sfloppy - ok
12:02:30.0559 0x0060  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:02:30.0586 0x0060  SharedAccess - ok
12:02:30.0649 0x0060  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:02:30.0704 0x0060  ShellHWDetection - ok
12:02:30.0724 0x0060  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:02:30.0732 0x0060  SiSRaid2 - ok
12:02:30.0748 0x0060  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:02:30.0757 0x0060  SiSRaid4 - ok
12:02:30.0787 0x0060  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
12:02:30.0866 0x0060  smphost - ok
12:02:30.0888 0x0060  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:02:30.0906 0x0060  SNMPTRAP - ok
12:02:31.0086 0x0060  [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
12:02:31.0113 0x0060  spaceport - ok
12:02:31.0117 0x0060  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
12:02:31.0126 0x0060  SpbCx - ok
12:02:31.0168 0x0060  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
12:02:31.0263 0x0060  Spooler - ok
12:02:31.0880 0x0060  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\Windows\system32\sppsvc.exe
12:02:32.0039 0x0060  sppsvc - ok
12:02:32.0171 0x0060  [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:02:32.0232 0x0060  srv - ok
12:02:32.0257 0x0060  [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:02:32.0315 0x0060  srv2 - ok
12:02:32.0335 0x0060  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:02:32.0357 0x0060  srvnet - ok
12:02:32.0394 0x0060  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:02:32.0428 0x0060  SSDPSRV - ok
12:02:32.0461 0x0060  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:02:32.0482 0x0060  SstpSvc - ok
12:02:32.0514 0x0060  [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
12:02:32.0526 0x0060  ssudmdm - ok
12:02:32.0906 0x0060  [ 596DC69BB40A96FCA4B19D9D1E221E34, 3469D3B2E9A88E39C14AE2E3DD5EC3D91FBB88CA568D794555B397B50E64AB15 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:02:32.0937 0x0060  Steam Client Service - ok
12:02:32.0990 0x0060  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:02:33.0010 0x0060  stexstor - ok
12:02:33.0046 0x0060  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
12:02:33.0181 0x0060  stisvc - ok
12:02:33.0210 0x0060  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
12:02:33.0251 0x0060  storahci - ok
12:02:33.0272 0x0060  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:02:33.0280 0x0060  storflt - ok
12:02:33.0313 0x0060  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
12:02:33.0321 0x0060  stornvme - ok
12:02:33.0353 0x0060  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
12:02:33.0389 0x0060  StorSvc - ok
12:02:33.0411 0x0060  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:02:33.0424 0x0060  storvsc - ok
12:02:33.0448 0x0060  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
12:02:33.0473 0x0060  svsvc - ok
12:02:33.0507 0x0060  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
12:02:33.0514 0x0060  swenum - ok
12:02:33.0580 0x0060  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
12:02:33.0619 0x0060  swprv - ok
12:02:33.0676 0x0060  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
12:02:33.0766 0x0060  SysMain - ok
12:02:33.0803 0x0060  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
12:02:33.0838 0x0060  SystemEventsBroker - ok
12:02:33.0872 0x0060  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:02:33.0928 0x0060  TabletInputService - ok
12:02:33.0967 0x0060  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:02:34.0017 0x0060  TapiSrv - ok
12:02:34.0255 0x0060  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:02:34.0324 0x0060  Tcpip - ok
12:02:34.0511 0x0060  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:02:34.0572 0x0060  TCPIP6 - ok
12:02:34.0633 0x0060  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:02:34.0673 0x0060  tcpipreg - ok
12:02:34.0699 0x0060  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:02:34.0718 0x0060  tdx - ok
12:02:34.0728 0x0060  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
12:02:34.0737 0x0060  terminpt - ok
12:02:34.0792 0x0060  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
12:02:34.0878 0x0060  TermService - ok
12:02:34.0906 0x0060  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
12:02:34.0929 0x0060  Themes - ok
12:02:34.0956 0x0060  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
12:02:34.0967 0x0060  THREADORDER - ok
12:02:35.0054 0x0060  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
12:02:35.0116 0x0060  TimeBroker - ok
12:02:35.0138 0x0060  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
12:02:35.0151 0x0060  TPM - ok
12:02:35.0181 0x0060  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
12:02:35.0202 0x0060  TrkWks - ok
12:02:35.0236 0x0060  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:02:35.0269 0x0060  TrustedInstaller - ok
12:02:35.0285 0x0060  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:02:35.0344 0x0060  TsUsbFlt - ok
12:02:35.0372 0x0060  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
12:02:35.0408 0x0060  TsUsbGD - ok
12:02:35.0430 0x0060  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:02:35.0457 0x0060  tunnel - ok
12:02:35.0471 0x0060  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:02:35.0480 0x0060  uagp35 - ok
12:02:35.0500 0x0060  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
12:02:35.0509 0x0060  UASPStor - ok
12:02:35.0542 0x0060  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
12:02:35.0555 0x0060  UCX01000 - ok
12:02:35.0598 0x0060  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:02:35.0679 0x0060  udfs - ok
12:02:35.0702 0x0060  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
12:02:35.0710 0x0060  UEFI - ok
12:02:35.0744 0x0060  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:02:35.0783 0x0060  UI0Detect - ok
12:02:35.0788 0x0060  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:02:35.0796 0x0060  uliagpkx - ok
12:02:35.0831 0x0060  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
12:02:35.0868 0x0060  umbus - ok
12:02:35.0872 0x0060  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
12:02:35.0889 0x0060  UmPass - ok
12:02:35.0922 0x0060  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:02:35.0989 0x0060  UmRdpService - ok
12:02:36.0020 0x0060  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
12:02:36.0048 0x0060  upnphost - ok
12:02:36.0068 0x0060  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:02:36.0087 0x0060  usbaudio - ok
12:02:36.0097 0x0060  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
12:02:36.0108 0x0060  usbccgp - ok
12:02:36.0150 0x0060  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
12:02:36.0197 0x0060  usbcir - ok
12:02:36.0258 0x0060  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
12:02:36.0276 0x0060  usbehci - ok
12:02:36.0370 0x0060  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
