Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
durchgeführt von Helliot (2016-01-12 16:56:08)
Gestartet von C:\Users\Helliot\Downloads
Windows 10 Home (X64) (2015-12-13 03:42:33)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1876908282-3715187805-3812892742-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1876908282-3715187805-3812892742-503 - Limited - Disabled)
Gast (S-1-5-21-1876908282-3715187805-3812892742-501 - Limited - Disabled)
GrandmasterACE (S-1-5-21-1876908282-3715187805-3812892742-1016 - Limited - Enabled) => C:\Users\GrandmasterACE
Helliot (S-1-5-21-1876908282-3715187805-3812892742-1000 - Administrator - Enabled) => C:\Users\Helliot
HomeGroupUser$ (S-1-5-21-1876908282-3715187805-3812892742-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.6.2.40658 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BlackBerry 10 Desktop Software (Blend, Link, Drivers) (HKLM-x32\...\{c33e77db-89b5-4abf-a1d1-97f8b35347e1}) (Version: 1.2.0.52 - BlackBerry)
BlackBerry Blend (x32 Version: 1.2.0.50 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden
BlackBerry Link (x32 Version: 1.2.4.39 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited)
Creative Media Toolbox 6 (Shared Components) (HKLM-x32\...\Uninstaller_B4736000_Creative Media Toolbox 6) (Version: 2.80.12 - Creative Labs)
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Curse Client - 1 (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
EVE Online (HKLM-x32\...\{506FAE69-5B35-448D-9755-0300C6074695}) (Version: 3.0.0 - CCP Games Ltd.)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.55163.11 - Electronic Arts)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.0.1224 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.60.713 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.60.713 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.75 (HKLM\...\Logitech Gaming Software) (Version: 8.75.30 - Logitech Inc.)
Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MeinPlatz (HKLM-x32\...\MeinPlatz) (Version: - )
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 44.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 en-US)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.103 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{CA0A90CB-F659-4E0B-B2A2-C8CF4B752AEC}) (Version: 1.01.26 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TL-WN951N Driver (HKLM-x32\...\{CCE177D2-8FE3-494A-82C9-958CC79E73AD}) (Version: 1.0.0 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK)
Unity Web Player (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.31 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
YGOPro DevPro Version 1.9.9 r0 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.9 r0 - YGOPro DevPro Online)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BAF27BF-317E-4F9F-866D-2D3139CCFF34} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {0FA189AC-D846-4D47-A7A6-11F51D4D432F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0FA26273-7FAD-412B-8A54-14A8B3D2D39C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {129BED33-3CE9-4E1F-B641-DC24D5841B84} - \Scheduled Update for Ask Toolbar -> Keine Datei <==== ACHTUNG
Task: {12C47B42-B987-4A43-9E3E-2E814AFD9548} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {166FCE99-6838-4B5D-B60D-A41A746D3D13} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {1832404E-9692-4663-ACA6-5D713B6CAFC1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {1AB1D862-115B-4532-B2BD-72D65EE6A1FB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1ADE08AA-BA76-401F-B3D4-574F04357706} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {1C5FACFA-D0E9-46C7-8A06-183A171AB770} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {1C8016AC-FDCC-4597-B7E2-3DDE2C1CF753} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {1ED31CEB-913B-43E9-BD79-0FC4CC548B8C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {1FFAD526-12D7-422C-94A2-EA03A99B865C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {272CB712-594B-4627-A297-6B7BF114F0E9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {2E7997BF-8BE5-4EA9-A95D-E716F1800359} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {306983FC-D0DD-43C6-A935-0BB56EDE5B1F} - System32\Tasks\{2BA6ACF8-89E4-4899-88B2-D50035EF4AD9} => pcalua.exe -a C:\Users\Helliot\Downloads\lgps306_x64.exe -d C:\Users\Helliot\Downloads
Task: {31C348EE-39DE-4C56-A188-BD2E156A3562} - System32\Tasks\{CB899C53-5DB9-467E-8867-F133565D31ED} => pcalua.exe -a C:\Users\Helliot\Downloads\ST6UNST.EXE -d C:\Users\Helliot\Downloads
Task: {34397EE7-82EA-4203-BD37-F94DC61DE797} - System32\Tasks\{17BEF078-1C17-4420-B061-2CACE9028188} => pcalua.exe -a "D:\TeamSpeak 3 Client\plugins\ts3overlay\InstallHook.exe" -d "D:\TeamSpeak 3 Client\plugins\ts3overlay\" -c ts3overlay_hook_win32.dll 10000
Task: {394FB6DE-C869-4527-BC1B-E1D35F603FB1} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {442D3110-9FD2-43A7-971C-DC34D69989A5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {4A085877-4476-44D8-9193-3F17B313E3DA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {4BF79F40-B555-4768-B224-1A47AA016F07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10] (Google Inc.)
