Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: AdChoices im Firefox

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.03.2017, 23:45   #1
rka0
 
AdChoices im Firefox - Standard

AdChoices im Firefox



Hallo,
mal wieder ich.

Diesmal sind es doppelt grün unterstrichene AdChoices Links, die bei stern.de auftauchen. Nicht aber bei Spiegel.de, zB.



Ein erster Malwarebytes Durchlauf ergab null Treffer.

Danke für die Hilfe!

edit: Anders als im Titel angegeben, tritt das Problem auch in Chrome auf. System ist ein 64Bit Windows 10.

Geändert von rka0 (08.03.2017 um 23:56 Uhr)

Alt 09.03.2017, 21:03   #2
M-K-D-B
/// TB-Ausbilder
 
AdChoices im Firefox - Standard

AdChoices im Firefox






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 09.03.2017, 22:29   #3
rka0
 
AdChoices im Firefox - Standard

AdChoices im Firefox



Danke für Deine Zeit.
Hier der tdds-report:

Code:
ATTFilter
22:24:21.0414 0x2f98  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
22:24:30.0131 0x2f98  ============================================================
22:24:30.0131 0x2f98  Current date / time: 2017/03/09 22:24:30.0131
22:24:30.0131 0x2f98  SystemInfo:
22:24:30.0131 0x2f98  
22:24:30.0131 0x2f98  OS Version: 10.0.14393 ServicePack: 0.0
22:24:30.0131 0x2f98  Product type: Workstation
22:24:30.0131 0x2f98  ComputerName: SCHWOBB
22:24:30.0131 0x2f98  UserName: xxx
22:24:30.0131 0x2f98  Windows directory: C:\WINDOWS
22:24:30.0131 0x2f98  System windows directory: C:\WINDOWS
22:24:30.0131 0x2f98  Running under WOW64
22:24:30.0131 0x2f98  Processor architecture: Intel x64
22:24:30.0131 0x2f98  Number of processors: 4
22:24:30.0131 0x2f98  Page size: 0x1000
22:24:30.0131 0x2f98  Boot type: Normal boot
22:24:30.0131 0x2f98  CodeIntegrityOptions = 0x00000001
22:24:30.0131 0x2f98  ============================================================
22:24:30.0212 0x2f98  KLMD registered as C:\WINDOWS\system32\drivers\09508804.sys
22:24:30.0212 0x2f98  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
22:24:30.0271 0x2f98  System UUID: {AAF3A55F-71B7-0C35-F451-C3191FC13C08}
22:24:30.0491 0x2f98  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:24:30.0491 0x2f98  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:24:30.0502 0x2f98  ============================================================
22:24:30.0502 0x2f98  \Device\Harddisk0\DR0:
22:24:30.0502 0x2f98  MBR partitions:
22:24:30.0502 0x2f98  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
22:24:30.0502 0x2f98  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1D0CA800
22:24:30.0502 0x2f98  \Device\Harddisk1\DR1:
22:24:30.0502 0x2f98  MBR partitions:
22:24:30.0502 0x2f98  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9FA27800
22:24:30.0502 0x2f98  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x9FA28000, BlocksNum 0x7530000
22:24:30.0502 0x2f98  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xA6F58000, BlocksNum 0xC350000
22:24:30.0503 0x2f98  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0xB32A8800, BlocksNum 0x3A98000
22:24:30.0503 0x2f98  \Device\Harddisk1\DR1\Partition5: MBR, Type 0x7, StartLBA 0xB6D41000, BlocksNum 0x320C7000
22:24:30.0503 0x2f98  ============================================================
22:24:30.0505 0x2f98  C: <-> \Device\Harddisk0\DR0\Partition2
22:24:30.0528 0x2f98  E: <-> \Device\Harddisk1\DR1\Partition1
22:24:30.0543 0x2f98  F: <-> \Device\Harddisk1\DR1\Partition2
22:24:30.0545 0x2f98  G: <-> \Device\Harddisk1\DR1\Partition3
22:24:30.0547 0x2f98  D: <-> \Device\Harddisk1\DR1\Partition4
22:24:30.0557 0x2f98  H: <-> \Device\Harddisk1\DR1\Partition5
22:24:30.0557 0x2f98  ============================================================
22:24:30.0557 0x2f98  Initialize success
22:24:30.0557 0x2f98  ============================================================
22:24:35.0962 0x2910  ============================================================
22:24:35.0962 0x2910  Scan started
22:24:35.0962 0x2910  Mode: Manual; 
22:24:35.0962 0x2910  ============================================================
22:24:35.0962 0x2910  KSN ping started
22:24:36.0016 0x2910  KSN ping finished: true
22:24:36.0812 0x2910  ================ Scan system memory ========================
22:24:36.0812 0x2910  System memory - ok
22:24:36.0813 0x2910  ================ Scan services =============================
22:24:36.0844 0x2910  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
22:24:36.0848 0x2910  1394ohci - ok
22:24:36.0857 0x2910  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
22:24:36.0859 0x2910  3ware - ok
22:24:36.0872 0x2910  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
22:24:36.0882 0x2910  ACPI - ok
22:24:36.0885 0x2910  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
22:24:36.0886 0x2910  AcpiDev - ok
22:24:36.0890 0x2910  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
22:24:36.0893 0x2910  acpiex - ok
22:24:36.0898 0x2910  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
22:24:36.0898 0x2910  acpipagr - ok
22:24:36.0904 0x2910  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
22:24:36.0905 0x2910  AcpiPmi - ok
22:24:36.0909 0x2910  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
22:24:36.0909 0x2910  acpitime - ok
22:24:36.0926 0x2910  [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:24:36.0929 0x2910  AdobeFlashPlayerUpdateSvc - ok
22:24:36.0953 0x2910  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
22:24:36.0969 0x2910  ADP80XX - ok
22:24:36.0983 0x2910  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
22:24:36.0992 0x2910  AFD - ok
22:24:36.0999 0x2910  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:24:37.0003 0x2910  ahcache - ok
22:24:37.0006 0x2910  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
22:24:37.0007 0x2910  AJRouter - ok
22:24:37.0011 0x2910  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
22:24:37.0013 0x2910  ALG - ok
22:24:37.0022 0x2910  [ 23CB92EE5654BA92619D796E3AC7DB86, DD4536B55F021990DDAD8864F9BAECCDE40B2B532F6FB0D6CF9EB1A6B112A983 ] ALSysIO         C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys
22:24:37.0023 0x2910  ALSysIO - ok
22:24:37.0027 0x2910  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
22:24:37.0029 0x2910  AmdK8 - ok
22:24:37.0035 0x2910  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
22:24:37.0036 0x2910  AmdPPM - ok
22:24:37.0040 0x2910  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
22:24:37.0043 0x2910  amdsata - ok
22:24:37.0048 0x2910  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
22:24:37.0053 0x2910  amdsbs - ok
22:24:37.0057 0x2910  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
22:24:37.0058 0x2910  amdxata - ok
22:24:37.0079 0x2910  [ 42A60840C182E9CFCD4E5EF950303512, E7C3D9888529156D9FB03BC51B170AC027ABA6E7B1ED69FA29944546A202907A ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
22:24:37.0112 0x2910  AntiVirMailService - ok
22:24:37.0122 0x2910  [ 58FD213E044D88825E411A1A0A6AEE64, 870591B7995874215C70218F460C1761564533D75BD4855ACB071F9425AAAB77 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
22:24:37.0128 0x2910  AntiVirSchedulerService - ok
22:24:37.0138 0x2910  [ 58FD213E044D88825E411A1A0A6AEE64, 870591B7995874215C70218F460C1761564533D75BD4855ACB071F9425AAAB77 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
22:24:37.0152 0x2910  AntiVirService - ok
22:24:37.0177 0x2910  [ 4C1B4579EF9D12C88132367333F8F794, 2193359E04F5313BFB7E5FE9AF6D7FBCFFF2CEBCC217F29817F9D450C91160DD ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
22:24:37.0198 0x2910  AntiVirWebService - ok
22:24:37.0204 0x2910  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
22:24:37.0207 0x2910  AppID - ok
22:24:37.0211 0x2910  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
22:24:37.0213 0x2910  AppIDSvc - ok
22:24:37.0218 0x2910  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
22:24:37.0220 0x2910  Appinfo - ok
22:24:37.0223 0x2910  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
22:24:37.0224 0x2910  applockerfltr - ok
22:24:37.0229 0x2910  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
22:24:37.0232 0x2910  AppMgmt - ok
22:24:37.0245 0x2910  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
22:24:37.0253 0x2910  AppReadiness - ok
22:24:37.0268 0x2910  [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
22:24:37.0279 0x2910  AppVClient - ok
22:24:37.0284 0x2910  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
22:24:37.0286 0x2910  AppvStrm - ok
22:24:37.0291 0x2910  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
22:24:37.0294 0x2910  AppvVemgr - ok
22:24:37.0299 0x2910  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
22:24:37.0301 0x2910  AppvVfs - ok
22:24:37.0337 0x2910  [ D70B1453ADA82A92E76EAE72D936A0F6, 439DBC5818025887343D4B5B509C7D2C97ED0FFA4641A5178EA5719C50E5013F ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
22:24:37.0366 0x2910  AppXSvc - ok
22:24:37.0373 0x2910  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
22:24:37.0375 0x2910  arcsas - ok
22:24:37.0379 0x2910  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
22:24:37.0380 0x2910  AsyncMac - ok
22:24:37.0383 0x2910  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
22:24:37.0384 0x2910  atapi - ok
22:24:37.0392 0x2910  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
22:24:37.0397 0x2910  AudioEndpointBuilder - ok
22:24:37.0413 0x2910  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
22:24:37.0425 0x2910  Audiosrv - ok
22:24:37.0431 0x2910  [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
22:24:37.0433 0x2910  avgntflt - ok
22:24:37.0438 0x2910  [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
22:24:37.0441 0x2910  avipbb - ok
22:24:37.0450 0x2910  [ 2AEE4D1D7E668F1CCF97EDE93509B0EE, B082B3BBB27D3C8B26A754508C3B98BA803FEA707898FF18A120D6A2679098DF ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
22:24:37.0464 0x2910  Avira.ServiceHost - ok
22:24:37.0468 0x2910  [ 8D2830B4A88B957890AC292686140E2D, 5B645D67EC327E074C0A01B2CDF2FDBF376B6F869E2724F2699A7DEF4AA366D2 ] AviraUpdaterService C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
22:24:37.0469 0x2910  AviraUpdaterService - ok
22:24:37.0472 0x2910  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
22:24:37.0473 0x2910  avkmgr - ok
22:24:37.0477 0x2910  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
22:24:37.0479 0x2910  avnetflt - ok
22:24:37.0483 0x2910  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
22:24:37.0485 0x2910  AxInstSV - ok
22:24:37.0495 0x2910  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
22:24:37.0503 0x2910  b06bdrv - ok
22:24:37.0507 0x2910  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
22:24:37.0508 0x2910  BasicDisplay - ok
22:24:37.0512 0x2910  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
22:24:37.0513 0x2910  BasicRender - ok
22:24:37.0516 0x2910  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
22:24:37.0517 0x2910  bcmfn - ok
22:24:37.0520 0x2910  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
22:24:37.0520 0x2910  bcmfn2 - ok
22:24:37.0528 0x2910  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
22:24:37.0532 0x2910  BDESVC - ok
22:24:37.0535 0x2910  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:24:37.0536 0x2910  Beep - ok
22:24:37.0550 0x2910  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
22:24:37.0560 0x2910  BFE - ok
22:24:37.0580 0x2910  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
22:24:37.0615 0x2910  BITS - ok
22:24:37.0620 0x2910  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
22:24:37.0622 0x2910  bowser - ok
22:24:37.0636 0x2910  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
22:24:37.0647 0x2910  BrokerInfrastructure - ok
22:24:37.0653 0x2910  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
22:24:37.0655 0x2910  Browser - ok
22:24:37.0662 0x2910  [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
22:24:37.0666 0x2910  BrYNSvc - ok
22:24:37.0669 0x2910  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
22:24:37.0670 0x2910  BthAvrcpTg - ok
22:24:37.0674 0x2910  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
22:24:37.0675 0x2910  BthHFEnum - ok
22:24:37.0678 0x2910  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
22:24:37.0679 0x2910  bthhfhid - ok
22:24:37.0686 0x2910  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
22:24:37.0691 0x2910  BthHFSrv - ok
22:24:37.0695 0x2910  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
22:24:37.0696 0x2910  BTHMODEM - ok
22:24:37.0702 0x2910  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
22:24:37.0705 0x2910  bthserv - ok
22:24:37.0708 0x2910  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
22:24:37.0709 0x2910  buttonconverter - ok
22:24:37.0713 0x2910  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
22:24:37.0715 0x2910  CapImg - ok
22:24:37.0719 0x2910  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
22:24:37.0721 0x2910  cdfs - ok
22:24:37.0729 0x2910  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
22:24:37.0735 0x2910  CDPSvc - ok
22:24:37.0743 0x2910  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
22:24:37.0748 0x2910  CDPUserSvc - ok
22:24:37.0755 0x2910  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
22:24:37.0757 0x2910  cdrom - ok
22:24:37.0763 0x2910  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
22:24:37.0766 0x2910  CertPropSvc - ok
22:24:37.0773 0x2910  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
22:24:37.0778 0x2910  cht4iscsi - ok
22:24:37.0811 0x2910  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
22:24:37.0839 0x2910  cht4vbd - ok
22:24:37.0844 0x2910  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
22:24:37.0845 0x2910  circlass - ok
22:24:37.0853 0x2910  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
22:24:37.0858 0x2910  CLFS - ok
22:24:37.0871 0x2910  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
22:24:37.0881 0x2910  ClipSVC - ok
22:24:37.0886 0x2910  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
22:24:37.0887 0x2910  clreg - ok
22:24:37.0894 0x2910  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
22:24:37.0896 0x2910  CmBatt - ok
22:24:37.0907 0x2910  [ 90C07EB909C42316982E753BDAA7860D, 438581FD3468FAF01D35529672201A920E8821EC80E30E59A43645DA57738F21 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
22:24:37.0915 0x2910  CNG - ok
22:24:37.0919 0x2910  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
22:24:37.0920 0x2910  cnghwassist - ok
22:24:37.0929 0x2910  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
22:24:37.0931 0x2910  CompositeBus - ok
22:24:37.0933 0x2910  COMSysApp - ok
22:24:37.0936 0x2910  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
22:24:37.0937 0x2910  condrv - ok
22:24:37.0951 0x2910  [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
22:24:37.0962 0x2910  CoreMessagingRegistrar - ok
22:24:37.0968 0x2910  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
22:24:37.0970 0x2910  CryptSvc - ok
22:24:37.0980 0x2910  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
22:24:37.0988 0x2910  CSC - ok
22:24:38.0001 0x2910  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
22:24:38.0012 0x2910  CscService - ok
22:24:38.0021 0x2910  [ 51D43B57EA8EFFE5CB1E27E01C100A2F, 68995F291422F2C5A2C9C4C673272754E3AC49ED53D6197675EB9E19028163C5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
22:24:38.0026 0x2910  CTAudSvcService - ok
22:24:38.0045 0x2910  [ FD70A153B4C0BE67743A1BD0574EC120, B0419E6981B7472A25C8EE5825248365BAF44B64DC3D620AB0EC92832F059FF6 ] cthda           C:\WINDOWS\system32\drivers\cthda.sys
22:24:38.0059 0x2910  cthda - ok
22:24:38.0074 0x2910  [ BB776BDDBA1EB56C02FB9BDFE8256288, 0597506CF23EE141264849801404A242B8A644AAF084B6FE095A5B9EF06A8A2E ] CtHdaSvc        C:\WINDOWS\sysWow64\CtHdaSvc.exe
22:24:38.0081 0x2910  CtHdaSvc - ok
22:24:38.0085 0x2910  [ 111C2183E72B0018D7F57AF31E7499DB, 2CD6E0FFC1CD210B45FC51EB7CEB0B336CDD9B910651B3551247E5116F019846 ] cthdb           C:\WINDOWS\system32\DRIVERS\cthdb.sys
22:24:38.0086 0x2910  cthdb - ok
22:24:38.0090 0x2910  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\WINDOWS\system32\drivers\dam.sys
22:24:38.0090 0x2910  dam - ok
22:24:38.0095 0x2910  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
22:24:38.0097 0x2910  dbupdate - ok
22:24:38.0101 0x2910  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
22:24:38.0102 0x2910  dbupdatem - ok
22:24:38.0105 0x2910  dbx - ok
22:24:38.0108 0x2910  [ 5B7A202DECF962A6C9A2E759551BF05E, 6BA11F7728C0A13EA4B6EF478584AE0117BA5909346FF6FE20308674F34701D7 ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
22:24:38.0109 0x2910  DbxSvc - ok
22:24:38.0125 0x2910  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
22:24:38.0138 0x2910  DcomLaunch - ok
22:24:38.0144 0x2910  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
22:24:38.0147 0x2910  DcpSvc - ok
22:24:38.0157 0x2910  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
22:24:38.0164 0x2910  defragsvc - ok
22:24:38.0173 0x2910  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:24:38.0180 0x2910  DeviceAssociationService - ok
22:24:38.0184 0x2910  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
22:24:38.0187 0x2910  DeviceInstall - ok
22:24:38.0190 0x2910  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
22:24:38.0192 0x2910  DevQueryBroker - ok
22:24:38.0197 0x2910  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
22:24:38.0199 0x2910  Dfsc - ok
22:24:38.0204 0x2910  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:24:38.0206 0x2910  dg_ssudbus - ok
22:24:38.0214 0x2910  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
22:24:38.0220 0x2910  Dhcp - ok
22:24:38.0224 0x2910  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
22:24:38.0226 0x2910  diagnosticshub.standardcollector.service - ok
22:24:38.0256 0x2910  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
22:24:38.0282 0x2910  DiagTrack - ok
22:24:38.0294 0x2910  [ CF7302680AD66C5BF84E2F5CBDE8731F, 88C31F08F9EFF7809397820ED09AC14E76C3015C6D0EFB71B5B30133B3EB4AEA ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
22:24:38.0300 0x2910  DigitalWave.Update.Service - ok
22:24:38.0305 0x2910  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
22:24:38.0307 0x2910  disk - ok
22:24:38.0315 0x2910  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
22:24:38.0322 0x2910  DmEnrollmentSvc - ok
22:24:38.0326 0x2910  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
22:24:38.0327 0x2910  dmvsc - ok
22:24:38.0330 0x2910  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
22:24:38.0332 0x2910  dmwappushservice - ok
22:24:38.0338 0x2910  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
22:24:38.0343 0x2910  Dnscache - ok
22:24:38.0350 0x2910  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:24:38.0353 0x2910  dot3svc - ok
22:24:38.0358 0x2910  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
22:24:38.0361 0x2910  DPS - ok
22:24:38.0363 0x2910  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
22:24:38.0364 0x2910  drmkaud - ok
22:24:38.0371 0x2910  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
22:24:38.0374 0x2910  DsmSvc - ok
22:24:38.0379 0x2910  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
22:24:38.0382 0x2910  DsSvc - ok
22:24:38.0417 0x2910  [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
22:24:38.0446 0x2910  DXGKrnl - ok
22:24:38.0452 0x2910  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
22:24:38.0454 0x2910  EapHost - ok
22:24:38.0504 0x2910  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
22:24:38.0548 0x2910  ebdrv - ok
22:24:38.0554 0x2910  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
22:24:38.0556 0x2910  EFS - ok
22:24:38.0560 0x2910  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
22:24:38.0562 0x2910  EhStorClass - ok
22:24:38.0566 0x2910  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
22:24:38.0569 0x2910  EhStorTcgDrv - ok
22:24:38.0571 0x2910  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
22:24:38.0572 0x2910  ElbyCDIO - ok
22:24:38.0577 0x2910  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
22:24:38.0580 0x2910  embeddedmode - ok
22:24:38.0587 0x2910  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
22:24:38.0592 0x2910  EntAppSvc - ok
22:24:38.0595 0x2910  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
22:24:38.0595 0x2910  ErrDev - ok
22:24:38.0606 0x2910  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
22:24:38.0613 0x2910  EventSystem - ok
22:24:38.0620 0x2910  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
22:24:38.0625 0x2910  exfat - ok
22:24:38.0634 0x2910  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
22:24:38.0639 0x2910  fastfat - ok
22:24:38.0651 0x2910  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
22:24:38.0661 0x2910  Fax - ok
22:24:38.0664 0x2910  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
22:24:38.0665 0x2910  fdc - ok
22:24:38.0668 0x2910  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
22:24:38.0670 0x2910  fdPHost - ok
22:24:38.0673 0x2910  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
22:24:38.0674 0x2910  FDResPub - ok
22:24:38.0679 0x2910  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
22:24:38.0681 0x2910  fhsvc - ok
22:24:38.0685 0x2910  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
22:24:38.0687 0x2910  FileCrypt - ok
22:24:38.0690 0x2910  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
22:24:38.0692 0x2910  FileInfo - ok
22:24:38.0695 0x2910  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
22:24:38.0696 0x2910  Filetrace - ok
22:24:38.0698 0x2910  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
22:24:38.0699 0x2910  flpydisk - ok
22:24:38.0708 0x2910  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
22:24:38.0713 0x2910  FltMgr - ok
22:24:38.0742 0x2910  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\WINDOWS\system32\FntCache.dll
22:24:38.0767 0x2910  FontCache - ok
22:24:38.0772 0x2910  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:24:38.0774 0x2910  FontCache3.0.0.0 - ok
22:24:38.0789 0x2910  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
22:24:38.0801 0x2910  FrameServer - ok
22:24:38.0805 0x2910  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
22:24:38.0806 0x2910  FsDepends - ok
22:24:38.0809 0x2910  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:24:38.0810 0x2910  Fs_Rec - ok
22:24:38.0822 0x2910  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
22:24:38.0831 0x2910  fvevol - ok
22:24:38.0834 0x2910  [ 4D9C8E6F3D39282EDAD1584AADB1A535, CB9612B215FB78C3DA3EAE74510C6ED6B3BAB95470E181B72C0230F8367313E8 ] GamingApp_Service C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
22:24:38.0835 0x2910  GamingApp_Service - ok
22:24:38.0838 0x2910  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
22:24:38.0839 0x2910  gencounter - ok
22:24:38.0842 0x2910  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
22:24:38.0843 0x2910  genericusbfn - ok
22:24:38.0849 0x2910  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
22:24:38.0852 0x2910  GPIOClx0101 - ok
22:24:38.0873 0x2910  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
22:24:38.0890 0x2910  gpsvc - ok
22:24:38.0899 0x2910  [ 96E7F6770E12DD05A8ECF7B5D5DCD2FD, F9418B5E90A235339A4A1A889490FACA39CD117A51BA4446DAA1011DA06C7ECD ] GPU-Z           C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys
22:24:38.0899 0x2910  GPU-Z - ok
22:24:38.0903 0x2910  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
22:24:38.0904 0x2910  GpuEnergyDrv - ok
22:24:38.0909 0x2910  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:24:38.0910 0x2910  gupdate - ok
22:24:38.0914 0x2910  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:24:38.0916 0x2910  gupdatem - ok
22:24:38.0920 0x2910  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
22:24:38.0922 0x2910  HDAudBus - ok
22:24:38.0925 0x2910  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
22:24:38.0925 0x2910  HidBatt - ok
22:24:38.0929 0x2910  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
22:24:38.0931 0x2910  HidBth - ok
22:24:38.0934 0x2910  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
22:24:38.0936 0x2910  hidi2c - ok
22:24:38.0939 0x2910  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
22:24:38.0940 0x2910  hidinterrupt - ok
22:24:38.0944 0x2910  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
22:24:38.0945 0x2910  HidIr - ok
22:24:38.0948 0x2910  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
22:24:38.0950 0x2910  hidserv - ok
22:24:38.0953 0x2910  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
22:24:38.0954 0x2910  HidUsb - ok
22:24:38.0960 0x2910  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
22:24:38.0965 0x2910  HomeGroupListener - ok
22:24:38.0975 0x2910  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
22:24:38.0982 0x2910  HomeGroupProvider - ok
22:24:38.0986 0x2910  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
22:24:38.0988 0x2910  HpSAMD - ok
22:24:39.0007 0x2910  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
22:24:39.0021 0x2910  HTTP - ok
22:24:39.0025 0x2910  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
22:24:39.0027 0x2910  HvHost - ok
22:24:39.0031 0x2910  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
22:24:39.0032 0x2910  hvservice - ok
22:24:39.0035 0x2910  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
22:24:39.0036 0x2910  hwpolicy - ok
22:24:39.0039 0x2910  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
22:24:39.0040 0x2910  hyperkbd - ok
22:24:39.0044 0x2910  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
22:24:39.0046 0x2910  i8042prt - ok
22:24:39.0049 0x2910  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
22:24:39.0049 0x2910  iagpio - ok
22:24:39.0053 0x2910  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
22:24:39.0055 0x2910  iai2c - ok
22:24:39.0058 0x2910  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
22:24:39.0059 0x2910  iaLPSS2i_GPIO2 - ok
22:24:39.0064 0x2910  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
22:24:39.0067 0x2910  iaLPSS2i_I2C - ok
22:24:39.0070 0x2910  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
22:24:39.0072 0x2910  iaLPSSi_GPIO - ok
22:24:39.0076 0x2910  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
22:24:39.0078 0x2910  iaLPSSi_I2C - ok
22:24:39.0090 0x2910  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
22:24:39.0099 0x2910  iaStorAV - ok
22:24:39.0108 0x2910  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
22:24:39.0114 0x2910  iaStorV - ok
22:24:39.0125 0x2910  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
22:24:39.0132 0x2910  ibbus - ok
22:24:39.0138 0x2910  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
22:24:39.0143 0x2910  icssvc - ok
22:24:39.0159 0x2910  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
22:24:39.0172 0x2910  IKEEXT - ok
22:24:39.0175 0x2910  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
22:24:39.0176 0x2910  IndirectKmd - ok
22:24:39.0181 0x2910  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
22:24:39.0182 0x2910  intelide - ok
22:24:39.0185 0x2910  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
22:24:39.0186 0x2910  intelpep - ok
22:24:39.0190 0x2910  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
22:24:39.0192 0x2910  intelppm - ok
22:24:39.0195 0x2910  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
22:24:39.0197 0x2910  iorate - ok
22:24:39.0200 0x2910  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:24:39.0203 0x2910  IpFilterDriver - ok
22:24:39.0219 0x2910  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
22:24:39.0232 0x2910  iphlpsvc - ok
22:24:39.0237 0x2910  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
22:24:39.0239 0x2910  IPMIDRV - ok
22:24:39.0245 0x2910  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
22:24:39.0248 0x2910  IPNAT - ok
22:24:39.0252 0x2910  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
22:24:39.0254 0x2910  irda - ok
22:24:39.0257 0x2910  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
22:24:39.0258 0x2910  IRENUM - ok
22:24:39.0261 0x2910  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
22:24:39.0263 0x2910  irmon - ok
22:24:39.0265 0x2910  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
22:24:39.0266 0x2910  isapnp - ok
22:24:39.0273 0x2910  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
22:24:39.0277 0x2910  iScsiPrt - ok
22:24:39.0280 0x2910  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
22:24:39.0281 0x2910  kbdclass - ok
22:24:39.0284 0x2910  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
22:24:39.0285 0x2910  kbdhid - ok
22:24:39.0288 0x2910  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
22:24:39.0289 0x2910  kdnic - ok
22:24:39.0292 0x2910  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
22:24:39.0294 0x2910  KeyIso - ok
22:24:39.0298 0x2910  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
22:24:39.0300 0x2910  KSecDD - ok
22:24:39.0306 0x2910  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
22:24:39.0308 0x2910  KSecPkg - ok
22:24:39.0312 0x2910  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
22:24:39.0313 0x2910  ksthunk - ok
22:24:39.0321 0x2910  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
22:24:39.0327 0x2910  KtmRm - ok
22:24:39.0334 0x2910  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
22:24:39.0340 0x2910  LanmanServer - ok
22:24:39.0347 0x2910  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
22:24:39.0352 0x2910  LanmanWorkstation - ok
22:24:39.0357 0x2910  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
22:24:39.0358 0x2910  lfsvc - ok
22:24:39.0362 0x2910  [ A6F294B38F3DFB67D6B6E1D1E60A402A, 11C51B35DB2A3510258F3B722C12326BF068360CFA1E81FF552BA0BD19DE38E8 ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
22:24:39.0363 0x2910  LGBusEnum - ok
22:24:39.0366 0x2910  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
22:24:39.0367 0x2910  LGCoreTemp - ok
22:24:39.0372 0x2910  [ C582EBCB331D4D45F4956ACF3D82F674, 154E889036E825FA8EE9D45262AFCEE15ADB07459AAAA7B68F97DEB727B1859E ] LGJoyHidFilter  C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys
22:24:39.0373 0x2910  LGJoyHidFilter - ok
22:24:39.0377 0x2910  [ 2A9F60E6531F42B31874618743037719, BFD61AD03ADEF69421ECB07820EDB79D425048EC01A65A0D1E8A4527699196DC ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
22:24:39.0378 0x2910  LGJoyXlCore - ok
22:24:39.0381 0x2910  [ FA59A7421049F5852C1182345A4B8C4F, 6E7DFBF8382187E01CA0AE9CB7A175B563DA6807909A8A7E67779C045F290A06 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
22:24:39.0382 0x2910  LGVirHid - ok
22:24:39.0385 0x2910  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
22:24:39.0386 0x2910  LicenseManager - ok
22:24:39.0390 0x2910  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
22:24:39.0391 0x2910  lltdio - ok
22:24:39.0397 0x2910  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
22:24:39.0402 0x2910  lltdsvc - ok
22:24:39.0405 0x2910  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
22:24:39.0407 0x2910  lmhosts - ok
22:24:39.0411 0x2910  [ AFAF34BF6BD10379FF13BFA086EFF857, E22E114E97EA65B80D6A9252C71E4C016A0B80B82C64426B679773305EFE8C88 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
22:24:39.0414 0x2910  LogiRegistryService - ok
22:24:39.0420 0x2910  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
22:24:39.0422 0x2910  LSI_SAS - ok
22:24:39.0426 0x2910  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
22:24:39.0428 0x2910  LSI_SAS2i - ok
22:24:39.0433 0x2910  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
22:24:39.0435 0x2910  LSI_SAS3i - ok
22:24:39.0438 0x2910  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
22:24:39.0440 0x2910  LSI_SSS - ok
22:24:39.0452 0x2910  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\WINDOWS\System32\lsm.dll
22:24:39.0462 0x2910  LSM - ok
22:24:39.0467 0x2910  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
22:24:39.0469 0x2910  luafv - ok
22:24:39.0473 0x2910  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\WINDOWS\System32\moshost.dll
22:24:39.0475 0x2910  MapsBroker - ok
22:24:39.0479 0x2910  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
22:24:39.0481 0x2910  megasas - ok
22:24:39.0484 0x2910  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
22:24:39.0485 0x2910  megasas2i - ok
22:24:39.0496 0x2910  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
22:24:39.0504 0x2910  megasr - ok
22:24:39.0510 0x2910  [ E7C9F74D8CAAB1FF7964C27C070FB16C, 76CCD9109E1031A336B7E275368520FFB60D500E24444B04066F205D1ED5BA2B ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
22:24:39.0513 0x2910  MEIx64 - ok
22:24:39.0517 0x2910  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
22:24:39.0519 0x2910  MessagingService - ok
22:24:39.0534 0x2910  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
22:24:39.0545 0x2910  mlx4_bus - ok
22:24:39.0549 0x2910  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
22:24:39.0550 0x2910  MMCSS - ok
22:24:39.0553 0x2910  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\WINDOWS\system32\drivers\modem.sys
22:24:39.0554 0x2910  Modem - ok
22:24:39.0557 0x2910  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
22:24:39.0558 0x2910  monitor - ok
22:24:39.0561 0x2910  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
22:24:39.0563 0x2910  mouclass - ok
22:24:39.0565 0x2910  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
22:24:39.0566 0x2910  mouhid - ok
22:24:39.0570 0x2910  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
22:24:39.0572 0x2910  mountmgr - ok
22:24:39.0575 0x2910  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
22:24:39.0577 0x2910  mpsdrv - ok
22:24:39.0592 0x2910  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
22:24:39.0605 0x2910  MpsSvc - ok
22:24:39.0610 0x2910  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
22:24:39.0613 0x2910  MRxDAV - ok
22:24:39.0622 0x2910  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:24:39.0629 0x2910  mrxsmb - ok
22:24:39.0635 0x2910  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
22:24:39.0639 0x2910  mrxsmb10 - ok
22:24:39.0645 0x2910  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
22:24:39.0648 0x2910  mrxsmb20 - ok
22:24:39.0652 0x2910  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
22:24:39.0654 0x2910  MsBridge - ok
22:24:39.0659 0x2910  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
22:24:39.0662 0x2910  MSDTC - ok
22:24:39.0667 0x2910  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
22:24:39.0668 0x2910  Msfs - ok
22:24:39.0671 0x2910  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:24:39.0672 0x2910  msgpiowin32 - ok
22:24:39.0674 0x2910  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
22:24:39.0675 0x2910  mshidkmdf - ok
22:24:39.0678 0x2910  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
22:24:39.0678 0x2910  mshidumdf - ok
22:24:39.0682 0x2910  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
22:24:39.0682 0x2910  msisadrv - ok
22:24:39.0687 0x2910  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
22:24:39.0690 0x2910  MSiSCSI - ok
22:24:39.0692 0x2910  msiserver - ok
22:24:39.0696 0x2910  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
22:24:39.0697 0x2910  MSKSSRV - ok
22:24:39.0700 0x2910  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
22:24:39.0702 0x2910  MsLldp - ok
22:24:39.0704 0x2910  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
22:24:39.0705 0x2910  MSPCLOCK - ok
22:24:39.0707 0x2910  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
22:24:39.0708 0x2910  MSPQM - ok
22:24:39.0715 0x2910  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
22:24:39.0721 0x2910  MsRPC - ok
22:24:39.0727 0x2910  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
22:24:39.0730 0x2910  MsSecFlt - ok
22:24:39.0733 0x2910  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
22:24:39.0734 0x2910  mssmbios - ok
22:24:39.0737 0x2910  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
22:24:39.0738 0x2910  MSTEE - ok
22:24:39.0740 0x2910  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
22:24:39.0741 0x2910  MTConfig - ok
22:24:39.0745 0x2910  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
22:24:39.0747 0x2910  Mup - ok
22:24:39.0750 0x2910  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
22:24:39.0752 0x2910  mvumis - ok
22:24:39.0763 0x2910  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
22:24:39.0770 0x2910  NativeWifiP - ok
22:24:39.0776 0x2910  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
22:24:39.0779 0x2910  NcaSvc - ok
22:24:39.0787 0x2910  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
22:24:39.0792 0x2910  NcbService - ok
22:24:39.0796 0x2910  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
22:24:39.0798 0x2910  NcdAutoSetup - ok
22:24:39.0802 0x2910  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
22:24:39.0804 0x2910  ndfltr - ok
22:24:39.0824 0x2910  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
22:24:39.0841 0x2910  NDIS - ok
22:24:39.0845 0x2910  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
22:24:39.0847 0x2910  NdisCap - ok
22:24:39.0851 0x2910  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
22:24:39.0853 0x2910  NdisImPlatform - ok
22:24:39.0856 0x2910  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:24:39.0857 0x2910  NdisTapi - ok
22:24:39.0874 0x2910  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
22:24:39.0884 0x2910  Ndisuio - ok
22:24:39.0887 0x2910  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
22:24:39.0888 0x2910  NdisVirtualBus - ok
22:24:39.0914 0x2910  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
22:24:39.0918 0x2910  NdisWan - ok
22:24:39.0923 0x2910  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:24:39.0925 0x2910  ndiswanlegacy - ok
22:24:39.0929 0x2910  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
22:24:39.0930 0x2910  ndproxy - ok
22:24:39.0934 0x2910  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
22:24:39.0937 0x2910  Ndu - ok
22:24:39.0941 0x2910  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
22:24:39.0942 0x2910  NetAdapterCx - ok
22:24:39.0946 0x2910  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
22:24:39.0947 0x2910  NetBIOS - ok
22:24:39.0954 0x2910  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
22:24:39.0957 0x2910  NetBT - ok
22:24:39.0961 0x2910  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
22:24:39.0962 0x2910  Netlogon - ok
22:24:39.0969 0x2910  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
22:24:39.0974 0x2910  Netman - ok
22:24:39.0984 0x2910  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
22:24:39.0991 0x2910  netprofm - ok
22:24:39.0998 0x2910  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
22:24:40.0003 0x2910  NetSetupSvc - ok
22:24:40.0009 0x2910  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:24:40.0014 0x2910  NetTcpPortSharing - ok
22:24:40.0023 0x2910  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
22:24:40.0028 0x2910  NgcCtnrSvc - ok
22:24:40.0045 0x2910  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
22:24:40.0060 0x2910  NgcSvc - ok
22:24:40.0068 0x2910  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
22:24:40.0074 0x2910  NlaSvc - ok
22:24:40.0078 0x2910  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
22:24:40.0078 0x2910  Npfs - ok
22:24:40.0081 0x2910  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
22:24:40.0082 0x2910  npsvctrig - ok
22:24:40.0085 0x2910  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
22:24:40.0087 0x2910  nsi - ok
22:24:40.0090 0x2910  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
22:24:40.0091 0x2910  nsiproxy - ok
22:24:40.0126 0x2910  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
22:24:40.0156 0x2910  NTFS - ok
22:24:40.0160 0x2910  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
22:24:40.0161 0x2910  Null - ok
22:24:40.0169 0x2910  [ 62D705A1C4F8FBDD2941CCD2E9DEC206, 2E1F6127737D764AE6A35655C54ADE554333C3156CAA322C0FE5704A693A1BD7 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
22:24:40.0177 0x2910  NvContainerLocalSystem - ok
22:24:40.0185 0x2910  [ 62D705A1C4F8FBDD2941CCD2E9DEC206, 2E1F6127737D764AE6A35655C54ADE554333C3156CAA322C0FE5704A693A1BD7 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
22:24:40.0190 0x2910  NvContainerNetworkService - ok
22:24:40.0198 0x2910  [ 207A78939B7BBA0EFE8BFA947A35E71C, BB7DDFED575F81CAB958DDC7CFF2D798EB14DAE633F49FA2229D98BDC489C0EE ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
22:24:40.0200 0x2910  NVHDA - ok
22:24:40.0406 0x2910  [ 9337A5F17702A0FFE1E6C6978619B872, 8D4505BA62977BFE8C01F1ABD027AFBAEAA0D3EA6336865E46C28818471B196E ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys
22:24:40.0617 0x2910  nvlddmkm - ok
22:24:40.0633 0x2910  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
22:24:40.0636 0x2910  nvraid - ok
22:24:40.0641 0x2910  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
22:24:40.0644 0x2910  nvstor - ok
22:24:40.0646 0x2910  [ 6C672A80B4FBF160E2814EAE0AB3020B, FD5BDE067D29AA9FC20D7C571607D3AC351BFD65EF6E0C75374A2D9C0B17FED3 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
22:24:40.0647 0x2910  NvStreamKms - ok
22:24:40.0656 0x2910  [ 282423AA3B0648082647103A5C42B66C, 5C8DBE5A95C1232E7D0F84E6A8749550C0026F2139D136E94347C2FB2E772950 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
22:24:40.0662 0x2910  NvTelemetryContainer - ok
22:24:40.0666 0x2910  [ 54ABC4EA39DDE92977DCE644D325213A, D754E5D0418B3C48AD9988D1A2705975C78C8B87990E211651C388A76FB17E51 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
22:24:40.0667 0x2910  nvvad_WaveExtensible - ok
22:24:40.0671 0x2910  [ 61BD2E2560FD1C5E0A8B8738816A0B93, 1057A6C4F7D04E81BFFD5B806295B3A5D12DE4D13F66E8542426D83D97E68C97 ] nvvhci          C:\WINDOWS\System32\drivers\nvvhci.sys
22:24:40.0672 0x2910  nvvhci - ok
22:24:40.0679 0x2910  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
22:24:40.0684 0x2910  OneSyncSvc - ok
22:24:40.0768 0x2910  [ 7D331DD034C85FB18DDF028F744FA37B, BF6ADD7AF05732340831CA7DE766B5C93323A190107F7570E2130398846F4430 ] Origin Client Service G:\Origin\OriginClientService.exe
22:24:40.0797 0x2910  Origin Client Service - ok
22:24:40.0866 0x2910  [ 2B099DEBCFCBE33036406739F94C529C, DBBACA632F39530F81D3AC28A350CAE49972156149835197053B8D61E00D8CEA ] Origin Web Helper Service G:\Origin\OriginWebHelperService.exe
22:24:40.0919 0x2910  Origin Web Helper Service - ok
22:24:40.0927 0x2910  [ 58327B7E7C4E325C66B7C4A5220CE5F4, FF66411B23A195CA3C64F5409F2E2C6F88CB01034A4C9DDCA565DE0E144ABC13 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:24:40.0930 0x2910  ose64 - ok
22:24:40.0938 0x2910  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
22:24:40.0944 0x2910  p2pimsvc - ok
22:24:40.0953 0x2910  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
22:24:40.0960 0x2910  p2psvc - ok
22:24:40.0964 0x2910  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
22:24:40.0966 0x2910  Parport - ok
22:24:40.0971 0x2910  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
22:24:40.0973 0x2910  partmgr - ok
22:24:40.0984 0x2910  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
22:24:40.0992 0x2910  PcaSvc - ok
22:24:40.0999 0x2910  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci             C:\WINDOWS\system32\drivers\pci.sys
22:24:41.0004 0x2910  pci - ok
22:24:41.0007 0x2910  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
22:24:41.0008 0x2910  pciide - ok
22:24:41.0012 0x2910  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
22:24:41.0014 0x2910  pcmcia - ok
22:24:41.0017 0x2910  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
22:24:41.0018 0x2910  pcw - ok
22:24:41.0022 0x2910  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
22:24:41.0025 0x2910  pdc - ok
22:24:41.0032 0x2910  [ 1EAE050F8CDC82B12C9F8C58DFB7567A, DE5B4839FCFDD09CA33D8ACB97635D805FAFED33C7F6DD119AE4D5EC17733B62 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
22:24:41.0035 0x2910  PDFProFiltSrvPP - ok
22:24:41.0048 0x2910  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
22:24:41.0058 0x2910  PEAUTH - ok
22:24:41.0088 0x2910  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
22:24:41.0115 0x2910  PeerDistSvc - ok
22:24:41.0120 0x2910  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
22:24:41.0122 0x2910  percsas2i - ok
22:24:41.0126 0x2910  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
22:24:41.0128 0x2910  percsas3i - ok
22:24:41.0140 0x2910  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
22:24:41.0142 0x2910  PerfHost - ok
22:24:41.0160 0x2910  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
22:24:41.0172 0x2910  PhoneSvc - ok
22:24:41.0178 0x2910  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
22:24:41.0182 0x2910  PimIndexMaintenanceSvc - ok
22:24:41.0207 0x2910  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
22:24:41.0228 0x2910  pla - ok
22:24:41.0233 0x2910  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
22:24:41.0235 0x2910  PlugPlay - ok
22:24:41.0239 0x2910  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
22:24:41.0241 0x2910  PNRPAutoReg - ok
22:24:41.0248 0x2910  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
22:24:41.0253 0x2910  PNRPsvc - ok
22:24:41.0261 0x2910  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
22:24:41.0267 0x2910  PolicyAgent - ok
22:24:41.0272 0x2910  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
22:24:41.0276 0x2910  Power - ok
22:24:41.0280 0x2910  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
22:24:41.0282 0x2910  PptpMiniport - ok
22:24:41.0332 0x2910  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
22:24:41.0393 0x2910  PrintNotify - ok
22:24:41.0400 0x2910  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
22:24:41.0403 0x2910  Processor - ok
22:24:41.0410 0x2910  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
22:24:41.0416 0x2910  ProfSvc - ok
22:24:41.0422 0x2910  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
22:24:41.0424 0x2910  Psched - ok
22:24:41.0431 0x2910  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
22:24:41.0436 0x2910  QWAVE - ok
22:24:41.0439 0x2910  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
22:24:41.0440 0x2910  QWAVEdrv - ok
22:24:41.0443 0x2910  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:24:41.0444 0x2910  RasAcd - ok
22:24:41.0448 0x2910  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
22:24:41.0450 0x2910  RasAgileVpn - ok
22:24:41.0453 0x2910  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
22:24:41.0456 0x2910  RasAuto - ok
22:24:41.0460 0x2910  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
22:24:41.0462 0x2910  Rasl2tp - ok
22:24:41.0475 0x2910  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\WINDOWS\System32\rasmans.dll
22:24:41.0489 0x2910  RasMan - ok
22:24:41.0494 0x2910  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:24:41.0496 0x2910  RasPppoe - ok
22:24:41.0500 0x2910  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
22:24:41.0501 0x2910  RasSstp - ok
22:24:41.0510 0x2910  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:24:41.0516 0x2910  rdbss - ok
22:24:41.0520 0x2910  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
22:24:41.0521 0x2910  rdpbus - ok
22:24:41.0526 0x2910  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
22:24:41.0528 0x2910  RDPDR - ok
22:24:41.0534 0x2910  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:24:41.0534 0x2910  RdpVideoMiniport - ok
22:24:41.0541 0x2910  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
22:24:41.0545 0x2910  rdyboost - ok
22:24:41.0561 0x2910  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
22:24:41.0574 0x2910  ReFSv1 - ok
22:24:41.0585 0x2910  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
22:24:41.0594 0x2910  RemoteAccess - ok
22:24:41.0599 0x2910  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
22:24:41.0603 0x2910  RemoteRegistry - ok
22:24:41.0615 0x2910  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
22:24:41.0625 0x2910  RetailDemo - ok
22:24:41.0630 0x2910  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
22:24:41.0633 0x2910  RmSvc - ok
22:24:41.0637 0x2910  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
22:24:41.0640 0x2910  RpcEptMapper - ok
22:24:41.0642 0x2910  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
22:24:41.0644 0x2910  RpcLocator - ok
22:24:41.0658 0x2910  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
22:24:41.0669 0x2910  RpcSs - ok
22:24:41.0674 0x2910  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
22:24:41.0675 0x2910  rspndr - ok
22:24:41.0686 0x2910  [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
22:24:41.0694 0x2910  rt640x64 - ok
22:24:41.0697 0x2910  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
22:24:41.0698 0x2910  s3cap - ok
22:24:41.0701 0x2910  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
22:24:41.0703 0x2910  SamSs - ok
22:24:41.0707 0x2910  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
22:24:41.0709 0x2910  sbp2port - ok
22:24:41.0715 0x2910  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
22:24:41.0720 0x2910  SCardSvr - ok
22:24:41.0727 0x2910  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
22:24:41.0731 0x2910  ScDeviceEnum - ok
22:24:41.0734 0x2910  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:24:41.0736 0x2910  scfilter - ok
22:24:41.0752 0x2910  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
22:24:41.0767 0x2910  Schedule - ok
22:24:41.0772 0x2910  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
22:24:41.0774 0x2910  scmbus - ok
22:24:41.0778 0x2910  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
22:24:41.0780 0x2910  scmdisk0101 - ok
22:24:41.0785 0x2910  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
22:24:41.0787 0x2910  SCPolicySvc - ok
22:24:41.0794 0x2910  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
22:24:41.0799 0x2910  sdbus - ok
22:24:41.0803 0x2910  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
22:24:41.0807 0x2910  SDRSVC - ok
22:24:41.0811 0x2910  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
22:24:41.0813 0x2910  sdstor - ok
22:24:41.0816 0x2910  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
22:24:41.0818 0x2910  seclogon - ok
22:24:41.0822 0x2910  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
22:24:41.0824 0x2910  SENS - ok
22:24:41.0826 0x2910  Sense - ok
         