12:02:36.0409 0x0060  usbhub - ok
12:02:36.0469 0x0060  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
12:02:36.0490 0x0060  USBHUB3 - ok
12:02:36.0526 0x0060  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
12:02:36.0584 0x0060  usbohci - ok
12:02:36.0593 0x0060  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
12:02:36.0627 0x0060  usbprint - ok
12:02:36.0657 0x0060  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
12:02:36.0668 0x0060  USBSTOR - ok
12:02:36.0684 0x0060  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
12:02:36.0709 0x0060  usbuhci - ok
12:02:36.0735 0x0060  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
12:02:36.0758 0x0060  usbvideo - ok
12:02:36.0781 0x0060  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
12:02:36.0799 0x0060  USBXHCI - ok
12:02:36.0816 0x0060  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
12:02:36.0824 0x0060  VaultSvc - ok
12:02:36.0831 0x0060  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:02:36.0839 0x0060  vdrvroot - ok
12:02:36.0898 0x0060  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
12:02:36.0974 0x0060  vds - ok
12:02:36.0982 0x0060  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
12:02:36.0993 0x0060  VerifierExt - ok
12:02:37.0035 0x0060  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
12:02:37.0060 0x0060  vhdmp - ok
12:02:37.0070 0x0060  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:02:37.0077 0x0060  viaide - ok
12:02:37.0104 0x0060  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:02:37.0113 0x0060  vmbus - ok
12:02:37.0132 0x0060  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
12:02:37.0141 0x0060  VMBusHID - ok
12:02:37.0143 0x0060  vmci - ok
12:02:37.0182 0x0060  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
12:02:37.0221 0x0060  vmicguestinterface - ok
12:02:37.0233 0x0060  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
12:02:37.0252 0x0060  vmicheartbeat - ok
12:02:37.0263 0x0060  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
12:02:37.0282 0x0060  vmickvpexchange - ok
12:02:37.0370 0x0060  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
12:02:37.0388 0x0060  vmicrdv - ok
12:02:37.0419 0x0060  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
12:02:37.0442 0x0060  vmicshutdown - ok
12:02:37.0454 0x0060  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
12:02:37.0472 0x0060  vmictimesync - ok
12:02:37.0519 0x0060  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
12:02:37.0537 0x0060  vmicvss - ok
12:02:37.0540 0x0060  VMnetAdapter - ok
12:02:37.0597 0x0060  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:02:37.0622 0x0060  volmgr - ok
12:02:37.0650 0x0060  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:02:37.0666 0x0060  volmgrx - ok
12:02:37.0698 0x0060  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:02:37.0714 0x0060  volsnap - ok
12:02:37.0741 0x0060  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
12:02:37.0750 0x0060  vpci - ok
12:02:37.0766 0x0060  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:02:37.0776 0x0060  vsmraid - ok
12:02:37.0989 0x0060  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
12:02:38.0067 0x0060  VSS - ok
12:02:38.0077 0x0060  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
12:02:38.0091 0x0060  VSTXRAID - ok
12:02:38.0174 0x0060  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:02:38.0210 0x0060  vwifibus - ok
12:02:38.0229 0x0060  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:02:38.0267 0x0060  vwififlt - ok
12:02:38.0281 0x0060  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:02:38.0290 0x0060  vwifimp - ok
12:02:38.0329 0x0060  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
12:02:38.0383 0x0060  W32Time - ok
12:02:38.0387 0x0060  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
12:02:38.0395 0x0060  WacomPen - ok
12:02:38.0461 0x0060  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\Windows\system32\wbengine.exe
12:02:38.0561 0x0060  wbengine - ok
12:02:38.0688 0x0060  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:02:38.0766 0x0060  WbioSrvc - ok
12:02:38.0795 0x0060  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
12:02:38.0826 0x0060  Wcmsvc - ok
12:02:38.0859 0x0060  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:02:38.0878 0x0060  wcncsvc - ok
12:02:38.0921 0x0060  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:02:38.0980 0x0060  WcsPlugInService - ok
12:02:38.0999 0x0060  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
12:02:39.0007 0x0060  WdBoot - ok
12:02:39.0050 0x0060  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:02:39.0075 0x0060  Wdf01000 - ok
12:02:39.0100 0x0060  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
12:02:39.0114 0x0060  WdFilter - ok
12:02:39.0139 0x0060  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:02:39.0158 0x0060  WdiServiceHost - ok
12:02:39.0162 0x0060  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:02:39.0174 0x0060  WdiSystemHost - ok
12:02:39.0189 0x0060  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
12:02:39.0199 0x0060  WdNisDrv - ok
12:02:39.0219 0x0060  WdNisSvc - ok
12:02:39.0268 0x0060  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\Windows\System32\webclnt.dll
12:02:39.0314 0x0060  WebClient - ok
12:02:39.0345 0x0060  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:02:39.0371 0x0060  Wecsvc - ok
12:02:39.0404 0x0060  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
12:02:39.0429 0x0060  WEPHOSTSVC - ok
12:02:39.0467 0x0060  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:02:39.0533 0x0060  wercplsupport - ok
12:02:39.0568 0x0060  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
12:02:39.0591 0x0060  WerSvc - ok
12:02:39.0624 0x0060  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
12:02:39.0634 0x0060  WFPLWFS - ok
12:02:39.0671 0x0060  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
12:02:39.0687 0x0060  WiaRpc - ok
12:02:39.0702 0x0060  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:02:39.0710 0x0060  WIMMount - ok
12:02:39.0712 0x0060  WinDefend - ok
12:02:39.0763 0x0060  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
12:02:39.0841 0x0060  WinHttpAutoProxySvc - ok
12:02:39.0911 0x0060  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:02:39.0987 0x0060  Winmgmt - ok
12:02:40.0130 0x0060  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
12:02:40.0206 0x0060  WinRM - ok
12:02:40.0240 0x0060  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\System32\drivers\WinUSB.sys
12:02:40.0280 0x0060  WinUsb - ok
12:02:40.0326 0x0060  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
12:02:40.0390 0x0060  WlanSvc - ok
12:02:40.0647 0x0060  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
12:02:40.0709 0x0060  wlidsvc - ok
12:02:40.0740 0x0060  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
12:02:40.0766 0x0060  WmiAcpi - ok