Task: {4D0AB04A-F350-4043-B676-48092B046A5E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {550E0D98-DD00-4907-B1F3-342050FBB3D7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {583DC1B4-74AF-4E3A-BE6A-9E78CC05852D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {70A97BB3-69F7-4976-BD9E-98AA8325681C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {715D37B1-A3DF-4111-9DC8-E3688B397805} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {76E8A1DF-5686-4DD9-8B40-0B0A3B544844} - System32\Tasks\{FE381AB6-C174-4075-934D-0CA7B45F6436} => pcalua.exe -a C:\Users\Helliot\Downloads\iview436_setup.exe -d C:\Users\Helliot\Downloads
Task: {79AA9890-6934-4720-BA9C-3F221AC7780C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7A7302C8-8B82-4A9C-A2AC-A9502C9E8B33} - System32\Tasks\{0F242DDD-A1BC-4005-A10F-6407491B9130} => pcalua.exe -a C:\Users\Helliot\Downloads\iview438_setup.exe -d C:\Users\Helliot\Downloads
Task: {7F20631D-DDBA-4662-9ADD-972A633821DF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {8269CDF2-11EE-4254-A63A-A5B4CB6A4FCF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {856722EF-9D13-48DE-A22A-B5B31A9AB562} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.)
Task: {8986EF33-036D-4902-BD74-39173F903C5F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {8E0D05C1-BB4B-441A-810C-CA5922CF1485} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {934E48BA-8F6F-4440-94BB-CBF3E28E5242} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {95776C57-8195-4F99-8AED-83D520355001} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {9A3BFC41-1E53-4241-ACD1-45EC02B8D7EC} - System32\Tasks\{A99B40CB-B973-4B11-B60F-BBB00AB2B8D0} => pcalua.exe -a C:\Users\Helliot\Downloads\setup.exe -d C:\Users\Helliot\Downloads
Task: {9CD1CE2C-3259-4D6C-B40A-39041DC175FE} - System32\Tasks\{B71FEB14-4639-446D-9C4C-A9234DF5AEA0} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?source=lightinstaller&LastError=1603
Task: {A00CAA1B-8BF0-4D48-81F8-484EC4E2FCCA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A0BAE1AC-B615-4DC7-A6BC-208818B8C6D6} - System32\Tasks\{9EDECF64-1369-4E2A-8F7E-BB82E4B70D08} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe" -d "C:\Program Files (x86)\Common Files\DVDVideoSoft"
Task: {A10BB8C3-4BB5-40A4-80C3-5CD445BA035C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A3342FCF-E15A-4DD2-AD6D-D803A0A41C4D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.)
Task: {A38905B8-A9D4-4134-9EA2-95E0ADC091CB} - System32\Tasks\{D6C871A8-4AE8-4CA8-8D2D-903C91CEE857} => pcalua.exe -a C:\Users\Helliot\AppData\Local\Unity\WebPlayer\Uninstall.exe -c /CurrentUser
Task: {AD7DDE54-21D7-4517-9593-CA23E761D56B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {B69F42B8-3628-4405-BE43-14C98FACB725} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {BB35265D-4C7C-44EB-BE88-4671DD9185C5} - System32\Tasks\{B93B4226-99E3-4BF6-AA44-9ECA0DAAB36D} => D:\Makroman\Makroman\SETUP1.EXE <==== ACHTUNG
Task: {BBE2697C-FED9-40F8-B331-266EBE6B3D54} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {C1EE81B8-3064-4811-9A1F-F50B8B38C864} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E51E85FF-DA1B-4C44-8116-0B2B45B525CD} - System32\Tasks\{FA9E69F5-A168-4713-9AA8-C808C227B45E} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {EEECF037-8CAE-4B83-843A-93F8E0300FFC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F0B8B10F-9E59-4DCF-8784-313BA9D51F89} - \Software Updater Ui -> Keine Datei <==== ACHTUNG
Task: {F36832C7-49C6-4916-BA71-08229EB67DC3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F56BF364-2DC8-4852-A9C0-2BBA9E3A23C7} - \Software Updater -> Keine Datei <==== ACHTUNG
Task: {F728578E-C6EE-489E-8041-B07EF026CFD6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {F8CD663A-CDD3-46DA-96B4-01DE9C368CDD} - System32\Tasks\{57509CE6-97B6-428F-82D6-192E14C257B1} => pcalua.exe -a C:\Users\Helliot\Downloads\iview437_setup.exe -d C:\Users\Helliot\Downloads
Task: {FA98427E-7096-4310-AB47-6ACD728F7B2B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10] (Google Inc.)