__________________

Alt 09.03.2017, 22:36   #4
rka0
 
AdChoices im Firefox - Standard

AdChoices im Firefox



Und pt 2:

Code:
ATTFilter
22:24:41.0848 0x2910  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
22:24:41.0868 0x2910  SensorDataService - ok
22:24:41.0877 0x2910  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
22:24:41.0884 0x2910  SensorService - ok
22:24:41.0889 0x2910  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
22:24:41.0893 0x2910  SensrSvc - ok
22:24:41.0897 0x2910  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
22:24:41.0898 0x2910  SerCx - ok
22:24:41.0904 0x2910  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
22:24:41.0907 0x2910  SerCx2 - ok
22:24:41.0909 0x2910  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
22:24:41.0910 0x2910  Serenum - ok
22:24:41.0914 0x2910  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
22:24:41.0916 0x2910  Serial - ok
22:24:41.0918 0x2910  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
22:24:41.0920 0x2910  sermouse - ok
22:24:41.0931 0x2910  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
22:24:41.0937 0x2910  SessionEnv - ok
22:24:41.0947 0x2910  [ 02DED435FCAA1C02959051AF636E154A, 055DBC64F697085820FC4872586E00E4F71B35AA43841F124CA577CF0B49E753 ] sesvc           D:\ShadowExplorer\sesvc.exe
22:24:41.0948 0x2910  sesvc - ok
22:24:41.0951 0x2910  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
22:24:41.0952 0x2910  sfloppy - ok
22:24:41.0963 0x2910  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
22:24:41.0972 0x2910  SharedAccess - ok
22:24:41.0985 0x2910  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:24:41.0994 0x2910  ShellHWDetection - ok
22:24:42.0000 0x2910  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
22:24:42.0004 0x2910  shpamsvc - ok
22:24:42.0007 0x2910  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
22:24:42.0008 0x2910  SiSRaid2 - ok
22:24:42.0012 0x2910  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
22:24:42.0013 0x2910  SiSRaid4 - ok
22:24:42.0021 0x2910  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     D:\Skype\Updater\Updater.exe
22:24:42.0026 0x2910  SkypeUpdate - ok
22:24:42.0029 0x2910  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
22:24:42.0032 0x2910  smphost - ok
22:24:42.0042 0x2910  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
22:24:42.0052 0x2910  SmsRouter - ok
22:24:42.0058 0x2910  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
22:24:42.0060 0x2910  SNMPTRAP - ok
22:24:42.0070 0x2910  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
22:24:42.0077 0x2910  spaceport - ok
22:24:42.0081 0x2910  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
22:24:42.0083 0x2910  SpbCx - ok
22:24:42.0098 0x2910  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\WINDOWS\System32\spoolsv.exe
22:24:42.0111 0x2910  Spooler - ok
22:24:42.0191 0x2910  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
22:24:42.0265 0x2910  sppsvc - ok
22:24:42.0278 0x2910  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
22:24:42.0284 0x2910  srv - ok
22:24:42.0297 0x2910  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
22:24:42.0307 0x2910  srv2 - ok
22:24:42.0314 0x2910  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
22:24:42.0318 0x2910  srvnet - ok
22:24:42.0324 0x2910  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
22:24:42.0328 0x2910  SSDPSRV - ok
22:24:42.0334 0x2910  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
22:24:42.0338 0x2910  SstpSvc - ok
22:24:42.0343 0x2910  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
22:24:42.0346 0x2910  ssudmdm - ok
22:24:42.0405 0x2910  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
22:24:42.0460 0x2910  StateRepository - ok
22:24:42.0486 0x2910  [ 596DC69BB40A96FCA4B19D9D1E221E34, 3469D3B2E9A88E39C14AE2E3DD5EC3D91FBB88CA568D794555B397B50E64AB15 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:24:42.0505 0x2910  Steam Client Service - ok
22:24:42.0509 0x2910  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
22:24:42.0510 0x2910  stexstor - ok
22:24:42.0522 0x2910  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
22:24:42.0532 0x2910  stisvc - ok
22:24:42.0537 0x2910  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
22:24:42.0539 0x2910  storahci - ok
22:24:42.0542 0x2910  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
22:24:42.0543 0x2910  storflt - ok
22:24:42.0547 0x2910  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
22:24:42.0549 0x2910  stornvme - ok
22:24:42.0552 0x2910  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
22:24:42.0553 0x2910  storqosflt - ok
22:24:42.0562 0x2910  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
22:24:42.0569 0x2910  StorSvc - ok
22:24:42.0572 0x2910  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
22:24:42.0573 0x2910  storufs - ok
22:24:42.0576 0x2910  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
22:24:42.0577 0x2910  storvsc - ok
22:24:42.0580 0x2910  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
22:24:42.0582 0x2910  svsvc - ok
22:24:42.0584 0x2910  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
22:24:42.0585 0x2910  swenum - ok
22:24:42.0594 0x2910  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
22:24:42.0602 0x2910  swprv - ok
22:24:42.0605 0x2910  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
22:24:42.0606 0x2910  Synth3dVsc - ok
22:24:42.0623 0x2910  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
22:24:42.0637 0x2910  SysMain - ok
22:24:42.0646 0x2910  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
22:24:42.0652 0x2910  SystemEventsBroker - ok
22:24:42.0658 0x2910  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:24:42.0662 0x2910  TabletInputService - ok
22:24:42.0668 0x2910  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
22:24:42.0674 0x2910  TapiSrv - ok
22:24:42.0712 0x2910  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
22:24:42.0746 0x2910  Tcpip - ok
22:24:42.0786 0x2910  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
22:24:42.0814 0x2910  Tcpip6 - ok
22:24:42.0820 0x2910  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
22:24:42.0821 0x2910  tcpipreg - ok
22:24:42.0826 0x2910  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
22:24:42.0829 0x2910  tdx - ok
22:24:42.0832 0x2910  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
22:24:42.0833 0x2910  terminpt - ok
22:24:42.0850 0x2910  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
22:24:42.0863 0x2910  TermService - ok
22:24:42.0867 0x2910  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
22:24:42.0870 0x2910  Themes - ok
22:24:42.0877 0x2910  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
22:24:42.0882 0x2910  TieringEngineService - ok
22:24:42.0893 0x2910  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
22:24:42.0902 0x2910  tiledatamodelsvc - ok
22:24:42.0909 0x2910  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
22:24:42.0913 0x2910  TimeBrokerSvc - ok
22:24:42.0919 0x2910  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
22:24:42.0922 0x2910  TPM - ok
22:24:42.0926 0x2910  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
22:24:42.0930 0x2910  TrkWks - ok
22:24:42.0934 0x2910  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
22:24:42.0936 0x2910  TrustedInstaller - ok
22:24:42.0941 0x2910  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
22:24:42.0942 0x2910  tsusbflt - ok
22:24:42.0945 0x2910  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:24:42.0946 0x2910  TsUsbGD - ok
22:24:42.0950 0x2910  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
22:24:42.0952 0x2910  tsusbhub - ok
22:24:42.0957 0x2910  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
22:24:42.0959 0x2910  tunnel - ok
22:24:42.0963 0x2910  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
22:24:42.0966 0x2910  tzautoupdate - ok
22:24:42.0971 0x2910  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
22:24:42.0973 0x2910  UASPStor - ok
22:24:42.0976 0x2910  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
22:24:42.0978 0x2910  UcmCx0101 - ok
22:24:42.0982 0x2910  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
22:24:42.0984 0x2910  UcmTcpciCx0101 - ok
22:24:42.0987 0x2910  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
22:24:42.0988 0x2910  UcmUcsi - ok
22:24:42.0993 0x2910  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
22:24:42.0997 0x2910  Ucx01000 - ok
22:24:43.0000 0x2910  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
22:24:43.0001 0x2910  UdeCx - ok
22:24:43.0009 0x2910  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
22:24:43.0014 0x2910  udfs - ok
22:24:43.0016 0x2910  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
22:24:43.0017 0x2910  UEFI - ok
22:24:43.0020 0x2910  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
22:24:43.0022 0x2910  UevAgentDriver - ok
22:24:43.0041 0x2910  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
22:24:43.0058 0x2910  UevAgentService - ok
22:24:43.0065 0x2910  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
22:24:43.0069 0x2910  Ufx01000 - ok
22:24:43.0073 0x2910  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
22:24:43.0076 0x2910  UfxChipidea - ok
22:24:43.0080 0x2910  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
22:24:43.0082 0x2910  ufxsynopsys - ok
22:24:43.0088 0x2910  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
22:24:43.0090 0x2910  UI0Detect - ok
22:24:43.0093 0x2910  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
22:24:43.0095 0x2910  umbus - ok
22:24:43.0097 0x2910  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
22:24:43.0098 0x2910  UmPass - ok
22:24:43.0104 0x2910  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
22:24:43.0109 0x2910  UmRdpService - ok
22:24:43.0129 0x2910  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
22:24:43.0151 0x2910  UnistoreSvc - ok
22:24:43.0195 0x2910  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
22:24:43.0258 0x2910  upnphost - ok
22:24:43.0278 0x2910  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
22:24:43.0288 0x2910  UrsChipidea - ok
22:24:43.0316 0x2910  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
22:24:43.0345 0x2910  UrsCx01000 - ok
22:24:43.0351 0x2910  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
22:24:43.0353 0x2910  UrsSynopsys - ok
22:24:43.0362 0x2910  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
22:24:43.0368 0x2910  usbccgp - ok
22:24:43.0378 0x2910  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
22:24:43.0380 0x2910  usbcir - ok
22:24:43.0385 0x2910  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
22:24:43.0386 0x2910  usbehci - ok
22:24:43.0398 0x2910  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
22:24:43.0407 0x2910  usbhub - ok
22:24:43.0418 0x2910  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
22:24:43.0426 0x2910  USBHUB3 - ok
22:24:43.0429 0x2910  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
22:24:43.0431 0x2910  usbohci - ok
22:24:43.0434 0x2910  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
22:24:43.0435 0x2910  usbprint - ok
22:24:43.0438 0x2910  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:24:43.0439 0x2910  usbscan - ok
22:24:43.0443 0x2910  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
22:24:43.0444 0x2910  usbser - ok
22:24:43.0448 0x2910  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
22:24:43.0451 0x2910  USBSTOR - ok
22:24:43.0454 0x2910  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
22:24:43.0455 0x2910  usbuhci - ok
22:24:43.0463 0x2910  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
22:24:43.0468 0x2910  USBXHCI - ok
22:24:43.0492 0x2910  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
22:24:43.0514 0x2910  UserDataSvc - ok
22:24:43.0533 0x2910  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
22:24:43.0549 0x2910  UserManager - ok
22:24:43.0560 0x2910  [ EBF9E40845362DBE2AD0DB3077269488, A6363006350D097F95B03A2F44E1D3FBD3BC40048BE57C715CD7CBC22D1EE70B ] UsoSvc          C:\WINDOWS\system32\usocore.dll
22:24:43.0569 0x2910  UsoSvc - ok
22:24:43.0573 0x2910  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
22:24:43.0574 0x2910  VaultSvc - ok
22:24:43.0576 0x2910  [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone          C:\WINDOWS\System32\drivers\VClone.sys
22:24:43.0577 0x2910  VClone - ok
22:24:43.0581 0x2910  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
22:24:43.0582 0x2910  vdrvroot - ok
22:24:43.0595 0x2910  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
22:24:43.0604 0x2910  vds - ok
22:24:43.0610 0x2910  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
22:24:43.0613 0x2910  VerifierExt - ok
22:24:43.0626 0x2910  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
22:24:43.0636 0x2910  vhdmp - ok
22:24:43.0639 0x2910  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
22:24:43.0640 0x2910  vhf - ok
22:24:43.0643 0x2910  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
22:24:43.0646 0x2910  vmbus - ok
22:24:43.0649 0x2910  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
22:24:43.0650 0x2910  VMBusHID - ok
22:24:43.0652 0x2910  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
22:24:43.0653 0x2910  vmgid - ok
22:24:43.0660 0x2910  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
22:24:43.0665 0x2910  vmicguestinterface - ok
22:24:43.0672 0x2910  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
22:24:43.0676 0x2910  vmicheartbeat - ok
22:24:43.0682 0x2910  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
22:24:43.0686 0x2910  vmickvpexchange - ok
22:24:43.0694 0x2910  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
22:24:43.0700 0x2910  vmicrdv - ok
22:24:43.0707 0x2910  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
22:24:43.0711 0x2910  vmicshutdown - ok
22:24:43.0717 0x2910  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
22:24:43.0721 0x2910  vmictimesync - ok
22:24:43.0728 0x2910  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
22:24:43.0732 0x2910  vmicvmsession - ok
22:24:43.0740 0x2910  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
22:24:43.0744 0x2910  vmicvss - ok
22:24:43.0749 0x2910  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
22:24:43.0751 0x2910  volmgr - ok
22:24:43.0759 0x2910  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
22:24:43.0763 0x2910  volmgrx - ok
22:24:43.0772 0x2910  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
22:24:43.0778 0x2910  volsnap - ok
22:24:43.0781 0x2910  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
22:24:43.0781 0x2910  volume - ok
22:24:43.0785 0x2910  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
22:24:43.0786 0x2910  vpci - ok
22:24:43.0791 0x2910  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
22:24:43.0794 0x2910  vsmraid - ok
22:24:43.0817 0x2910  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
22:24:43.0838 0x2910  VSS - ok
22:24:43.0846 0x2910  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
22:24:43.0850 0x2910  VSTXRAID - ok
22:24:43.0854 0x2910  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
22:24:43.0855 0x2910  vwifibus - ok
22:24:43.0858 0x2910  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
22:24:43.0860 0x2910  vwififlt - ok
22:24:43.0870 0x2910  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
22:24:43.0879 0x2910  W32Time - ok
22:24:43.0882 0x2910  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
22:24:43.0883 0x2910  WacomPen - ok
22:24:43.0892 0x2910  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
22:24:43.0900 0x2910  WalletService - ok
22:24:43.0906 0x2910  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:24:43.0908 0x2910  wanarp - ok
22:24:43.0910 0x2910  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:24:43.0912 0x2910  wanarpv6 - ok
22:24:43.0937 0x2910  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
22:24:43.0959 0x2910  wbengine - ok
22:24:43.0975 0x2910  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
22:24:43.0988 0x2910  WbioSrvc - ok
22:24:43.0993 0x2910  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
22:24:43.0995 0x2910  wcifs - ok
22:24:44.0008 0x2910  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
22:24:44.0019 0x2910  Wcmsvc - ok
22:24:44.0029 0x2910  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
22:24:44.0036 0x2910  wcncsvc - ok
22:24:44.0040 0x2910  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
22:24:44.0041 0x2910  wcnfs - ok
22:24:44.0045 0x2910  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
22:24:44.0047 0x2910  WdBoot - ok
22:24:44.0050 0x2910  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
22:24:44.0051 0x2910  WDC_SAM - ok
22:24:44.0066 0x2910  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
22:24:44.0077 0x2910  Wdf01000 - ok
22:24:44.0084 0x2910  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
22:24:44.0089 0x2910  WdFilter - ok
22:24:44.0093 0x2910  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
22:24:44.0096 0x2910  WdiServiceHost - ok
22:24:44.0099 0x2910  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
22:24:44.0102 0x2910  WdiSystemHost - ok
22:24:44.0114 0x2910  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
22:24:44.0125 0x2910  wdiwifi - ok
22:24:44.0130 0x2910  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:24:44.0132 0x2910  WdNisDrv - ok
22:24:44.0134 0x2910  WdNisSvc - ok
22:24:44.0141 0x2910  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
22:24:44.0145 0x2910  WebClient - ok
22:24:44.0151 0x2910  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
22:24:44.0155 0x2910  Wecsvc - ok
22:24:44.0159 0x2910  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
22:24:44.0161 0x2910  WEPHOSTSVC - ok
22:24:44.0165 0x2910  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
22:24:44.0167 0x2910  wercplsupport - ok
22:24:44.0173 0x2910  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
22:24:44.0177 0x2910  WerSvc - ok
22:24:44.0181 0x2910  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
22:24:44.0184 0x2910  WFPLWFS - ok
22:24:44.0187 0x2910  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
22:24:44.0190 0x2910  WiaRpc - ok
22:24:44.0194 0x2910  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
22:24:44.0195 0x2910  WIMMount - ok
22:24:44.0197 0x2910  WinDefend - ok
22:24:44.0205 0x2910  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
22:24:44.0207 0x2910  WindowsTrustedRT - ok
22:24:44.0209 0x2910  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
22:24:44.0210 0x2910  WindowsTrustedRTProxy - ok
22:24:44.0225 0x2910  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
22:24:44.0238 0x2910  WinHttpAutoProxySvc - ok
22:24:44.0241 0x2910  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
22:24:44.0243 0x2910  WinMad - ok
22:24:44.0250 0x2910  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
22:24:44.0254 0x2910  Winmgmt - ok
22:24:44.0295 0x2910  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
22:24:44.0334 0x2910  WinRM - ok
22:24:44.0342 0x2910  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
22:24:44.0344 0x2910  WINUSB - ok
22:24:44.0347 0x2910  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
22:24:44.0349 0x2910  WinVerbs - ok
22:24:44.0361 0x2910  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
22:24:44.0371 0x2910  wisvc - ok
22:24:44.0406 0x2910  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
22:24:44.0440 0x2910  WlanSvc - ok
22:24:44.0474 0x2910  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
22:24:44.0503 0x2910  wlidsvc - ok
22:24:44.0508 0x2910  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
22:24:44.0508 0x2910  WmiAcpi - ok
22:24:44.0515 0x2910  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
22:24:44.0519 0x2910  wmiApSrv - ok
22:24:44.0521 0x2910  WMPNetworkSvc - ok
22:24:44.0527 0x2910  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
22:24:44.0530 0x2910  Wof - ok
22:24:44.0559 0x2910  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
22:24:44.0586 0x2910  workfolderssvc - ok
22:24:44.0591 0x2910  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
22:24:44.0594 0x2910  WPDBusEnum - ok
22:24:44.0597 0x2910  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:24:44.0598 0x2910  WpdUpFltr - ok
22:24:44.0604 0x2910  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
22:24:44.0608 0x2910  WpnService - ok
22:24:44.0613 0x2910  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
22:24:44.0616 0x2910  WpnUserService - ok
22:24:44.0621 0x2910  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:24:44.0622 0x2910  ws2ifsl - ok
22:24:44.0624 0x2910  [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudioDevice_383 C:\WINDOWS\system32\drivers\VirtualAudio.sys
22:24:44.0626 0x2910  WsAudioDevice_383 - ok
22:24:44.0631 0x2910  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
22:24:44.0636 0x2910  wscsvc - ok
22:24:44.0638 0x2910  WSearch - ok
22:24:44.0674 0x2910  [ DDB7E452A99E0E5244105C6D2CF4BC9E, 1364B03AFFD20D339A2EBA303575BCCBC2D122D89810B1E3593CC55F93F9B79A ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
22:24:44.0705 0x2910  wuauserv - ok
22:24:44.0711 0x2910  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
22:24:44.0714 0x2910  WudfPf - ok
22:24:44.0719 0x2910  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
22:24:44.0723 0x2910  WUDFRd - ok
22:24:44.0727 0x2910  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
22:24:44.0730 0x2910  wudfsvc - ok
22:24:44.0736 0x2910  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:24:44.0738 0x2910  WUDFWpdFs - ok
22:24:44.0743 0x2910  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:24:44.0746 0x2910  WUDFWpdMtp - ok
22:24:44.0767 0x2910  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
22:24:44.0785 0x2910  WwanSvc - ok
22:24:44.0804 0x2910  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
22:24:44.0825 0x2910  XblAuthManager - ok
22:24:44.0845 0x2910  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
22:24:44.0863 0x2910  XblGameSave - ok
22:24:44.0870 0x2910  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
22:24:44.0874 0x2910  xboxgip - ok
22:24:44.0892 0x2910  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
22:24:44.0907 0x2910  XboxNetApiSvc - ok
22:24:44.0911 0x2910  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
22:24:44.0913 0x2910  xinputhid - ok
22:24:44.0977 0x2910  [ 380B1AE3C8E99FC2280967180FE4C513, 177507B966532B129760F2E1CCB6CFE04FFA5AA233D434168489EFBC65A7900A ] {41E8078B-96D9-42DC-8789-A1CF102CD880} D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl
22:24:44.0979 0x2910  {41E8078B-96D9-42DC-8789-A1CF102CD880} - ok
22:24:44.0982 0x2910  ================ Scan global ===============================
22:24:44.0988 0x2910  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
22:24:44.0999 0x2910  [ 4C08BF958476A137C78B62B22B5F90A4, 11DDD033896C96F8F7F1A1EDD0F4E0F07AFBB3202DC8A2E5E3ADB51C4D0700D4 ] C:\WINDOWS\system32\winsrv.dll
22:24:45.0010 0x2910  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
22:24:45.0028 0x2910  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
22:24:45.0036 0x2910  [ Global ] - ok
22:24:45.0036 0x2910  ================ Scan MBR ==================================
22:24:45.0038 0x2910  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:24:45.0076 0x2910  \Device\Harddisk0\DR0 - ok
22:24:45.0092 0x2910  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:24:45.0100 0x2910  \Device\Harddisk1\DR1 - ok
22:24:45.0101 0x2910  ================ Scan VBR ==================================
22:24:45.0104 0x2910  [ 4660A07DB99858BA5E7F978200436AE4 ] \Device\Harddisk0\DR0\Partition1
22:24:45.0106 0x2910  \Device\Harddisk0\DR0\Partition1 - ok
22:24:45.0109 0x2910  [ 8684D3BD1C65DD2197926B1479E260AD ] \Device\Harddisk0\DR0\Partition2
22:24:45.0110 0x2910  \Device\Harddisk0\DR0\Partition2 - ok
22:24:45.0114 0x2910  [ 6FCFE879066021F6FDA7887B147C0DFD ] \Device\Harddisk1\DR1\Partition1
22:24:45.0116 0x2910  \Device\Harddisk1\DR1\Partition1 - ok
22:24:45.0119 0x2910  [ 998048D14C91FFF5A91C1D94B8D86E5C ] \Device\Harddisk1\DR1\Partition2
22:24:45.0121 0x2910  \Device\Harddisk1\DR1\Partition2 - ok
22:24:45.0124 0x2910  [ 6DC71BB652AE74AE33951297819ADA68 ] \Device\Harddisk1\DR1\Partition3
22:24:45.0126 0x2910  \Device\Harddisk1\DR1\Partition3 - ok
22:24:45.0129 0x2910  [ 62EFB9DB817C53C0DF95EDA235F5289D ] \Device\Harddisk1\DR1\Partition4
22:24:45.0131 0x2910  \Device\Harddisk1\DR1\Partition4 - ok
22:24:45.0134 0x2910  [ 4F391211AAFF8203FD61DED7F9C9D782 ] \Device\Harddisk1\DR1\Partition5
22:24:45.0136 0x2910  \Device\Harddisk1\DR1\Partition5 - ok
22:24:45.0137 0x2910  ================ Scan generic autorun ======================
22:24:45.0400 0x2910  [ 58D9B2F0E126B1842D93D7B8862BF02E, 2D5BF0CAA008C2B16014A4E711E9B7F05BC1FD771067627779815E8C48894EDB ] C:\Program Files\Logitech Gaming Software\LCore.exe
22:24:45.0615 0x2910  Launch LCore - ok
22:24:45.0628 0x2910  [ 258E2CD2C4984A977106C9EF7CA8AF69, D8F6409D5F5782CC27D159D18E914A3DB59D8644D7017CA6F84F0CF30E95174C ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
22:24:45.0630 0x2910  Avira SystrayStartTrigger - ok
22:24:45.0646 0x2910  [ 1E0029B9936F42C86138EADB5C27439E, 0A57C0DF2E2995C45FB92D1229FFAA1493748F39F01FB53F9559C5AFB5C1CA13 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
22:24:45.0658 0x2910  avgnt - ok
22:24:45.0663 0x2910  Dropbox - ok
22:24:45.0684 0x2910  [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] D:\VirtualCloneDrive\VCDDaemon.exe
22:24:45.0686 0x2910  VirtualCloneDrive - ok
22:24:45.0694 0x2910  [ C0F72AF517E27CFE23D4E37EC7FF7E9E, 2CF4F78EC4BE99258BC91F5D94A9AF261F0DBDFD55D0100DCA2CA88813AAD4B4 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
22:24:45.0698 0x2910  ControlCenter4 - ok
22:24:45.0781 0x2910  [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
22:24:45.0838 0x2910  BrStsMon00 - ok
22:24:45.0844 0x2910  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\WINDOWS\UpdReg.EXE
22:24:45.0846 0x2910  UpdReg - ok
22:24:45.0895 0x2910  [ 6F98C7DA1AE54B3151358971336B7B46, 3FE79211467DCC020C3D284B2DFA286677375004E92A742030EAE29A49A0BF76 ] D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
22:24:45.0921 0x2910  Sound Blaster Recon3D PCIe Control Panel - ok
22:24:45.0944 0x2910  [ 81800928E0F713DF31F3393CC26F4013, 0ABCC70297C83C01BCCAF03083BE67EB7A50A28557B2F9578EDB73B382F54182 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
22:24:45.0961 0x2910  DivXUpdate - ok
22:24:45.0988 0x2910  [ 17A2294ED8BA499132BC7B067D43BC66, 4C79D2D63F43C0EDC1FC122676E0019BDF5E55DE7A1674462ABC664AB30D917A ] D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe
22:24:45.0998 0x2910  PowerDVD16Agent - ok
22:24:46.0009 0x2910  [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
22:24:46.0016 0x2910  SunJavaUpdateSched - ok
22:24:46.0150 0x2910  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:24:46.0262 0x2910  OneDriveSetup - ok
22:24:46.0389 0x2910  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:24:46.0483 0x2910  OneDriveSetup - ok
22:24:46.0524 0x2910  [ B657BB057C2CC7B0EC5E7B30FA573729, B80EFB7F8A27C16C014A4EFA41AE362E4B26E508C57F09F294FD4E0A4C7D740D ] C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
22:24:46.0599 0x2910  uTorrent - ok
22:24:46.0603 0x2910  GoogleDriveSync - ok
22:24:46.0744 0x2910  [ 3F6B014280D8A98ACC323BB28CA5BCA7, 724FE1E949D57E982B50CC6FBBA8BCB524C42592A39ED60D37042CC2C2E73CAB ] C:\Program Files\CCleaner\CCleaner64.exe
22:24:46.0862 0x2910  CCleaner Monitoring - ok
22:24:46.0868 0x2910  Waiting for KSN requests completion. In queue: 248
22:24:46.0966 0x2724  Object required for P2P: [ 3F6B014280D8A98ACC323BB28CA5BCA7 ] C:\Program Files\CCleaner\CCleaner64.exe
22:24:47.0200 0x2724  Object send P2P result: true
22:24:47.0885 0x2910  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.25.151 ), 0x41000 ( enabled : updated )
22:24:47.0888 0x2910  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
22:24:47.0892 0x2910  Win FW state via NFP2: enabled ( trusted )
22:24:47.0991 0x2910  ============================================================
22:24:47.0991 0x2910  Scan finished
22:24:47.0991 0x2910  ============================================================
22:24:48.0002 0x0a28  Detected object count: 0
22:24:48.0002 0x0a28  Actual detected object count: 0
         