12:02:40.0798 0x0060  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:02:40.0810 0x0060  wmiApSrv - ok
12:02:40.0832 0x0060  WMPNetworkSvc - ok
12:02:40.0850 0x0060  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
12:02:40.0860 0x0060  Wof - ok
12:02:41.0029 0x0060  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
12:02:41.0094 0x0060  workfolderssvc - ok
12:02:41.0129 0x0060  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
12:02:41.0138 0x0060  wpcfltr - ok
12:02:41.0162 0x0060  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:02:41.0188 0x0060  WPCSvc - ok
12:02:41.0210 0x0060  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:02:41.0272 0x0060  WPDBusEnum - ok
12:02:41.0286 0x0060  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
12:02:41.0295 0x0060  WpdUpFltr - ok
12:02:41.0299 0x0060  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:02:41.0320 0x0060  ws2ifsl - ok
12:02:41.0343 0x0060  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
12:02:41.0416 0x0060  wscsvc - ok
12:02:41.0419 0x0060  WSearch - ok
12:02:41.0753 0x0060  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
12:02:41.0868 0x0060  WSService - ok
12:02:42.0233 0x0060  [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:02:42.0376 0x0060  wuauserv - ok
12:02:42.0405 0x0060  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:02:42.0440 0x0060  WudfPf - ok
12:02:42.0478 0x0060  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
12:02:42.0506 0x0060  WUDFRd - ok
12:02:42.0539 0x0060  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:02:42.0558 0x0060  wudfsvc - ok
12:02:42.0566 0x0060  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
12:02:42.0577 0x0060  WUDFWpdFs - ok
12:02:42.0585 0x0060  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
12:02:42.0597 0x0060  WUDFWpdMtp - ok
12:02:42.0729 0x0060  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:02:42.0766 0x0060  WwanSvc - ok
12:02:42.0774 0x0060  ================ Scan global ===============================
12:02:42.0829 0x0060  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
12:02:42.0866 0x0060  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
12:02:42.0896 0x0060  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
12:02:42.0933 0x0060  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
12:02:42.0940 0x0060  [ Global ] - ok
12:02:42.0941 0x0060  ================ Scan MBR ==================================
12:02:42.0948 0x0060  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:02:43.0039 0x0060  \Device\Harddisk0\DR0 - ok
12:02:43.0040 0x0060  ================ Scan VBR ==================================
12:02:43.0054 0x0060  [ 4EB636ECD8AA1E6658885A7ACDD7C807 ] \Device\Harddisk0\DR0\Partition1
12:02:43.0078 0x0060  \Device\Harddisk0\DR0\Partition1 - ok
12:02:43.0113 0x0060  [ 1C7B055E353E842CA9B251286EE8D9D2 ] \Device\Harddisk0\DR0\Partition2
12:02:43.0184 0x0060  \Device\Harddisk0\DR0\Partition2 - ok
12:02:43.0205 0x0060  [ 36D560A2D5168277E361A1148ED8EFBB ] \Device\Harddisk0\DR0\Partition3
12:02:43.0205 0x0060  \Device\Harddisk0\DR0\Partition3 - ok
12:02:43.0228 0x0060  [ 960536C4936A319A647FB69E1BDA7609 ] \Device\Harddisk0\DR0\Partition4
12:02:43.0284 0x0060  \Device\Harddisk0\DR0\Partition4 - ok
12:02:43.0313 0x0060  [ 9831D49DD78F57ABA66C9B5A9DD13704 ] \Device\Harddisk0\DR0\Partition5
12:02:43.0339 0x0060  \Device\Harddisk0\DR0\Partition5 - ok
12:02:43.0365 0x0060  [ AAC270992AB24A547CA6B70F69477475 ] \Device\Harddisk0\DR0\Partition6
12:02:43.0367 0x0060  \Device\Harddisk0\DR0\Partition6 - ok
12:02:43.0367 0x0060  ================ Scan generic autorun ======================
12:02:43.0928 0x0060  [ BE586B5D1D73E1F07ED5AADDEFBCAA47, 68D957EBE01DD369BF4E2D5D07A7EDF9408066E61056A1C4968DBF8CE5841BBE ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:02:43.0976 0x0060  NvBackend - ok
12:02:44.0038 0x0060  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
12:02:44.0099 0x0060  ShadowPlay - ok
12:02:44.0153 0x0060  [ EC160CC63955C4C4845C056962F9987F, 99AC2E788982742B9539C519F2E779C78C34CDF8CACBB4D34FF20F3E47981F5D ] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe
12:02:44.0167 0x0060  WebStorage - ok
12:02:44.0438 0x0060  Dropbox - ok
12:02:44.0694 0x0060  [ 39969FBA06DC0C0E12EFAAE0BBE6E699, 07241AD7CA2DC89BAF380291D3C29A8DA498E313466EA5DB0198D746EC8A5DAE ] C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe
12:02:44.0708 0x0060  PlaysTV - ok
12:02:44.0755 0x0060  [ 89E2275225B59A7C7F9F27B9ACF97EAA, E91056142E439F594D5929FC3710C88AE2B1FE5CE1FDD29A64C615741BFE89F8 ] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe
12:02:44.0780 0x0060  Raptr - ok
12:02:44.0822 0x0060  [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:02:44.0838 0x0060  SunJavaUpdateSched - ok
12:02:45.0036 0x0060  [ 39A1357E94320955DB68CA959E310336, 3EF92FCB4AFA43BF18ACFB4FB1232E76019B5F4C27302FCDBA195E76CF27BC4D ] C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
12:02:45.0083 0x0060  Overwolf - ok
12:02:45.0454 0x0060  [ 131410FC40F1AC25ECA8EF7C321C5DEE, 77BF2476C38A059E93A53A0EADC3163AA545915B7D37039EAA43E33E17D64673 ] C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe
12:02:45.0489 0x0060  Spotify Web Helper - ok
12:02:46.0925 0x0060  [ F975DF7AB2EB764A63DC9EFF5C29E1E9, 0DE17BAB7AA4EE769F62D2CBEDA3A25715ED718C23E0CD748AE8EBBF5F49469F ] C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe
12:02:47.0057 0x0060  Spotify - ok
12:02:47.0496 0x0060  [ 5710E80EAB62305C4FD4D968567448D2, BDC26F7A2313AB637FDBEEFCA705C5DF5C6F73F28F4BBB4C5FF2BB6B3F551CE6 ] C:\Program Files (x86)\Steam\steam.exe
12:02:47.0552 0x0060  Steam - ok
12:02:49.0831 0x0060  [ C4668A2D015BFC941394010662CC21CC, 971712B7C2B12C2931A26B39D7FEB8D1AE0FDF2CEE33A6DE28232DA669CADB16 ] C:\Program Files\CCleaner\CCleaner64.exe
12:02:50.0099 0x0060  CCleaner Monitoring - ok
12:02:50.0420 0x0060  [ B98CC48EA3265B55E98686F740CE6EB7, DF3544EF61C28F63EB6FA7D44221814C7CA05EDE31226E9D5BAFAB6E14D7465F ] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
12:02:50.0443 0x0060  BlueStacks Agent - ok
12:02:50.0629 0x0060  Discord - ok
12:02:50.0631 0x0060  Waiting for KSN requests completion. In queue: 157
12:02:50.0723 0x12b4  Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
12:02:50.0901 0x12b4  Object send P2P result: true
12:02:51.0639 0x0060  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )
12:02:51.0642 0x0060  Win FW state via NFP2: enabled ( trusted )
12:02:51.0703 0x0060  ============================================================
12:02:51.0703 0x0060  Scan finished
12:02:51.0703 0x0060  ============================================================
12:02:51.0709 0x1ea4  Detected object count: 1
12:02:51.0709 0x1ea4  Actual detected object count: 1
12:03:32.0830 0x1ea4  Asus WebStorage Windows Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:03:32.0830 0x1ea4  Asus WebStorage Windows Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:03:40.0869 0x1704  Deinitialize success
         