Task: {FE9D1E75-C974-486A-9F60-3583C5E28F4A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-28] (Adobe Systems Incorporated)
Task: {FFAAE9E9-64F5-479D-82F1-DE976E312573} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-10-05 20:50 - 2012-02-07 16:27 - 00121344 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2015-12-22 07:25 - 2015-12-16 17:59 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-12-17 16:19 - 2014-12-17 16:19 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-22 07:24 - 2015-12-16 15:54 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-13 14:28 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-13 14:28 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-17 19:11 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 19:11 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-17 19:11 - 2015-12-07 04:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-17 19:11 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-17 19:11 - 2015-12-07 04:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-17 19:11 - 2015-12-07 04:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-10-14 17:35 - 2015-10-14 17:35 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-10-14 17:35 - 2015-10-14 17:35 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-05-20 13:00 - 2015-05-20 13:00 - 00688888 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2014-11-08 15:58 - 2015-12-25 20:19 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-11-08 15:58 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-11-08 15:58 - 2015-12-25 20:19 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-11-08 15:58 - 2015-12-25 20:19 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-11-08 15:58 - 2015-12-25 20:19 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2014-11-08 15:58 - 2015-12-25 20:19 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-05-26 16:46 - 2015-05-26 16:46 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2012-10-05 20:49 - 2012-02-07 16:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-12-22 07:25 - 2015-12-16 17:59 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2012-12-19 10:58 - 2012-12-19 10:58 - 00741376 _____ () C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\de-DE\SBRnPCIe.resources.dll
2015-12-11 23:26 - 2015-10-31 01:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-11 23:26 - 2015-10-31 01:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-11 23:26 - 2015-10-31 01:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-11 23:26 - 2015-10-31 01:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-11 23:26 - 2015-10-31 01:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-11 23:26 - 2015-12-08 22:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-11 23:26 - 2015-10-31 01:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-11 23:26 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2015-10-08 22:20 - 2015-11-05 01:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-11 23:26 - 2015-12-08 22:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 23:26 - 2015-10-31 01:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-11 23:26 - 2015-10-31 01:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-11 23:26 - 2015-12-08 22:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-11 23:26 - 2015-10-31 02:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-11 23:26 - 2015-12-08 22:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-10-08 22:20 - 2015-10-31 02:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-10-08 22:20 - 2015-10-31 02:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-10-08 22:20 - 2015-10-31 02:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-10-08 22:20 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-12-16 22:22 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 22:22 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1001movie.com -> 1001movie.com
Da befinden sich 6091 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-08-03 16:56 - 00512058 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 atlas.aamedia.ro
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