Frst.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
durchgeführt von xxx (Administrator) auf SCHWOBB (09-03-2017 22:31:40)
Gestartet von H:\
Geladene Profile: xxx (Verfügbare Profile: xxx)
Platform: Windows 10 Education Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Electronic Arts) G:\Origin\OriginWebHelperService.exe
(www.shadowexplorer.com) D:\ShadowExplorer\sesvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(techPowerUp (www.techpowerup.com)) D:\GPU-Z\GPU-Z.exe
(ALCPU) D:\Core Temp\Core Temp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
() C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(Oracle Corporation) D:\Java64\bin\javaw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Elaborate Bytes AG) D:\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Creative Technology Ltd) D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(AO Kaspersky Lab) H:\Tools\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\xxx\AppData\Local\Temp\{27821D63-9BCC-4D9D-BF02-A508C57BEA88}\{5A9D2CE1-9B3D-4575-BC02-143DE56741BC}.exe
(Don HO don.h@free.fr) D:\NPP\Notepad++\notepad++.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17305208 2016-12-08] (Logitech Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [PowerDVD16Agent] => D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe [525352 2016-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [uTorrent] => C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-04] (BitTorrent Inc.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2015-10-04]
ShortcutTarget: Universal Media Server.lnk -> D:\UMS\UMS.exe (Universal Media Server)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{91c30c7d-d0a5-4365-a93e-eafa498ca70d}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer64.dll [2016-04-03] (www.startisback.com)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java64\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java64\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer32.dll [2016-04-03] (www.startisback.com)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java32\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java32\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: febeprof.xxx
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx [2017-03-09]
FF Homepage: Mozilla\Firefox\Profiles\febeprof.xxx -> hxxp://www.spiegel-online.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\febeprof.xxx -> type", 0
FF Extension: (New XKit) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\@new-xkit.xpi [2016-10-07]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (DownThemAll! AntiContainer) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\anticontainer@downthemall.net.xpi [2016-04-15]
FF Extension: (MEGA) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\firefox@mega.co.nz.xpi [2017-03-09]
FF Extension: (Tumblr Savior) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2017-03-07]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-03-09]
FF Extension: (Japanese Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-ja@firefox.mozilla.org.xpi [2017-03-08]
FF Extension: (Save Images) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\LDSI_plashcor@gmail.com.xpi [2016-04-30]
FF Extension: (RememberPass) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\rememberpass@teesoft.info.xpi [2016-04-28]
FF Extension: (S3.Google Translator) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\s3google@translator.xpi [2016-10-19]
FF Extension: (Locale Switcher) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2016-04-28]
FF Extension: (Google  Image Search) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi [2016-04-28]
FF Extension: (Video DownloadHelper) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-01]
FF Extension: (DivX Wizard Pro) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cc79db9d-e06e-469f-932a-2537c0db2b4a}.xpi [2016-05-18] [ist nicht signiert]
FF Extension: (RightToClick) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-11-30]
FF Extension: (Adblock Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Tab Mix Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-01-31]
FF Extension: (DownThemAll!) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\features\{ba65d49e-9429-40ee-8d6e-203f1c721eb2}\disableSHA1rollout@mozilla.org.xpi [2017-03-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> D:\Java64\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> D:\Java64\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> D:\Java32\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> D:\Java32\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default [2017-03-08]
CHR Extension: (Google Präsentationen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-31]
CHR Extension: (Google Docs) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-31]
CHR Extension: (Google Drive) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-31]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-31]
CHR Extension: (Video Downloader professional) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-09-01]
CHR Extension: (Google Tabellen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-31]
CHR Extension: (Avira Browserschutz) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-27]
CHR Extension: (Google Mail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519144 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [25232 2016-12-09] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-01-20] (Digital Wave Ltd.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [22184 2015-07-29] (Micro-Star Int'l Co., Ltd.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-12-08] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2122248 2017-02-08] (Electronic Arts)
R2 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2184208 2017-02-08] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 sesvc; D:\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Datei ist nicht signiert]
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [317400 2017-01-16] (Skype Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ALSysIO; C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys [35320 2017-03-08] (Arthur Liberman) <==== ACHTUNG
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 GPU-Z; C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys [27008 2017-03-08] () <==== ACHTUNG
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-12-08] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-08] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2016-02-29] (Wondershare)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl [38168 2016-12-19] (CyberLink Corp.)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-09 22:31 - 2017-03-09 22:31 - 00000000 ____D C:\FRST
2017-03-09 22:25 - 2017-03-09 22:25 - 00000000 _____ C:\Users\xxx\Desktop\Neues Textdokument.txt
2017-03-09 22:24 - 2017-03-09 22:24 - 00271884 _____ C:\TDSSKiller.3.1.0.12_09.03.2017_22.24.21_log.txt
2017-03-09 22:24 - 2017-03-09 22:24 - 00250064 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\09508804.sys
2017-03-09 21:35 - 2017-03-09 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-09 15:52 - 2017-03-09 15:52 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\uTorrent
2017-03-08 23:10 - 2017-03-08 23:42 - 00000000 ____D C:\AdwCleaner
2017-03-06 21:50 - 2017-03-06 21:50 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-04 15:02 - 2017-03-04 15:09 - 05713860 _____ C:\Users\xxx\Desktop\robocopy_log3.txt
2017-03-04 14:23 - 2017-03-04 14:55 - 02310791 _____ C:\Users\xxx\Desktop\robocopy_log2.txt
2017-03-04 13:30 - 2017-03-04 13:05 - 00000000 __SHD C:\WINDOWS\system32\N;
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.QtWebEngineProcess
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.Origin
2017-02-25 01:18 - 2017-02-25 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-24 23:34 - 2017-03-05 21:43 - 00056509 _____ C:\Users\xxx\Desktop\48G.xlsx
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\Program Files (x86)\Skype
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Duplicate Finder
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\Program Files\Easy Duplicate Finder
2017-02-19 21:13 - 2017-03-02 20:59 - 00000024 _____ C:\Users\xxx\Documents\AutoSaveLastScanResults.dup
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\Documents\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\AppData\Roaming\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\ProgramData\Easy Duplicate Finder
2017-02-19 20:54 - 2017-02-19 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages
2017-02-19 20:22 - 2017-03-07 23:02 - 00000000 ____D C:\Users\xxx\AppData\Local\SimilarImages
2017-02-19 20:22 - 2017-02-19 20:22 - 00000042 _____ C:\ProgramData\.SimImages
2017-02-14 22:57 - 2017-02-14 23:09 - 00001274 _____ C:\Users\xxx\.jalview_properties
2017-02-14 19:44 - 2017-02-09 23:39 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-14 19:42 - 2017-02-10 03:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-13 00:38 - 2017-02-13 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-09 22:31 - 2015-10-05 22:45 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2017-03-09 22:14 - 2016-08-14 12:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Users\xxx\AppData\Local\Dropbox
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-09 18:17 - 2016-11-18 12:49 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\Mozilla
2017-03-09 15:54 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-09 15:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-09 15:52 - 2016-02-26 09:16 - 00000000 ___RD C:\Users\xxx\Google Drive
2017-03-09 15:52 - 2015-10-04 20:43 - 00000000 ____D C:\ProgramData\UMS
2017-03-09 01:40 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-09 00:22 - 2015-10-04 19:25 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2017-03-08 23:46 - 2016-07-16 23:57 - 01955412 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-08 23:46 - 2016-07-16 23:57 - 00508564 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-08 23:46 - 2015-10-04 16:26 - 04182586 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-08 23:40 - 2016-08-14 12:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-08 23:39 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-08 23:33 - 2016-05-26 19:02 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVS
2017-03-08 23:28 - 2015-10-04 19:35 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2017-03-08 23:21 - 2015-10-06 21:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-08 23:13 - 2015-12-11 19:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-08 19:28 - 2016-01-04 08:10 - 00000000 ____D C:\Users\xxx\AppData\Local\CrashDumps
2017-03-05 01:36 - 2016-08-14 12:16 - 00000000 ____D C:\Users\xxx
2017-03-05 01:31 - 2016-02-09 14:26 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Origin
2017-03-04 17:46 - 2016-02-09 14:26 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 13:06 - 2016-12-20 22:42 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2017-03-04 13:04 - 2015-10-04 16:23 - 00000000 ____D C:\Users\xxx\AppData\Local\Packages
2017-03-03 17:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-03 08:30 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-03 08:29 - 2016-10-08 09:03 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-03-01 23:14 - 2016-07-12 07:38 - 00053669 _____ C:\Users\xxx\Desktop\krams.xlsx
2017-03-01 23:04 - 2016-12-21 13:13 - 00000000 ____D C:\Users\xxx\Documents\Japanisch
2017-03-01 00:47 - 2015-10-05 22:52 - 00000000 ____D C:\Users\xxx\AppData\Roaming\avidemux
2017-02-28 23:25 - 2016-10-28 20:42 - 00000000 ____D C:\Users\xxx\AppData\Roaming\HandBrake
2017-02-25 12:30 - 2015-10-05 00:11 - 00000000 ____D C:\Users\xxx\AppData\Roaming\dvdcss
2017-02-25 01:18 - 2015-12-06 21:26 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 16:55 - 2015-10-04 16:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 16:53 - 2015-10-04 16:51 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 21:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-22 21:18 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 22:05 - 2016-08-14 12:14 - 00013389 _____ C:\WINDOWS\BRRBCOM.INI
2017-02-20 21:45 - 2015-10-09 22:08 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Mp3tag
2017-02-20 21:36 - 2016-02-05 08:13 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2017-02-20 21:19 - 2016-02-05 08:12 - 00000000 ____D C:\ProgramData\Skype
2017-02-19 17:37 - 2017-01-29 19:46 - 00000134 _____ C:\Users\xxx\Documents\default.vsp
2017-02-19 16:21 - 2015-10-04 19:02 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-19 09:07 - 2016-03-08 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-14 19:45 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-14 19:45 - 2015-10-04 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-14 19:44 - 2016-03-11 00:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-13 00:38 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-10 03:33 - 2016-08-14 09:35 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-10 00:13 - 2016-09-24 23:32 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-09 23:57 - 2016-08-14 12:14 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-09 23:57 - 2016-08-14 12:14 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-08 18:03 - 2016-04-03 13:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVDVideoSoft
2017-02-07 00:58 - 2016-07-31 22:00 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-19 20:22 - 2017-02-19 20:22 - 0000042 _____ () C:\ProgramData\.SimImages
2015-12-12 04:23 - 2015-12-12 04:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-19 20:45 - 2017-01-24 18:29 - 0008442 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 20:45 - 2017-01-22 16:17 - 0020937 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-05 13:01

==================== Ende von FRST.txt ============================
         

Alt 09.03.2017, 22:40   #5
rka0
 
AdChoices im Firefox - Standard

AdChoices im Firefox



Und addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von xxx (09-03-2017 22:32:07)
Gestartet von H:\
Windows 10 Education Version 1607 (X64) (2016-08-14 11:21:45)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4199837023-2687035150-3113593764-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4199837023-2687035150-3113593764-503 - Limited - Disabled)
Gast (S-1-5-21-4199837023-2687035150-3113593764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4199837023-2687035150-3113593764-1003 - Limited - Enabled)
xxx (S-1-5-21-4199837023-2687035150-3113593764-1001 - Administrator - Enabled) => C:\Users\xxx

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Microsoft Office Proofing Tools 2016“ – lietuviu k. (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Alati za jezicnu provjeru u sustavu Microsoft Office 2016 - hrvatski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Anti-Twin (Installation 10.12.2015) (HKLM-x32\...\Anti-Twin 2015-12-10 22.13.58) (Version:  - Joerg Rosenthal, Germany)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{115347FE-037B-4F4D-86F2-057FEF294C7A}) (Version: 1.2.4.459 - Avira Operations GmbH & Co. KG)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Brother MFL-Pro Suite MFC-J5320DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
Công c? Soát l?i Microsoft Office 2016 - Ti?ng Vi?t (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Core Temp 1.6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.6 - ALCPU)
Crysis 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink MediaEspresso 7.5 (HKLM-x32\...\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}) (Version: 7.5.8022_61105 - CyberLink Corp.)
CyberLink PhotoDirector 7 (HKLM-x32\...\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}) (Version: 7.0.7504.0 - CyberLink Corp.)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.2406.60 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.14 - Infonautics GmbH, Switzerland)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duplicate Photo Cleaner (HKLM\...\Duplicate Photo Cleaner_is1) (Version:  - WebMinds, Inc.)
Easy Duplicate Finder (HKLM\...\{DA060B99-6B87-4D85-8B1A-29BCF6DF2B06}_is1) (Version:  - WebMinds, Inc.)
Eines de correcció del Microsoft Office 2016: català (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FLV Downloader (xmlbar) (nur entfernen) (HKLM-x32\...\Xmlbar FLVDownloader) (Version:  - )
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.31.119 - Digital Wave Ltd)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
Instrumente de verificare Microsoft Office 2016 - Româna (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LCDSirReal - a multipurpose plugin for the Logitech G13/G15 (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\LCDSirReal) (Version:  - Link Data Stockholm)
Logitech Gaming Software 8.89 (HKLM\...\Logitech Gaming Software) (Version: 8.89.68 - Logitech Inc.)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2016  - German/Deutsch (HKLM\...\Office16.OMUI.de-de) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 de)) (Version: 52.0 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Narzedzia sprawdzajace pakietu Microsoft Office 2016 — polski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – ceština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovencina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Orodja za preverjanje za Microsoft Office 2016 – anglešcina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF-XChange Editor (HKLM\...\{3D1987D7-5A88-4DDA-9D29-6977AE2BDBD0}) (Version: 5.5.316.1 - Tracker Software Products (Canada) Ltd.)
PerigeeCopy 1.7 (HKLM\...\PerigeeCopy) (Version: 1.7 - Jeremy Stanley)
PicasaDownloader (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\052751e036427773) (Version: 1.0.0.25 - PicasaDownloader)
ProjectX - Complete (HKLM-x32\...\{513C7CA5-86D3-495D-B2D4-409EE41F68A7}_is1) (Version: 0.91.0.10 - WatchersNET)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RLinkToolbox 3.3.0.1896 (HKLM-x32\...\RLinkToolbox) (Version: 3.3.0.1896 - TomTom)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.486 - RStudio)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{E9DF9D95-BF8F-4264-B54E-988DAD71EE92}) (Version: 1.02.03 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version:  - Bethesda Game Studios)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 6.5.3 - Universal Media Server)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.OMUI.de-de_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
???a?e?a ???ss???? e?????? t?? Microsoft Office 2016 - ???????? (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
?????? ????????? ????????? Microsoft Office 2016 – ?????????? (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
???????? ???????? ???????????? Microsoft Office 2016 — ??????? (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
??? ????? ?? Microsoft Office 2016 - ????? (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
???????? ????? Microsoft Office 2016 - ????? (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B9CCC01-1DF2-4808-BF9A-AC12ADB03DA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {1A596B82-4A61-47BE-8E4B-5ADDD69D5009} - System32\Tasks\GPU-Z => D:\GPU-Z\GPU-Z.exe [2016-07-13] (techPowerUp (www.techpowerup.com))
Task: {2CBCE76D-98A7-4BEE-9286-B590D2202CF5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {2FD6432B-C391-458F-9BE3-AB00C6407F77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {6B78D56C-B7FE-43F6-9274-BB86AE74F7C3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {6BAC108C-EE9F-4AD7-9F78-A6EB7F065197} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {7BFE63DD-BEEF-41C8-AA84-3BBFC1702732} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {7CEDE775-418E-4909-B886-9A30F522D9E8} - System32\Tasks\Core Temp Autostart xxx => D:\Core Temp\Core Temp.exe [2017-02-18] (ALCPU)
Task: {89645356-5169-40EC-80E3-E2ECE3D6A473} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {8C1234D8-F860-499B-B4FD-C1917BCF7D3C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {8CC6D714-CD0D-4CB5-98A3-A9D31B0220D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {8E3B38A0-CA9A-4CB6-A1D5-5CE5F120EE67} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {ADAA096F-3EAC-4EF5-B8E2-E13566DD0B27} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {BA2D4D30-2F9F-4788-9958-1A91D5180A1E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {C336F517-C7CA-4129-9A13-DCC6BA3331B8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {D19802B5-8605-4D2E-9056-1A8471F61B55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {D41E18A6-38D8-4A38-9382-6B3949BF6593} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {D9E404F0-FD41-414D-9B55-A30853C55AC3} - System32\Tasks\DeviceDetector7.5 => D:\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [2016-08-22] (CyberLink Corp.)
Task: {EFD345F9-A347-405E-A865-C1F58F6BCF8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-24 23:32 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-14 12:14 - 2017-02-09 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () D:\Unlocker\UnlockerCOM.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 00230064 _____ () D:\NPP\Notepad++\NppShell_06.dll
2016-08-14 12:26 - 2016-08-14 12:26 - 00959168 _____ () C:\Users\xxx\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-15 10:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 19:16 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 19:16 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 19:16 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2011-06-21 10:14 - 2011-06-21 10:14 - 00207872 _____ () C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
2013-02-13 03:37 - 2013-02-13 03:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2016-10-26 00:16 - 2017-01-19 12:35 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_xxxe-vc120-mt-1_56.dll
2016-10-26 00:37 - 2017-02-08 23:04 - 02493440 _____ () G:\Origin\libGLESv2.dll
2016-01-28 22:41 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-09 15:52 - 2017-03-09 15:52 - 00098816 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32api.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00110080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\pywintypes27.dll
2017-03-09 15:52 - 2017-03-09 15:52 - 00364544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\pythoncom27.dll
2017-03-09 15:52 - 2017-03-09 15:52 - 00320512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32com.shell.shell.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00914432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_hashlib.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 01176576 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._core_.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00806400 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._gdi_.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00816128 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._windows_.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 01067008 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._controls_.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00733184 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._misc_.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00682496 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\pysqlite2._sqlite.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_ctypes.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00686080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\unicodedata.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00119808 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32file.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00108544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32security.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00007168 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\hashobjs_ext.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00017920 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\thumbnails_ext.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\usb_ext.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00012800 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\common.time34.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00018432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32event.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00167936 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32gui.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00046080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_socket.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 01303552 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_ssl.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00128512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_elementtree.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00127488 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\pyexpat.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00038912 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32inet.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00036864 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_psutil_windows.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00524248 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\windows._lib_cacheinvalidation.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00011264 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32crypt.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00123392 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._wizard.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00077312 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._html2.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00027648 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_multiprocessing.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00020480 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_yappi.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00035840 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32process.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00078848 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._animate.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00024064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32pipe.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00010240 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\select.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00025600 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32pdh.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00017408 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32profile.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00022528 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32ts.pyd
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2016-09-24 23:32 - 2017-01-20 14:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-24 23:32 - 2017-01-20 14:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-19 20:45 - 2017-01-20 14:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2014-03-31 20:35 - 2014-03-31 20:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2017-03-09 21:35 - 2017-03-06 21:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2015-12-12 08:23 - 2017-02-09 03:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-09 21:35 - 2017-02-09 03:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 08:23 - 2017-02-09 03:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-09 21:35 - 2017-02-09 03:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-04 23:21 - 2017-02-09 03:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-27 20:55 - 2017-03-06 22:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 12:42 - 2017-03-06 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-12 09:35 - 2017-03-06 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 21:35 - 2017-02-09 03:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-03-09 21:35 - 2016-12-02 22:44 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-09 21:35 - 2017-02-09 03:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-09 21:35 - 2017-02-09 03:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-11-27 18:55 - 2016-11-27 18:55 - 00021680 _____ () D:\NPP\Notepad++\plugins\NppExport.dll
2015-05-15 15:24 - 2015-05-15 15:24 - 02873856 _____ () D:\NPP\Notepad++\plugins\NppFTP.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6D89BEBC-8468-4295-B7B1-F8FB62468B37}] => (Allow) LPort=30751
FirewallRules: [{B49AC9AC-B1CF-44F7-82A6-E31837715F1E}] => (Allow) LPort=30751
FirewallRules: [{5B697788-59A3-4747-B76A-E5EDDE0605DC}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{41925E06-A9CD-47E3-BEC1-3A1D93175331}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{C1CE0476-BA3F-4EC0-A323-0D82BB6DDD5C}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{BDDAC986-77B7-4F20-9150-032A108F65AF}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{2D7EAAEE-09A9-4634-A9B1-F3D04B1F44AA}] => (Allow) G:\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{840E6FB1-4C73-4892-A8AC-09A0164069D5}] => (Allow) G:\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{CD2B6346-5FB9-40F0-BCDA-E07A0429522E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0CBB679C-08AE-4D50-82BA-C5BA5E179045}] => (Allow) LPort=2869
FirewallRules: [{C36766D1-DBB8-426D-B9F3-C96698E14676}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{2FD0D92D-D739-47BE-9618-CB3A63C437E4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{2D525972-9794-40D3-A02B-A5CACA96D2B0}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{C9669401-FED5-4CFB-B728-D3709671ABFF}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{BCA95B63-B100-4C15-A111-DF8BF46455F7}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{7BE4898B-E4A5-4E3D-9E64-EF7F280C6134}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9FE48F9E-0E31-43B9-A9F9-5D7EA410B716}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FC71D3F-B4F5-470F-9A53-B0A73AA50539}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{52F0DCBE-1FCA-4F6E-AC44-B6E3B04EAF75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FCD607C7-5DFC-4BCA-9E53-E0750E10F80C}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{8B01E72B-5704-4285-B365-6776050A0075}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{2043F9FF-0AC8-4096-B5B0-87EF086B9688}] => (Allow) G:\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{0967E305-8FD2-47B7-AA2C-6A9637218131}] => (Allow) G:\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{683AEE22-87DA-4AB5-B7FC-C634826B9E41}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AEF5FE01-FCC4-4D4C-BB8F-0B36FE1B9C97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{43B6F3EF-627C-4B90-9E25-66667978C655}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{890EFA8C-E691-4CE9-AA69-4AE9512F1824}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{D01C8AB7-2424-4719-9194-12F8059582DE}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{0A230BC8-3C70-44E0-ADAB-A93E29D1C3BC}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{2E952210-004C-41E0-A8B9-DAA0E96AA873}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FC37E47F-F7EC-4A49-9246-06A80DB92F6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D11ACF96-0CF5-4EA2-8E8F-F05A2E402CCE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3578B3AE-F879-48AD-8CB6-F2464A3D055E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FADCF931-8786-4B9C-BC21-67E9380706CB}] => (Allow) G:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{64917906-7DF1-4CDA-90D7-4C147AA838A5}] => (Allow) G:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{A4A1B86B-A6B9-47FE-ACB1-59FAC8FDC767}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0D10BD48-5550-4387-A4A8-EFA0B626281E}] => (Allow) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3E8741B3-D529-48C9-9386-AEB4C4A36CEE}] => (Allow) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{71C117A0-7573-409E-A9BA-19CE1CA2F55D}] => (Allow) G:\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{632245F9-6CFD-4852-AF50-DB884D4DE2AA}] => (Allow) G:\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{A2FDA54C-7E62-49F5-B8F0-3B3EBE221366}] => (Allow) G:\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [{69E4D0E7-83B6-430E-8A37-C873DDBCB53F}] => (Allow) G:\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [{13C20609-1CC6-47C4-B7F4-7BAA982B87B6}] => (Allow) G:\Origin Games\Crysis 2\bin32\Crysis2.exe
FirewallRules: [{9DC6F2A9-D8F9-4E07-B818-AA28BF1F31B1}] => (Allow) G:\Origin Games\Crysis 2\bin32\Crysis2.exe
FirewallRules: [{7C9811A2-F07B-472F-B00A-8AEEF332EDF0}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD.exe
FirewallRules: [{061BA69A-FDDA-46EF-A1AA-78DF68D58F7F}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSServerPDVD16.exe
FirewallRules: [{1273216E-938E-4291-8486-A80E064F755D}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe
FirewallRules: [{E290168B-0633-4A0D-A403-8848FB710B99}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\Movie\PowerDVDMovie.exe
FirewallRules: [{C9F6E1F5-ADD5-4F43-BD83-4F8A4BD0AEF2}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\CastingStation.exe
FirewallRules: [{823060CF-DD04-4049-92FA-B36F9C864AC8}] => (Allow) D:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{B2014831-F544-4EA3-9E92-10D8B0613239}] => (Allow) D:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{BDABF5B9-BE2B-4592-8372-553610D72982}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4A69B45A-53B7-4A97-A3B5-0132EA98268A}] => (Allow) D:\Skype\Phone\Skype.exe
FirewallRules: [{DC5ABA74-E951-4324-A19F-88822A3A35D2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

20-02-2017 19:46:26 Geplanter Prüfpunkt
24-02-2017 16:53:10 Windows Update
04-03-2017 13:05:27 Removed EndNote X8

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/09/2017 04:02:11 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/08/2017 11:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FileHippo.AppManager.exe, Version 2.0.0.392 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 169c

Startzeit: 01d2985a2f6bc2e1

Beendigungszeit: 6

Anwendungspfad: D:\FileHippo.com\FileHippo.AppManager.exe

Berichts-ID: 286b5e67-044e-11e7-9c93-08606ec1264e

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/08/2017 07:28:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "d:\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/08/2017 07:28:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSMediaInfoPDVD16.exe".
Die abhängige Assemblierung "CLMSMediaInfo.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/08/2017 07:28:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "d:\xmlbar\flv downloader\FLVDownloader(xmlbar).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/08/2017 07:28:01 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-4199837023-2687035150-3113593764-1001}/">.