Alt 22.02.2017, 12:08   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 8.1: Avast meldet VBS:Malware-gen - Standard

Win 8.1: Avast meldet VBS:Malware-gen



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
--> Win 8.1: Avast meldet VBS:Malware-gen

Alt 22.02.2017, 12:35   #7
Damina1997
 
Win 8.1: Avast meldet VBS:Malware-gen - Standard

Win 8.1: Avast meldet VBS:Malware-gen



Der AdwCleaner-Log:
Code:
ATTFilter
# AdwCleaner v6.043 - Bericht erstellt am 22/02/2017 um 12:19:18
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-20.3 [Lokal]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : Denise - DENISE-NOTEBOOK
# Gestartet von : C:\Users\Denise\Downloads\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****

[-] Datei gelöscht: C:\END


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****

[-] [C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: vlc.de


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1075 Bytes] - [22/02/2017 12:19:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [1369 Bytes] - [22/02/2017 12:16:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1441 Bytes] - [22/02/2017 12:18:45]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1294 Bytes] ##########
         
JRT-Log:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 8.1 x64 
Ran by Denise (Administrator) on 22.02.2017 at 12:28:30,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\Windows\wininit.ini (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.02.2017 at 12:31:06,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 22.02.2017, 12:49   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 8.1: Avast meldet VBS:Malware-gen - Standard

Win 8.1: Avast meldet VBS:Malware-gen



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.02.2017, 12:57   #9
Damina1997
 
Win 8.1: Avast meldet VBS:Malware-gen - Standard

Win 8.1: Avast meldet VBS:Malware-gen



FRST-Log:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-02-2017
durchgeführt von Denise (Administrator) auf DENISE-NOTEBOOK (22-02-2017 12:53:26)
Gestartet von C:\Users\Denise\Downloads
Geladene Profile: Denise (Verfügbare Profile: Denise)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-13] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1057840 2017-02-02] ()
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify Web Helper] => C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-21] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify] => C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-02-21] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-09-29] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Discord] => C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
Startup: C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-12-19]
ShortcutTarget: Curse.lnk -> C:\Users\Denise\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BF9CCFC1-6FCA-4ABF-8044-CAB8EB45663B}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E5937EBF-A255-40C3-B2F8-6204570F2CF3}: [DhcpNameServer] 192.168.24.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Keine Datei
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome: 
=======
CHR Profile: C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default [2017-02-22]
CHR Extension: (Google Präsentationen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-04]
CHR Extension: (Google Docs) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-04]
CHR Extension: (Google Drive) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (YouTube) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-04]
CHR Extension: (Adblock Plus) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-28]
CHR Extension: (Google-Suche) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (FrankerFaceZ) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2015-12-17]
CHR Extension: (Google Tabellen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Twitch Live) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2017-01-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-25]
CHR Extension: (Google Mail) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-09-10] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-29] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-29] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-29] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-17] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-17] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1318128 2017-02-02] (Overwolf LTD)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-13] (Plays.tv, LLC)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4221952 2014-09-09] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-09-19] (ASUS Corporation)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-29] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-28] (Bluestack System Inc. )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 aswVmm; kein ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 DfSdkS; kein ImagePath
U0 msahci; system32\drivers\msahci.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-22 12:53 - 2017-02-22 12:53 - 00000000 ____D C:\Users\Denise\Downloads\FRST-OlderVersion
2017-02-22 12:31 - 2017-02-22 12:31 - 00000598 _____ C:\Users\Denise\Desktop\JRT.txt
2017-02-22 12:25 - 2017-02-22 12:25 - 01663040 _____ (Malwarebytes) C:\Users\Denise\Downloads\JRT.exe
2017-02-22 12:15 - 2017-02-22 12:19 - 00000000 ____D C:\AdwCleaner
2017-02-22 12:10 - 2017-02-22 12:10 - 04015056 _____ C:\Users\Denise\Downloads\AdwCleaner_6.043.exe
2017-02-22 12:00 - 2017-02-22 12:03 - 00232084 _____ C:\TDSSKiller.3.1.0.12_22.02.2017_12.00.39_log.txt
2017-02-22 12:00 - 2017-02-22 12:00 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Denise\Downloads\tdsskiller.exe
2017-02-22 11:36 - 2017-02-22 11:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-22 11:36 - 2017-02-22 11:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-22 11:36 - 2017-02-22 11:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-22 11:34 - 2017-02-22 11:59 - 00000000 ____D C:\Users\Denise\Desktop\mbar
2017-02-22 11:34 - 2017-02-22 11:34 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-22 11:33 - 2017-02-22 11:34 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Denise\Downloads\mbar-1.09.3.1001.exe
2017-02-22 10:39 - 2017-02-22 10:41 - 00052544 _____ C:\Users\Denise\Downloads\Addition.txt
2017-02-22 10:37 - 2017-02-22 12:54 - 00022834 _____ C:\Users\Denise\Downloads\FRST.txt
2017-02-22 10:37 - 2017-02-22 12:53 - 00000000 ____D C:\FRST
2017-02-22 10:30 - 2017-02-22 12:53 - 02422784 _____ (Farbar) C:\Users\Denise\Downloads\FRST64.exe
2017-02-20 13:20 - 2017-02-20 13:20 - 00178819 _____ C:\Users\Denise\Downloads\Xray Ultimate 1.11 v2.1.2.zip
2017-02-14 16:13 - 2017-02-14 16:13 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-02-14 16:13 - 2016-04-14 06:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-02-14 16:13 - 2016-04-14 06:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-02-14 16:13 - 2016-04-14 06:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-02-14 13:04 - 2017-02-14 13:04 - 00000000 ____D C:\Users\Denise\AppData\Local\TeamSpeak 3
2017-02-14 13:04 - 2017-02-14 13:04 - 00000000 ____D C:\Users\Denise\.TeamSpeak 3
2017-02-10 12:25 - 2017-02-10 12:25 - 00104441 _____ C:\Users\Denise\Downloads\Baubles-1.10.2-1.3.6.jar
2017-02-10 12:22 - 2017-02-10 12:22 - 38810496 _____ (Mojang) C:\Users\Denise\Downloads\Minecraft.exe
2017-02-10 12:20 - 2017-02-10 12:20 - 00323120 _____ C:\Users\Denise\Downloads\Just-Enough-Items-Mod-1.10.2.jar
2017-02-10 12:16 - 2017-02-10 12:16 - 00152006 _____ C:\Users\Denise\Downloads\CodeChickenCore-1.10.2-2.1.8.79-universal.jar
2017-02-10 12:13 - 2017-02-10 12:13 - 06159026 _____ C:\Users\Denise\Downloads\BiomesOPlenty-1.10.2-5.0.0.2096-universal.jar
2017-02-10 12:12 - 2017-02-10 12:12 - 00108857 _____ C:\Users\Denise\Downloads\XaerosWorldMap_b1.7_Forge_1.10.2.jar
2017-02-10 12:08 - 2017-02-10 12:08 - 00919120 _____ C:\Users\Denise\Downloads\mysticalagriculture[1.10.2]-1.3.8a.jar
2017-02-10 12:06 - 2017-02-10 12:06 - 00504115 _____ C:\Users\Denise\Downloads\ShadowMC-1.10.2-3.6.1.jar
2017-02-10 12:05 - 2017-02-10 12:05 - 00031953 _____ C:\Users\Denise\Downloads\LargeVeins-1.10.2-1.0.0.jar
2017-02-10 12:04 - 2017-02-10 12:04 - 03055612 _____ C:\Users\Denise\Downloads\Pam's HarvestCraft 1.9.4-1.10.2h.jar
2017-02-10 11:59 - 2017-02-10 11:59 - 01700039 _____ C:\Users\Denise\Downloads\BattleTowers-1.10.2.zip
2017-02-10 11:58 - 2017-02-10 11:58 - 01087335 _____ C:\Users\Denise\Downloads\PrimordialCrops-v1.7c_mc1.9.4.jar
2017-02-10 11:58 - 2017-02-10 11:58 - 00557535 _____ C:\Users\Denise\Downloads\StorageDrawers-1.10.2-3.5.17.jar
2017-02-10 11:58 - 2017-02-10 11:58 - 00094810 _____ C:\Users\Denise\Downloads\Chameleon-1.10-2.2.2.jar
2017-02-09 15:32 - 2017-02-09 15:32 - 13854393 _____ C:\Users\Denise\Downloads\Botania r1.9-340.jar
2017-02-09 15:03 - 2017-02-09 15:03 - 00254633 _____ C:\Users\Denise\Downloads\infinitylib-0.6.2.jar
2017-02-09 14:59 - 2017-02-09 14:59 - 04591052 _____ C:\Users\Denise\Downloads\forge-1.10.2-12.18.3.2221-installer.jar
2017-02-09 14:53 - 2017-02-09 14:53 - 04353862 _____ C:\Users\Denise\Downloads\forge-1.10-12.18.0.2000-1.10.0-installer.jar
2017-02-09 14:52 - 2017-02-09 14:53 - 01175727 _____ C:\Users\Denise\Downloads\agricraft-2.0.0-0.6.0-a10.jar
2017-02-08 22:20 - 2017-02-08 22:20 - 00000000 ____D C:\Users\Denise\Documents\BnS
2017-02-08 17:42 - 2017-02-08 17:42 - 00002248 _____ C:\Users\Public\Desktop\Blade & Soul.lnk
2017-02-08 17:42 - 2017-02-08 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2017-02-08 17:42 - 2017-02-08 17:42 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2017-02-08 17:41 - 2017-02-08 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2017-02-08 17:41 - 2017-02-08 17:41 - 00000000 ____D C:\Program Files (x86)\NCWest
2017-02-08 17:30 - 2017-02-08 17:40 - 227200840 _____ (NC Interactive, LLC) C:\Users\Denise\Downloads\BnS_Lite_Installer.exe
2017-02-08 05:42 - 2017-02-08 05:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-05 12:26 - 2017-02-10 12:22 - 00000220 _____ C:\Users\Denise\Downloads\updateLog.txt
2017-02-04 10:39 - 2017-02-04 10:39 - 00068256 _____ C:\Users\Denise\Downloads\2014-10-08 Lebenslauf.pdf
2017-02-04 10:37 - 2017-02-04 10:37 - 00047468 _____ C:\Users\Denise\Downloads\Anschreiben.pdf
2017-02-02 20:38 - 2017-02-10 12:23 - 00000000 ____D C:\Users\Denise\Downloads\tmp
2017-02-02 20:38 - 2017-02-02 20:38 - 00000000 ____D C:\Users\Denise\Downloads\tools