Da befinden sich 12238 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Helliot\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{0B927C76-4B63-49D9-B552-82C0679177C8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{C9633B9E-8683-45AF-A995-4D0E1F2E65DD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{528A0DB4-FF3D-4106-99A0-F6C9365FDCED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A64F415-5D25-48E7-94DE-9168E1652CB3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{58D27B29-5ACD-4521-A78E-32A63EF86B2C}] => (Allow) D:\Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{10B6A4D9-5E90-45A9-91F3-8A18A0DD6FE4}] => (Allow) D:\Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{BD92F302-3A60-421B-81EE-E27B96FB1499}] => (Allow) D:\Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{86B49B3B-F8E5-4F0B-BB50-273EA5E86CD1}] => (Allow) D:\Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{F26F807B-A4C1-4EB0-B068-A5DF04052E68}] => (Allow) D:\Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{DD0FAEE9-5067-4529-A699-95CE8D91E4BD}] => (Allow) D:\Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{DD80BF80-6811-4734-9F71-24E5099E44E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C82C500A-6C02-4AB0-A1F7-08D5E1C643F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5DE22059-C075-4ECC-BA29-BC9069EB1E38}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe
FirewallRules: [TCP Query User{A4979378-DE8B-43BF-A39F-34A777138062}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe
FirewallRules: [UDP Query User{6736FC8E-86F5-41AF-A63F-9B288EDD0082}D:\games\fifa 16\fifa16.exe] => (Allow) D:\games\fifa 16\fifa16.exe
FirewallRules: [TCP Query User{BC2333FE-7701-43C8-AFB2-28289DF59DA6}D:\games\fifa 16\fifa16.exe] => (Allow) D:\games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{139E65D7-9DCD-42EF-ABC2-EC92695412A5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{BBEB0FAD-4CB0-4310-A0EE-0730C19AA4A6}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{8BCFE5FC-41A5-45D9-9FEF-7E3B6A900579}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1C0A61B1-9D32-4E7C-B521-EEEE1F14D1E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6516A375-742D-4035-97B8-896233ABCCDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{266F4EF5-5086-403B-B76D-586F5A78A1DD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{A5CB5A06-45D4-4D3A-A828-A1E184DE4E24}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe
FirewallRules: [UDP Query User{42886E48-ADA7-493E-952F-05DE1702DD10}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe
FirewallRules: [{C383E550-1CE7-4780-BBD5-9D2DDE526464}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe
FirewallRules: [{DDF9335F-BDDD-4B7F-8B14-A7FABB7A2091}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe
FirewallRules: [{4ABB48F3-D3E9-4DFA-AFD5-D0DDD66A02B7}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe
FirewallRules: [{C511EC64-DA6D-47D2-8861-DAFD4B9C3D0C}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe
FirewallRules: [{54082D66-418E-4A5D-9A08-4EFCB793F141}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\lotroclient.exe
FirewallRules: [{0D3563E2-7D4F-4578-A815-56C21990E12E}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\lotroclient.exe
FirewallRules: [{62E85091-1CFC-49DA-A381-2D1506395D45}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\TurbineLauncher.exe
FirewallRules: [{19B2B5AA-747B-4F30-AC23-18C15E82E171}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\TurbineLauncher.exe
FirewallRules: [{7C8B3004-3CE9-47FD-831C-AFFF45483DFA}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{FB50B207-BF10-4790-ACF5-484770EFFEE0}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{AEBC00CF-B069-4B71-8101-DDFE72C6CF17}] => (Allow) E:\fsetup.exe
FirewallRules: [{AE686882-749D-4A38-BC40-18F97575F538}] => (Allow) E:\fsetup.exe
FirewallRules: [TCP Query User{568F984C-A586-447A-BE2F-2924A12E073C}D:\happycloud\cache\the lord of the rings online\lotroclient.exe] => (Allow) D:\happycloud\cache\the lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{AA814E8D-9E1D-4CBB-8FE4-C0D592C23130}D:\happycloud\cache\the lord of the rings online\lotroclient.exe] => (Allow) D:\happycloud\cache\the lord of the rings online\lotroclient.exe
FirewallRules: [TCP Query User{CA694090-E9C9-47D3-BF86-810657384E79}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe
FirewallRules: [UDP Query User{4A628D7D-758A-4D06-9011-9FEEA28EB724}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe
FirewallRules: [{FEF5D6AE-1286-4097-895E-4450CE2537B7}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{BA699DC5-1E88-46A3-AFB5-66FC9D576C8E}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{007CEA8A-D573-4120-8D82-61DE56CB1EF8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CEEAA8A5-DE66-4AE1-A0AC-C32E3F7DFF8B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{09F1FD38-46F2-4E41-A08F-04476436A305}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8627F46E-16B4-4BBB-9CC0-A692908A7A8C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E0FC1FC9-FD76-4D3A-B12E-24BD118389EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{0BFE8484-42BB-43CE-900A-C715C0AAEAF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{3F457E0B-8CFF-4DD1-A961-42A78A7717AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{618CC434-226B-40AB-AAC3-EE8718391229}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{0D630E23-8E0A-496F-BF36-DD040ADDAA35}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{96211E4D-9EC5-4531-A7EA-7A59F97A19BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{1C980DAD-44A9-4199-9F93-3576C8762AE2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{94555346-4E9B-4B5A-A411-4E0BA532EFB8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{92C946A5-3AF0-47C2-8DEA-0E02EA0F7C23}] => (Allow) D:\Games\World of Warcraft\Battle.net\Battle.net.exe