Error: (03/08/2017 06:20:14 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/07/2017 07:50:19 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/06/2017 12:14:08 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/05/2017 12:22:05 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


Systemfehler:
=============
Error: (03/09/2017 03:52:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/09/2017 07:57:23 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/08/2017 11:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/08/2017 11:39:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/08/2017 11:39:40 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA LocalSystem Container" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (03/08/2017 11:39:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/08/2017 11:39:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrYNSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/08/2017 11:39:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/08/2017 11:39:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/08/2017 11:39:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ShadowExplorer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-12-06 11:11:22.214
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-12-06 11:11:20.004
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-28 01:04:22.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-28 01:03:41.966
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:51.234
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:47.720
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:42.608
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-06 19:09:28.918
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-06 19:09:25.934
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8139.25 MB
Verfügbarer physikalischer RAM: 4126.59 MB
Summe virtueller Speicher: 9419.25 MB
Verfügbarer virtueller Speicher: 4261.88 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.4 GB) (Free:139.1 GB) NTFS
Drive d: (Programme) (Fixed) (Total:29.3 GB) (Free:22.42 GB) NTFS
Drive e: (48G) (Fixed) (Total:1277.08 GB) (Free:221.81 GB) NTFS
Drive f: (Music) (Fixed) (Total:58.59 GB) (Free:17.59 GB) NTFS
Drive g: (Games) (Fixed) (Total:97.66 GB) (Free:14.88 GB) NTFS
Drive h: (Stuff) (Fixed) (Total:400.39 GB) (Free:207.62 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E0AFA54B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 64BFCCCC)
Partition 1: (Not Active) - (Size=1277.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=429.7 GB) - (Type=OF Extended)

==================== Ende von Addition.txt ============================
         


Alt 10.03.2017, 14:30   #6
M-K-D-B
/// TB-Ausbilder
 
AdChoices im Firefox - Standard

AdChoices im Firefox



bitte beachten:
Zitat:
Gestartet von H:\
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

Alt 10.03.2017, 19:51   #7
rka0
 
AdChoices im Firefox - Standard

AdChoices im Firefox



Code:
ATTFilter
19:49:14.0546 0x1fac  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
19:49:18.0095 0x1fac  ============================================================
19:49:18.0096 0x1fac  Current date / time: 2017/03/10 19:49:18.0095
19:49:18.0096 0x1fac  SystemInfo:
19:49:18.0096 0x1fac  
19:49:18.0096 0x1fac  OS Version: 10.0.14393 ServicePack: 0.0
19:49:18.0096 0x1fac  Product type: Workstation
19:49:18.0096 0x1fac  ComputerName: SCHWOBB
19:49:18.0096 0x1fac  UserName: xxx
19:49:18.0096 0x1fac  Windows directory: C:\WINDOWS
19:49:18.0096 0x1fac  System windows directory: C:\WINDOWS
19:49:18.0096 0x1fac  Running under WOW64
19:49:18.0096 0x1fac  Processor architecture: Intel x64
19:49:18.0096 0x1fac  Number of processors: 4
19:49:18.0096 0x1fac  Page size: 0x1000
19:49:18.0096 0x1fac  Boot type: Normal boot
19:49:18.0096 0x1fac  CodeIntegrityOptions = 0x00000001
19:49:18.0096 0x1fac  ============================================================
19:49:18.0178 0x1fac  KLMD registered as C:\WINDOWS\system32\drivers\17010005.sys
19:49:18.0179 0x1fac  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
19:49:18.0233 0x1fac  System UUID: {AAF3A55F-71B7-0C35-F451-C3191FC13C08}
19:49:18.0450 0x1fac  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:49:18.0450 0x1fac  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:49:18.0461 0x1fac  ============================================================
19:49:18.0461 0x1fac  \Device\Harddisk0\DR0:
19:49:18.0461 0x1fac  MBR partitions:
19:49:18.0461 0x1fac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
19:49:18.0461 0x1fac  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1D0CA800
19:49:18.0461 0x1fac  \Device\Harddisk1\DR1:
19:49:18.0461 0x1fac  MBR partitions:
19:49:18.0462 0x1fac  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9FA27800
19:49:18.0462 0x1fac  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x9FA28000, BlocksNum 0x7530000
19:49:18.0462 0x1fac  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xA6F58000, BlocksNum 0xC350000
19:49:18.0462 0x1fac  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0xB32A8800, BlocksNum 0x3A98000
19:49:18.0462 0x1fac  \Device\Harddisk1\DR1\Partition5: MBR, Type 0x7, StartLBA 0xB6D41000, BlocksNum 0x320C7000
19:49:18.0462 0x1fac  ============================================================
19:49:18.0463 0x1fac  C: <-> \Device\Harddisk0\DR0\Partition2
19:49:18.0511 0x1fac  E: <-> \Device\Harddisk1\DR1\Partition1
19:49:18.0532 0x1fac  F: <-> \Device\Harddisk1\DR1\Partition2
19:49:18.0550 0x1fac  G: <-> \Device\Harddisk1\DR1\Partition3
19:49:18.0559 0x1fac  D: <-> \Device\Harddisk1\DR1\Partition4
19:49:18.0565 0x1fac  H: <-> \Device\Harddisk1\DR1\Partition5
19:49:18.0566 0x1fac  ============================================================
19:49:18.0566 0x1fac  Initialize success
19:49:18.0566 0x1fac  ============================================================
19:49:19.0805 0x267c  ============================================================
19:49:19.0805 0x267c  Scan started
19:49:19.0805 0x267c  Mode: Manual; 
19:49:19.0805 0x267c  ============================================================
19:49:19.0805 0x267c  KSN ping started
19:49:19.0860 0x267c  KSN ping finished: true
19:49:20.0429 0x267c  ================ Scan system memory ========================
19:49:20.0429 0x267c  System memory - ok
19:49:20.0429 0x267c  ================ Scan services =============================
19:49:20.0459 0x267c  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
19:49:20.0462 0x267c  1394ohci - ok
19:49:20.0469 0x267c  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
19:49:20.0471 0x267c  3ware - ok
19:49:20.0484 0x267c  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
19:49:20.0493 0x267c  ACPI - ok
19:49:20.0496 0x267c  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
19:49:20.0497 0x267c  AcpiDev - ok
19:49:20.0501 0x267c  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
19:49:20.0502 0x267c  acpiex - ok
19:49:20.0505 0x267c  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
19:49:20.0506 0x267c  acpipagr - ok
19:49:20.0509 0x267c  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
19:49:20.0509 0x267c  AcpiPmi - ok
19:49:20.0512 0x267c  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
19:49:20.0512 0x267c  acpitime - ok
19:49:20.0531 0x267c  [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:49:20.0534 0x267c  AdobeFlashPlayerUpdateSvc - ok
19:49:20.0556 0x267c  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:49:20.0571 0x267c  ADP80XX - ok
19:49:20.0584 0x267c  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
19:49:20.0591 0x267c  AFD - ok
19:49:20.0598 0x267c  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:49:20.0601 0x267c  ahcache - ok
19:49:20.0604 0x267c  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
19:49:20.0605 0x267c  AJRouter - ok
19:49:20.0609 0x267c  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
19:49:20.0610 0x267c  ALG - ok
19:49:20.0620 0x267c  [ 23CB92EE5654BA92619D796E3AC7DB86, DD4536B55F021990DDAD8864F9BAECCDE40B2B532F6FB0D6CF9EB1A6B112A983 ] ALSysIO         C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys
19:49:20.0621 0x267c  ALSysIO - ok
19:49:20.0625 0x267c  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
19:49:20.0627 0x267c  AmdK8 - ok
19:49:20.0631 0x267c  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
19:49:20.0633 0x267c  AmdPPM - ok
19:49:20.0636 0x267c  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
19:49:20.0638 0x267c  amdsata - ok
19:49:20.0644 0x267c  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
19:49:20.0648 0x267c  amdsbs - ok
19:49:20.0651 0x267c  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
19:49:20.0652 0x267c  amdxata - ok
19:49:20.0673 0x267c  [ 42A60840C182E9CFCD4E5EF950303512, E7C3D9888529156D9FB03BC51B170AC027ABA6E7B1ED69FA29944546A202907A ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
19:49:20.0686 0x267c  AntiVirMailService - ok
19:49:20.0696 0x267c  [ 58FD213E044D88825E411A1A0A6AEE64, 870591B7995874215C70218F460C1761564533D75BD4855ACB071F9425AAAB77 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
19:49:20.0701 0x267c  AntiVirSchedulerService - ok
19:49:20.0712 0x267c  [ 58FD213E044D88825E411A1A0A6AEE64, 870591B7995874215C70218F460C1761564533D75BD4855ACB071F9425AAAB77 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
19:49:20.0717 0x267c  AntiVirService - ok
19:49:20.0741 0x267c  [ 4C1B4579EF9D12C88132367333F8F794, 2193359E04F5313BFB7E5FE9AF6D7FBCFFF2CEBCC217F29817F9D450C91160DD ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
19:49:20.0758 0x267c  AntiVirWebService - ok
19:49:20.0764 0x267c  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
19:49:20.0766 0x267c  AppID - ok
19:49:20.0771 0x267c  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
19:49:20.0772 0x267c  AppIDSvc - ok
19:49:20.0776 0x267c  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
19:49:20.0778 0x267c  Appinfo - ok
19:49:20.0781 0x267c  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
19:49:20.0781 0x267c  applockerfltr - ok
19:49:20.0787 0x267c  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
19:49:20.0789 0x267c  AppMgmt - ok
19:49:20.0801 0x267c  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
19:49:20.0808 0x267c  AppReadiness - ok
19:49:20.0823 0x267c  [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
19:49:20.0833 0x267c  AppVClient - ok
19:49:20.0838 0x267c  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
19:49:20.0840 0x267c  AppvStrm - ok
19:49:20.0846 0x267c  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
19:49:20.0848 0x267c  AppvVemgr - ok
19:49:20.0853 0x267c  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
19:49:20.0855 0x267c  AppvVfs - ok
19:49:20.0890 0x267c  [ D70B1453ADA82A92E76EAE72D936A0F6, 439DBC5818025887343D4B5B509C7D2C97ED0FFA4641A5178EA5719C50E5013F ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
19:49:20.0918 0x267c  AppXSvc - ok
19:49:20.0925 0x267c  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
19:49:20.0927 0x267c  arcsas - ok
19:49:20.0930 0x267c  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
19:49:20.0931 0x267c  AsyncMac - ok
19:49:20.0934 0x267c  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
19:49:20.0934 0x267c  atapi - ok
19:49:20.0941 0x267c  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:49:20.0946 0x267c  AudioEndpointBuilder - ok
19:49:20.0962 0x267c  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
19:49:20.0974 0x267c  Audiosrv - ok
19:49:20.0979 0x267c  [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:49:20.0981 0x267c  avgntflt - ok
19:49:20.0986 0x267c  [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:49:20.0988 0x267c  avipbb - ok
19:49:20.0996 0x267c  [ 2AEE4D1D7E668F1CCF97EDE93509B0EE, B082B3BBB27D3C8B26A754508C3B98BA803FEA707898FF18A120D6A2679098DF ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
19:49:21.0001 0x267c  Avira.ServiceHost - ok
19:49:21.0005 0x267c  [ 8D2830B4A88B957890AC292686140E2D, 5B645D67EC327E074C0A01B2CDF2FDBF376B6F869E2724F2699A7DEF4AA366D2 ] AviraUpdaterService C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
19:49:21.0006 0x267c  AviraUpdaterService - ok
19:49:21.0009 0x267c  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:49:21.0009 0x267c  avkmgr - ok
19:49:21.0013 0x267c  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
19:49:21.0014 0x267c  avnetflt - ok
19:49:21.0018 0x267c  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
19:49:21.0020 0x267c  AxInstSV - ok
19:49:21.0030 0x267c  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
19:49:21.0037 0x267c  b06bdrv - ok
19:49:21.0042 0x267c  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:49:21.0043 0x267c  BasicDisplay - ok
19:49:21.0046 0x267c  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
19:49:21.0046 0x267c  BasicRender - ok
19:49:21.0050 0x267c  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
19:49:21.0050 0x267c  bcmfn - ok
19:49:21.0053 0x267c  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
19:49:21.0053 0x267c  bcmfn2 - ok
19:49:21.0061 0x267c  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
19:49:21.0065 0x267c  BDESVC - ok
19:49:21.0068 0x267c  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:49:21.0069 0x267c  Beep - ok
19:49:21.0082 0x267c  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
19:49:21.0092 0x267c  BFE - ok
19:49:21.0111 0x267c  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
19:49:21.0126 0x267c  BITS - ok
19:49:21.0130 0x267c  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
19:49:21.0132 0x267c  bowser - ok
19:49:21.0146 0x267c  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:49:21.0156 0x267c  BrokerInfrastructure - ok
19:49:21.0162 0x267c  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
19:49:21.0164 0x267c  Browser - ok
19:49:21.0170 0x267c  [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
19:49:21.0174 0x267c  BrYNSvc - ok
19:49:21.0177 0x267c  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:49:21.0178 0x267c  BthAvrcpTg - ok
19:49:21.0181 0x267c  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
19:49:21.0182 0x267c  BthHFEnum - ok
19:49:21.0185 0x267c  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
19:49:21.0185 0x267c  bthhfhid - ok
19:49:21.0192 0x267c  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
19:49:21.0196 0x267c  BthHFSrv - ok
19:49:21.0200 0x267c  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
19:49:21.0201 0x267c  BTHMODEM - ok
19:49:21.0207 0x267c  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
19:49:21.0209 0x267c  bthserv - ok
19:49:21.0212 0x267c  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:49:21.0213 0x267c  buttonconverter - ok
19:49:21.0217 0x267c  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
19:49:21.0219 0x267c  CapImg - ok
19:49:21.0222 0x267c  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:49:21.0224 0x267c  cdfs - ok
19:49:21.0232 0x267c  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
19:49:21.0237 0x267c  CDPSvc - ok
19:49:21.0245 0x267c  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
19:49:21.0250 0x267c  CDPUserSvc - ok
19:49:21.0256 0x267c  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
19:49:21.0258 0x267c  cdrom - ok
19:49:21.0263 0x267c  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
19:49:21.0266 0x267c  CertPropSvc - ok
19:49:21.0273 0x267c  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
19:49:21.0278 0x267c  cht4iscsi - ok
19:49:21.0310 0x267c  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
19:49:21.0336 0x267c  cht4vbd - ok
19:49:21.0341 0x267c  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
19:49:21.0341 0x267c  circlass - ok
19:49:21.0349 0x267c  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
19:49:21.0353 0x267c  CLFS - ok
19:49:21.0367 0x267c  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
19:49:21.0377 0x267c  ClipSVC - ok
19:49:21.0381 0x267c  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
19:49:21.0382 0x267c  clreg - ok
19:49:21.0388 0x267c  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
19:49:21.0389 0x267c  CmBatt - ok
19:49:21.0400 0x267c  [ 90C07EB909C42316982E753BDAA7860D, 438581FD3468FAF01D35529672201A920E8821EC80E30E59A43645DA57738F21 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
19:49:21.0408 0x267c  CNG - ok
19:49:21.0411 0x267c  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:49:21.0412 0x267c  cnghwassist - ok
19:49:21.0422 0x267c  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
19:49:21.0422 0x267c  CompositeBus - ok
19:49:21.0425 0x267c  COMSysApp - ok
19:49:21.0428 0x267c  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
19:49:21.0429 0x267c  condrv - ok
19:49:21.0444 0x267c  [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:49:21.0454 0x267c  CoreMessagingRegistrar - ok
19:49:21.0460 0x267c  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
19:49:21.0461 0x267c  CryptSvc - ok
19:49:21.0472 0x267c  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
19:49:21.0478 0x267c  CSC - ok
19:49:21.0491 0x267c  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
19:49:21.0501 0x267c  CscService - ok
19:49:21.0511 0x267c  [ 51D43B57EA8EFFE5CB1E27E01C100A2F, 68995F291422F2C5A2C9C4C673272754E3AC49ED53D6197675EB9E19028163C5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
19:49:21.0516 0x267c  CTAudSvcService - ok
19:49:21.0534 0x267c  [ FD70A153B4C0BE67743A1BD0574EC120, B0419E6981B7472A25C8EE5825248365BAF44B64DC3D620AB0EC92832F059FF6 ] cthda           C:\WINDOWS\system32\drivers\cthda.sys
19:49:21.0548 0x267c  cthda - ok
19:49:21.0561 0x267c  [ BB776BDDBA1EB56C02FB9BDFE8256288, 0597506CF23EE141264849801404A242B8A644AAF084B6FE095A5B9EF06A8A2E ] CtHdaSvc        C:\WINDOWS\sysWow64\CtHdaSvc.exe
19:49:21.0562 0x267c  CtHdaSvc - ok
19:49:21.0566 0x267c  [ 111C2183E72B0018D7F57AF31E7499DB, 2CD6E0FFC1CD210B45FC51EB7CEB0B336CDD9B910651B3551247E5116F019846 ] cthdb           C:\WINDOWS\system32\DRIVERS\cthdb.sys
19:49:21.0566 0x267c  cthdb - ok
19:49:21.0570 0x267c  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\WINDOWS\system32\drivers\dam.sys
19:49:21.0571 0x267c  dam - ok
19:49:21.0575 0x267c  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:49:21.0577 0x267c  dbupdate - ok
19:49:21.0581 0x267c  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:49:21.0583 0x267c  dbupdatem - ok
19:49:21.0585 0x267c  dbx - ok
19:49:21.0588 0x267c  [ 5B7A202DECF962A6C9A2E759551BF05E, 6BA11F7728C0A13EA4B6EF478584AE0117BA5909346FF6FE20308674F34701D7 ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
19:49:21.0589 0x267c  DbxSvc - ok
19:49:21.0605 0x267c  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:49:21.0618 0x267c  DcomLaunch - ok
19:49:21.0624 0x267c  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
19:49:21.0626 0x267c  DcpSvc - ok
19:49:21.0636 0x267c  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
19:49:21.0643 0x267c  defragsvc - ok
19:49:21.0653 0x267c  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:49:21.0659 0x267c  DeviceAssociationService - ok
19:49:21.0663 0x267c  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
19:49:21.0665 0x267c  DeviceInstall - ok
19:49:21.0668 0x267c  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
19:49:21.0669 0x267c  DevQueryBroker - ok
19:49:21.0674 0x267c  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
19:49:21.0676 0x267c  Dfsc - ok
19:49:21.0680 0x267c  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
19:49:21.0682 0x267c  dg_ssudbus - ok
19:49:21.0690 0x267c  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
19:49:21.0695 0x267c  Dhcp - ok
19:49:21.0699 0x267c  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:49:21.0700 0x267c  diagnosticshub.standardcollector.service - ok
19:49:21.0730 0x267c  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
19:49:21.0756 0x267c  DiagTrack - ok
19:49:21.0767 0x267c  [ CF7302680AD66C5BF84E2F5CBDE8731F, 88C31F08F9EFF7809397820ED09AC14E76C3015C6D0EFB71B5B30133B3EB4AEA ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
19:49:21.0772 0x267c  DigitalWave.Update.Service - ok
19:49:21.0777 0x267c  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
19:49:21.0778 0x267c  disk - ok
19:49:21.0787 0x267c  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:49:21.0793 0x267c  DmEnrollmentSvc - ok
19:49:21.0797 0x267c  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
19:49:21.0797 0x267c  dmvsc - ok
19:49:21.0800 0x267c  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:49:21.0802 0x267c  dmwappushservice - ok
19:49:21.0808 0x267c  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:49:21.0811 0x267c  Dnscache - ok
19:49:21.0818 0x267c  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:49:21.0821 0x267c  dot3svc - ok
19:49:21.0826 0x267c  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
19:49:21.0829 0x267c  DPS - ok
19:49:21.0832 0x267c  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
19:49:21.0832 0x267c  drmkaud - ok
19:49:21.0838 0x267c  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
19:49:21.0840 0x267c  DsmSvc - ok
19:49:21.0845 0x267c  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
19:49:21.0847 0x267c  DsSvc - ok
19:49:21.0882 0x267c  [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:49:21.0911 0x267c  DXGKrnl - ok
19:49:21.0917 0x267c  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
19:49:21.0918 0x267c  EapHost - ok
19:49:21.0968 0x267c  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
19:49:22.0012 0x267c  ebdrv - ok
19:49:22.0018 0x267c  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
19:49:22.0020 0x267c  EFS - ok
19:49:22.0023 0x267c  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
19:49:22.0024 0x267c  EhStorClass - ok
19:49:22.0028 0x267c  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:49:22.0030 0x267c  EhStorTcgDrv - ok
19:49:22.0033 0x267c  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
19:49:22.0034 0x267c  ElbyCDIO - ok
19:49:22.0038 0x267c  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
19:49:22.0040 0x267c  embeddedmode - ok
19:49:22.0047 0x267c  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:49:22.0051 0x267c  EntAppSvc - ok
19:49:22.0053 0x267c  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
19:49:22.0054 0x267c  ErrDev - ok
19:49:22.0065 0x267c  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
19:49:22.0071 0x267c  EventSystem - ok
19:49:22.0078 0x267c  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
19:49:22.0082 0x267c  exfat - ok
19:49:22.0090 0x267c  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
19:49:22.0095 0x267c  fastfat - ok
19:49:22.0107 0x267c  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:49:22.0115 0x267c  Fax - ok
19:49:22.0119 0x267c  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
19:49:22.0119 0x267c  fdc - ok
19:49:22.0122 0x267c  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
19:49:22.0123 0x267c  fdPHost - ok
19:49:22.0126 0x267c  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
19:49:22.0127 0x267c  FDResPub - ok
19:49:22.0131 0x267c  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
19:49:22.0133 0x267c  fhsvc - ok
19:49:22.0136 0x267c  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
19:49:22.0137 0x267c  FileCrypt - ok
19:49:22.0141 0x267c  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
19:49:22.0142 0x267c  FileInfo - ok
19:49:22.0147 0x267c  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
19:49:22.0148 0x267c  Filetrace - ok
19:49:22.0151 0x267c  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
19:49:22.0151 0x267c  flpydisk - ok
19:49:22.0159 0x267c  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:49:22.0163 0x267c  FltMgr - ok
19:49:22.0192 0x267c  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\WINDOWS\system32\FntCache.dll
19:49:22.0215 0x267c  FontCache - ok
19:49:22.0220 0x267c  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:49:22.0221 0x267c  FontCache3.0.0.0 - ok
19:49:22.0235 0x267c  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
19:49:22.0246 0x267c  FrameServer - ok
19:49:22.0250 0x267c  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
19:49:22.0251 0x267c  FsDepends - ok
19:49:22.0254 0x267c  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:49:22.0255 0x267c  Fs_Rec - ok
19:49:22.0267 0x267c  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:49:22.0275 0x267c  fvevol - ok
19:49:22.0278 0x267c  [ 4D9C8E6F3D39282EDAD1584AADB1A535, CB9612B215FB78C3DA3EAE74510C6ED6B3BAB95470E181B72C0230F8367313E8 ] GamingApp_Service C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
19:49:22.0279 0x267c  GamingApp_Service - ok
19:49:22.0281 0x267c  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
19:49:22.0282 0x267c  gencounter - ok
19:49:22.0284 0x267c  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
19:49:22.0285 0x267c  genericusbfn - ok
19:49:22.0290 0x267c  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:49:22.0292 0x267c  GPIOClx0101 - ok
19:49:22.0313 0x267c  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
19:49:22.0330 0x267c  gpsvc - ok
19:49:22.0340 0x267c  [ 96E7F6770E12DD05A8ECF7B5D5DCD2FD, F9418B5E90A235339A4A1A889490FACA39CD117A51BA4446DAA1011DA06C7ECD ] GPU-Z           C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys
19:49:22.0341 0x267c  GPU-Z - ok
19:49:22.0343 0x267c  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:49:22.0344 0x267c  GpuEnergyDrv - ok
19:49:22.0348 0x267c  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:49:22.0350 0x267c  gupdate - ok
19:49:22.0354 0x267c  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:49:22.0356 0x267c  gupdatem - ok
19:49:22.0359 0x267c  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
19:49:22.0360 0x267c  HDAudBus - ok
19:49:22.0363 0x267c  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
19:49:22.0364 0x267c  HidBatt - ok
19:49:22.0368 0x267c  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
19:49:22.0369 0x267c  HidBth - ok
19:49:22.0372 0x267c  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
19:49:22.0373 0x267c  hidi2c - ok
19:49:22.0376 0x267c  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:49:22.0377 0x267c  hidinterrupt - ok
19:49:22.0380 0x267c  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
19:49:22.0381 0x267c  HidIr - ok
19:49:22.0384 0x267c  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
19:49:22.0385 0x267c  hidserv - ok
19:49:22.0388 0x267c  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
19:49:22.0389 0x267c  HidUsb - ok
19:49:22.0395 0x267c  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:49:22.0400 0x267c  HomeGroupListener - ok
19:49:22.0408 0x267c  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:49:22.0416 0x267c  HomeGroupProvider - ok
19:49:22.0420 0x267c  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
19:49:22.0421 0x267c  HpSAMD - ok
19:49:22.0440 0x267c  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
19:49:22.0453 0x267c  HTTP - ok
19:49:22.0458 0x267c  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
19:49:22.0459 0x267c  HvHost - ok
19:49:22.0462 0x267c  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
19:49:22.0463 0x267c  hvservice - ok
19:49:22.0467 0x267c  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
19:49:22.0467 0x267c  hwpolicy - ok
19:49:22.0470 0x267c  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
19:49:22.0471 0x267c  hyperkbd - ok
19:49:22.0477 0x267c  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
19:49:22.0478 0x267c  i8042prt - ok
19:49:22.0481 0x267c  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
19:49:22.0482 0x267c  iagpio - ok
19:49:22.0485 0x267c  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
19:49:22.0486 0x267c  iai2c - ok
19:49:22.0489 0x267c  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
19:49:22.0490 0x267c  iaLPSS2i_GPIO2 - ok
19:49:22.0495 0x267c  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
19:49:22.0497 0x267c  iaLPSS2i_I2C - ok
19:49:22.0500 0x267c  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:49:22.0501 0x267c  iaLPSSi_GPIO - ok
19:49:22.0505 0x267c  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:49:22.0506 0x267c  iaLPSSi_I2C - ok
19:49:22.0518 0x267c  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
19:49:22.0527 0x267c  iaStorAV - ok
19:49:22.0535 0x267c  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
19:49:22.0540 0x267c  iaStorV - ok
19:49:22.0551 0x267c  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
19:49:22.0558 0x267c  ibbus - ok
19:49:22.0563 0x267c  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
19:49:22.0567 0x267c  icssvc - ok
19:49:22.0583 0x267c  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
19:49:22.0595 0x267c  IKEEXT - ok
19:49:22.0598 0x267c  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
19:49:22.0599 0x267c  IndirectKmd - ok
19:49:22.0603 0x267c  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
19:49:22.0603 0x267c  intelide - ok
19:49:22.0606 0x267c  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
19:49:22.0607 0x267c  intelpep - ok
19:49:22.0611 0x267c  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
19:49:22.0613 0x267c  intelppm - ok
19:49:22.0616 0x267c  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
19:49:22.0617 0x267c  iorate - ok
19:49:22.0620 0x267c  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:49:22.0622 0x267c  IpFilterDriver - ok
19:49:22.0638 0x267c  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
19:49:22.0650 0x267c  iphlpsvc - ok
19:49:22.0654 0x267c  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:49:22.0656 0x267c  IPMIDRV - ok
19:49:22.0662 0x267c  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
19:49:22.0664 0x267c  IPNAT - ok
19:49:22.0668 0x267c  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
19:49:22.0670 0x267c  irda - ok
19:49:22.0673 0x267c  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
19:49:22.0673 0x267c  IRENUM - ok
19:49:22.0676 0x267c  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
19:49:22.0677 0x267c  irmon - ok
19:49:22.0680 0x267c  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
19:49:22.0680 0x267c  isapnp - ok
19:49:22.0686 0x267c  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
19:49:22.0691 0x267c  iScsiPrt - ok
19:49:22.0694 0x267c  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
19:49:22.0695 0x267c  kbdclass - ok
19:49:22.0698 0x267c  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
19:49:22.0699 0x267c  kbdhid - ok
19:49:22.0701 0x267c  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
19:49:22.0702 0x267c  kdnic - ok
19:49:22.0705 0x267c  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
19:49:22.0706 0x267c  KeyIso - ok
19:49:22.0710 0x267c  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
19:49:22.0712 0x267c  KSecDD - ok
19:49:22.0717 0x267c  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:49:22.0720 0x267c  KSecPkg - ok
19:49:22.0722 0x267c  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
19:49:22.0723 0x267c  ksthunk - ok
19:49:22.0730 0x267c  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
19:49:22.0736 0x267c  KtmRm - ok
19:49:22.0743 0x267c  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
19:49:22.0748 0x267c  LanmanServer - ok
19:49:22.0754 0x267c  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:49:22.0759 0x267c  LanmanWorkstation - ok
19:49:22.0763 0x267c  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
19:49:22.0765 0x267c  lfsvc - ok
19:49:22.0767 0x267c  [ A6F294B38F3DFB67D6B6E1D1E60A402A, 11C51B35DB2A3510258F3B722C12326BF068360CFA1E81FF552BA0BD19DE38E8 ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
19:49:22.0768 0x267c  LGBusEnum - ok
19:49:22.0772 0x267c  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
19:49:22.0772 0x267c  LGCoreTemp - ok
19:49:22.0775 0x267c  [ C582EBCB331D4D45F4956ACF3D82F674, 154E889036E825FA8EE9D45262AFCEE15ADB07459AAAA7B68F97DEB727B1859E ] LGJoyHidFilter  C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys
19:49:22.0776 0x267c  LGJoyHidFilter - ok
19:49:22.0779 0x267c  [ 2A9F60E6531F42B31874618743037719, BFD61AD03ADEF69421ECB07820EDB79D425048EC01A65A0D1E8A4527699196DC ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
19:49:22.0780 0x267c  LGJoyXlCore - ok
19:49:22.0783 0x267c  [ FA59A7421049F5852C1182345A4B8C4F, 6E7DFBF8382187E01CA0AE9CB7A175B563DA6807909A8A7E67779C045F290A06 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
19:49:22.0784 0x267c  LGVirHid - ok
19:49:22.0786 0x267c  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
19:49:22.0788 0x267c  LicenseManager - ok
19:49:22.0791 0x267c  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
19:49:22.0792 0x267c  lltdio - ok
19:49:22.0798 0x267c  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
19:49:22.0803 0x267c  lltdsvc - ok
19:49:22.0805 0x267c  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
19:49:22.0806 0x267c  lmhosts - ok
19:49:22.0811 0x267c  [ AFAF34BF6BD10379FF13BFA086EFF857, E22E114E97EA65B80D6A9252C71E4C016A0B80B82C64426B679773305EFE8C88 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
19:49:22.0813 0x267c  LogiRegistryService - ok
19:49:22.0818 0x267c  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
19:49:22.0820 0x267c  LSI_SAS - ok
19:49:22.0824 0x267c  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:49:22.0825 0x267c  LSI_SAS2i - ok
19:49:22.0829 0x267c  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:49:22.0831 0x267c  LSI_SAS3i - ok
19:49:22.0834 0x267c  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
19:49:22.0835 0x267c  LSI_SSS - ok
19:49:22.0848 0x267c  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\WINDOWS\System32\lsm.dll
19:49:22.0858 0x267c  LSM - ok
19:49:22.0863 0x267c  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
19:49:22.0864 0x267c  luafv - ok
19:49:22.0868 0x267c  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\WINDOWS\System32\moshost.dll
19:49:22.0870 0x267c  MapsBroker - ok
19:49:22.0873 0x267c  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
19:49:22.0874 0x267c  megasas - ok
19:49:22.0877 0x267c  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
19:49:22.0878 0x267c  megasas2i - ok
19:49:22.0890 0x267c  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
19:49:22.0897 0x267c  megasr - ok
19:49:22.0902 0x267c  [ E7C9F74D8CAAB1FF7964C27C070FB16C, 76CCD9109E1031A336B7E275368520FFB60D500E24444B04066F205D1ED5BA2B ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
19:49:22.0905 0x267c  MEIx64 - ok
19:49:22.0908 0x267c  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
19:49:22.0910 0x267c  MessagingService - ok
19:49:22.0925 0x267c  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:49:22.0936 0x267c  mlx4_bus - ok
19:49:22.0940 0x267c  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
19:49:22.0941 0x267c  MMCSS - ok
19:49:22.0945 0x267c  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\WINDOWS\system32\drivers\modem.sys
19:49:22.0946 0x267c  Modem - ok
19:49:22.0948 0x267c  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
19:49:22.0949 0x267c  monitor - ok
19:49:22.0952 0x267c  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
19:49:22.0953 0x267c  mouclass - ok
19:49:22.0956 0x267c  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
19:49:22.0957 0x267c  mouhid - ok
19:49:22.0960 0x267c  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
19:49:22.0962 0x267c  mountmgr - ok
19:49:22.0965 0x267c  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
19:49:22.0966 0x267c  mpsdrv - ok
19:49:22.0981 0x267c  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
19:49:22.0993 0x267c  MpsSvc - ok
19:49:22.0998 0x267c  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
19:49:23.0000 0x267c  MRxDAV - ok
19:49:23.0009 0x267c  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:49:23.0015 0x267c  mrxsmb - ok
19:49:23.0021 0x267c  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:49:23.0025 0x267c  mrxsmb10 - ok
19:49:23.0030 0x267c  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:49:23.0034 0x267c  mrxsmb20 - ok
19:49:23.0037 0x267c  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
19:49:23.0039 0x267c  MsBridge - ok
19:49:23.0043 0x267c  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
19:49:23.0046 0x267c  MSDTC - ok
19:49:23.0051 0x267c  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:49:23.0052 0x267c  Msfs - ok
19:49:23.0055 0x267c  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:49:23.0056 0x267c  msgpiowin32 - ok
19:49:23.0058 0x267c  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:49:23.0059 0x267c  mshidkmdf - ok
19:49:23.0061 0x267c  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
19:49:23.0061 0x267c  mshidumdf - ok
19:49:23.0064 0x267c  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
19:49:23.0065 0x267c  msisadrv - ok
19:49:23.0069 0x267c  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
19:49:23.0072 0x267c  MSiSCSI - ok
19:49:23.0075 0x267c  msiserver - ok
19:49:23.0077 0x267c  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
19:49:23.0078 0x267c  MSKSSRV - ok
19:49:23.0081 0x267c  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
19:49:23.0083 0x267c  MsLldp - ok
19:49:23.0085 0x267c  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
19:49:23.0086 0x267c  MSPCLOCK - ok
19:49:23.0088 0x267c  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
19:49:23.0088 0x267c  MSPQM - ok
19:49:23.0096 0x267c  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
19:49:23.0101 0x267c  MsRPC - ok
19:49:23.0108 0x267c  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
19:49:23.0111 0x267c  MsSecFlt - ok
19:49:23.0114 0x267c  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
19:49:23.0115 0x267c  mssmbios - ok
19:49:23.0117 0x267c  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
19:49:23.0117 0x267c  MSTEE - ok
19:49:23.0120 0x267c  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
19:49:23.0120 0x267c  MTConfig - ok
19:49:23.0125 0x267c  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
19:49:23.0126 0x267c  Mup - ok
19:49:23.0130 0x267c  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
19:49:23.0131 0x267c  mvumis - ok
19:49:23.0142 0x267c  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:49:23.0149 0x267c  NativeWifiP - ok
19:49:23.0154 0x267c  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
19:49:23.0157 0x267c  NcaSvc - ok
19:49:23.0164 0x267c  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
19:49:23.0169 0x267c  NcbService - ok
19:49:23.0173 0x267c  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
19:49:23.0175 0x267c  NcdAutoSetup - ok
19:49:23.0179 0x267c  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
19:49:23.0181 0x267c  ndfltr - ok
19:49:23.0201 0x267c  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
19:49:23.0216 0x267c  NDIS - ok
19:49:23.0220 0x267c  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
19:49:23.0221 0x267c  NdisCap - ok
19:49:23.0224 0x267c  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:49:23.0226 0x267c  NdisImPlatform - ok
19:49:23.0229 0x267c  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:49:23.0230 0x267c  NdisTapi - ok
19:49:23.0235 0x267c  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
19:49:23.0236 0x267c  Ndisuio - ok
19:49:23.0238 0x267c  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:49:23.0239 0x267c  NdisVirtualBus - ok
19:49:23.0245 0x267c  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
19:49:23.0247 0x267c  NdisWan - ok
19:49:23.0253 0x267c  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:49:23.0255 0x267c  ndiswanlegacy - ok
19:49:23.0259 0x267c  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:49:23.0260 0x267c  ndproxy - ok
19:49:23.0264 0x267c  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
19:49:23.0265 0x267c  Ndu - ok
19:49:23.0268 0x267c  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
19:49:23.0269 0x267c  NetAdapterCx - ok
19:49:23.0272 0x267c  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
19:49:23.0273 0x267c  NetBIOS - ok
19:49:23.0281 0x267c  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:49:23.0285 0x267c  NetBT - ok
19:49:23.0288 0x267c  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:49:23.0289 0x267c  Netlogon - ok
19:49:23.0295 0x267c  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
19:49:23.0299 0x267c  Netman - ok
19:49:23.0309 0x267c  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
19:49:23.0316 0x267c  netprofm - ok
19:49:23.0323 0x267c  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
19:49:23.0327 0x267c  NetSetupSvc - ok
19:49:23.0332 0x267c  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:49:23.0334 0x267c  NetTcpPortSharing - ok
19:49:23.0343 0x267c  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
19:49:23.0347 0x267c  NgcCtnrSvc - ok
19:49:23.0364 0x267c  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
19:49:23.0377 0x267c  NgcSvc - ok
19:49:23.0385 0x267c  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
19:49:23.0391 0x267c  NlaSvc - ok
19:49:23.0394 0x267c  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:49:23.0396 0x267c  Npfs - ok
19:49:23.0399 0x267c  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
19:49:23.0399 0x267c  npsvctrig - ok
19:49:23.0402 0x267c  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
19:49:23.0404 0x267c  nsi - ok
19:49:23.0406 0x267c  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
19:49:23.0407 0x267c  nsiproxy - ok
19:49:23.0442 0x267c  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
19:49:23.0471 0x267c  NTFS - ok
19:49:23.0475 0x267c  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:49:23.0476 0x267c  Null - ok
19:49:23.0484 0x267c  [ 62D705A1C4F8FBDD2941CCD2E9DEC206, 2E1F6127737D764AE6A35655C54ADE554333C3156CAA322C0FE5704A693A1BD7 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
19:49:23.0490 0x267c  NvContainerLocalSystem - ok
19:49:23.0499 0x267c  [ 62D705A1C4F8FBDD2941CCD2E9DEC206, 2E1F6127737D764AE6A35655C54ADE554333C3156CAA322C0FE5704A693A1BD7 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
19:49:23.0504 0x267c  NvContainerNetworkService - ok
19:49:23.0510 0x267c  [ 207A78939B7BBA0EFE8BFA947A35E71C, BB7DDFED575F81CAB958DDC7CFF2D798EB14DAE633F49FA2229D98BDC489C0EE ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
19:49:23.0513 0x267c  NVHDA - ok
19:49:23.0717 0x267c  [ 9337A5F17702A0FFE1E6C6978619B872, 8D4505BA62977BFE8C01F1ABD027AFBAEAA0D3EA6336865E46C28818471B196E ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys
19:49:23.0899 0x267c  nvlddmkm - ok
19:49:23.0915 0x267c  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
19:49:23.0916 0x267c  nvraid - ok
19:49:23.0921 0x267c  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
19:49:23.0923 0x267c  nvstor - ok
19:49:23.0926 0x267c  [ 6C672A80B4FBF160E2814EAE0AB3020B, FD5BDE067D29AA9FC20D7C571607D3AC351BFD65EF6E0C75374A2D9C0B17FED3 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:49:23.0927 0x267c  NvStreamKms - ok
19:49:23.0936 0x267c  [ 282423AA3B0648082647103A5C42B66C, 5C8DBE5A95C1232E7D0F84E6A8749550C0026F2139D136E94347C2FB2E772950 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
19:49:23.0941 0x267c  NvTelemetryContainer - ok
19:49:23.0945 0x267c  [ 54ABC4EA39DDE92977DCE644D325213A, D754E5D0418B3C48AD9988D1A2705975C78C8B87990E211651C388A76FB17E51 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
19:49:23.0946 0x267c  nvvad_WaveExtensible - ok
19:49:23.0949 0x267c  [ 61BD2E2560FD1C5E0A8B8738816A0B93, 1057A6C4F7D04E81BFFD5B806295B3A5D12DE4D13F66E8542426D83D97E68C97 ] nvvhci          C:\WINDOWS\System32\drivers\nvvhci.sys
19:49:23.0950 0x267c  nvvhci - ok
19:49:23.0957 0x267c  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
19:49:23.0962 0x267c  OneSyncSvc - ok
19:49:24.0020 0x267c  [ 7D331DD034C85FB18DDF028F744FA37B, BF6ADD7AF05732340831CA7DE766B5C93323A190107F7570E2130398846F4430 ] Origin Client Service G:\Origin\OriginClientService.exe
19:49:24.0049 0x267c  Origin Client Service - ok
19:49:24.0092 0x267c  [ 2B099DEBCFCBE33036406739F94C529C, DBBACA632F39530F81D3AC28A350CAE49972156149835197053B8D61E00D8CEA ] Origin Web Helper Service G:\Origin\OriginWebHelperService.exe
19:49:24.0119 0x267c  Origin Web Helper Service - ok
19:49:24.0127 0x267c  [ 58327B7E7C4E325C66B7C4A5220CE5F4, FF66411B23A195CA3C64F5409F2E2C6F88CB01034A4C9DDCA565DE0E144ABC13 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:49:24.0129 0x267c  ose64 - ok
19:49:24.0138 0x267c  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
19:49:24.0144 0x267c  p2pimsvc - ok
19:49:24.0153 0x267c  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
19:49:24.0159 0x267c  p2psvc - ok
19:49:24.0163 0x267c  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
19:49:24.0164 0x267c  Parport - ok
19:49:24.0168 0x267c  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
19:49:24.0170 0x267c  partmgr - ok
19:49:24.0180 0x267c  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
19:49:24.0187 0x267c  PcaSvc - ok
19:49:24.0194 0x267c  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci             C:\WINDOWS\system32\drivers\pci.sys
19:49:24.0198 0x267c  pci - ok
19:49:24.0201 0x267c  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
19:49:24.0202 0x267c  pciide - ok
19:49:24.0206 0x267c  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
19:49:24.0208 0x267c  pcmcia - ok
19:49:24.0211 0x267c  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
19:49:24.0212 0x267c  pcw - ok
19:49:24.0215 0x267c  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
19:49:24.0217 0x267c  pdc - ok
19:49:24.0224 0x267c  [ 1EAE050F8CDC82B12C9F8C58DFB7567A, DE5B4839FCFDD09CA33D8ACB97635D805FAFED33C7F6DD119AE4D5EC17733B62 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
19:49:24.0225 0x267c  PDFProFiltSrvPP - ok
19:49:24.0237 0x267c  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
19:49:24.0246 0x267c  PEAUTH - ok
19:49:24.0276 0x267c  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
19:49:24.0301 0x267c  PeerDistSvc - ok
19:49:24.0306 0x267c  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
19:49:24.0307 0x267c  percsas2i - ok
19:49:24.0310 0x267c  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
19:49:24.0311 0x267c  percsas3i - ok
19:49:24.0323 0x267c  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
19:49:24.0324 0x267c  PerfHost - ok
19:49:24.0342 0x267c  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
19:49:24.0353 0x267c  PhoneSvc - ok
19:49:24.0358 0x267c  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:49:24.0362 0x267c  PimIndexMaintenanceSvc - ok
19:49:24.0387 0x267c  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
19:49:24.0406 0x267c  pla - ok
19:49:24.0411 0x267c  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
19:49:24.0413 0x267c  PlugPlay - ok
19:49:24.0416 0x267c  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
19:49:24.0418 0x267c  PNRPAutoReg - ok
19:49:24.0426 0x267c  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
19:49:24.0431 0x267c  PNRPsvc - ok
19:49:24.0439 0x267c  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
19:49:24.0444 0x267c  PolicyAgent - ok
19:49:24.0450 0x267c  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
19:49:24.0453 0x267c  Power - ok
19:49:24.0457 0x267c  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
19:49:24.0458 0x267c  PptpMiniport - ok
19:49:24.0508 0x267c  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:49:24.0551 0x267c  PrintNotify - ok
19:49:24.0558 0x267c  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
19:49:24.0559 0x267c  Processor - ok
19:49:24.0566 0x267c  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
19:49:24.0572 0x267c  ProfSvc - ok
19:49:24.0576 0x267c  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
19:49:24.0578 0x267c  Psched - ok
19:49:24.0587 0x267c  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
19:49:24.0592 0x267c  QWAVE - ok
19:49:24.0596 0x267c  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
19:49:24.0596 0x267c  QWAVEdrv - ok
19:49:24.0599 0x267c  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:49:24.0600 0x267c  RasAcd - ok
19:49:24.0603 0x267c  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
19:49:24.0605 0x267c  RasAgileVpn - ok
19:49:24.0609 0x267c  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:49:24.0611 0x267c  RasAuto - ok
19:49:24.0615 0x267c  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
19:49:24.0616 0x267c  Rasl2tp - ok
19:49:24.0629 0x267c  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:49:24.0642 0x267c  RasMan - ok
19:49:24.0647 0x267c  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:49:24.0649 0x267c  RasPppoe - ok
19:49:24.0652 0x267c  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
19:49:24.0654 0x267c  RasSstp - ok
19:49:24.0663 0x267c  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:49:24.0668 0x267c  rdbss - ok
19:49:24.0672 0x267c  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
19:49:24.0672 0x267c  rdpbus - ok
19:49:24.0677 0x267c  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
19:49:24.0679 0x267c  RDPDR - ok
19:49:24.0685 0x267c  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:49:24.0685 0x267c  RdpVideoMiniport - ok
19:49:24.0692 0x267c  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
19:49:24.0695 0x267c  rdyboost - ok
19:49:24.0711 0x267c  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
19:49:24.0722 0x267c  ReFSv1 - ok
19:49:24.0734 0x267c  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:49:24.0741 0x267c  RemoteAccess - ok
19:49:24.0746 0x267c  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:49:24.0749 0x267c  RemoteRegistry - ok
19:49:24.0761 0x267c  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
19:49:24.0771 0x267c  RetailDemo - ok
19:49:24.0776 0x267c  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
19:49:24.0779 0x267c  RmSvc - ok
19:49:24.0783 0x267c  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
19:49:24.0785 0x267c  RpcEptMapper - ok
19:49:24.0787 0x267c  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:49:24.0788 0x267c  RpcLocator - ok
19:49:24.0803 0x267c  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
19:49:24.0814 0x267c  RpcSs - ok
19:49:24.0818 0x267c  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
19:49:24.0820 0x267c  rspndr - ok
19:49:24.0830 0x267c  [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
19:49:24.0838 0x267c  rt640x64 - ok
19:49:24.0841 0x267c  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
19:49:24.0841 0x267c  s3cap - ok
19:49:24.0846 0x267c  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:49:24.0847 0x267c  SamSs - ok
19:49:24.0851 0x267c  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
19:49:24.0853 0x267c  sbp2port - ok
19:49:24.0859 0x267c  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
19:49:24.0862 0x267c  SCardSvr - ok
19:49:24.0869 0x267c  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
19:49:24.0872 0x267c  ScDeviceEnum - ok
19:49:24.0877 0x267c  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:49:24.0878 0x267c  scfilter - ok
19:49:24.0895 0x267c  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:49:24.0907 0x267c  Schedule - ok
19:49:24.0911 0x267c  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
19:49:24.0913 0x267c  scmbus - ok
19:49:24.0917 0x267c  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
19:49:24.0918 0x267c  scmdisk0101 - ok
19:49:24.0924 0x267c  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
19:49:24.0926 0x267c  SCPolicySvc - ok
19:49:24.0933 0x267c  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
19:49:24.0936 0x267c  sdbus - ok
19:49:24.0941 0x267c  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
19:49:24.0944 0x267c  SDRSVC - ok
19:49:24.0948 0x267c  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
19:49:24.0949 0x267c  sdstor - ok
19:49:24.0952 0x267c  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
19:49:24.0954 0x267c  seclogon - ok
19:49:24.0957 0x267c  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
19:49:24.0959 0x267c  SENS - ok
19:49:24.0961 0x267c  Sense - ok
19:49:24.0984 0x267c  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:49:25.0001 0x267c  SensorDataService - ok
19:49:25.0011 0x267c  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
19:49:25.0017 0x267c  SensorService - ok
19:49:25.0022 0x267c  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
19:49:25.0025 0x267c  SensrSvc - ok
19:49:25.0029 0x267c  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
19:49:25.0030 0x267c  SerCx - ok
19:49:25.0035 0x267c  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
19:49:25.0037 0x267c  SerCx2 - ok
19:49:25.0039 0x267c  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
19:49:25.0040 0x267c  Serenum - ok
19:49:25.0043 0x267c  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
19:49:25.0044 0x267c  Serial - ok
19:49:25.0047 0x267c  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
19:49:25.0048 0x267c  sermouse - ok
19:49:25.0060 0x267c  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
19:49:25.0065 0x267c  SessionEnv - ok
19:49:25.0123 0x267c  [ 02DED435FCAA1C02959051AF636E154A, 055DBC64F697085820FC4872586E00E4F71B35AA43841F124CA577CF0B49E753 ] sesvc           D:\ShadowExplorer\sesvc.exe
19:49:25.0124 0x267c  sesvc - ok
19:49:25.0130 0x267c  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
19:49:25.0132 0x267c  sfloppy - ok
19:49:25.0152 0x267c  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:49:25.0168 0x267c  SharedAccess - ok
19:49:25.0184 0x267c  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:49:25.0194 0x267c  ShellHWDetection - ok
19:49:25.0200 0x267c  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
19:49:25.0204 0x267c  shpamsvc - ok
19:49:25.0207 0x267c  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:49:25.0208 0x267c  SiSRaid2 - ok
19:49:25.0212 0x267c  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
19:49:25.0214 0x267c  SiSRaid4 - ok
19:49:25.0223 0x267c  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     D:\Skype\Updater\Updater.exe
19:49:25.0228 0x267c  SkypeUpdate - ok
19:49:25.0231 0x267c  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
19:49:25.0233 0x267c  smphost - ok
19:49:25.0244 0x267c  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
19:49:25.0253 0x267c  SmsRouter - ok
19:49:25.0258 0x267c  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
19:49:25.0260 0x267c  SNMPTRAP - ok
19:49:25.0270 0x267c  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
19:49:25.0277 0x267c  spaceport - ok
19:49:25.0281 0x267c  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
19:49:25.0282 0x267c  SpbCx - ok
19:49:25.0298 0x267c  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\WINDOWS\System32\spoolsv.exe
19:49:25.0309 0x267c  Spooler - ok
19:49:25.0387 0x267c  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
19:49:25.0459 0x267c  sppsvc - ok
19:49:25.0471 0x267c  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:49:25.0476 0x267c  srv - ok
19:49:25.0489 0x267c  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
19:49:25.0497 0x267c  srv2 - ok
19:49:25.0504 0x267c  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:49:25.0507 0x267c  srvnet - ok
19:49:25.0512 0x267c  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:49:25.0516 0x267c  SSDPSRV - ok
19:49:25.0522 0x267c  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
19:49:25.0526 0x267c  SstpSvc - ok
19:49:25.0531 0x267c  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:49:25.0533 0x267c  ssudmdm - ok
19:49:25.0592 0x267c  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:49:25.0645 0x267c  StateRepository - ok
19:49:25.0671 0x267c  [ 596DC69BB40A96FCA4B19D9D1E221E34, 3469D3B2E9A88E39C14AE2E3DD5EC3D91FBB88CA568D794555B397B50E64AB15 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:49:25.0688 0x267c  Steam Client Service - ok
19:49:25.0692 0x267c  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
19:49:25.0692 0x267c  stexstor - ok
19:49:25.0704 0x267c  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
19:49:25.0713 0x267c  stisvc - ok
19:49:25.0718 0x267c  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
19:49:25.0719 0x267c  storahci - ok
19:49:25.0723 0x267c  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
19:49:25.0723 0x267c  storflt - ok
19:49:25.0727 0x267c  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
19:49:25.0728 0x267c  stornvme - ok
19:49:25.0732 0x267c  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
19:49:25.0733 0x267c  storqosflt - ok
19:49:25.0741 0x267c  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
19:49:25.0748 0x267c  StorSvc - ok
19:49:25.0751 0x267c  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
19:49:25.0751 0x267c  storufs - ok
19:49:25.0754 0x267c  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
19:49:25.0755 0x267c  storvsc - ok
19:49:25.0758 0x267c  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
19:49:25.0759 0x267c  svsvc - ok
19:49:25.0762 0x267c  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
19:49:25.0762 0x267c  swenum - ok
19:49:25.0771 0x267c  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
19:49:25.0779 0x267c  swprv - ok
19:49:25.0783 0x267c  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:49:25.0784 0x267c  Synth3dVsc - ok
19:49:25.0800 0x267c  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
19:49:25.0813 0x267c  SysMain - ok
19:49:25.0822 0x267c  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:49:25.0828 0x267c  SystemEventsBroker - ok
19:49:25.0833 0x267c  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:49:25.0836 0x267c  TabletInputService - ok
19:49:25.0843 0x267c  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:49:25.0848 0x267c  TapiSrv - ok
19:49:25.0887 0x267c  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
19:49:25.0919 0x267c  Tcpip - ok
19:49:25.0957 0x267c  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
19:49:25.0985 0x267c  Tcpip6 - ok
19:49:25.0991 0x267c  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
19:49:25.0992 0x267c  tcpipreg - ok
19:49:25.0997 0x267c  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
19:49:25.0999 0x267c  tdx - ok
19:49:26.0002 0x267c  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
19:49:26.0003 0x267c  terminpt - ok
19:49:26.0019 0x267c  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
19:49:26.0032 0x267c  TermService - ok
19:49:26.0037 0x267c  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
19:49:26.0039 0x267c  Themes - ok
19:49:26.0045 0x267c  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
19:49:26.0050 0x267c  TieringEngineService - ok
19:49:26.0061 0x267c  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:49:26.0069 0x267c  tiledatamodelsvc - ok
19:49:26.0075 0x267c  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
19:49:26.0079 0x267c  TimeBrokerSvc - ok
19:49:26.0084 0x267c  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
19:49:26.0087 0x267c  TPM - ok
19:49:26.0091 0x267c  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
19:49:26.0094 0x267c  TrkWks - ok
19:49:26.0098 0x267c  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:49:26.0100 0x267c  TrustedInstaller - ok
19:49:26.0104 0x267c  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
19:49:26.0105 0x267c  tsusbflt - ok
19:49:26.0108 0x267c  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:49:26.0109 0x267c  TsUsbGD - ok
19:49:26.0113 0x267c  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
19:49:26.0114 0x267c  tsusbhub - ok
19:49:26.0119 0x267c  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
19:49:26.0121 0x267c  tunnel - ok
19:49:26.0125 0x267c  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
19:49:26.0127 0x267c  tzautoupdate - ok
19:49:26.0131 0x267c  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
19:49:26.0132 0x267c  UASPStor - ok
19:49:26.0136 0x267c  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
19:49:26.0137 0x267c  UcmCx0101 - ok
19:49:26.0141 0x267c  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
19:49:26.0142 0x267c  UcmTcpciCx0101 - ok
19:49:26.0145 0x267c  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:49:26.0146 0x267c  UcmUcsi - ok
19:49:26.0153 0x267c  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
19:49:26.0155 0x267c  Ucx01000 - ok
19:49:26.0159 0x267c  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
19:49:26.0159 0x267c  UdeCx - ok
19:49:26.0166 0x267c  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
19:49:26.0170 0x267c  udfs - ok
19:49:26.0173 0x267c  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
19:49:26.0174 0x267c  UEFI - ok
19:49:26.0177 0x267c  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
19:49:26.0178 0x267c  UevAgentDriver - ok
19:49:26.0196 0x267c  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
19:49:26.0213 0x267c  UevAgentService - ok
19:49:26.0220 0x267c  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
19:49:26.0224 0x267c  Ufx01000 - ok
19:49:26.0227 0x267c  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:49:26.0229 0x267c  UfxChipidea - ok
19:49:26.0233 0x267c  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:49:26.0235 0x267c  ufxsynopsys - ok
19:49:26.0240 0x267c  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
19:49:26.0242 0x267c  UI0Detect - ok
19:49:26.0245 0x267c  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
19:49:26.0246 0x267c  umbus - ok
19:49:26.0249 0x267c  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
19:49:26.0249 0x267c  UmPass - ok
19:49:26.0256 0x267c  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
19:49:26.0261 0x267c  UmRdpService - ok
19:49:26.0280 0x267c  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
19:49:26.0296 0x267c  UnistoreSvc - ok
19:49:26.0307 0x267c  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:49:26.0313 0x267c  upnphost - ok
19:49:26.0317 0x267c  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
19:49:26.0317 0x267c  UrsChipidea - ok
19:49:26.0321 0x267c  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
19:49:26.0321 0x267c  UrsCx01000 - ok
19:49:26.0325 0x267c  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
19:49:26.0326 0x267c  UrsSynopsys - ok
19:49:26.0331 0x267c  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
19:49:26.0333 0x267c  usbccgp - ok
19:49:26.0337 0x267c  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
19:49:26.0338 0x267c  usbcir - ok
19:49:26.0342 0x267c  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
19:49:26.0343 0x267c  usbehci - ok
19:49:26.0353 0x267c  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
19:49:26.0359 0x267c  usbhub - ok
19:49:26.0370 0x267c  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
19:49:26.0376 0x267c  USBHUB3 - ok
19:49:26.0380 0x267c  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
19:49:26.0380 0x267c  usbohci - ok
19:49:26.0383 0x267c  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
19:49:26.0384 0x267c  usbprint - ok
19:49:26.0387 0x267c  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:49:26.0388 0x267c  usbscan - ok
19:49:26.0391 0x267c  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
19:49:26.0392 0x267c  usbser - ok
19:49:26.0397 0x267c  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:49:26.0398 0x267c  USBSTOR - ok
19:49:26.0401 0x267c  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
19:49:26.0402 0x267c  usbuhci - ok
19:49:26.0410 0x267c  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:49:26.0414 0x267c  USBXHCI - ok
19:49:26.0439 0x267c  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
19:49:26.0460 0x267c  UserDataSvc - ok
19:49:26.0479 0x267c  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
19:49:26.0493 0x267c  UserManager - ok
19:49:26.0505 0x267c  [ EBF9E40845362DBE2AD0DB3077269488, A6363006350D097F95B03A2F44E1D3FBD3BC40048BE57C715CD7CBC22D1EE70B ] UsoSvc          C:\WINDOWS\system32\usocore.dll
19:49:26.0514 0x267c  UsoSvc - ok
19:49:26.0517 0x267c  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
19:49:26.0519 0x267c  VaultSvc - ok
19:49:26.0522 0x267c  [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone          C:\WINDOWS\System32\drivers\VClone.sys
19:49:26.0523 0x267c  VClone - ok
19:49:26.0526 0x267c  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
19:49:26.0527 0x267c  vdrvroot - ok
19:49:26.0538 0x267c  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
19:49:26.0548 0x267c  vds - ok
19:49:26.0554 0x267c  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
19:49:26.0556 0x267c  VerifierExt - ok
19:49:26.0569 0x267c  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
19:49:26.0578 0x267c  vhdmp - ok
19:49:26.0581 0x267c  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
19:49:26.0582 0x267c  vhf - ok
19:49:26.0586 0x267c  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
19:49:26.0587 0x267c  vmbus - ok
19:49:26.0590 0x267c  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
19:49:26.0591 0x267c  VMBusHID - ok
19:49:26.0593 0x267c  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
19:49:26.0594 0x267c  vmgid - ok
19:49:26.0601 0x267c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
19:49:26.0605 0x267c  vmicguestinterface - ok
19:49:26.0611 0x267c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
19:49:26.0615 0x267c  vmicheartbeat - ok
19:49:26.0621 0x267c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
         