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-22 12:40 - 2015-11-04 15:20 - 00001246 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-02-22 12:32 - 2015-11-04 15:14 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2606138470-3405722970-712637843-1001
2017-02-22 12:27 - 2016-12-19 13:07 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Curse Client
2017-02-22 12:27 - 2015-11-04 15:13 - 00001539 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2017-02-22 12:27 - 2015-11-04 15:11 - 00000165 _____ C:\Users\Denise\AppData\Roaming\sp_data.sys
2017-02-22 12:24 - 2015-11-04 18:24 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-22 12:24 - 2015-11-04 15:27 - 00000000 ____D C:\Users\Denise\AppData\Local\Overwolf
2017-02-22 12:24 - 2015-11-04 15:13 - 00000000 ___RD C:\Users\Denise\OneDrive
2017-02-22 12:22 - 2015-11-04 15:27 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-02-22 12:21 - 2015-11-04 15:20 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-02-22 12:20 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-22 12:19 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-22 12:01 - 2016-08-01 11:33 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-02-22 12:01 - 2015-11-04 15:14 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-02-22 11:23 - 2016-03-24 22:58 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-22 11:21 - 2016-11-17 16:10 - 00001312 _____ C:\Users\Denise\Downloads\nativelog.txt
2017-02-21 22:53 - 2015-11-04 16:10 - 00000000 ____D C:\Users\Denise\AppData\Local\Spotify
2017-02-21 22:53 - 2015-11-04 16:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Spotify
2017-02-21 22:08 - 2015-11-04 15:27 - 00000000 ____D C:\Users\Denise\AppData\Roaming\TS3Client
2017-02-21 20:42 - 2016-12-19 15:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.minecraft
2017-02-19 10:36 - 2016-09-10 12:49 - 02234368 ___SH C:\Users\Denise\Downloads\Thumbs.db
2017-02-18 05:16 - 2016-12-09 19:49 - 00002370 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-02-18 05:16 - 2016-12-06 02:32 - 00003188 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-18 05:16 - 2016-02-21 13:41 - 00003196 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2606138470-3405722970-712637843-1001
2017-02-17 13:23 - 2016-07-25 09:11 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Origin
2017-02-17 11:48 - 2016-07-25 09:11 - 00000000 ____D C:\ProgramData\Origin
2017-02-17 11:45 - 2016-07-25 09:10 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-16 16:42 - 2016-01-08 16:39 - 00000000 ____D C:\Users\Denise\Documents\Euro Truck Simulator 2
2017-02-15 16:01 - 2015-11-21 23:37 - 00001495 _____ C:\Users\Denise\Desktop\Shuffle Fanfiction ab Teil 20.lnk
2017-02-15 15:48 - 2016-02-16 01:18 - 00000000 ____D C:\Users\Denise\Documents\American Truck Simulator
2017-02-14 16:15 - 2015-11-07 13:31 - 00000000 ____D C:\Users\Denise\AppData\Local\NVIDIA Corporation
2017-02-14 16:15 - 2015-11-04 15:09 - 00000000 ____D C:\Users\Denise\AppData\Local\NVIDIA
2017-02-14 16:14 - 2015-11-07 13:31 - 00001395 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-02-14 16:14 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-02-14 13:15 - 2016-11-16 14:27 - 00000000 ____D C:\Users\Denise\Documents\Texte
2017-02-14 13:04 - 2015-11-04 15:05 - 00000000 ____D C:\Users\Denise
2017-02-14 13:03 - 2015-11-04 15:27 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-02-12 14:51 - 2015-12-27 22:36 - 00000000 ____D C:\Users\Denise\AppData\Local\CrashDumps
2017-02-12 11:28 - 2016-08-30 14:36 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Temp
2017-02-12 11:27 - 2016-10-29 22:36 - 00000000 ____D C:\Windows\Minidump
2017-02-08 22:39 - 2016-09-13 10:24 - 00000000 ____D C:\Users\Denise\AppData\Roaming\discord
2017-02-08 22:34 - 2015-11-04 15:20 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-08 17:42 - 2015-03-18 13:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-06 20:53 - 2015-11-04 15:18 - 00002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-04 11:16 - 2016-10-01 21:14 - 00000000 ____D C:\Users\Denise\Downloads\Bilder für Schatz
2017-02-03 01:29 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-25 16:05 - 2014-10-29 13:02 - 00767018 _____ C:\Windows\system32\perfh007.dat
2017-01-25 16:05 - 2014-10-29 13:02 - 00159786 _____ C:\Windows\system32\perfc007.dat
2017-01-25 16:05 - 2014-03-18 16:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-04 15:11 - 2017-02-22 12:27 - 0000165 _____ () C:\Users\Denise\AppData\Roaming\sp_data.sys
2016-07-12 22:15 - 2016-07-12 22:15 - 0001454 _____ () C:\Users\Denise\AppData\Local\recently-used.xbel
2016-02-29 23:33 - 2016-05-28 13:10 - 0007606 _____ () C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2015-03-18 13:53 - 2015-03-18 13:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 07:25 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 07:25 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 07:25 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Einige Dateien in TEMP:
====================
2017-02-13 13:31 - 2017-02-13 13:31 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2942103387282646387.dll
2017-02-12 11:29 - 2017-02-12 11:29 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5506774322074654494.dll
2017-02-13 13:12 - 2017-02-13 13:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-7103026082983069715.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-08 04:36