FirewallRules: [{1C6E86DD-CE22-49A9-AB02-4BD4C10E266F}] => (Allow) D:\Games\World of Warcraft\Battle.net\Battle.net.exe
FirewallRules: [{C8E8167A-3C00-451E-855D-D7901B16F8F9}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{06872F15-5385-41AC-8079-C60611B6358E}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{DB2796A6-36F4-4AAA-A64A-6BDD43E674BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{C062EB40-5993-4BF2-83D5-40F90E17617C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{113C377B-AC8C-43AC-9D5F-EEDE14BD5E42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{DEF0DFE0-21DB-471B-8A0D-147808AC19C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{BC812440-55D4-4BC1-959C-DA5CD16DDDF0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{9F8AB3E5-7A47-4416-A298-02EAEDBA6573}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [TCP Query User{B27F46D7-3CF8-4ECC-994B-AF6D6C8D5A53}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{4A9174EE-D4C6-4BF8-96B2-67245C1F64B0}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{C73009B1-FE7A-4DF9-8ED8-99C432CDD8CD}C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe] => (Allow) C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe
FirewallRules: [UDP Query User{C1B0777F-CDD3-4979-9F0E-F82C0D272668}C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe] => (Allow) C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe
FirewallRules: [TCP Query User{19291BB1-BDB3-46C4-B513-1B97032920DE}D:\program files (x86)\devpro\devpro.dll] => (Allow) D:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{76438013-4A59-4FC9-BD3A-2471DB68CF0D}D:\program files (x86)\devpro\devpro.dll] => (Allow) D:\program files (x86)\devpro\devpro.dll
FirewallRules: [TCP Query User{05C1F69D-E6F6-4425-82C8-15312204C9ED}D:\games\devpro\devpro.dll] => (Block) D:\games\devpro\devpro.dll
FirewallRules: [UDP Query User{F8A06B3C-70D5-4014-98FB-992F61B64E9F}D:\games\devpro\devpro.dll] => (Block) D:\games\devpro\devpro.dll
FirewallRules: [TCP Query User{1767DF7F-D26F-4569-9EA9-36D56D1F2676}C:\program files\java\jdk1.7.0_55\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_55\bin\javaw.exe
FirewallRules: [UDP Query User{F66A7FB9-CDA3-4F43-97BD-505A68E15983}C:\program files\java\jdk1.7.0_55\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_55\bin\javaw.exe
FirewallRules: [{BD5B5645-3564-4BB6-8B7C-A8C59F647846}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{B3757FFF-A038-4B20-B302-83EDDC5321B8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{F741DF01-B8CC-48BB-8080-9D07943C4585}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{4F5B615F-A185-49CE-B6B0-F00D6E3F0DA2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{1EFBABD3-4A5A-4B24-B021-33403EEF1488}C:\program files\java\jdk1.7.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_65\bin\jmc.exe
FirewallRules: [UDP Query User{03F12889-54C8-40F9-9670-20283152568B}C:\program files\java\jdk1.7.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_65\bin\jmc.exe
FirewallRules: [TCP Query User{E2CD74F6-A502-4F23-9673-754AD5843422}C:\program files\java\jdk1.7.0_71\bin\jmc.exe] => (Block) C:\program files\java\jdk1.7.0_71\bin\jmc.exe
FirewallRules: [UDP Query User{A81B6273-DE2B-4840-A2CB-BEC6D50855EA}C:\program files\java\jdk1.7.0_71\bin\jmc.exe] => (Block) C:\program files\java\jdk1.7.0_71\bin\jmc.exe
FirewallRules: [{6CC59246-0A26-48FA-AA4F-24DEA6959A32}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{5D003418-4478-4916-A94C-C1389C026E52}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{86F7CE9F-95AE-4B10-A9F6-DB7A634941D4}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{0BE5A949-3624-44D8-B737-0470666B92CC}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{B6917F29-E7FB-4AB4-9DD6-A14C32E2DA30}D:\games\eve online - kopie\bin\exefile.exe] => (Allow) D:\games\eve online - kopie\bin\exefile.exe
FirewallRules: [UDP Query User{BD67422D-2000-4041-8022-4BBB9E623E63}D:\games\eve online - kopie\bin\exefile.exe] => (Allow) D:\games\eve online - kopie\bin\exefile.exe