Alt 10.03.2017, 19:54   #8
rka0
 
AdChoices im Firefox - Standard

AdChoices im Firefox



TDSS II
Code:
ATTFilter
19:49:26.0625 0x267c  vmickvpexchange - ok
19:49:26.0633 0x267c  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
19:49:26.0639 0x267c  vmicrdv - ok
19:49:26.0646 0x267c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
19:49:26.0650 0x267c  vmicshutdown - ok
19:49:26.0656 0x267c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
19:49:26.0660 0x267c  vmictimesync - ok
19:49:26.0666 0x267c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
19:49:26.0670 0x267c  vmicvmsession - ok
19:49:26.0678 0x267c  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
19:49:26.0682 0x267c  vmicvss - ok
19:49:26.0686 0x267c  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
19:49:26.0687 0x267c  volmgr - ok
19:49:26.0695 0x267c  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
19:49:26.0699 0x267c  volmgrx - ok
19:49:26.0707 0x267c  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
19:49:26.0712 0x267c  volsnap - ok
19:49:26.0715 0x267c  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
19:49:26.0716 0x267c  volume - ok
19:49:26.0719 0x267c  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
19:49:26.0720 0x267c  vpci - ok
19:49:26.0725 0x267c  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
19:49:26.0727 0x267c  vsmraid - ok
19:49:26.0751 0x267c  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
19:49:26.0769 0x267c  VSS - ok
19:49:26.0777 0x267c  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
19:49:26.0781 0x267c  VSTXRAID - ok
19:49:26.0784 0x267c  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
19:49:26.0785 0x267c  vwifibus - ok
19:49:26.0788 0x267c  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
19:49:26.0789 0x267c  vwififlt - ok
19:49:26.0799 0x267c  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
19:49:26.0807 0x267c  W32Time - ok
19:49:26.0811 0x267c  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
19:49:26.0812 0x267c  WacomPen - ok
19:49:26.0820 0x267c  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
19:49:26.0827 0x267c  WalletService - ok
19:49:26.0831 0x267c  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:49:26.0833 0x267c  wanarp - ok
19:49:26.0835 0x267c  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:49:26.0837 0x267c  wanarpv6 - ok
19:49:26.0861 0x267c  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
19:49:26.0883 0x267c  wbengine - ok
19:49:26.0898 0x267c  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
19:49:26.0910 0x267c  WbioSrvc - ok
19:49:26.0915 0x267c  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
19:49:26.0917 0x267c  wcifs - ok
19:49:26.0929 0x267c  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
19:49:26.0940 0x267c  Wcmsvc - ok
19:49:26.0949 0x267c  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
19:49:26.0957 0x267c  wcncsvc - ok
19:49:26.0960 0x267c  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
19:49:26.0961 0x267c  wcnfs - ok
19:49:26.0965 0x267c  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
19:49:26.0966 0x267c  WdBoot - ok
19:49:26.0969 0x267c  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
19:49:26.0969 0x267c  WDC_SAM - ok
19:49:26.0984 0x267c  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
19:49:26.0995 0x267c  Wdf01000 - ok
19:49:27.0002 0x267c  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
19:49:27.0005 0x267c  WdFilter - ok
19:49:27.0009 0x267c  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
19:49:27.0012 0x267c  WdiServiceHost - ok
19:49:27.0015 0x267c  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
19:49:27.0017 0x267c  WdiSystemHost - ok
19:49:27.0030 0x267c  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:49:27.0039 0x267c  wdiwifi - ok
19:49:27.0044 0x267c  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:49:27.0045 0x267c  WdNisDrv - ok
19:49:27.0048 0x267c  WdNisSvc - ok
19:49:27.0054 0x267c  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:49:27.0058 0x267c  WebClient - ok
19:49:27.0064 0x267c  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
19:49:27.0067 0x267c  Wecsvc - ok
19:49:27.0071 0x267c  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
19:49:27.0073 0x267c  WEPHOSTSVC - ok
19:49:27.0076 0x267c  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
19:49:27.0079 0x267c  wercplsupport - ok
19:49:27.0083 0x267c  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
19:49:27.0086 0x267c  WerSvc - ok
19:49:27.0091 0x267c  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
19:49:27.0093 0x267c  WFPLWFS - ok
19:49:27.0097 0x267c  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
19:49:27.0099 0x267c  WiaRpc - ok
19:49:27.0103 0x267c  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
19:49:27.0103 0x267c  WIMMount - ok
19:49:27.0105 0x267c  WinDefend - ok
19:49:27.0112 0x267c  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:49:27.0114 0x267c  WindowsTrustedRT - ok
19:49:27.0117 0x267c  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:49:27.0117 0x267c  WindowsTrustedRTProxy - ok
19:49:27.0133 0x267c  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:49:27.0144 0x267c  WinHttpAutoProxySvc - ok
19:49:27.0149 0x267c  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
19:49:27.0150 0x267c  WinMad - ok
19:49:27.0158 0x267c  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:49:27.0161 0x267c  Winmgmt - ok
19:49:27.0203 0x267c  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:49:27.0240 0x267c  WinRM - ok
19:49:27.0249 0x267c  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
19:49:27.0250 0x267c  WINUSB - ok
19:49:27.0253 0x267c  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
19:49:27.0254 0x267c  WinVerbs - ok
19:49:27.0266 0x267c  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
19:49:27.0274 0x267c  wisvc - ok
19:49:27.0311 0x267c  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
19:49:27.0344 0x267c  WlanSvc - ok
19:49:27.0379 0x267c  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
19:49:27.0406 0x267c  wlidsvc - ok
19:49:27.0411 0x267c  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
19:49:27.0411 0x267c  WmiAcpi - ok
19:49:27.0418 0x267c  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:49:27.0420 0x267c  wmiApSrv - ok
19:49:27.0422 0x267c  WMPNetworkSvc - ok
19:49:27.0428 0x267c  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
19:49:27.0431 0x267c  Wof - ok
19:49:27.0460 0x267c  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
19:49:27.0485 0x267c  workfolderssvc - ok
19:49:27.0490 0x267c  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
19:49:27.0492 0x267c  WPDBusEnum - ok
19:49:27.0495 0x267c  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:49:27.0496 0x267c  WpdUpFltr - ok
19:49:27.0502 0x267c  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
19:49:27.0506 0x267c  WpnService - ok
19:49:27.0510 0x267c  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
19:49:27.0513 0x267c  WpnUserService - ok
19:49:27.0517 0x267c  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:49:27.0518 0x267c  ws2ifsl - ok
19:49:27.0521 0x267c  [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudioDevice_383 C:\WINDOWS\system32\drivers\VirtualAudio.sys
19:49:27.0522 0x267c  WsAudioDevice_383 - ok
19:49:27.0527 0x267c  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
19:49:27.0531 0x267c  wscsvc - ok
19:49:27.0535 0x267c  WSearch - ok
19:49:27.0571 0x267c  [ DDB7E452A99E0E5244105C6D2CF4BC9E, 1364B03AFFD20D339A2EBA303575BCCBC2D122D89810B1E3593CC55F93F9B79A ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
19:49:27.0601 0x267c  wuauserv - ok
19:49:27.0607 0x267c  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
19:49:27.0608 0x267c  WudfPf - ok
19:49:27.0614 0x267c  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
19:49:27.0617 0x267c  WUDFRd - ok
19:49:27.0621 0x267c  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
19:49:27.0624 0x267c  wudfsvc - ok
19:49:27.0629 0x267c  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:49:27.0631 0x267c  WUDFWpdFs - ok
19:49:27.0636 0x267c  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:49:27.0639 0x267c  WUDFWpdMtp - ok
19:49:27.0661 0x267c  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
19:49:27.0679 0x267c  WwanSvc - ok
19:49:27.0697 0x267c  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
19:49:27.0712 0x267c  XblAuthManager - ok
19:49:27.0733 0x267c  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
19:49:27.0749 0x267c  XblGameSave - ok
19:49:27.0757 0x267c  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
19:49:27.0760 0x267c  xboxgip - ok
19:49:27.0777 0x267c  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
19:49:27.0791 0x267c  XboxNetApiSvc - ok
19:49:27.0795 0x267c  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
19:49:27.0796 0x267c  xinputhid - ok
19:49:27.0818 0x267c  [ 380B1AE3C8E99FC2280967180FE4C513, 177507B966532B129760F2E1CCB6CFE04FFA5AA233D434168489EFBC65A7900A ] {41E8078B-96D9-42DC-8789-A1CF102CD880} D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl
19:49:27.0818 0x267c  {41E8078B-96D9-42DC-8789-A1CF102CD880} - ok
19:49:27.0819 0x267c  ================ Scan global ===============================
19:49:27.0822 0x267c  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
19:49:27.0827 0x267c  [ 4C08BF958476A137C78B62B22B5F90A4, 11DDD033896C96F8F7F1A1EDD0F4E0F07AFBB3202DC8A2E5E3ADB51C4D0700D4 ] C:\WINDOWS\system32\winsrv.dll
19:49:27.0833 0x267c  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
19:49:27.0843 0x267c  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
19:49:27.0849 0x267c  [ Global ] - ok
19:49:27.0849 0x267c  ================ Scan MBR ==================================
19:49:27.0851 0x267c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:49:27.0889 0x267c  \Device\Harddisk0\DR0 - ok
19:49:27.0891 0x267c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:49:27.0895 0x267c  \Device\Harddisk1\DR1 - ok
19:49:27.0895 0x267c  ================ Scan VBR ==================================
19:49:27.0897 0x267c  [ 4660A07DB99858BA5E7F978200436AE4 ] \Device\Harddisk0\DR0\Partition1
19:49:27.0899 0x267c  \Device\Harddisk0\DR0\Partition1 - ok
19:49:27.0900 0x267c  [ 8684D3BD1C65DD2197926B1479E260AD ] \Device\Harddisk0\DR0\Partition2
19:49:27.0901 0x267c  \Device\Harddisk0\DR0\Partition2 - ok
19:49:27.0903 0x267c  [ 6FCFE879066021F6FDA7887B147C0DFD ] \Device\Harddisk1\DR1\Partition1
19:49:27.0904 0x267c  \Device\Harddisk1\DR1\Partition1 - ok
19:49:27.0906 0x267c  [ 998048D14C91FFF5A91C1D94B8D86E5C ] \Device\Harddisk1\DR1\Partition2
19:49:27.0907 0x267c  \Device\Harddisk1\DR1\Partition2 - ok
19:49:27.0910 0x267c  [ 6DC71BB652AE74AE33951297819ADA68 ] \Device\Harddisk1\DR1\Partition3
19:49:27.0911 0x267c  \Device\Harddisk1\DR1\Partition3 - ok
19:49:27.0912 0x267c  [ 62EFB9DB817C53C0DF95EDA235F5289D ] \Device\Harddisk1\DR1\Partition4
19:49:27.0914 0x267c  \Device\Harddisk1\DR1\Partition4 - ok
19:49:27.0915 0x267c  [ 4F391211AAFF8203FD61DED7F9C9D782 ] \Device\Harddisk1\DR1\Partition5
19:49:27.0917 0x267c  \Device\Harddisk1\DR1\Partition5 - ok
19:49:27.0917 0x267c  ================ Scan generic autorun ======================
19:49:28.0153 0x267c  [ 58D9B2F0E126B1842D93D7B8862BF02E, 2D5BF0CAA008C2B16014A4E711E9B7F05BC1FD771067627779815E8C48894EDB ] C:\Program Files\Logitech Gaming Software\LCore.exe
19:49:28.0332 0x267c  Launch LCore - ok
19:49:28.0346 0x267c  [ 258E2CD2C4984A977106C9EF7CA8AF69, D8F6409D5F5782CC27D159D18E914A3DB59D8644D7017CA6F84F0CF30E95174C ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
19:49:28.0348 0x267c  Avira SystrayStartTrigger - ok
19:49:28.0364 0x267c  [ 1E0029B9936F42C86138EADB5C27439E, 0A57C0DF2E2995C45FB92D1229FFAA1493748F39F01FB53F9559C5AFB5C1CA13 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
19:49:28.0374 0x267c  avgnt - ok
19:49:28.0379 0x267c  Dropbox - ok
19:49:28.0383 0x267c  [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] D:\VirtualCloneDrive\VCDDaemon.exe
19:49:28.0384 0x267c  VirtualCloneDrive - ok
19:49:28.0390 0x267c  [ C0F72AF517E27CFE23D4E37EC7FF7E9E, 2CF4F78EC4BE99258BC91F5D94A9AF261F0DBDFD55D0100DCA2CA88813AAD4B4 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
19:49:28.0391 0x267c  ControlCenter4 - ok
19:49:28.0454 0x267c  [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
19:49:28.0503 0x267c  BrStsMon00 - ok
19:49:28.0509 0x267c  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\WINDOWS\UpdReg.EXE
19:49:28.0510 0x267c  UpdReg - ok
19:49:28.0534 0x267c  [ 6F98C7DA1AE54B3151358971336B7B46, 3FE79211467DCC020C3D284B2DFA286677375004E92A742030EAE29A49A0BF76 ] D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
19:49:28.0544 0x267c  Sound Blaster Recon3D PCIe Control Panel - ok
19:49:28.0564 0x267c  [ 81800928E0F713DF31F3393CC26F4013, 0ABCC70297C83C01BCCAF03083BE67EB7A50A28557B2F9578EDB73B382F54182 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
19:49:28.0578 0x267c  DivXUpdate - ok
19:49:28.0590 0x267c  [ 17A2294ED8BA499132BC7B067D43BC66, 4C79D2D63F43C0EDC1FC122676E0019BDF5E55DE7A1674462ABC664AB30D917A ] D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe
19:49:28.0596 0x267c  PowerDVD16Agent - ok
19:49:28.0607 0x267c  [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:49:28.0613 0x267c  SunJavaUpdateSched - ok
19:49:28.0746 0x267c  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:49:28.0845 0x267c  OneDriveSetup - ok
19:49:28.0972 0x267c  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:49:29.0066 0x267c  OneDriveSetup - ok
19:49:29.0107 0x267c  [ B657BB057C2CC7B0EC5E7B30FA573729, B80EFB7F8A27C16C014A4EFA41AE362E4B26E508C57F09F294FD4E0A4C7D740D ] C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
19:49:29.0136 0x267c  uTorrent - ok
19:49:29.0139 0x267c  GoogleDriveSync - ok
19:49:29.0273 0x267c  [ 3F6B014280D8A98ACC323BB28CA5BCA7, 724FE1E949D57E982B50CC6FBBA8BCB524C42592A39ED60D37042CC2C2E73CAB ] C:\Program Files\CCleaner\CCleaner64.exe
19:49:29.0370 0x267c  CCleaner Monitoring - ok
19:49:29.0376 0x267c  Waiting for KSN requests completion. In queue: 248
19:49:29.0470 0x0ab0  Object required for P2P: [ 3F6B014280D8A98ACC323BB28CA5BCA7 ] C:\Program Files\CCleaner\CCleaner64.exe
19:49:29.0688 0x0ab0  Object send P2P result: true
19:49:30.0387 0x267c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.25.151 ), 0x41000 ( enabled : updated )
19:49:30.0389 0x267c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
19:49:30.0392 0x267c  Win FW state via NFP2: enabled ( trusted )
19:49:30.0493 0x267c  ============================================================
19:49:30.0493 0x267c  Scan finished
19:49:30.0493 0x267c  ============================================================
19:49:30.0504 0x0af4  Detected object count: 0
19:49:30.0504 0x0af4  Actual detected object count: 0
         
Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von xxx (10-03-2017 19:53:03)
Gestartet von C:\Users\xxx\Desktop
Windows 10 Education Version 1607 (X64) (2016-08-14 11:21:45)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4199837023-2687035150-3113593764-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4199837023-2687035150-3113593764-503 - Limited - Disabled)
Gast (S-1-5-21-4199837023-2687035150-3113593764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4199837023-2687035150-3113593764-1003 - Limited - Enabled)
xxx (S-1-5-21-4199837023-2687035150-3113593764-1001 - Administrator - Enabled) => C:\Users\xxx

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Anti-Twin (Installation 10.12.2015) (HKLM-x32\...\Anti-Twin 2015-12-10 22.13.58) (Version:  - Joerg Rosenthal, Germany)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{115347FE-037B-4F4D-86F2-057FEF294C7A}) (Version: 1.2.4.459 - Avira Operations GmbH & Co. KG)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Brother MFL-Pro Suite MFC-J5320DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Core Temp 1.6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.6 - ALCPU)
Crysis 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink MediaEspresso 7.5 (HKLM-x32\...\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}) (Version: 7.5.8022_61105 - CyberLink Corp.)
CyberLink PhotoDirector 7 (HKLM-x32\...\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}) (Version: 7.0.7504.0 - CyberLink Corp.)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.2406.60 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.14 - Infonautics GmbH, Switzerland)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duplicate Photo Cleaner (HKLM\...\Duplicate Photo Cleaner_is1) (Version:  - WebMinds, Inc.)
Easy Duplicate Finder (HKLM\...\{DA060B99-6B87-4D85-8B1A-29BCF6DF2B06}_is1) (Version:  - WebMinds, Inc.)
Eines de correcció del Microsoft Office 2016: català (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FLV Downloader (xmlbar) (nur entfernen) (HKLM-x32\...\Xmlbar FLVDownloader) (Version:  - )
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.31.119 - Digital Wave Ltd)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
Instrumente de verificare Microsoft Office 2016 - Română (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LCDSirReal - a multipurpose plugin for the Logitech G13/G15 (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\LCDSirReal) (Version:  - Link Data Stockholm)
Logitech Gaming Software 8.89 (HKLM\...\Logitech Gaming Software) (Version: 8.89.68 - Logitech Inc.)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2016  - German/Deutsch (HKLM\...\Office16.OMUI.de-de) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 de)) (Version: 52.0 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF-XChange Editor (HKLM\...\{3D1987D7-5A88-4DDA-9D29-6977AE2BDBD0}) (Version: 5.5.316.1 - Tracker Software Products (Canada) Ltd.)
PerigeeCopy 1.7 (HKLM\...\PerigeeCopy) (Version: 1.7 - Jeremy Stanley)
PicasaDownloader (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\052751e036427773) (Version: 1.0.0.25 - PicasaDownloader)
ProjectX - Complete (HKLM-x32\...\{513C7CA5-86D3-495D-B2D4-409EE41F68A7}_is1) (Version: 0.91.0.10 - WatchersNET)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RLinkToolbox 3.3.0.1896 (HKLM-x32\...\RLinkToolbox) (Version: 3.3.0.1896 - TomTom)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.486 - RStudio)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{E9DF9D95-BF8F-4264-B54E-988DAD71EE92}) (Version: 1.02.03 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version:  - Bethesda Game Studios)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 6.5.3 - Universal Media Server)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.OMUI.de-de_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B9CCC01-1DF2-4808-BF9A-AC12ADB03DA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {1A596B82-4A61-47BE-8E4B-5ADDD69D5009} - System32\Tasks\GPU-Z => D:\GPU-Z\GPU-Z.exe [2016-07-13] (techPowerUp (www.techpowerup.com))
Task: {2CBCE76D-98A7-4BEE-9286-B590D2202CF5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {2FD6432B-C391-458F-9BE3-AB00C6407F77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {6B78D56C-B7FE-43F6-9274-BB86AE74F7C3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {6BAC108C-EE9F-4AD7-9F78-A6EB7F065197} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {7BFE63DD-BEEF-41C8-AA84-3BBFC1702732} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {7CEDE775-418E-4909-B886-9A30F522D9E8} - System32\Tasks\Core Temp Autostart xxx => D:\Core Temp\Core Temp.exe [2017-02-18] (ALCPU)
Task: {89645356-5169-40EC-80E3-E2ECE3D6A473} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {8C1234D8-F860-499B-B4FD-C1917BCF7D3C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {8CC6D714-CD0D-4CB5-98A3-A9D31B0220D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {8E3B38A0-CA9A-4CB6-A1D5-5CE5F120EE67} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {ADAA096F-3EAC-4EF5-B8E2-E13566DD0B27} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {BA2D4D30-2F9F-4788-9958-1A91D5180A1E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {C336F517-C7CA-4129-9A13-DCC6BA3331B8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {D19802B5-8605-4D2E-9056-1A8471F61B55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {D41E18A6-38D8-4A38-9382-6B3949BF6593} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {D9E404F0-FD41-414D-9B55-A30853C55AC3} - System32\Tasks\DeviceDetector7.5 => D:\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [2016-08-22] (CyberLink Corp.)
Task: {EFD345F9-A347-405E-A865-C1F58F6BCF8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-24 23:32 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-14 12:14 - 2017-02-09 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-14 12:26 - 2016-08-14 12:26 - 00959168 _____ () C:\Users\xxx\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () D:\Unlocker\UnlockerCOM.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 00230064 _____ () D:\NPP\Notepad++\NppShell_06.dll
2016-09-15 10:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 19:16 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 19:16 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 19:16 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2011-06-21 10:14 - 2011-06-21 10:14 - 00207872 _____ () C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
2013-02-13 03:37 - 2013-02-13 03:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2016-10-26 00:16 - 2017-01-19 12:35 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-10-26 00:37 - 2017-02-08 23:04 - 02493440 _____ () G:\Origin\libGLESv2.dll
2016-01-28 22:41 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-10 08:20 - 2017-03-10 08:20 - 00098816 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32api.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00110080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\pywintypes27.dll
2017-03-10 08:20 - 2017-03-10 08:20 - 00364544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\pythoncom27.dll
2017-03-10 08:20 - 2017-03-10 08:20 - 00320512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32com.shell.shell.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00914432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_hashlib.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 01176576 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._core_.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00806400 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._gdi_.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00816128 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._windows_.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 01067008 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._controls_.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00733184 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._misc_.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00682496 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\pysqlite2._sqlite.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_ctypes.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00686080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\unicodedata.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00119808 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32file.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00108544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32security.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00007168 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\hashobjs_ext.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00017920 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\thumbnails_ext.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\usb_ext.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00012800 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\common.time34.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00018432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32event.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00167936 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32gui.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00046080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_socket.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 01303552 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_ssl.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00128512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_elementtree.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00127488 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\pyexpat.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00038912 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32inet.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00036864 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_psutil_windows.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00524248 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\windows._lib_cacheinvalidation.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00011264 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32crypt.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00123392 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._wizard.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00077312 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._html2.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00027648 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_multiprocessing.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00020480 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_yappi.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00035840 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32process.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00078848 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._animate.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00024064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32pipe.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00010240 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\select.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00025600 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32pdh.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00017408 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32profile.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00022528 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 21:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2015-12-12 08:23 - 2017-02-09 03:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-09 21:35 - 2017-02-09 03:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 08:23 - 2017-02-09 03:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-09 21:35 - 2017-02-09 03:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-04 23:21 - 2017-02-09 03:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-27 20:55 - 2017-03-06 22:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 12:42 - 2017-03-06 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-12 09:35 - 2017-03-06 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 21:35 - 2017-02-09 03:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-03-09 21:35 - 2016-12-02 22:44 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-09 21:35 - 2017-02-09 03:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-09 21:35 - 2017-02-09 03:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2016-09-24 23:32 - 2017-01-20 14:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-24 23:32 - 2017-01-20 14:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-19 20:45 - 2017-01-20 14:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2014-03-31 20:35 - 2014-03-31 20:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6D89BEBC-8468-4295-B7B1-F8FB62468B37}] => (Allow) LPort=30751
FirewallRules: [{B49AC9AC-B1CF-44F7-82A6-E31837715F1E}] => (Allow) LPort=30751
FirewallRules: [{5B697788-59A3-4747-B76A-E5EDDE0605DC}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{41925E06-A9CD-47E3-BEC1-3A1D93175331}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{C1CE0476-BA3F-4EC0-A323-0D82BB6DDD5C}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{BDDAC986-77B7-4F20-9150-032A108F65AF}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{2D7EAAEE-09A9-4634-A9B1-F3D04B1F44AA}] => (Allow) G:\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{840E6FB1-4C73-4892-A8AC-09A0164069D5}] => (Allow) G:\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{CD2B6346-5FB9-40F0-BCDA-E07A0429522E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0CBB679C-08AE-4D50-82BA-C5BA5E179045}] => (Allow) LPort=2869
FirewallRules: [{C36766D1-DBB8-426D-B9F3-C96698E14676}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{2FD0D92D-D739-47BE-9618-CB3A63C437E4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{2D525972-9794-40D3-A02B-A5CACA96D2B0}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{C9669401-FED5-4CFB-B728-D3709671ABFF}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{BCA95B63-B100-4C15-A111-DF8BF46455F7}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{7BE4898B-E4A5-4E3D-9E64-EF7F280C6134}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9FE48F9E-0E31-43B9-A9F9-5D7EA410B716}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FC71D3F-B4F5-470F-9A53-B0A73AA50539}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{52F0DCBE-1FCA-4F6E-AC44-B6E3B04EAF75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FCD607C7-5DFC-4BCA-9E53-E0750E10F80C}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{8B01E72B-5704-4285-B365-6776050A0075}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{2043F9FF-0AC8-4096-B5B0-87EF086B9688}] => (Allow) G:\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{0967E305-8FD2-47B7-AA2C-6A9637218131}] => (Allow) G:\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{683AEE22-87DA-4AB5-B7FC-C634826B9E41}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AEF5FE01-FCC4-4D4C-BB8F-0B36FE1B9C97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{43B6F3EF-627C-4B90-9E25-66667978C655}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{890EFA8C-E691-4CE9-AA69-4AE9512F1824}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{D01C8AB7-2424-4719-9194-12F8059582DE}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{0A230BC8-3C70-44E0-ADAB-A93E29D1C3BC}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{2E952210-004C-41E0-A8B9-DAA0E96AA873}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FC37E47F-F7EC-4A49-9246-06A80DB92F6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D11ACF96-0CF5-4EA2-8E8F-F05A2E402CCE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3578B3AE-F879-48AD-8CB6-F2464A3D055E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FADCF931-8786-4B9C-BC21-67E9380706CB}] => (Allow) G:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{64917906-7DF1-4CDA-90D7-4C147AA838A5}] => (Allow) G:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{A4A1B86B-A6B9-47FE-ACB1-59FAC8FDC767}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0D10BD48-5550-4387-A4A8-EFA0B626281E}] => (Allow) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3E8741B3-D529-48C9-9386-AEB4C4A36CEE}] => (Allow) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{71C117A0-7573-409E-A9BA-19CE1CA2F55D}] => (Allow) G:\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{632245F9-6CFD-4852-AF50-DB884D4DE2AA}] => (Allow) G:\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{A2FDA54C-7E62-49F5-B8F0-3B3EBE221366}] => (Allow) G:\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [{69E4D0E7-83B6-430E-8A37-C873DDBCB53F}] => (Allow) G:\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [{13C20609-1CC6-47C4-B7F4-7BAA982B87B6}] => (Allow) G:\Origin Games\Crysis 2\bin32\Crysis2.exe
FirewallRules: [{9DC6F2A9-D8F9-4E07-B818-AA28BF1F31B1}] => (Allow) G:\Origin Games\Crysis 2\bin32\Crysis2.exe
FirewallRules: [{7C9811A2-F07B-472F-B00A-8AEEF332EDF0}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD.exe
FirewallRules: [{061BA69A-FDDA-46EF-A1AA-78DF68D58F7F}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSServerPDVD16.exe
FirewallRules: [{1273216E-938E-4291-8486-A80E064F755D}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe
FirewallRules: [{E290168B-0633-4A0D-A403-8848FB710B99}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\Movie\PowerDVDMovie.exe
FirewallRules: [{C9F6E1F5-ADD5-4F43-BD83-4F8A4BD0AEF2}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\CastingStation.exe
FirewallRules: [{823060CF-DD04-4049-92FA-B36F9C864AC8}] => (Allow) D:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{B2014831-F544-4EA3-9E92-10D8B0613239}] => (Allow) D:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{BDABF5B9-BE2B-4592-8372-553610D72982}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4A69B45A-53B7-4A97-A3B5-0132EA98268A}] => (Allow) D:\Skype\Phone\Skype.exe
FirewallRules: [{DC5ABA74-E951-4324-A19F-88822A3A35D2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

20-02-2017 19:46:26 Geplanter Prüfpunkt
24-02-2017 16:53:10 Windows Update
04-03-2017 13:05:27 Removed EndNote X8

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/10/2017 08:23:22 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/10/2017 12:44:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SimImages.exe, Version 2013.11.5076.20057 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17c0

Startzeit: 01d2992f0b26af13

Beendigungszeit: 4294967295

Anwendungspfad: D:\SimilarImages\SimImages.exe

Berichts-ID: 60c0351d-0522-11e7-9c94-08606ec1264e

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2017 04:02:11 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/08/2017 11:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FileHippo.AppManager.exe, Version 2.0.0.392 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 169c

Startzeit: 01d2985a2f6bc2e1

Beendigungszeit: 6

Anwendungspfad: D:\FileHippo.com\FileHippo.AppManager.exe

Berichts-ID: 286b5e67-044e-11e7-9c93-08606ec1264e

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/08/2017 07:28:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "d:\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/08/2017 07:28:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSMediaInfoPDVD16.exe".
Die abhängige Assemblierung "CLMSMediaInfo.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/08/2017 07:28:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "d:\xmlbar\flv downloader\FLVDownloader(xmlbar).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/08/2017 07:28:01 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-4199837023-2687035150-3113593764-1001}/">.

Error: (03/08/2017 06:20:14 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/07/2017 07:50:19 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


Systemfehler:
=============
Error: (03/10/2017 08:20:37 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/10/2017 01:33:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/10/2017 12:44:35 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/09/2017 03:52:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/09/2017 07:57:23 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/08/2017 11:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/08/2017 11:39:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/08/2017 11:39:40 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA LocalSystem Container" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (03/08/2017 11:39:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/08/2017 11:39:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrYNSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-12-06 11:11:22.214
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-12-06 11:11:20.004
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-28 01:04:22.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-28 01:03:41.966
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:51.234
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:47.720
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:42.608
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-06 19:09:28.918
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-06 19:09:25.934
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 8139.25 MB
Verfügbarer physikalischer RAM: 4539.63 MB
Summe virtueller Speicher: 9419.25 MB
Verfügbarer virtueller Speicher: 4765.98 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.4 GB) (Free:138.76 GB) NTFS
Drive d: (Programme) (Fixed) (Total:29.3 GB) (Free:22.42 GB) NTFS
Drive e: (48G) (Fixed) (Total:1277.08 GB) (Free:221.78 GB) NTFS
Drive f: (Music) (Fixed) (Total:58.59 GB) (Free:17.59 GB) NTFS
Drive g: (Games) (Fixed) (Total:97.66 GB) (Free:14.88 GB) NTFS
Drive h: (Stuff) (Fixed) (Total:400.39 GB) (Free:206.54 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E0AFA54B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 64BFCCCC)
Partition 1: (Not Active) - (Size=1277.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=429.7 GB) - (Type=OF Extended)

==================== Ende von Addition.txt ============================
         

Alt 10.03.2017, 19:56   #9
rka0
 
AdChoices im Firefox - Standard

AdChoices im Firefox



FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
durchgeführt von xxx (Administrator) auf SCHWOBB (10-03-2017 19:52:38)
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Platform: Windows 10 Education Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Electronic Arts) G:\Origin\OriginWebHelperService.exe
(www.shadowexplorer.com) D:\ShadowExplorer\sesvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ALCPU) D:\Core Temp\Core Temp.exe
(techPowerUp (www.techpowerup.com)) D:\GPU-Z\GPU-Z.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
() C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(Oracle Corporation) D:\Java64\bin\javaw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Elaborate Bytes AG) D:\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Creative Technology Ltd) D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17305208 2016-12-08] (Logitech Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [PowerDVD16Agent] => D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe [525352 2016-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [uTorrent] => C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-04] (BitTorrent Inc.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2015-10-04]
ShortcutTarget: Universal Media Server.lnk -> D:\UMS\UMS.exe (Universal Media Server)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{91c30c7d-d0a5-4365-a93e-eafa498ca70d}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer64.dll [2016-04-03] (www.startisback.com)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java64\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java64\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer32.dll [2016-04-03] (www.startisback.com)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java32\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java32\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: febeprof.xxx
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx [2017-03-10]
FF Homepage: Mozilla\Firefox\Profiles\febeprof.xxx -> hxxp://www.spiegel-online.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\febeprof.xxx -> type", 0
FF Extension: (New XKit) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\@new-xkit.xpi [2016-10-07]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (DownThemAll! AntiContainer) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\anticontainer@downthemall.net.xpi [2016-04-15]
FF Extension: (MEGA) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\firefox@mega.co.nz.xpi [2017-03-09]
FF Extension: (Tumblr Savior) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2017-03-07]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-03-09]
FF Extension: (Japanese Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-ja@firefox.mozilla.org.xpi [2017-03-08]
FF Extension: (Save Images) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\LDSI_plashcor@gmail.com.xpi [2016-04-30]
FF Extension: (RememberPass) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\rememberpass@teesoft.info.xpi [2016-04-28]
FF Extension: (S3.Google Translator) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\s3google@translator.xpi [2016-10-19]
FF Extension: (Locale Switcher) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2016-04-28]
FF Extension: (Google  Image Search) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi [2016-04-28]
FF Extension: (Video DownloadHelper) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-01]
FF Extension: (DivX Wizard Pro) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cc79db9d-e06e-469f-932a-2537c0db2b4a}.xpi [2016-05-18] [ist nicht signiert]
FF Extension: (RightToClick) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-11-30]
FF Extension: (Adblock Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Tab Mix Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-01-31]
FF Extension: (DownThemAll!) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\features\{ba65d49e-9429-40ee-8d6e-203f1c721eb2}\disableSHA1rollout@mozilla.org.xpi [2017-03-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> D:\Java64\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> D:\Java64\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> D:\Java32\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> D:\Java32\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default [2017-03-08]
CHR Extension: (Google Präsentationen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-31]
CHR Extension: (Google Docs) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-31]
CHR Extension: (Google Drive) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-31]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-31]
CHR Extension: (Video Downloader professional) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-09-01]
CHR Extension: (Google Tabellen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-31]
CHR Extension: (Avira Browserschutz) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-27]
CHR Extension: (Google Mail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519144 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [25232 2016-12-09] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-01-20] (Digital Wave Ltd.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [22184 2015-07-29] (Micro-Star Int'l Co., Ltd.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-12-08] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2122248 2017-02-08] (Electronic Arts)
R2 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2184208 2017-02-08] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 sesvc; D:\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Datei ist nicht signiert]
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [317400 2017-01-16] (Skype Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ALSysIO; C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys [35320 2017-03-08] (Arthur Liberman) <==== ACHTUNG
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 GPU-Z; C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys [27008 2017-03-08] () <==== ACHTUNG
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-12-08] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-08] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2016-02-29] (Wondershare)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl [38168 2016-12-19] (CyberLink Corp.)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-10 19:52 - 2017-03-10 19:52 - 00030796 _____ C:\Users\xxx\Desktop\FRST.txt
2017-03-10 19:49 - 2017-03-10 19:52 - 00271972 _____ C:\TDSSKiller.3.1.0.12_10.03.2017_19.49.14_log.txt
2017-03-10 19:48 - 2017-03-09 22:31 - 02423808 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2017-03-10 19:48 - 2017-03-09 22:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\xxx\Desktop\tdsskiller.exe
2017-03-10 08:20 - 2017-03-10 08:20 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\uTorrent
2017-03-09 22:31 - 2017-03-10 19:52 - 00000000 ____D C:\FRST
2017-03-09 22:25 - 2017-03-09 22:25 - 00000000 _____ C:\Users\xxx\Desktop\Neues Textdokument.txt
2017-03-09 22:24 - 2017-03-09 22:41 - 00271972 _____ C:\TDSSKiller.3.1.0.12_09.03.2017_22.24.21_log.txt
2017-03-09 21:35 - 2017-03-09 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-08 23:10 - 2017-03-08 23:42 - 00000000 ____D C:\AdwCleaner
2017-03-06 21:50 - 2017-03-06 21:50 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-04 15:02 - 2017-03-04 15:09 - 05713860 _____ C:\Users\xxx\Desktop\robocopy_log3.txt
2017-03-04 14:23 - 2017-03-04 14:55 - 02310791 _____ C:\Users\xxx\Desktop\robocopy_log2.txt
2017-03-04 13:30 - 2017-03-04 13:05 - 00000000 __SHD C:\WINDOWS\system32\N;
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.QtWebEngineProcess
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.Origin
2017-02-25 01:18 - 2017-02-25 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-24 23:34 - 2017-03-05 21:43 - 00056509 _____ C:\Users\xxx\Desktop\48G.xlsx
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\Program Files (x86)\Skype
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Duplicate Finder
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\Program Files\Easy Duplicate Finder
2017-02-19 21:13 - 2017-03-02 20:59 - 00000024 _____ C:\Users\xxx\Documents\AutoSaveLastScanResults.dup
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\Documents\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\AppData\Roaming\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\ProgramData\Easy Duplicate Finder
2017-02-19 20:54 - 2017-02-19 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages
2017-02-19 20:22 - 2017-03-10 00:44 - 00000000 ____D C:\Users\xxx\AppData\Local\SimilarImages
2017-02-19 20:22 - 2017-02-19 20:22 - 00000042 _____ C:\ProgramData\.SimImages
2017-02-14 22:57 - 2017-02-14 23:09 - 00001274 _____ C:\Users\xxx\.jalview_properties
2017-02-14 19:44 - 2017-02-09 23:39 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-14 19:42 - 2017-02-10 03:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-13 00:38 - 2017-02-13 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-10 19:50 - 2015-10-05 22:45 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2017-03-10 19:38 - 2016-11-18 12:49 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\Mozilla
2017-03-10 19:37 - 2016-08-14 12:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-10 13:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-10 12:25 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-10 11:11 - 2016-08-14 12:14 - 00013389 _____ C:\WINDOWS\BRRBCOM.INI
2017-03-10 08:21 - 2015-10-04 20:43 - 00000000 ____D C:\ProgramData\UMS
2017-03-10 08:20 - 2016-02-26 09:16 - 00000000 ___RD C:\Users\xxx\Google Drive
2017-03-10 01:31 - 2015-10-04 19:25 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2017-03-10 00:58 - 2015-10-04 19:35 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Users\xxx\AppData\Local\Dropbox
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-09 01:40 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-08 23:46 - 2016-07-16 23:57 - 01955412 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-08 23:46 - 2016-07-16 23:57 - 00508564 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-08 23:46 - 2015-10-04 16:26 - 04182586 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-08 23:40 - 2016-08-14 12:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-08 23:39 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-08 23:33 - 2016-05-26 19:02 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVS
2017-03-08 23:21 - 2015-10-06 21:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-08 23:13 - 2015-12-11 19:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-08 19:28 - 2016-01-04 08:10 - 00000000 ____D C:\Users\xxx\AppData\Local\CrashDumps
2017-03-05 01:36 - 2016-08-14 12:16 - 00000000 ____D C:\Users\xxx
2017-03-05 01:31 - 2016-02-09 14:26 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Origin
2017-03-04 17:46 - 2016-02-09 14:26 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 13:06 - 2016-12-20 22:42 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2017-03-04 13:04 - 2015-10-04 16:23 - 00000000 ____D C:\Users\xxx\AppData\Local\Packages
2017-03-03 17:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-03 08:30 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-03 08:29 - 2016-10-08 09:03 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-03-01 23:14 - 2016-07-12 07:38 - 00053669 _____ C:\Users\xxx\Desktop\krams.xlsx
2017-03-01 23:04 - 2016-12-21 13:13 - 00000000 ____D C:\Users\xxx\Documents\Japanisch
2017-03-01 00:47 - 2015-10-05 22:52 - 00000000 ____D C:\Users\xxx\AppData\Roaming\avidemux
2017-02-28 23:25 - 2016-10-28 20:42 - 00000000 ____D C:\Users\xxx\AppData\Roaming\HandBrake
2017-02-25 12:30 - 2015-10-05 00:11 - 00000000 ____D C:\Users\xxx\AppData\Roaming\dvdcss
2017-02-25 01:18 - 2015-12-06 21:26 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 16:55 - 2015-10-04 16:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 16:53 - 2015-10-04 16:51 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 21:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-22 21:18 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 21:45 - 2015-10-09 22:08 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Mp3tag
2017-02-20 21:36 - 2016-02-05 08:13 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2017-02-20 21:19 - 2016-02-05 08:12 - 00000000 ____D C:\ProgramData\Skype
2017-02-19 17:37 - 2017-01-29 19:46 - 00000134 _____ C:\Users\xxx\Documents\default.vsp
2017-02-19 16:21 - 2015-10-04 19:02 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-19 09:07 - 2016-03-08 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-14 19:45 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-14 19:45 - 2015-10-04 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-14 19:44 - 2016-03-11 00:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-13 00:38 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-10 03:33 - 2016-08-14 09:35 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-10 00:13 - 2016-09-24 23:32 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-09 23:57 - 2016-08-14 12:14 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-09 23:57 - 2016-08-14 12:14 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-08 18:03 - 2016-04-03 13:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVDVideoSoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-19 20:22 - 2017-02-19 20:22 - 0000042 _____ () C:\ProgramData\.SimImages
2015-12-12 04:23 - 2015-12-12 04:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-19 20:45 - 2017-01-24 18:29 - 0008442 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 20:45 - 2017-01-22 16:17 - 0020937 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-05 13:01

==================== Ende von FRST.txt ============================
         

Alt 10.03.2017, 22:04   #10
M-K-D-B
/// TB-Ausbilder
 
AdChoices im Firefox - Standard

AdChoices im Firefox



Servus,




Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Image File Execution Options Schlüssel
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Alt 10.03.2017, 23:22   #11
rka0
 
AdChoices im Firefox - Standard

AdChoices im Firefox



Hier erstmal das adwcleaner log:

Code:
ATTFilter
# AdwCleaner v6.044 - Bericht erstellt am 10/03/2017 um 22:51:15
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-10.1 [Lokal]
# Betriebssystem : Windows 10 Education  (X64)
# Benutzername : xxx - SCHWOBB
# Gestartet von : C:\Users\xxx\Desktop\adwcleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: 


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C2].txt - [1168 Bytes] - [10/03/2017 22:51:15]
C:\AdwCleaner\AdwCleaner[S3].txt - [1788 Bytes] - [10/03/2017 22:39:24]
C:\AdwCleaner\AdwCleaner[S4].txt - [1860 Bytes] - [10/03/2017 22:44:27]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1606 Bytes] ##########
         

(Nach Neustart verlangten utorrent, java, und die logitech software Änderungen an den Firewall-Einstellungen, die ich allesamt akzeptiert habe).

mbam

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 10.03.2017
Scan Time: 22:57
Logfile: mbam.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2017.03.10.07
Rootkit Database: v2017.03.10.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: xxx