==================== Ende von FRST.txt ============================
         
Addition-Log:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-02-2017
durchgeführt von Denise (22-02-2017 12:54:36)
Gestartet von C:\Users\Denise\Downloads
Windows 8.1 (Update) (X64) (2015-11-04 14:07:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2606138470-3405722970-712637843-500 - Administrator - Disabled)
Denise (S-1-5-21-2606138470-3405722970-712637843-1001 - Administrator - Enabled) => C:\Users\Denise
Gast (S-1-5-21-2606138470-3405722970-712637843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2606138470-3405722970-712637843-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.39 - Ashampoo GmbH & Co. KG)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.61.6289 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Car Mechanic Simulator 2015 (HKLM-x32\...\Steam App 320300) (Version:  - Red Dot Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Diesel Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 World Adventures) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.24.102.1020 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.293.1110 - Electronic Arts Inc.)
Digimon Masters Online (HKLM\...\Steam App 537180) (Version:  - Move Games Co., Ltd.)
Discord (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
Farming Simulator 17 (HKLM\...\Steam App 447020) (Version:  - Giants Software)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version:  - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hello Kitty Online POD Installer (HKLM-x32\...\{0150D55C-0FEE-4F1D-BEE5-085C0DD2B476}_is1) (Version: 1.9.9.0.2 - SANRIODIGITAL GAMES & ENTERTAINMENT INC)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Layers of Fear (HKLM\...\Steam App 391720) (Version:  - Bloober Team SA)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version:  - )
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3c3ba69a-df4e-4526-88e4-04f1ff87fc0d}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.102.213.0 - Overwolf Ltd.)
Parkitect (HKLM\...\Steam App 453090) (Version:  - Texel Raptor)
Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.23) (Version: 2.0.23 - Ikara Software Limited)
Pixelmon Launcher (Beta) (x32 Version: 2.0.23 - Ikara Software Limited) Hidden
Plantera (HKLM\...\Steam App 421040) (Version:  - VaragtP)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.3-r114511-release - Plays.tv, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc)
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Slime Rancher (HKLM\...\Steam App 433340) (Version:  - Monomi Park)
Spotify (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Bunker (HKLM\...\Steam App 481110) (Version:  - Splendy Interactive)
The Guest (HKLM\...\Steam App 402040) (Version:  - Team Gotham)
The Walking Dead (HKLM\...\Steam App 207610) (Version:  - Telltale Games)
TruckersMP 0.2.1.3.5 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.3.5 Alpha - TruckersMP Team)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unreal Development Kit: 2012-07 (HKLM\...\UDK-85b1f5f2-c617-4d5a-942e-760c69695908) (Version:  - Epic Games, Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Viscera Cleanup Detail (HKLM\...\Steam App 246900) (Version:  - RuneStorm)
Viscera Cleanup Detail: Shadow Warrior (HKLM\...\Steam App 255520) (Version:  - RuneStorm)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zoo Tycoon 2 (HKLM-x32\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2606138470-3405722970-712637843-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Denise\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileCoAuthLib64.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07321C46-5DD2-47DA-BA1C-EFB16558C116} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {19322365-6413-495C-B6B3-587BB1FDA412} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-12] (Microsoft Corporation)
Task: {24903DAB-555C-44AD-B392-68D313BA773A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {2C07E802-0667-403C-80E1-EFD2D2CC354A} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {3A1F1DDC-02BA-45AB-9A82-ECD4902A6552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {401F971E-3089-45D6-8760-58EB4216B3F2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {40EF050C-627F-48A5-81F8-3F0A7A1AF873} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {4438B3D2-206C-48AA-9028-CA480F4D5768} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {55F9F674-3A2E-4C68-BF66-58AA1955A108} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {62687EC0-BB73-4EA9-8F8E-A800049FE0D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {911D73C4-9DE2-46B8-B701-59970283A9CF} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
Task: {983DD468-029B-4F16-A77A-310293C8F729} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-02-02] (Overwolf LTD)
Task: {AB6DFF50-8E3D-419E-9173-D8DC9D6AF47B} - System32\Tasks\{F4B0E50F-1D1D-49E4-A13D-11BAF2D67674} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/de/abandoninstall?page=tsProgressBar
Task: {B847F2D4-38DE-46D7-ABE1-0C0479CAECEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {D1F5C5CF-4FF7-4A25-8165-75DEB8385C6A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {D66A24C1-B98B-4B82-9873-5C95D27B7780} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {D9298A94-FF7B-4008-B247-DC3F13B8B46E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {E81BCDCC-2BD4-422C-B3D3-FA24F205F188} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {F2987583-C64B-4210-8369-6D05BCDC321D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek)
Task: {F349EF15-C2F3-46B0-8189-E5FF70116D2B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-02-14 16:14 - 2016-06-15 02:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-01 12:35 - 2016-06-15 02:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-01 12:35 - 2016-06-15 02:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-02-14 16:14 - 2016-06-15 02:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-11-05 17:23 - 2015-11-05 17:23 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 21:57 - 2015-12-07 21:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2015-01-06 16:40 - 2015-01-06 16:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-11-07 13:31 - 2016-06-15 02:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-02-06 20:53 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 20:53 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Denise\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Spotify"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C852CC74-3AB4-4C98-941B-BE20D823E1A1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0EA8F599-958B-4D85-A13E-12C272DD6E06}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{692D9FC0-DB01-4E87-B382-E26EF1BC663B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0F62AF29-AE03-4711-B9C8-962924E57F03}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CFCD695A-B70B-4899-88EB-6D98EEDFDB01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe
FirewallRules: [{76DCA23A-E0EE-4AA5-A85C-4818EBD2E7CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe
FirewallRules: [{50F34949-4DD3-4672-9DE9-83CE38D0B294}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8FEAF39F-D717-4E2F-A0E3-FC65F540E1C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2B36FE30-2449-46D2-B4FA-4785C2ACF641}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FD1B3530-E5D5-4CAA-9697-80927BF9D090}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E76FD92-8B5C-4994-9F60-4C88D5550984}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90E74E70-64DE-48C4-BE2B-959AC2D01AB5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CE2C69F0-5BFA-4864-9383-A69102073E9A}] => (Allow) LPort=2869
FirewallRules: [{A9573006-EB2F-4A65-BC7D-3B02D79A1BF6}] => (Allow) LPort=1900
FirewallRules: [{A578AC21-C9B0-471D-BE1D-BBF5724C4243}] => (Allow) C:\Users\Denise\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{410E767A-7BF5-479C-B8A5-A844F49BD32F}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2FB2C07B-FB74-4F3B-8F9C-CB9AADD39FB5}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{44825738-657D-4781-AF8B-B5C7CC9381E6}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FF89640C-415A-44C1-AADB-70BE7BC0ED32}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{74272E56-A37C-4C78-B2DA-A7D38918C2C8}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{B99E8C7E-64E1-4474-9A55-965F4D04A0D6}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{077305C1-6CA4-4440-91E3-91796E37AB6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{6E3F84AE-0C97-46DF-AE27-1352183502C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{B5D1D315-B367-43CE-ABAA-F2D8C74A0E9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{D512DE21-B79F-4BFC-9DA1-E3C9DA92231B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{ACFCD07C-A033-433D-9F94-3B083F2EB158}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{26C769EE-C490-41E2-8E33-F982AED27D12}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8C024486-2A32-43B1-A337-FBED48E33D47}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D930DBF9-1A2C-44E4-853F-65D36BE9DE58}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5950631D-9FD3-4C0F-ABEE-5E0DE5246796}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{E750D3D9-3B8D-49EF-B230-62ACFF1F2E48}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7BC0AB2F-3B7B-494E-8688-3E7D21578809}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{28E642CB-E2A6-4754-98C7-7EB68F2C0B33}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B4F9A977-F23C-43E4-B86C-6B8C91C6E9C7}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{0EE0F3F7-8294-4435-BCC2-1FFF90E6E88E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9FBE8FE5-0ADC-400E-BA2D-D2ED09058820}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{92E232EB-4B0E-4347-A41E-E460E26E85F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06892A54-0D32-485D-A00D-49ABC63F7332}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DC610AF3-702C-433E-A1CA-736B1B623405}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{D812B741-A175-44EE-A9C6-76EA5E676A00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [TCP Query User{C4FA9BF0-5E5C-4E45-B8E9-4F6B5120A016}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{98CEC8B7-2C3C-4E2C-8987-FCB57ECD6178}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{C11653EC-C768-44C7-8A23-BD0C119B6B6A}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{156FAF76-F16C-4092-81E3-09DC85623F9E}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{AD9A4297-C8E7-4AF0-9498-F0622D07BBD3}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{82E23260-2925-4537-A54B-EBF1A3C5271B}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{DE027E83-8DCC-4970-851F-86A6745E6B0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{04E8BAB4-AD3F-4D79-8027-A0E8DFB20515}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{4A029489-CDBE-468C-902E-F602E935DF52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{7CBCDFD0-1264-4F98-8308-810F0C77898D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{4DB9C503-2104-4B3B-B489-AA87B971EC78}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{09B490A0-33CD-408E-8DAA-85107302ED4E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{82CBB81C-28C5-46B4-80D0-293ABC1A243F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{7AFB2B2F-5EBE-4C43-AE3F-022ABD259DAE}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{264DE989-FF16-44C1-91E9-B3909E7FDA3C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{AEF8F3B9-A84E-4102-9236-9A734296C033}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{46CE26BD-3ABB-4695-BD53-437ABD8EA23F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{CEF7B75C-B74A-4217-A65D-4E5C0563D67C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [TCP Query User{260EDB40-7783-4AB7-B696-F33C1D7AE530}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{6EC3281C-C5FE-4622-81BB-04393E9B100E}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [{80813FC3-E378-4F33-B6D9-4661F48F0ACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{95039B5D-1CAE-4E1C-BB8E-E757A475B700}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [TCP Query User{C0254287-BA1C-46AC-82B5-BCD9421E7610}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{ED5F17EC-ED5B-4B5C-8683-163C1FF19047}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{1D309B50-8114-4341-8204-B0F6D792DBCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Plantera\Plantera.exe
FirewallRules: [{8F8C8879-A857-4F5B-86EE-52C7D4BE036A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Plantera\Plantera.exe
FirewallRules: [{E1236C48-44F5-4D86-A2FB-DFC66F6BD649}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Guest\TheGuestSteam_Test.exe
FirewallRules: [{CB2E6E50-E365-4C56-9065-08484F7395F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Guest\TheGuestSteam_Test.exe
FirewallRules: [{17EC79A6-35B4-4E06-BEB0-D88B3265C76A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CFE9155A-1F52-4E45-B10B-3926AACE054A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{15CD06B2-9A60-4B00-A53B-A8F5480AEC00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{311613AD-925A-4187-BEBF-1BDB64EE445F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{263035E6-FB7E-4700-B650-C3D91BADD530}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{C05A21D5-F7D4-4AA7-9F56-111F832E4527}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{3D6ED0DB-18CF-47B6-B94C-0E3A5543B52D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9A5FE8C4-E35A-42D6-A362-9BCF984CBC52}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FEB60B57-D58C-4EFA-9A65-C2BC94A20E76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{2964DDF6-846B-4405-A169-7C8BBF4643DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{23FF6FA8-2E72-4881-921E-9F020FC9A397}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{51CA4EE6-B381-400B-A3D6-AAAAA3F11B91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{F39F3E71-32A1-42C1-9FCC-DAF01388E44A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{88BE5797-3782-4A5F-B95D-7D27DB95CD9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{C69DE373-590B-4BA2-B555-7715B351C8E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Bunker\TheBunker.exe
FirewallRules: [{68CA7CDD-47A2-434C-9220-57AEC86DDCE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Bunker\TheBunker.exe
FirewallRules: [{E8AA1BEE-10F5-4240-A606-6BD3BBB6B026}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Layers of Fear\Layers of Fear.exe
FirewallRules: [{897DA43B-3B01-4A5E-876F-837F3A379D1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Layers of Fear\Layers of Fear.exe
FirewallRules: [{224862FC-11A3-49C3-A064-67B50891F1EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{F4C9D8E8-4702-4844-ADFB-B994F15FF368}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{4C5C6399-2D38-4FE9-927B-71121C860FA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{6CF354BA-CD3D-4D3D-84A5-3D151CADAC9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{3238C134-3485-4894-8933-6745E9B17A9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe
FirewallRules: [{8286DB86-74C8-4889-B5A1-9FB8FF6F319F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe
FirewallRules: [{F9A9F768-DE8B-41B3-9AB2-DD480AB8DEEE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F11AEBF6-A5C7-4DD8-A5D7-621BE26D3ED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1C0CE1ED-483C-48C8-9D91-3186D683C8D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B9A10D24-6A35-4974-80B7-C777CC25C3A7}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{0292F494-D298-46CB-9199-FF9ECAF6F878}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{AB28006D-B2E0-4BF0-96CC-444EC61537E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{ECC94EDD-9B5C-4923-852A-F97357194624}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{C040E497-9E19-48D6-8EFB-0E67C12B1EF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{136E67A8-0F02-4F6A-8EA4-0D3B81AE393D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{9C89A31A-2BD6-4A17-BC71-B40BCF51E384}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{80D1D381-368D-4DB6-B19D-11AB1DE90FE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{49E4E6F3-A10C-4D85-A390-B30DB5CCBABB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9EC8ED41-3DC9-460D-941B-69886CF388EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D271B157-EC56-4F0E-8C3D-92EBAF9BE0C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