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340587
Time Elapsed: 5 min, 1 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         
JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 10 Education x64 
Ran by xxx (Administrator) on 10.03.2017 at 23:13:37,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.03.2017 at 23:14:45,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
durchgeführt von xxx (Administrator) auf SCHWOBB (10-03-2017 23:18:29)
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Platform: Windows 10 Education Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(www.shadowexplorer.com) D:\ShadowExplorer\sesvc.exe
(Skype Technologies) D:\Skype\Updater\Updater.exe
(Electronic Arts) G:\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(ALCPU) D:\Core Temp\Core Temp.exe
(techPowerUp (www.techpowerup.com)) D:\GPU-Z\GPU-Z.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
() C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(Oracle Corporation) D:\Java64\bin\javaw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Elaborate Bytes AG) D:\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Creative Technology Ltd) D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(NVIDIA Corporation) C:\ProgramData\NVIDIA Corporation\Downloader\0cfd1195e705a478237a4db99f7ce77c\GeForce_Experience_Update_v3.4.0.70.exe
(NVIDIA Corporation) C:\Users\xxx\AppData\Local\Temp\NVIDIA\GFE\setup.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17305208 2016-12-08] (Logitech Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [PowerDVD16Agent] => D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe [525352 2016-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [uTorrent] => C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-04] (BitTorrent Inc.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2015-10-04]
ShortcutTarget: Universal Media Server.lnk -> D:\UMS\UMS.exe (Universal Media Server)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{91c30c7d-d0a5-4365-a93e-eafa498ca70d}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer64.dll [2016-04-03] (www.startisback.com)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java64\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java64\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer32.dll [2016-04-03] (www.startisback.com)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java32\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java32\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: febeprof.xxx
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx [2017-03-10]
FF Homepage: Mozilla\Firefox\Profiles\febeprof.xxx -> hxxp://www.spiegel-online.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\febeprof.xxx -> type", 0
FF Extension: (New XKit) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\@new-xkit.xpi [2016-10-07]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (DownThemAll! AntiContainer) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\anticontainer@downthemall.net.xpi [2016-04-15]
FF Extension: (MEGA) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\firefox@mega.co.nz.xpi [2017-03-09]
FF Extension: (Tumblr Savior) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2017-03-07]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-03-09]
FF Extension: (Japanese Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-ja@firefox.mozilla.org.xpi [2017-03-08]
FF Extension: (Save Images) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\LDSI_plashcor@gmail.com.xpi [2016-04-30]
FF Extension: (RememberPass) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\rememberpass@teesoft.info.xpi [2016-04-28]
FF Extension: (S3.Google Translator) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\s3google@translator.xpi [2016-10-19]
FF Extension: (Locale Switcher) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2016-04-28]
FF Extension: (Google  Image Search) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi [2016-04-28]
FF Extension: (Video DownloadHelper) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-01]
FF Extension: (DivX Wizard Pro) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cc79db9d-e06e-469f-932a-2537c0db2b4a}.xpi [2016-05-18] [ist nicht signiert]
FF Extension: (RightToClick) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-11-30]
FF Extension: (Adblock Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Tab Mix Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-01-31]
FF Extension: (DownThemAll!) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\features\{ba65d49e-9429-40ee-8d6e-203f1c721eb2}\disableSHA1rollout@mozilla.org.xpi [2017-03-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> D:\Java64\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> D:\Java64\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> D:\Java32\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> D:\Java32\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default [2017-03-10]
CHR Extension: (Google Präsentationen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-31]
CHR Extension: (Google Docs) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-31]
CHR Extension: (Google Drive) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-31]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-31]
CHR Extension: (Video Downloader professional) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-09-01]
CHR Extension: (Google Tabellen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-31]
CHR Extension: (Avira Browserschutz) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Google Mail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519144 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [25232 2016-12-09] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-01-20] (Digital Wave Ltd.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [22184 2015-07-29] (Micro-Star Int'l Co., Ltd.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-12-08] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2122248 2017-02-08] (Electronic Arts)
R2 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2184208 2017-02-08] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 sesvc; D:\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Datei ist nicht signiert]
R2 SkypeUpdate; D:\Skype\Updater\Updater.exe [317400 2017-01-16] (Skype Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ALSysIO; C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys [35320 2017-03-10] (Arthur Liberman) <==== ACHTUNG
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 GPU-Z; C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys [27008 2017-03-10] () <==== ACHTUNG
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-12-08] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-08] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2016-02-29] (Wondershare)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl [38168 2016-12-19] (CyberLink Corp.)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-10 23:18 - 2017-03-10 23:18 - 00030300 _____ C:\Users\xxx\Desktop\FRST.txt
2017-03-10 23:13 - 2017-03-10 23:13 - 01663736 _____ (Malwarebytes) C:\Users\xxx\Desktop\JRT.exe
2017-03-10 22:37 - 2017-03-08 23:10 - 04031440 _____ C:\Users\xxx\Desktop\adwcleaner_6.044.exe
2017-03-10 19:49 - 2017-03-10 19:52 - 00271972 _____ C:\TDSSKiller.3.1.0.12_10.03.2017_19.49.14_log.txt
2017-03-10 19:48 - 2017-03-09 22:31 - 02423808 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2017-03-10 19:48 - 2017-03-09 22:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\xxx\Desktop\tdsskiller.exe
2017-03-10 08:20 - 2017-03-10 23:17 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\uTorrent
2017-03-09 22:31 - 2017-03-10 23:18 - 00000000 ____D C:\FRST
2017-03-09 22:25 - 2017-03-09 22:25 - 00000000 _____ C:\Users\xxx\Desktop\Neues Textdokument.txt
2017-03-09 22:24 - 2017-03-09 22:41 - 00271972 _____ C:\TDSSKiller.3.1.0.12_09.03.2017_22.24.21_log.txt
2017-03-09 21:35 - 2017-03-09 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-08 23:10 - 2017-03-10 22:51 - 00000000 ____D C:\AdwCleaner
2017-03-06 21:50 - 2017-03-06 21:50 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-04 15:02 - 2017-03-04 15:09 - 05713860 _____ C:\Users\xxx\Desktop\robocopy_log3.txt
2017-03-04 14:23 - 2017-03-04 14:55 - 02310791 _____ C:\Users\xxx\Desktop\robocopy_log2.txt
2017-03-04 13:30 - 2017-03-04 13:05 - 00000000 __SHD C:\WINDOWS\system32\N;
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.QtWebEngineProcess
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.Origin
2017-02-25 01:18 - 2017-02-25 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-24 23:34 - 2017-03-05 21:43 - 00056509 _____ C:\Users\xxx\Desktop\48G.xlsx
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\Program Files (x86)\Skype
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Duplicate Finder
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\Program Files\Easy Duplicate Finder
2017-02-19 21:13 - 2017-03-02 20:59 - 00000024 _____ C:\Users\xxx\Documents\AutoSaveLastScanResults.dup
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\Documents\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\AppData\Roaming\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\ProgramData\Easy Duplicate Finder
2017-02-19 20:54 - 2017-02-19 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages
2017-02-19 20:22 - 2017-03-10 21:55 - 00000000 ____D C:\Users\xxx\AppData\Local\SimilarImages
2017-02-19 20:22 - 2017-02-19 20:22 - 00000042 _____ C:\ProgramData\.SimImages
2017-02-14 22:57 - 2017-02-14 23:09 - 00001274 _____ C:\Users\xxx\.jalview_properties
2017-02-14 19:44 - 2017-02-09 23:39 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-14 19:42 - 2017-02-10 03:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-13 00:38 - 2017-02-13 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-10 23:18 - 2016-12-19 20:45 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-10 23:18 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-10 23:17 - 2016-02-26 09:16 - 00000000 ___RD C:\Users\xxx\Google Drive
2017-03-10 23:17 - 2015-10-05 22:45 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2017-03-10 23:17 - 2015-10-04 20:43 - 00000000 ____D C:\ProgramData\UMS
2017-03-10 23:16 - 2016-08-14 12:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-10 23:16 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-10 23:15 - 2016-11-18 12:49 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\Mozilla
2017-03-10 22:59 - 2015-10-04 19:25 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2017-03-10 22:58 - 2016-07-16 23:57 - 01971100 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-10 22:58 - 2016-07-16 23:57 - 00513082 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-10 22:58 - 2015-10-04 16:26 - 04211776 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-10 22:56 - 2015-12-11 19:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-10 22:51 - 2016-01-04 08:10 - 00000000 ____D C:\Users\xxx\AppData\Local\CrashDumps
2017-03-10 22:51 - 2015-10-10 19:55 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-03-10 22:33 - 2016-08-14 12:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-10 13:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-10 11:11 - 2016-08-14 12:14 - 00013389 _____ C:\WINDOWS\BRRBCOM.INI
2017-03-10 00:58 - 2015-10-04 19:35 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Users\xxx\AppData\Local\Dropbox
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-08 23:33 - 2016-05-26 19:02 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVS
2017-03-08 23:21 - 2015-10-06 21:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-05 01:36 - 2016-08-14 12:16 - 00000000 ____D C:\Users\xxx
2017-03-05 01:31 - 2016-02-09 14:26 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Origin
2017-03-04 17:46 - 2016-02-09 14:26 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 13:06 - 2016-12-20 22:42 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2017-03-04 13:04 - 2015-10-04 16:23 - 00000000 ____D C:\Users\xxx\AppData\Local\Packages
2017-03-03 17:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-03 08:30 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-03 08:29 - 2016-10-08 09:03 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-03-01 23:14 - 2016-07-12 07:38 - 00053669 _____ C:\Users\xxx\Desktop\krams.xlsx
2017-03-01 23:04 - 2016-12-21 13:13 - 00000000 ____D C:\Users\xxx\Documents\Japanisch
2017-03-01 00:47 - 2015-10-05 22:52 - 00000000 ____D C:\Users\xxx\AppData\Roaming\avidemux
2017-02-28 23:25 - 2016-10-28 20:42 - 00000000 ____D C:\Users\xxx\AppData\Roaming\HandBrake
2017-02-25 12:30 - 2015-10-05 00:11 - 00000000 ____D C:\Users\xxx\AppData\Roaming\dvdcss
2017-02-25 01:18 - 2015-12-06 21:26 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 16:55 - 2015-10-04 16:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 16:53 - 2015-10-04 16:51 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 19:35 - 2017-01-24 18:29 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-02-23 19:35 - 2016-09-24 23:32 - 01880512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01468864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-02-23 15:32 - 2016-09-24 23:32 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-23 15:30 - 2016-12-19 20:45 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-02-22 21:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-22 21:18 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 21:45 - 2015-10-09 22:08 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Mp3tag
2017-02-20 21:36 - 2016-02-05 08:13 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2017-02-20 21:19 - 2016-02-05 08:12 - 00000000 ____D C:\ProgramData\Skype
2017-02-19 17:37 - 2017-01-29 19:46 - 00000134 _____ C:\Users\xxx\Documents\default.vsp
2017-02-19 16:21 - 2015-10-04 19:02 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-19 09:07 - 2016-03-08 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-14 19:45 - 2015-10-04 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-14 19:44 - 2016-03-11 00:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-13 00:38 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-10 03:33 - 2016-08-14 09:35 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-09 23:57 - 2016-08-14 12:14 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-09 23:57 - 2016-08-14 12:14 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-08 18:03 - 2016-04-03 13:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVDVideoSoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-19 20:22 - 2017-02-19 20:22 - 0000042 _____ () C:\ProgramData\.SimImages
2015-12-12 04:23 - 2015-12-12 04:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-19 20:45 - 2017-01-24 18:29 - 0008442 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 20:45 - 2017-01-22 16:17 - 0020937 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-05 13:01

==================== Ende von FRST.txt ============================
         
Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von xxx (10-03-2017 23:18:56)
Gestartet von C:\Users\xxx\Desktop
Windows 10 Education Version 1607 (X64) (2016-08-14 11:21:45)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4199837023-2687035150-3113593764-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4199837023-2687035150-3113593764-503 - Limited - Disabled)
Gast (S-1-5-21-4199837023-2687035150-3113593764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4199837023-2687035150-3113593764-1003 - Limited - Enabled)
xxx (S-1-5-21-4199837023-2687035150-3113593764-1001 - Administrator - Enabled) => C:\Users\xxx

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Anti-Twin (Installation 10.12.2015) (HKLM-x32\...\Anti-Twin 2015-12-10 22.13.58) (Version:  - Joerg Rosenthal, Germany)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{115347FE-037B-4F4D-86F2-057FEF294C7A}) (Version: 1.2.4.459 - Avira Operations GmbH & Co. KG)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Brother MFL-Pro Suite MFC-J5320DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Core Temp 1.6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.6 - ALCPU)
Crysis 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink MediaEspresso 7.5 (HKLM-x32\...\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}) (Version: 7.5.8022_61105 - CyberLink Corp.)
CyberLink PhotoDirector 7 (HKLM-x32\...\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}) (Version: 7.0.7504.0 - CyberLink Corp.)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.2406.60 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.14 - Infonautics GmbH, Switzerland)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duplicate Photo Cleaner (HKLM\...\Duplicate Photo Cleaner_is1) (Version:  - WebMinds, Inc.)
Easy Duplicate Finder (HKLM\...\{DA060B99-6B87-4D85-8B1A-29BCF6DF2B06}_is1) (Version:  - WebMinds, Inc.)
Eines de correcció del Microsoft Office 2016: català (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FLV Downloader (xmlbar) (nur entfernen) (HKLM-x32\...\Xmlbar FLVDownloader) (Version:  - )
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.31.119 - Digital Wave Ltd)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
Instrumente de verificare Microsoft Office 2016 - Română (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LCDSirReal - a multipurpose plugin for the Logitech G13/G15 (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\LCDSirReal) (Version:  - Link Data Stockholm)
Logitech Gaming Software 8.89 (HKLM\...\Logitech Gaming Software) (Version: 8.89.68 - Logitech Inc.)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2016  - German/Deutsch (HKLM\...\Office16.OMUI.de-de) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 de)) (Version: 52.0 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF-XChange Editor (HKLM\...\{3D1987D7-5A88-4DDA-9D29-6977AE2BDBD0}) (Version: 5.5.316.1 - Tracker Software Products (Canada) Ltd.)
PerigeeCopy 1.7 (HKLM\...\PerigeeCopy) (Version: 1.7 - Jeremy Stanley)
PicasaDownloader (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\052751e036427773) (Version: 1.0.0.25 - PicasaDownloader)
ProjectX - Complete (HKLM-x32\...\{513C7CA5-86D3-495D-B2D4-409EE41F68A7}_is1) (Version: 0.91.0.10 - WatchersNET)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RLinkToolbox 3.3.0.1896 (HKLM-x32\...\RLinkToolbox) (Version: 3.3.0.1896 - TomTom)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.486 - RStudio)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{E9DF9D95-BF8F-4264-B54E-988DAD71EE92}) (Version: 1.02.03 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version:  - Bethesda Game Studios)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 6.5.3 - Universal Media Server)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.OMUI.de-de_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05001D00-94EA-4916-995B-467D4900BEE8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {0B9CCC01-1DF2-4808-BF9A-AC12ADB03DA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {1A596B82-4A61-47BE-8E4B-5ADDD69D5009} - System32\Tasks\GPU-Z => D:\GPU-Z\GPU-Z.exe [2016-07-13] (techPowerUp (www.techpowerup.com))
Task: {1C4C8B66-4DF8-462F-8E87-CBE032ABAF30} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {2BFAAD70-8D29-466C-A07A-460F7C0F4C9A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {2FD6432B-C391-458F-9BE3-AB00C6407F77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {50B21913-5161-4191-BADF-F66225BCB709} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {7CEDE775-418E-4909-B886-9A30F522D9E8} - System32\Tasks\Core Temp Autostart xxx => D:\Core Temp\Core Temp.exe [2017-02-18] (ALCPU)
Task: {8C1234D8-F860-499B-B4FD-C1917BCF7D3C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {8CC6D714-CD0D-4CB5-98A3-A9D31B0220D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {A5D6499A-C992-48ED-B1F5-F3B8D64AF774} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {B28D159A-2323-481D-AD6E-82B161212314} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {B2BA0468-9693-4E8E-9C43-D5FFB4D52D46} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {BA2D4D30-2F9F-4788-9958-1A91D5180A1E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {C336F517-C7CA-4129-9A13-DCC6BA3331B8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {D19802B5-8605-4D2E-9056-1A8471F61B55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {D41E18A6-38D8-4A38-9382-6B3949BF6593} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {D9E404F0-FD41-414D-9B55-A30853C55AC3} - System32\Tasks\DeviceDetector7.5 => D:\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [2016-08-22] (CyberLink Corp.)
Task: {EFD345F9-A347-405E-A865-C1F58F6BCF8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-14 12:14 - 2017-02-09 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 10:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 19:16 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 19:16 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 19:16 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2011-06-21 10:14 - 2011-06-21 10:14 - 00207872 _____ () C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
2013-02-13 03:37 - 2013-02-13 03:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2016-10-26 00:16 - 2017-01-19 12:35 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-10-26 00:37 - 2017-02-08 23:04 - 02493440 _____ () G:\Origin\libGLESv2.dll
2017-03-10 23:17 - 2017-03-10 23:17 - 00098816 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32api.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00110080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\pywintypes27.dll
2017-03-10 23:17 - 2017-03-10 23:17 - 00364544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\pythoncom27.dll
2017-03-10 23:17 - 2017-03-10 23:17 - 00320512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32com.shell.shell.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00914432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_hashlib.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 01176576 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._core_.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00806400 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._gdi_.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00816128 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._windows_.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 01067008 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._controls_.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00733184 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._misc_.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00682496 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\pysqlite2._sqlite.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_ctypes.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00686080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\unicodedata.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00119808 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32file.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00108544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32security.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00007168 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\hashobjs_ext.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00017920 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\thumbnails_ext.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\usb_ext.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00012800 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\common.time34.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00018432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32event.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00167936 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32gui.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00046080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_socket.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 01303552 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_ssl.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00128512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_elementtree.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00127488 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\pyexpat.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00038912 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32inet.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00036864 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_psutil_windows.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00524248 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\windows._lib_cacheinvalidation.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00011264 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32crypt.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00123392 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._wizard.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00077312 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._html2.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00027648 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_multiprocessing.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00020480 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_yappi.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00035840 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32process.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00078848 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._animate.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00024064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32pipe.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00010240 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\select.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00025600 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32pdh.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00017408 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32profile.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00022528 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 21:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2015-12-12 08:23 - 2017-02-09 03:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-09 21:35 - 2017-02-09 03:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 08:23 - 2017-02-09 03:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-09 21:35 - 2017-02-09 03:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-04 23:21 - 2017-02-09 03:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-27 20:55 - 2017-03-06 22:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 12:42 - 2017-03-06 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-12 09:35 - 2017-03-06 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 21:35 - 2017-02-09 03:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-03-09 21:35 - 2016-12-02 22:44 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-09 21:35 - 2017-02-09 03:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-09 21:35 - 2017-02-09 03:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-01-28 22:41 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-24 23:32 - 2017-02-23 19:34 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-09-24 23:32 - 2017-02-23 15:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-24 23:32 - 2017-02-23 15:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-27 18:55 - 2016-11-27 18:55 - 00021680 _____ () D:\NPP\Notepad++\plugins\NppExport.dll
2015-05-15 15:24 - 2015-05-15 15:24 - 02873856 _____ () D:\NPP\Notepad++\plugins\NppFTP.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{718C9E62-BD64-4930-8C6D-6C4D05D17421}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{4B69572B-2F6D-4B94-A786-C414A289F482}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{7BEB64AB-AE33-428C-9DD8-E8F00C7AA2F1}C:\users\tim\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tim\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{CAAB1C6D-0865-45EA-8A97-4FA45569B558}C:\users\tim\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tim\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{B525EECE-5BBF-4902-A392-E9A89DE2CCCE}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{16170517-E72C-419B-8876-80F06846C60F}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{D9371820-BFE5-416A-853F-E4940F32A9B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{5923764D-84CC-480B-AEE7-A40C086602FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0EE97BF4-38FE-4D45-87E7-F0CAA4A0ACC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6374BA76-38CB-4DA9-9171-CAEEAEFE70A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B240CBB2-2D5C-4EC3-B5C2-D507BC6D82F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Wiederherstellungspunkte =========================

20-02-2017 19:46:26 Geplanter Prüfpunkt
24-02-2017 16:53:10 Windows Update
04-03-2017 13:05:27 Removed EndNote X8
10-03-2017 23:13:37 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/10/2017 11:13:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/10/2017 10:51:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 52.0.0.6270, Zeitstempel: 0x58b88eeb
Name des fehlerhaften Moduls: mozglue.dll, Version: 52.0.0.6270, Zeitstempel: 0x58b88a72
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000f775
ID des fehlerhaften Prozesses: 0x275c
Startzeit der fehlerhaften Anwendung: 0x01d299e80e0bd966
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: d030e671-53a8-4f70-846c-648c284d1121
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/10/2017 09:34:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 52.0.0.6270 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f00

Startzeit: 01d299da5faf31bb

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: f8ab30fc-05d0-11e7-9c94-08606ec1264e

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/10/2017 08:40:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "H:\Tools\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/10/2017 08:23:22 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/10/2017 12:44:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SimImages.exe, Version 2013.11.5076.20057 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17c0

Startzeit: 01d2992f0b26af13

Beendigungszeit: 4294967295

Anwendungspfad: D:\SimilarImages\SimImages.exe

Berichts-ID: 60c0351d-0522-11e7-9c94-08606ec1264e

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2017 04:02:11 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/08/2017 11:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FileHippo.AppManager.exe, Version 2.0.0.392 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 169c

Startzeit: 01d2985a2f6bc2e1

Beendigungszeit: 6

Anwendungspfad: D:\FileHippo.com\FileHippo.AppManager.exe

Berichts-ID: 286b5e67-044e-11e7-9c93-08606ec1264e

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/08/2017 07:28:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "d:\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/08/2017 07:28:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSMediaInfoPDVD16.exe".
Die abhängige Assemblierung "CLMSMediaInfo.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (03/10/2017 11:17:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/10/2017 11:16:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/10/2017 11:13:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/10/2017 10:57:33 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: SCHWOBB)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \S-1-5-21-4199837023-2687035150-3113593764-1001-1-ntuser.dat

Error: (03/10/2017 10:57:08 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: SCHWOBB)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \S-1-5-21-4199837023-2687035150-3113593764-1001-0-ntuser.dat

Error: (03/10/2017 10:52:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/10/2017 10:51:38 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/10/2017 10:51:29 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (03/10/2017 10:51:05 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA LocalSystem Container" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (03/10/2017 10:51:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-12-06 11:11:22.214
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-12-06 11:11:20.004
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-28 01:04:22.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-28 01:03:41.966
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:51.234
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:47.720
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:42.608
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-06 19:09:28.918
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-06 19:09:25.934
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8139.25 MB
Verfügbarer physikalischer RAM: 5320.32 MB
Summe virtueller Speicher: 9419.25 MB
Verfügbarer virtueller Speicher: 6083.2 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.4 GB) (Free:137.88 GB) NTFS
Drive d: (Programme) (Fixed) (Total:29.3 GB) (Free:22.42 GB) NTFS
Drive e: (48G) (Fixed) (Total:1277.08 GB) (Free:217.14 GB) NTFS
Drive f: (Music) (Fixed) (Total:58.59 GB) (Free:17.59 GB) NTFS
Drive g: (Games) (Fixed) (Total:97.66 GB) (Free:14.88 GB) NTFS
Drive h: (Stuff) (Fixed) (Total:400.39 GB) (Free:213.35 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E0AFA54B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 64BFCCCC)
Partition 1: (Not Active) - (Size=1277.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=429.7 GB) - (Type=OF Extended)

==================== Ende von Addition.txt ============================
         

Problem ist immer noch vorhanden, aber nicht auf allen Seiten von stern.de, zb hier schon:
hxxp://www.stern.de/wirtschaft/news/lidl--dm--deichmann--diese-marken-liegen-im-preis-leistungs-verhaeltnis-ganz-vorne-7357746.html

aber hier nicht:
hxxp://www.stern.de/panorama/stern-crime/herne--marcel-h--gesteht-zwei-morde---ermittler-geben-erste-pressekonferenz-7363804.html

Ansonsten keinerlei Probleme auf Seiten, die ich sonst oft benutze.

Alt 11.03.2017, 12:37   #12
M-K-D-B
/// TB-Ausbilder
 
AdChoices im Firefox - Standard

AdChoices im Firefox



Servus,


wenn ich bei mir unter FF Adblock Plus und NoScript deaktiviere, sehe ich auch diese "AdChoices", ist einfach "Werbung" (ähnlich wie ein Werbebanner), aber es steckt jetzt keine Schadsoftware dahinter.
Deine Logdateien sehen auch gut aus.

AdBlockPlus ist nicht zufällig auf dieser Seite deaktiviert, oder?

Schau mal bei AdBlock Plus unter Filtereinstellungen nach.
Entferne ggf. den Haken bei "Einige nicht aufdringliche Werbung" zulassen.




Wir kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
SetDefaultFilePermissions: C:\WINDOWS\system32\N;
Folder: C:\WINDOWS\system32\N;
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.











Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST.

Alt 12.03.2017, 08:25   #13
rka0
 
AdChoices im Firefox - Standard

AdChoices im Firefox



fixlog.txt
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von xxx (12-03-2017 00:35:35) Run:1
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
SetDefaultFilePermissions: C:\WINDOWS\system32\N;
Folder: C:\WINDOWS\system32\N;
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         
*****************

Prozesse erfolgreich geschlossen.
"C:\WINDOWS\system32\N;" => Standard Berechtigungen erfolgreich wiederhergestellt.

========================= Folder: C:\WINDOWS\system32\N; ========================


====== Ende von Folder: ======


========= dir "%ProgramFiles%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 985E-D7C3

 Verzeichnis von C:\Program Files

19.02.2017  21:39    <DIR>          .
19.02.2017  21:39    <DIR>          ..
14.08.2016  09:47    <DIR>          CCleaner
14.08.2016  13:12    <DIR>          CMAK
04.03.2017  13:06    <DIR>          Common Files
09.02.2016  23:51    <DIR>          Creative
27.10.2016  00:13    <DIR>          DivX
24.09.2016  08:41    <DIR>          Duplicate Photo Cleaner
19.02.2017  21:39    <DIR>          Easy Duplicate Finder
20.02.2017  21:34    <DIR>          Internet Explorer
23.12.2016  22:40    <DIR>          Logitech Gaming Software
07.10.2015  22:42    <DIR>          Microsoft Analysis Services
07.10.2015  22:43    <DIR>          Microsoft Office
14.08.2016  13:10    <DIR>          MSBuild
28.01.2016  22:48    <DIR>          Nuance
10.03.2017  23:18    <DIR>          NVIDIA Corporation
14.08.2016  12:17    <DIR>          Realtek
14.08.2016  13:10    <DIR>          Reference Assemblies
27.01.2016  21:10    <DIR>          Tracker Software
15.09.2016  15:10    <DIR>          Windows Defender
30.09.2016  16:40    <DIR>          Windows Defender Advanced Threat Protection
04.10.2015  17:17    <DIR>          Windows Live
12.10.2016  21:11    <DIR>          Windows Mail
28.10.2016  12:04    <DIR>          Windows Media Player
16.07.2016  12:47    <DIR>          Windows Multimedia Platform
14.08.2016  12:21    <DIR>          Windows NT
12.10.2016  21:11    <DIR>          Windows Photo Viewer
16.07.2016  12:47    <DIR>          Windows Portable Devices
16.07.2016  12:47    <DIR>          WindowsPowerShell
               0 Datei(en),              0 Bytes
              29 Verzeichnis(se), 145.611.132.928 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 985E-D7C3

 Verzeichnis von C:\Program Files (x86)

11.03.2017  18:12    <DIR>          .
11.03.2017  18:12    <DIR>          ..
19.12.2016  22:12    <DIR>          Avira
07.04.2016  21:44    <DIR>          Brother
28.01.2016  22:42    <DIR>          Browny02
14.08.2016  13:12    <DIR>          CMAK
04.03.2017  13:06    <DIR>          Common Files
09.07.2016  06:52    <DIR>          ControlCenter4
14.08.2016  09:29    <DIR>          Creative
27.10.2016  00:13    <DIR>          CyberLink
27.10.2016  00:13    <DIR>          DivX
09.03.2017  21:35    <DIR>          Dropbox
26.10.2016  00:16    <DIR>          FreeCodecPack
19.08.2016  14:20    <DIR>          FreeCommander XE
25.02.2017  01:18    <DIR>          Google
10.11.2016  11:27    <DIR>          Hewlett-Packard
20.02.2017  21:34    <DIR>          Internet Explorer
07.10.2015  22:42    <DIR>          Microsoft Analysis Services
09.11.2015  19:15    <DIR>          Microsoft ASP.NET
07.10.2015  22:42    <DIR>          Microsoft Office
04.10.2015  17:17    <DIR>          Microsoft SQL Server Compact Edition
14.08.2016  12:17    <DIR>          Microsoft.NET
08.03.2017  23:21    <DIR>          Mozilla Firefox
14.08.2016  13:10    <DIR>          MSBuild
06.10.2015  21:59    <DIR>          MSI
28.01.2016  22:46    <DIR>          MSXML 4.0
27.10.2016  00:13    <DIR>          NSIS Uninstall Information
29.01.2016  23:16    <DIR>          Nuance
10.03.2017  23:18    <DIR>          NVIDIA Corporation
14.08.2016  13:10    <DIR>          Reference Assemblies
19.09.2016  16:55    <DIR>          RLinkToolbox 3
20.02.2017  21:19    <DIR>          Skype
19.09.2016  16:55    <DIR>          TomTom International B.V
10.03.2017  23:36    <DIR>          VulkanRT
15.09.2016  15:10    <DIR>          Windows Defender
04.10.2015  17:17    <DIR>          Windows Live
15.09.2016  15:10    <DIR>          Windows Mail
28.10.2016  12:04    <DIR>          Windows Media Player
16.07.2016  12:47    <DIR>          Windows Multimedia Platform
16.07.2016  12:47    <DIR>          Windows NT
12.10.2016  21:11    <DIR>          Windows Photo Viewer
16.07.2016  12:47    <DIR>          Windows Portable Devices
16.07.2016  12:47    <DIR>          WindowsPowerShell
               0 Datei(en),              0 Bytes
              43 Verzeichnis(se), 145.611.132.928 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 985E-D7C3

 Verzeichnis von C:\ProgramData

19.02.2017  20:22                42 .SimImages
19.12.2016  22:12    <DIR>          Avira
14.08.2016  12:17    <DIR>          Brother
07.11.2016  17:22    <DIR>          Canneverbe Limited
16.07.2016  12:47    <DIR>          Comms
09.07.2016  06:52    <DIR>          ControlCenter4
04.10.2015  17:01    <DIR>          Creative
27.10.2016  00:06    <DIR>          CyberLink
11.03.2017  17:34    <DIR>          DigitalWave.ApplicationUpdater_files
27.10.2016  00:13    <DIR>          DivX
07.10.2015  22:08    <DIR>          Dropbox
05.02.2016  23:03    <DIR>          Duplicate Photo Cleaner
19.02.2017  21:00    <DIR>          Easy Duplicate Finder
09.02.2016  14:26    <DIR>          Electronic Arts
16.10.2015  22:07    <DIR>          EPSON
27.01.2016  21:10    <DIR>          FileOpen
28.01.2016  22:47    <DIR>          FLEXnet
10.11.2016  11:27    <DIR>          Hewlett-Packard
27.01.2017  01:20    <DIR>          install_backup
27.10.2016  00:12    <DIR>          install_clap
07.04.2016  10:21    <DIR>          iSkysoft Application Common Data
25.04.2016  00:42    <DIR>          iSkysoft iTube Studio
12.12.2015  22:05    <DIR>          Leawo
04.10.2015  20:13    <DIR>          LogiShrd
03.04.2016  21:47    <DIR>          Malwarebytes
03.04.2016  22:17    <DIR>          Malwarebytes' Anti-Malware (portable)
11.01.2017  19:40    <DIR>          Microsoft Help
14.08.2016  12:25    <DIR>          Microsoft OneDrive
29.01.2016  23:16    <DIR>          Nuance
12.03.2017  00:30    <DIR>          NVIDIA
10.03.2017  23:37    <DIR>          NVIDIA Corporation
24.01.2017  18:29             8.442 NvTelemetryContainer.log
22.01.2017  16:17            20.937 NvTelemetryContainer.log_backup1
28.01.2017  16:48    <DIR>          Oracle
04.03.2017  17:46    <DIR>          Origin
13.02.2017  00:38    <DIR>          Package Cache
28.01.2016  22:42    <DIR>          PCFaxTx
04.10.2015  22:43    <DIR>          PDVD
20.12.2016  20:46    <DIR>          RavensburgerTipToi3
14.08.2016  12:22    <DIR>          regid.1991-06.com.microsoft
28.01.2016  22:52    <DIR>          ScanSoft
20.02.2017  21:19    <DIR>          Skype
16.07.2016  12:47    <DIR>          SoftwareDistribution
27.01.2017  01:20    <DIR>          SUPPORTDIR
04.10.2015  21:05    <DIR>          Temp
04.03.2017  13:06    <DIR>          Thomson.ResearchSoft.Installers
12.03.2017  00:30    <DIR>          UMS
14.08.2016  12:25    <DIR>          USOPrivate
14.08.2016  12:25    <DIR>          USOShared
07.04.2016  10:26    <DIR>          Wondershare AllMytube
11.12.2015  23:31    <DIR>          XDMessagingv4
               3 Datei(en),         29.421 Bytes
              48 Verzeichnis(se), 145.611.128.832 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 985E-D7C3

 Verzeichnis von C:\Users\xxx\AppData\Roaming

08.03.2017  23:35    <DIR>          .
08.03.2017  23:35    <DIR>          ..
04.10.2015  16:23    <DIR>          Adobe
27.11.2016  02:21    <DIR>          Audacity
01.03.2017  00:47    <DIR>          avidemux
04.10.2015  17:39    <DIR>          Avira
20.02.2016  22:27    <DIR>          baidu
20.02.2016  22:27    <DIR>          BaiduYunGuanjia
20.02.2016  22:27    <DIR>          BaiduYunKernel
25.11.2015  23:58    <DIR>          Brother
07.11.2016  17:22    <DIR>          Canneverbe Limited
15.11.2016  14:59    <DIR>          ControlCenter4
04.10.2015  21:03    <DIR>          CyberLink
10.12.2015  22:17    <DIR>          DigitalVolcano
31.05.2016  23:06    <DIR>          DirectoryListPrintPro
07.11.2016  18:30    <DIR>          DivX
07.10.2015  22:09    <DIR>          Dropbox
21.09.2016  22:54    <DIR>          DuplicatePhotoCleaner
25.02.2017  12:30    <DIR>          dvdcss
11.03.2017  17:33    <DIR>          DVDVideoSoft
08.03.2017  23:33    <DIR>          DVS
19.02.2017  21:00    <DIR>          EasyDuplicateFinder
11.03.2017  00:50    <DIR>          foobar2000
28.02.2017  23:25    <DIR>          HandBrake
28.10.2016  20:43    <DIR>          HandBrake Team
10.11.2016  11:24    <DIR>          hpqLog
04.10.2015  17:18    <DIR>          Identities
28.01.2016  22:39    <DIR>          InstallShield
09.11.2015  00:57    <DIR>          IrfanView
12.12.2015  22:05    <DIR>          Leawo
04.10.2015  20:07    <DIR>          Logishrd
04.10.2015  20:07    <DIR>          Logitech
04.10.2015  19:03    <DIR>          Macromedia
04.10.2015  16:40    <DIR>          Mozilla
20.02.2017  21:45    <DIR>          Mp3tag
29.12.2016  01:55    <DIR>          MPC-HC
14.08.2016  11:29    <DIR>          Notepad++
29.01.2016  21:54    <DIR>          Nuance
17.11.2016  00:25    <DIR>          NVIDIA
13.12.2015  21:10    <DIR>          Oracle
05.03.2017  01:31    <DIR>          Origin
31.05.2016  19:21    <DIR>          PortForward.com
20.12.2016  20:48    <DIR>          RavensburgerTipToi3
22.01.2017  23:18    <DIR>          RStudio
20.02.2017  21:36    <DIR>          Skype
04.10.2015  17:57    <DIR>          Sun
06.10.2015  21:56    <DIR>          Tracker Software
12.03.2017  00:32    <DIR>          uTorrent
31.07.2016  22:07    <DIR>          Video Downloader(xmlbar)
10.03.2017  23:36    <DIR>          vlc
09.10.2015  22:13    <DIR>          Windows Live Writer
10.10.2015  23:41    <DIR>          WinRAR
11.08.2016  09:01    <DIR>          www.shadowexplorer.com
29.01.2016  21:54    <DIR>          Zeon
               0 Datei(en),              0 Bytes
              54 Verzeichnis(se), 145.611.124.736 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 985E-D7C3

 Verzeichnis von C:\Users\xxx\AppData\Local

12.03.2017  00:31    <DIR>          .
12.03.2017  00:31    <DIR>          ..
06.12.2016  00:36    <DIR>          4kdownload.com
12.12.2015  08:23    <DIR>          ActiveSync
27.10.2016  07:54    <DIR>          Adobe
02.08.2016  11:52    <DIR>          Apps
06.10.2015  21:49    <DIR>          CEF
19.12.2016  20:45    <DIR>          Chromium
04.10.2015  16:58    <DIR>          Comms
14.08.2016  23:01    <DIR>          ConnectedDevicesPlatform
10.03.2017  22:51    <DIR>          CrashDumps
05.11.2016  11:03    <DIR>          Creative
27.10.2016  00:13    <DIR>          CyberLink
10.11.2015  15:03    <DIR>          Diagnostics
30.05.2016  12:31    <DIR>          Downloaded Installations
09.03.2017  21:35    <DIR>          Dropbox
18.02.2016  21:12    <DIR>          fontconfig
19.08.2016  14:20    <DIR>          FreeCommanderXE
27.01.2017  22:16    <DIR>          Google
04.10.2015  20:11    <DIR>          Logitech
04.10.2015  19:03    <DIR>          Macromedia
04.10.2015  20:59    <DIR>          MediaServer
28.11.2015  20:13    <DIR>          MediaShow
07.01.2017  02:00    <DIR>          Microsoft
26.08.2016  16:06    <DIR>          Microsoft Help
06.10.2015  20:33    <DIR>          MicrosoftEdge
06.02.2016  00:44    <DIR>          MindGems
07.10.2015  08:17    <DIR>          Mozilla
24.09.2016  23:32    <DIR>          NVIDIA
19.12.2016  20:45    <DIR>          NVIDIA Corporation
19.12.2016  20:58    <DIR>          Origin
04.03.2017  13:04    <DIR>          Packages
30.07.2016  22:44    <DIR>          Paint.NET
05.10.2015  20:18    <DIR>          PeerDistRepub
04.10.2015  19:18    <DIR>          Programs
04.10.2015  16:23    <DIR>          Publishers
19.09.2016  16:55    <DIR>          Renault
22.01.2017  23:18    <DIR>          RStudio-Desktop
11.03.2017  08:28    <DIR>          SimilarImages
28.10.2016  14:25    <DIR>          Skyrim Special Edition
07.01.2017  02:14    <DIR>          Steam
12.03.2017  00:31    <DIR>          Temp
04.10.2015  16:23    <DIR>          TileDataLayer
07.01.2017  02:11    <DIR>          Ubisoft Game Launcher
13.11.2015  17:46    <DIR>          VirtualStore
01.11.2016  09:25    <DIR>          Windows Live
04.10.2015  17:18    <DIR>          Windows Live Writer
               0 Datei(en),              0 Bytes
              47 Verzeichnis(se), 145.611.124.736 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 985E-D7C3