==================== Wiederherstellungspunkte =========================

10-02-2017 19:50:53 DirectX wurde installiert
14-02-2017 18:43:33 DirectX wurde installiert
22-02-2017 12:28:35 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/22/2017 12:27:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9b0

Startzeit: 01d28cfdd820d947

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: cc8e583d-f8f1-11e6-8289-1cb72c068d56

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (02/22/2017 12:22:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\Windows\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (02/22/2017 12:22:42 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (02/22/2017 12:22:41 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (02/22/2017 12:22:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\Windows\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (02/22/2017 12:22:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (02/22/2017 12:22:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\Windows\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (02/22/2017 12:22:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (02/22/2017 12:20:32 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (02/22/2017 11:26:06 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\Windows\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.


Systemfehler:
=============
Error: (02/22/2017 12:29:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/22/2017 12:26:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde nicht richtig gestartet.

Error: (02/22/2017 12:21:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/22/2017 12:21:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (02/22/2017 12:19:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Dienst wurde nicht gestartet.

Error: (02/22/2017 12:19:34 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (02/22/2017 12:19:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/22/2017 12:19:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/22/2017 12:19:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/22/2017 12:19:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GamesAppIntegrationService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-08-11 15:35:14.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8094.8 MB
Verfügbarer physikalischer RAM: 5707.86 MB
Summe virtueller Speicher: 9502.8 MB
Verfügbarer virtueller Speicher: 7176.82 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:745.21 GB) (Free:535.62 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:1101.7 GB) (Free:1100.1 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 510BFD71)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 22.02.2017, 12:59   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 8.1: Avast meldet VBS:Malware-gen - Standard

Win 8.1: Avast meldet VBS:Malware-gen



Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.02.2017, 17:10   #11
Damina1997
 
Win 8.1: Avast meldet VBS:Malware-gen - Standard

Win 8.1: Avast meldet VBS:Malware-gen



MBAM-Log:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 22.02.2017
Suchlaufzeit: 13:08
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.02.22.03
Rootkit-Datenbank: v2017.02.15.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Denise

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 313285
Abgelaufene Zeit: 17 Min., 43 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.AshampooRegistryCleaner, C:\ProgramData\Ashampoo\ico_ashampoo_marketplace.ico, In Quarantäne, [23d882232187ef470503775a24dc4eb2], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
ESET-Log:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d3cb0a67a38a564ead387ce89dff29bf
# end=init
# utc_time=2017-02-22 12:29:19
# local_time=2017-02-22 01:29:19 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 32488
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d3cb0a67a38a564ead387ce89dff29bf
# end=updated
# utc_time=2017-02-22 12:31:39
# local_time=2017-02-22 01:31:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=d3cb0a67a38a564ead387ce89dff29bf
# engine=32488
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-02-22 03:34:06
# local_time=2017-02-22 04:34:06 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 23454 51567216 0 0
# scanned=386992
# found=0
# cleaned=0
# scan_time=10946
         
SecurityCheck-Log:
Code:
ATTFilter
Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Google Chrome (56.0.2924.87) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Windows Defender MSASCui.exe 
 Windows Defender MSASCui.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

Alt 22.02.2017, 22:33   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 8.1: Avast meldet VBS:Malware-gen - Standard

Win 8.1: Avast meldet VBS:Malware-gen



Was ist jeztt noch an Problemen offen?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Win 8.1: Avast meldet VBS:Malware-gen
antivirus, avast, avast -internet security, bonjour, computer, cpu, defender, desktop, euro, ftp, google, installation, malware, performance, prozesse, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, system, teamspeak, udp, windows



Ähnliche Themen: Win 8.1: Avast meldet VBS:Malware-gen


  1. Avast meldet Malware, Adware und Trojaner: WSSetup.exe[zahl] und Skywalker[zahl].exe
    Log-Analyse und Auswertung - 02.03.2015 (12)
  2. Avast meldet Virus
    Log-Analyse und Auswertung - 29.01.2015 (22)
  3. Avast meldet virus
    Plagegeister aller Art und deren Bekämpfung - 22.12.2014 (5)
  4. Avast meldet Malware
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (14)
  5. Avast meldet Malware!
    Plagegeister aller Art und deren Bekämpfung - 17.04.2014 (8)
  6. Win7: Avast findet Malware Mobogenie und VBS: Malware-gen
    Log-Analyse und Auswertung - 11.03.2014 (7)
  7. Malware Anti-Malware Scan meldet: pup.optional.opencandy
    Log-Analyse und Auswertung - 06.03.2014 (15)
  8. Avast meldet Malware bei Google-Suche
    Plagegeister aller Art und deren Bekämpfung - 22.11.2013 (13)
  9. AVAST meldet Agent-CDG
    Log-Analyse und Auswertung - 10.10.2013 (13)
  10. Avast meldet Malware bei jedem Systemstart c:\windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
    Log-Analyse und Auswertung - 15.05.2013 (29)
  11. Avast meldet A0090918.exe ist infiziert von Win32:Malware-gen!
    Log-Analyse und Auswertung - 17.04.2013 (6)
  12. Avast meldet URL:Malware in JDownloader
    Log-Analyse und Auswertung - 17.03.2013 (1)
  13. Avast meldet 3 Archivbomben
    Log-Analyse und Auswertung - 19.09.2012 (7)
  14. avast meldet yabector-B
    Plagegeister aller Art und deren Bekämpfung - 22.06.2011 (9)
  15. Avast meldet Win32Trojan-gen
    Log-Analyse und Auswertung - 27.12.2008 (1)
  16. AVAST meldet VBS:Malware gen
    Log-Analyse und Auswertung - 25.01.2008 (0)
  17. Avast meldet Dekomprimierungsbombe
    Antiviren-, Firewall- und andere Schutzprogramme - 20.11.2007 (1)

Zum Thema Win 8.1: Avast meldet VBS:Malware-gen - Guten Morgen, seit heute meldet mir Avast ständig eine Bedrohung. Das sieht dann folgendermaßen aus: Code: Alles auswählen Aufklappen ATTFilter Bedrohung blockiert Objekt: https://api.twitch.tv/api/channels/(Name des Streamers) Infektion: VBS:Malware-gen Prozess: C:\Program - Win 8.1: Avast meldet VBS:Malware-gen...
Archiv
Du betrachtest: Win 8.1: Avast meldet VBS:Malware-gen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.