 Verzeichnis von C:\Program Files (x86)\Common Files

04.03.2017  13:06    <DIR>          .
04.03.2017  13:06    <DIR>          ..
27.10.2016  00:13    <DIR>          DivX Shared
11.03.2017  18:12    <DIR>          DVDVideoSoft
04.10.2015  16:35    <DIR>          InstallShield
28.01.2017  16:48    <DIR>          Java
19.02.2017  20:54    <DIR>          MaierSoft
14.08.2016  12:17    <DIR>          Microsoft Shared
27.10.2016  00:06    <DIR>          Nikon
20.12.2016  22:42    <DIR>          Risxtd
28.01.2016  22:52    <DIR>          ScanSoft Shared
16.07.2016  12:47    <DIR>          Services
20.02.2017  21:19    <DIR>          Skype
04.03.2017  17:53    <DIR>          Steam
16.07.2016  23:57    <DIR>          System
04.10.2015  17:03    <DIR>          Windows Live
               0 Datei(en),              0 Bytes
              16 Verzeichnis(se), 145.611.120.640 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramW6432%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 985E-D7C3

 Verzeichnis von C:\Program Files\Common Files

04.03.2017  13:06    <DIR>          .
04.03.2017  13:06    <DIR>          ..
07.10.2015  22:43    <DIR>          DESIGNER
12.10.2015  18:19    <DIR>          EPSON
14.08.2016  12:17    <DIR>          microsoft shared
16.07.2016  12:47    <DIR>          Services
14.08.2016  12:17    <DIR>          System
               0 Datei(en),              0 Bytes
               7 Verzeichnis(se), 145.611.128.832 Bytes frei

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 467092230 B
Java, Flash, Steam htmlcache => 63411234 B
Windows/system/drivers => 40960 B
Edge => 0 B
Chrome => 344602146 B
Firefox => 394653526 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 92381184 B
xxx => 69579905 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 00:35:43 ====
         
eset
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c95001652412bc49a0820d779545b4bc
# end=init
# utc_time=2017-03-11 11:39:18
# local_time=2017-03-12 12:39:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 32685
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c95001652412bc49a0820d779545b4bc
# end=updated
# utc_time=2017-03-11 11:44:11
# local_time=2017-03-12 12:44:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c95001652412bc49a0820d779545b4bc
# engine=32685
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-03-12 02:01:18
# local_time=2017-03-12 03:01:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 97 41977 48163886 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9000170 20614694 0 0
# scanned=378891
# found=7
# cleaned=0
# scan_time=8227
sh=21FBA3DF010A5D1144701EDBF30B54D45EADBB33 ft=1 fh=981326570f13c46b vn="Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung" ac=I fn="C:\ProgramData\DigitalWave.ApplicationUpdater_files\install_app_60.exe"
sh=21FBA3DF010A5D1144701EDBF30B54D45EADBB33 ft=1 fh=981326570f13c46b vn="Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung" ac=I fn="C:\Users\All Users\DigitalWave.ApplicationUpdater_files\install_app_60.exe"
sh=5C1016CEC291721EC6BD63A53C0A111295F31F14 ft=1 fh=40be34a04d220424 vn="Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung" ac=I fn="C:\Users\xxx\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter.exe"
sh=B453A3E737F7E34B4070207D63CE0E92287D8513 ft=1 fh=29e742d37976a7ed vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="H:\Tools\10AppsManager - CHIP-Installer.exe"
sh=D5BFE92E6128E41BF2538CDBD9C0AA34B0FC8CA9 ft=1 fh=7ebc9b6ec9275e3a vn="Win32/Toolbar.Conduit.AN eventuell unerwünschte Anwendung" ac=I fn="H:\Tools\CyberLink_MediaEspresso7.5_MEX160804-01.exe"
sh=65817D4AC14CDE00DE7C45E760A8E4A6FCD6EA98 ft=1 fh=cc6dca1f25b25b86 vn="Variante von Win32/Auslogics.C eventuell unerwünschte Anwendung" ac=I fn="H:\Tools\duplicate-file-finder-setup.exe"
sh=F1EFF6451CED129C0E5C0A510955F234A01158A0 ft=1 fh=332b4278a72373e2 vn="Variante von Win32/Toolbar.Babylon.E eventuell unerwünschte Anwendung" ac=I fn="H:\Tools\Unlocker1.9.2.exe"
         
Der Chip-Installer

Hitman
Code:
ATTFilter
HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : SCHWOBB
   Windows . . . . . . . : 10.0.0.14393.X64/4
   User name . . . . . . : SCHWOBB\xxx
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-03-12 08:26:18
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 30s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 2

   Objects scanned . . . : 2.046.321
   Files scanned . . . . : 53.206
   Remnants scanned  . . : 441.195 files / 1.551.920 keys

Suspicious files ____________________________________________________________

   C:\$Recycle.Bin\S-1-5-21-4199837023-2687035150-3113593764-1001\$R3B6JX6\FRST64.exe
      Size . . . . . . . : 2.423.808 bytes
      Age  . . . . . . . : 1.5 days (2017-03-10 19:48:58)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 0C11A0E7E1D7950EAAB54F640609BD62DC8E7F6CCBDD4520ACD6E0A67C252262
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -0.0s C:\Users\xxx\Desktop\tdsskiller.exe
          0.0s C:\$Recycle.Bin\S-1-5-21-4199837023-2687035150-3113593764-1001\$R3B6JX6\FRST64.exe

   C:\Users\xxx\Desktop\FRST64.exe
      Size . . . . . . . : 2.424.320 bytes
      Age  . . . . . . . : 0.3 days (2017-03-12 00:35:27)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 888080A18968475A4AF792C1F4EAED87442D61A9BD32DAAD9763CB641B5C97D9
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
         
frst.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017 01
durchgeführt von xxx (Administrator) auf SCHWOBB (12-03-2017 08:30:55)
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Platform: Windows 10 Education Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) G:\Origin\OriginWebHelperService.exe
(www.shadowexplorer.com) D:\ShadowExplorer\sesvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(ALCPU) D:\Core Temp\Core Temp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(techPowerUp (www.techpowerup.com)) D:\GPU-Z\GPU-Z.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
() C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(Oracle Corporation) D:\Java64\bin\javaw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Elaborate Bytes AG) D:\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Creative Technology Ltd) D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(SurfRight B.V.) C:\Users\xxx\Desktop\HitmanPro_x64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_221.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_221.exe
(Don HO don.h@free.fr) D:\NPP\Notepad++\notepad++.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17305208 2016-12-08] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [PowerDVD16Agent] => D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe [525352 2016-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [uTorrent] => C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-04] (BitTorrent Inc.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2015-10-04]
ShortcutTarget: Universal Media Server.lnk -> D:\UMS\UMS.exe (Universal Media Server)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{91c30c7d-d0a5-4365-a93e-eafa498ca70d}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer64.dll [2016-04-03] (www.startisback.com)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java64\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java64\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer32.dll [2016-04-03] (www.startisback.com)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java32\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java32\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: febeprof.xxx
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx [2017-03-12]
FF Homepage: Mozilla\Firefox\Profiles\febeprof.xxx -> hxxp://www.spiegel-online.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\febeprof.xxx -> type", 0
FF Extension: (New XKit) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\@new-xkit.xpi [2016-10-07]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (DownThemAll! AntiContainer) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\anticontainer@downthemall.net.xpi [2016-04-15]
FF Extension: (MEGA) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\firefox@mega.co.nz.xpi [2017-03-09]
FF Extension: (Tumblr Savior) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2017-03-07]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-03-09]
FF Extension: (Japanese Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-ja@firefox.mozilla.org.xpi [2017-03-08]
FF Extension: (Save Images) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\LDSI_plashcor@gmail.com.xpi [2016-04-30]
FF Extension: (RememberPass) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\rememberpass@teesoft.info.xpi [2016-04-28]
FF Extension: (S3.Google Translator) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\s3google@translator.xpi [2016-10-19]
FF Extension: (Locale Switcher) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2016-04-28]
FF Extension: (Google  Image Search) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi [2016-04-28]
FF Extension: (Video DownloadHelper) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-01]
FF Extension: (DivX Wizard Pro) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cc79db9d-e06e-469f-932a-2537c0db2b4a}.xpi [2016-05-18] [ist nicht signiert]
FF Extension: (RightToClick) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-11-30]
FF Extension: (Adblock Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Tab Mix Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-01-31]
FF Extension: (DownThemAll!) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> D:\Java64\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> D:\Java64\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> D:\Java32\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> D:\Java32\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default [2017-03-12]
CHR Extension: (Google Präsentationen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-31]
CHR Extension: (Google Docs) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-31]
CHR Extension: (Google Drive) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-31]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-31]
CHR Extension: (Video Downloader professional) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-09-01]
CHR Extension: (Google Tabellen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-31]
CHR Extension: (Avira Browserschutz) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Google Mail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519144 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [25232 2016-12-09] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-02-08] (Digital Wave Ltd.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [22184 2015-07-29] (Micro-Star Int'l Co., Ltd.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-12-08] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2122248 2017-02-08] (Electronic Arts)
R2 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2184208 2017-02-08] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 sesvc; D:\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Datei ist nicht signiert]
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [317400 2017-01-16] (Skype Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ALSysIO; C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys [35320 2017-03-12] (Arthur Liberman) <==== ACHTUNG
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 GPU-Z; C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys [27008 2017-03-12] () <==== ACHTUNG
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-12-08] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-08] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2a6e383a1adc0e24\nvlddmkm.sys [14569528 2017-02-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-02-23] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2016-02-29] (Wondershare)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl [38168 2016-12-19] (CyberLink Corp.)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-12 08:30 - 2017-03-12 08:31 - 00031061 _____ C:\Users\xxx\Desktop\FRST.txt
2017-03-12 08:25 - 2017-03-12 08:31 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-12 02:10 - 2017-03-12 08:25 - 11581544 _____ (SurfRight B.V.) C:\Users\xxx\Desktop\HitmanPro_x64.exe
2017-03-12 00:39 - 2017-03-12 00:39 - 00000000 ____D C:\Program Files (x86)\ESET
2017-03-12 00:38 - 2017-03-12 00:39 - 02870984 _____ (ESET) C:\Users\xxx\Desktop\esetsmartinstaller_deu.exe
2017-03-12 00:34 - 2017-03-12 00:34 - 00000000 _____ C:\Users\xxx\Desktop\Neues Textdokument.txt
2017-03-12 00:30 - 2017-03-12 00:36 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\uTorrent
2017-03-10 23:36 - 2017-02-23 09:17 - 00136064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-03-10 23:35 - 2017-03-10 23:36 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-10 23:34 - 2017-02-23 23:55 - 00047664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 34992184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 19007528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 11019888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 08990256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 01985080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437878.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437878.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00989632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00721768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00687408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00573632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-03-10 23:13 - 2017-03-10 23:13 - 01663736 _____ (Malwarebytes) C:\Users\xxx\Desktop\JRT.exe
2017-03-10 22:37 - 2017-03-08 23:10 - 04031440 _____ C:\Users\xxx\Desktop\adwcleaner_6.044.exe
2017-03-10 19:49 - 2017-03-10 19:52 - 00271972 _____ C:\TDSSKiller.3.1.0.12_10.03.2017_19.49.14_log.txt
2017-03-10 19:48 - 2017-03-12 00:35 - 02424320 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2017-03-10 19:48 - 2017-03-09 22:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\xxx\Desktop\tdsskiller.exe
2017-03-09 22:31 - 2017-03-12 08:30 - 00000000 ____D C:\FRST
2017-03-09 22:24 - 2017-03-09 22:41 - 00271972 _____ C:\TDSSKiller.3.1.0.12_09.03.2017_22.24.21_log.txt
2017-03-09 21:35 - 2017-03-09 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-08 23:10 - 2017-03-10 22:51 - 00000000 ____D C:\AdwCleaner
2017-03-06 21:50 - 2017-03-06 21:50 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-04 15:02 - 2017-03-04 15:09 - 05713860 _____ C:\Users\xxx\Desktop\robocopy_log3.txt
2017-03-04 14:23 - 2017-03-04 14:55 - 02310791 _____ C:\Users\xxx\Desktop\robocopy_log2.txt
2017-03-04 13:30 - 2017-03-04 13:05 - 00000000 __SHD C:\WINDOWS\system32\N;
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.QtWebEngineProcess
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.Origin
2017-02-25 01:18 - 2017-02-25 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-24 23:34 - 2017-03-05 21:43 - 00056509 _____ C:\Users\xxx\Desktop\48G.xlsx
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\Program Files (x86)\Skype
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Duplicate Finder
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\Program Files\Easy Duplicate Finder
2017-02-19 21:13 - 2017-03-02 20:59 - 00000024 _____ C:\Users\xxx\Documents\AutoSaveLastScanResults.dup
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\Documents\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\AppData\Roaming\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\ProgramData\Easy Duplicate Finder
2017-02-19 20:54 - 2017-02-19 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages
2017-02-19 20:22 - 2017-03-11 08:28 - 00000000 ____D C:\Users\xxx\AppData\Local\SimilarImages
2017-02-19 20:22 - 2017-02-19 20:22 - 00000042 _____ C:\ProgramData\.SimImages
2017-02-14 22:57 - 2017-02-14 23:09 - 00001274 _____ C:\Users\xxx\.jalview_properties
2017-02-14 19:42 - 2017-02-23 11:32 - 28252608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-13 00:38 - 2017-02-13 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-12 08:28 - 2015-10-05 22:45 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2017-03-12 08:19 - 2016-11-18 12:49 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\Mozilla
2017-03-12 08:18 - 2016-08-14 12:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-12 01:52 - 2015-10-04 19:25 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2017-03-12 01:21 - 2015-10-04 19:35 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2017-03-12 00:42 - 2016-07-16 23:57 - 02018164 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-12 00:42 - 2016-07-16 23:57 - 00526636 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-12 00:42 - 2015-10-04 16:26 - 04299346 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-12 00:36 - 2016-08-14 12:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-12 00:36 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-12 00:36 - 2016-02-26 09:16 - 00000000 ___RD C:\Users\xxx\Google Drive
2017-03-12 00:36 - 2015-10-04 20:43 - 00000000 ____D C:\ProgramData\UMS
2017-03-12 00:35 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-12 00:35 - 2016-04-26 20:00 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\Temp
2017-03-11 18:12 - 2016-10-26 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2017-03-11 17:34 - 2017-01-27 21:56 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-03-11 17:33 - 2016-04-03 13:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVDVideoSoft
2017-03-11 15:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-11 07:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-10 23:37 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-10 23:37 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-10 23:37 - 2015-10-04 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-10 23:36 - 2016-03-11 00:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-10 23:18 - 2016-12-19 20:45 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-10 22:56 - 2015-12-11 19:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-10 22:51 - 2016-01-04 08:10 - 00000000 ____D C:\Users\xxx\AppData\Local\CrashDumps
2017-03-10 22:51 - 2015-10-10 19:55 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-03-10 11:11 - 2016-08-14 12:14 - 00013389 _____ C:\WINDOWS\BRRBCOM.INI
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Users\xxx\AppData\Local\Dropbox
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-08 23:33 - 2016-05-26 19:02 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVS
2017-03-08 23:21 - 2015-10-06 21:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-05 01:36 - 2016-08-14 12:16 - 00000000 ____D C:\Users\xxx
2017-03-05 01:31 - 2016-02-09 14:26 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Origin
2017-03-04 17:46 - 2016-02-09 14:26 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 13:06 - 2016-12-20 22:42 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2017-03-04 13:04 - 2015-10-04 16:23 - 00000000 ____D C:\Users\xxx\AppData\Local\Packages
2017-03-03 08:30 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-03 08:29 - 2016-10-08 09:03 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-03-01 23:14 - 2016-07-12 07:38 - 00053669 _____ C:\Users\xxx\Desktop\krams.xlsx
2017-03-01 23:04 - 2016-12-21 13:13 - 00000000 ____D C:\Users\xxx\Documents\Japanisch
2017-03-01 00:47 - 2015-10-05 22:52 - 00000000 ____D C:\Users\xxx\AppData\Roaming\avidemux
2017-02-28 23:25 - 2016-10-28 20:42 - 00000000 ____D C:\Users\xxx\AppData\Roaming\HandBrake
2017-02-25 12:30 - 2015-10-05 00:11 - 00000000 ____D C:\Users\xxx\AppData\Roaming\dvdcss
2017-02-25 01:18 - 2015-12-06 21:26 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 16:55 - 2015-10-04 16:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 16:53 - 2015-10-04 16:51 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 23:55 - 2016-08-14 09:35 - 01600056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-02-23 23:55 - 2016-08-14 09:35 - 00217528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-02-23 19:35 - 2016-09-24 23:32 - 01880512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01468864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-02-23 19:34 - 2017-01-24 18:29 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-02-23 15:30 - 2016-12-19 20:45 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-02-23 11:32 - 2016-08-14 09:35 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-23 11:32 - 2016-08-14 09:35 - 09306312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-23 11:32 - 2016-08-14 09:35 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-23 11:32 - 2016-08-14 09:35 - 03596616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-23 11:32 - 2016-08-14 09:35 - 00576008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-23 11:32 - 2016-08-14 09:35 - 00043566 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-23 09:43 - 2016-09-24 23:32 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-23 09:28 - 2016-08-14 12:14 - 06401984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 02479160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-23 07:38 - 2016-08-14 12:14 - 07807027 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-22 21:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-22 21:18 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 21:45 - 2015-10-09 22:08 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Mp3tag
2017-02-20 21:36 - 2016-02-05 08:13 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2017-02-20 21:19 - 2016-02-05 08:12 - 00000000 ____D C:\ProgramData\Skype
2017-02-19 17:37 - 2017-01-29 19:46 - 00000134 _____ C:\Users\xxx\Documents\default.vsp
2017-02-19 16:21 - 2015-10-04 19:02 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-19 09:07 - 2016-03-08 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-13 00:38 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Package Cache

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-19 20:22 - 2017-02-19 20:22 - 0000042 _____ () C:\ProgramData\.SimImages
2015-12-12 04:23 - 2015-12-12 04:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-19 20:45 - 2017-01-24 18:29 - 0008442 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 20:45 - 2017-01-22 16:17 - 0020937 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-05 13:01

==================== Ende von FRST.txt ============================
         

Geändert von rka0 (12.03.2017 um 08:39 Uhr)

Alt 12.03.2017, 08:37   #14
rka0
 
AdChoices im Firefox - Standard

AdChoices im Firefox



Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von xxx (12-03-2017 08:31:22)
Gestartet von C:\Users\xxx\Desktop
Windows 10 Education Version 1607 (X64) (2016-08-14 11:21:45)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4199837023-2687035150-3113593764-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4199837023-2687035150-3113593764-503 - Limited - Disabled)
Gast (S-1-5-21-4199837023-2687035150-3113593764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4199837023-2687035150-3113593764-1003 - Limited - Enabled)
xxx (S-1-5-21-4199837023-2687035150-3113593764-1001 - Administrator - Enabled) => C:\Users\xxx

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ansel (Version: 378.78 - NVIDIA Corporation) Hidden
Anti-Twin (Installation 10.12.2015) (HKLM-x32\...\Anti-Twin 2015-12-10 22.13.58) (Version:  - Joerg Rosenthal, Germany)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{115347FE-037B-4F4D-86F2-057FEF294C7A}) (Version: 1.2.4.459 - Avira Operations GmbH & Co. KG)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Brother MFL-Pro Suite MFC-J5320DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Core Temp 1.6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.6 - ALCPU)
Crysis 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink MediaEspresso 7.5 (HKLM-x32\...\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}) (Version: 7.5.8022_61105 - CyberLink Corp.)
CyberLink PhotoDirector 7 (HKLM-x32\...\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}) (Version: 7.0.7504.0 - CyberLink Corp.)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.2406.60 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.14 - Infonautics GmbH, Switzerland)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duplicate Photo Cleaner (HKLM\...\Duplicate Photo Cleaner_is1) (Version:  - WebMinds, Inc.)
Easy Duplicate Finder (HKLM\...\{DA060B99-6B87-4D85-8B1A-29BCF6DF2B06}_is1) (Version:  - WebMinds, Inc.)
Eines de correcció del Microsoft Office 2016: català (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Ferramentas de Verificação do Microsoft Office 2016 - Português (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FLV Downloader (xmlbar) (nur entfernen) (HKLM-x32\...\Xmlbar FLVDownloader) (Version:  - )
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.31.119 - Digital Wave Ltd)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.36.208 - Digital Wave Ltd)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
Instrumente de verificare Microsoft Office 2016 - Română (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LCDSirReal - a multipurpose plugin for the Logitech G13/G15 (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\LCDSirReal) (Version:  - Link Data Stockholm)
Logitech Gaming Software 8.89 (HKLM\...\Logitech Gaming Software) (Version: 8.89.68 - Logitech Inc.)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2016  - German/Deutsch (HKLM\...\Office16.OMUI.de-de) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 de)) (Version: 52.0 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.78 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.78 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.23 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF-XChange Editor (HKLM\...\{3D1987D7-5A88-4DDA-9D29-6977AE2BDBD0}) (Version: 5.5.316.1 - Tracker Software Products (Canada) Ltd.)
PerigeeCopy 1.7 (HKLM\...\PerigeeCopy) (Version: 1.7 - Jeremy Stanley)
PicasaDownloader (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\052751e036427773) (Version: 1.0.0.25 - PicasaDownloader)
ProjectX - Complete (HKLM-x32\...\{513C7CA5-86D3-495D-B2D4-409EE41F68A7}_is1) (Version: 0.91.0.10 - WatchersNET)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RLinkToolbox 3.3.0.1896 (HKLM-x32\...\RLinkToolbox) (Version: 3.3.0.1896 - TomTom)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.486 - RStudio)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{E9DF9D95-BF8F-4264-B54E-988DAD71EE92}) (Version: 1.02.03 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version:  - Bethesda Game Studios)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 6.5.3 - Universal Media Server)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.OMUI.de-de_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05001D00-94EA-4916-995B-467D4900BEE8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {0B9CCC01-1DF2-4808-BF9A-AC12ADB03DA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {1A596B82-4A61-47BE-8E4B-5ADDD69D5009} - System32\Tasks\GPU-Z => D:\GPU-Z\GPU-Z.exe [2016-07-13] (techPowerUp (www.techpowerup.com))
Task: {1C4C8B66-4DF8-462F-8E87-CBE032ABAF30} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {2BFAAD70-8D29-466C-A07A-460F7C0F4C9A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {2FD6432B-C391-458F-9BE3-AB00C6407F77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {50B21913-5161-4191-BADF-F66225BCB709} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {7CEDE775-418E-4909-B886-9A30F522D9E8} - System32\Tasks\Core Temp Autostart xxx => D:\Core Temp\Core Temp.exe [2017-02-18] (ALCPU)
Task: {8C1234D8-F860-499B-B4FD-C1917BCF7D3C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {8CC6D714-CD0D-4CB5-98A3-A9D31B0220D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {A5D6499A-C992-48ED-B1F5-F3B8D64AF774} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {B28D159A-2323-481D-AD6E-82B161212314} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {B2BA0468-9693-4E8E-9C43-D5FFB4D52D46} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {BA2D4D30-2F9F-4788-9958-1A91D5180A1E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {C336F517-C7CA-4129-9A13-DCC6BA3331B8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {D19802B5-8605-4D2E-9056-1A8471F61B55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {D41E18A6-38D8-4A38-9382-6B3949BF6593} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {D9E404F0-FD41-414D-9B55-A30853C55AC3} - System32\Tasks\DeviceDetector7.5 => D:\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [2016-08-22] (CyberLink Corp.)
Task: {EFD345F9-A347-405E-A865-C1F58F6BCF8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-14 12:14 - 2017-02-23 09:28 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () D:\Unlocker\UnlockerCOM.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 00230064 _____ () D:\NPP\Notepad++\NppShell_06.dll
2016-08-14 12:26 - 2016-08-14 12:26 - 00959168 _____ () C:\Users\xxx\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-15 10:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 19:16 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 19:16 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 19:16 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2011-06-21 10:14 - 2011-06-21 10:14 - 00207872 _____ () C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
2013-02-13 03:37 - 2013-02-13 03:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2016-10-26 00:16 - 2017-01-19 12:35 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-26 00:16 - 2017-02-08 14:44 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-02-08 14:44 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-02-08 14:44 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-10-26 00:37 - 2017-02-08 23:04 - 02493440 _____ () G:\Origin\libGLESv2.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-12 00:36 - 2017-03-12 00:36 - 00098816 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32api.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00110080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\pywintypes27.dll
2017-03-12 00:36 - 2017-03-12 00:36 - 00364544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\pythoncom27.dll
2017-03-12 00:36 - 2017-03-12 00:36 - 00320512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32com.shell.shell.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00914432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_hashlib.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 01176576 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._core_.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00806400 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._gdi_.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00816128 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._windows_.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 01067008 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._controls_.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00733184 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._misc_.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00682496 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\pysqlite2._sqlite.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_ctypes.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00686080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\unicodedata.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00119808 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32file.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00108544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32security.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00007168 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\hashobjs_ext.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00017920 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\thumbnails_ext.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\usb_ext.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00012800 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\common.time34.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00018432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32event.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00167936 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32gui.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00046080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_socket.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 01303552 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_ssl.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00128512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_elementtree.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00127488 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\pyexpat.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00038912 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32inet.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00036864 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_psutil_windows.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00524248 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\windows._lib_cacheinvalidation.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00011264 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32crypt.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00123392 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._wizard.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00077312 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._html2.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00027648 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_multiprocessing.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00020480 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_yappi.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00035840 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32process.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00078848 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._animate.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00024064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32pipe.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00010240 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\select.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00025600 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32pdh.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00017408 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32profile.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00022528 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32ts.pyd
2016-09-24 23:32 - 2017-02-23 19:34 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-03-09 21:35 - 2017-03-06 21:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2015-12-12 08:23 - 2017-02-09 03:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-09 21:35 - 2017-02-09 03:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 08:23 - 2017-02-09 03:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-09 21:35 - 2017-02-09 03:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-04 23:21 - 2017-02-09 03:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-27 20:55 - 2017-03-06 22:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 12:42 - 2017-03-06 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-12 09:35 - 2017-03-06 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 21:35 - 2017-02-09 03:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-03-09 21:35 - 2016-12-02 22:44 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-09 21:35 - 2017-02-09 03:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-09 21:35 - 2017-02-09 03:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-09-24 23:32 - 2017-02-23 15:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-24 23:32 - 2017-02-23 15:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-01-28 22:41 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 00021680 _____ () D:\NPP\Notepad++\plugins\NppExport.dll
2015-05-15 15:24 - 2015-05-15 15:24 - 02873856 _____ () D:\NPP\Notepad++\plugins\NppFTP.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{718C9E62-BD64-4930-8C6D-6C4D05D17421}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{4B69572B-2F6D-4B94-A786-C414A289F482}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{7BEB64AB-AE33-428C-9DD8-E8F00C7AA2F1}C:\users\tim\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tim\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{CAAB1C6D-0865-45EA-8A97-4FA45569B558}C:\users\tim\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tim\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{B525EECE-5BBF-4902-A392-E9A89DE2CCCE}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{16170517-E72C-419B-8876-80F06846C60F}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{D9371820-BFE5-416A-853F-E4940F32A9B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{5923764D-84CC-480B-AEE7-A40C086602FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0EE97BF4-38FE-4D45-87E7-F0CAA4A0ACC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6374BA76-38CB-4DA9-9171-CAEEAEFE70A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B240CBB2-2D5C-4EC3-B5C2-D507BC6D82F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{9CB4C646-F3C7-4E7B-9CA9-522D41389314}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D0F36A0A-12EC-4DCC-A262-8172DBEDC063}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Wiederherstellungspunkte =========================

20-02-2017 19:46:26 Geplanter Prüfpunkt
24-02-2017 16:53:10 Windows Update
04-03-2017 13:05:27 Removed EndNote X8
10-03-2017 23:13:37 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/12/2017 08:28:56 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "d:\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/12/2017 08:28:54 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/12/2017 08:28:41 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSMediaInfoPDVD16.exe".
Die abhängige Assemblierung "CLMSMediaInfo.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/12/2017 08:28:37 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "d:\xmlbar\flv downloader\FLVDownloader(xmlbar).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/12/2017 08:28:07 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/12/2017 02:27:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "H:\Tools\esetsmartinstaller_enu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/12/2017 02:26:46 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "H:\Tools\esetsmartinstaller_deu[1].exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/12/2017 12:44:09 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/12/2017 12:41:04 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "d:\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/12/2017 12:41:02 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.


Systemfehler:
=============
Error: (03/12/2017 12:44:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/12/2017 12:44:03 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\xxx\AppData\Local\Temp\ehdrv.sys

Error: (03/12/2017 12:44:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/12/2017 12:44:02 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\xxx\AppData\Local\Temp\ehdrv.sys

Error: (03/12/2017 12:44:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/12/2017 12:44:02 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\xxx\AppData\Local\Temp\ehdrv.sys

Error: (03/12/2017 12:39:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/12/2017 12:39:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\xxx\AppData\Local\Temp\ehdrv.sys

Error: (03/12/2017 12:39:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/12/2017 12:39:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\xxx\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-12-06 11:11:22.214
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-12-06 11:11:20.004
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-28 01:04:22.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-28 01:03:41.966
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:51.234
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:47.720
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-15 19:37:42.608
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-06 19:09:28.918
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-06 19:09:25.934
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8139.25 MB
Verfügbarer physikalischer RAM: 4949.73 MB
Summe virtueller Speicher: 9419.25 MB
Verfügbarer virtueller Speicher: 5049.03 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.4 GB) (Free:135.7 GB) NTFS
Drive d: (Programme) (Fixed) (Total:29.3 GB) (Free:22.42 GB) NTFS
Drive e: (48G) (Fixed) (Total:1277.08 GB) (Free:216.98 GB) NTFS
Drive f: (Music) (Fixed) (Total:58.59 GB) (Free:17.59 GB) NTFS
Drive g: (Games) (Fixed) (Total:97.66 GB) (Free:14.88 GB) NTFS
Drive h: (Stuff) (Fixed) (Total:400.39 GB) (Free:213.32 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E0AFA54B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 64BFCCCC)
Partition 1: (Not Active) - (Size=1277.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=429.7 GB) - (Type=OF Extended)

==================== Ende von Addition.txt ============================
         

Alt 12.03.2017, 12:37   #15
M-K-D-B
/// TB-Ausbilder
 
AdChoices im Firefox - Standard

AdChoices im Firefox



Servus,




Zitat:
CHIP-Installer.exe
Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?





Wie beim ESET-Suchlauf wieder den externen Datenträger (Laufwerk H) anschließen!






Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Du hast deinen richtigen Benutzernamen mit xxx unkenntlich gemacht, daher musst du für den folgenden Fix diese xxx selbst durch den richtigen Benutzernamen ersetzen, sonst wird der Fix nicht funktionieren!
Code:
ATTFilter
start
CloseProcesses:
C:\ProgramData\DigitalWave.ApplicationUpdater_files\install_app_60.exe
C:\Users\xxx\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter.exe
H:\Tools\10AppsManager - CHIP-Installer.exe
H:\Tools\CyberLink_MediaEspresso7.5_MEX160804-01.exe
H:\Tools\duplicate-file-finder-setup.exe
H:\Tools\Unlocker1.9.2.exe
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!








Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Cleanup:
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.





Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.




Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.




Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.




Optional:
Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .




Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.




Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Antwort

Themen zu AdChoices im Firefox
adchoices, doppel, doppelt, durchlauf, firefox, hilfe, hilfe!, links, malwarebytes, nicht




Ähnliche Themen: AdChoices im Firefox


  1. avast! meldet: URL Mal - https://54.186.138.97 - firefox.exe / Firefox addons unter anderem QueenaCouppoN
    Plagegeister aller Art und deren Bekämpfung - 31.12.2014 (4)
  2. Probleme mit Firefox, es öffnet sich beim Öffnen von Firefox immer ein zusätzlicher Tab
    Plagegeister aller Art und deren Bekämpfung - 02.12.2014 (7)
  3. AdChoices Befall?
    Plagegeister aller Art und deren Bekämpfung - 24.11.2014 (7)
  4. Probleme mit Firefox, es öffnet sich beim Öffnen von Firefox immer ein zusätzlicher Tab
    Mülltonne - 23.11.2014 (1)
  5. Tastatureingabe in Firefox verzögert, Probleme bei der Anwahl von Checkboxen in Firefox per Maus
    Log-Analyse und Auswertung - 12.11.2014 (11)
  6. Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird
    Plagegeister aller Art und deren Bekämpfung - 20.07.2014 (20)
  7. Werbefenster Adchoices
    Plagegeister aller Art und deren Bekämpfung - 03.07.2014 (9)
  8. Firefox/Win7 – übermäßige Werbung (Pseudo-Links und WerbeFenster) nach Firefox-Update
    Log-Analyse und Auswertung - 12.12.2013 (9)
  9. Plagegeister: überall Werbung "Google"-Anzeigen & Adchoices etc.
    Log-Analyse und Auswertung - 29.09.2013 (10)
  10. Nach WIN und Firefox Update ruckeln im Firefox und verschwundene Emails
    Log-Analyse und Auswertung - 08.01.2013 (28)
  11. Windows 7: Firefox Speicherbedarf steigt rapide/unbegrenzt in GB Höhen im Taskmanager an ! firefox.exe Trojaner oder Virus ?
    Log-Analyse und Auswertung - 15.10.2012 (4)
  12. Firefox öffnet Tab zu Kreditwerbung oder FIrefox startet auch selbsbt mit der Krditwerbung
    Log-Analyse und Auswertung - 18.01.2012 (1)
  13. Probleme mit Firefox: firefox.exe & svchost.exe laufen mehrfach im Hintergrund. PC befallen?
    Plagegeister aller Art und deren Bekämpfung - 09.04.2011 (20)
  14. Firefox pötzlich langsamer Seitenaufbau, firefox.exe umbenennen wirkt
    Alles rund um Windows - 21.02.2011 (5)
  15. Angehen eines Problems bei Firefox | Firefox arbeitet nicht mehr ordnungsgemäß.
    Alles rund um Windows - 23.06.2010 (4)
  16. Werbefenster in firefox und IE, firefox lässt sich nicht beenden
    Plagegeister aller Art und deren Bekämpfung - 22.04.2009 (18)
  17. Firefox öffnet automatisch unsichtbare ( nur im Taskmanager zu sehen Firefox.exe )
    Plagegeister aller Art und deren Bekämpfung - 27.01.2007 (1)

Zum Thema AdChoices im Firefox - Hallo, mal wieder ich. Diesmal sind es doppelt grün unterstrichene AdChoices Links, die bei stern.de auftauchen. Nicht aber bei Spiegel.de, zB. Ein erster Malwarebytes Durchlauf ergab null Treffer. Danke für - AdChoices im Firefox...
Archiv
Du betrachtest: AdChoices im Firefox auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.