FirewallRules: [{1C78B32C-780E-4653-89DE-A0478DEE0EFE}] => (Allow) D:\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{BAF62BAC-7972-4943-B7D9-EE0615F3B043}] => (Allow) D:\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{AF4501EB-0F9E-45AF-B19F-08C35426302C}] => (Allow) D:\Games\Battlefield 4\bf4.exe
FirewallRules: [{A6A7E103-EA95-499B-8FEB-4A2B68C65449}] => (Allow) D:\Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{A8E5B9C8-D4C2-4674-86BF-D17D6F723B5F}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{4D25963D-066C-4A6A-A3FD-FBAC3E1622B6}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe
FirewallRules: [{3B9B8085-0F25-4F5E-83F2-BE5AED176A7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{2C46AC31-8D77-4D6D-9923-D3700243FD6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{12598A0D-DE41-41C5-A7DC-70A9C9F65465}] => (Allow) tunmgr.exe
FirewallRules: [{97C121A3-6E2F-4BCA-B1EF-1165F8AB668D}] => (Allow) tunmgr.exe
FirewallRules: [{9598F0AB-4875-4933-9305-89CB5CE9EFEB}] => (Allow) mDNSResponder.exe
FirewallRules: [{A9932669-337C-4B1A-BA01-F260855EE99D}] => (Allow) mDNSResponder.exe
FirewallRules: [{4EC7B0B2-6196-4431-B22B-09CF48CC57A7}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{7F73E8D7-58E6-41EF-8E45-D43686F0D421}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\tunnel manager\PeerManager.exe
FirewallRules: [{60AC01DD-CB9C-4612-9D4B-D4632D5314A5}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
FirewallRules: [TCP Query User{08775B4F-8238-4627-B2EB-3D0F8FC0FAB2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{06DE6B7B-51C4-4E95-BCB4-FD6A3A4C074E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{E496D335-EF2E-4F1E-9ADA-2B35E4C675EA}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{1743BE12-BA92-41AE-93B8-4571C581EF60}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{026A6911-15CD-4CE7-8866-E6B866937037}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe
FirewallRules: [UDP Query User{D7949B87-D512-40C3-B8C8-A23AFE6AEA08}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe
FirewallRules: [{4C5891E8-AC81-4E20-875C-3FCAFFA2AC9E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E55A4142-057F-4DCE-BAC9-B92C8499FED3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{27476226-F7CE-49F6-BE2E-FD27E31F64EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{68CBEDC1-9504-46DB-BEAF-9B796911DE9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{80E8BE5D-5E0D-45C1-A7A3-49017AB7AD4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3CDED019-2C56-4236-AC31-B86A348FDD99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7F8CD4F7-D92B-4180-937B-ACF897FA3FC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8D249944-9F82-4D57-A32A-26CFE3EF9234}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A24AC716-5A02-4A4B-8FCD-E0FEBDAC9CD8}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{8249C33E-CD22-4556-BAE8-45641D61DA7F}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/12/2016 04:48:19 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. PTR Morpheus-2.local.
Error: (01/12/2016 04:48:19 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 0000:0000:0000:0000:0000:0000:0000:0001:5353 16 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. PTR Morpheus.local.
Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 00000000 Our Record 3 won: 574FFCE2 24 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus-2.local.
Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 012095F0 Pkt Record: 0AF7FCCB 22 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus.local.
Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 00000000 Our Record 3 won: 574FFCE2 24 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus-2.local.
Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 012095F0 Pkt Record: 0AF7FCCB 22 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus.local.
Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 00000000 Our Record 3 won: 574FFCE2 24 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus-2.local.
Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 01201668 Pkt Record: 0AF7FCCB 22 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus.local.
Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 00000000 Our Record 3 won: 574FFCE2 24 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus-2.local.
Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 01201668 Pkt Record: 0AF7FCCB 22 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus.local.
Systemfehler:
=============
Error: (01/12/2016 04:48:06 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Für den Miniport "BlackBerry Tethering Device #2, {E1FF5A4A-7FA5-448A-803D-AB7237E7F4DD}" ist das Ereignis "74" aufgetreten.
Error: (01/12/2016 04:48:06 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Für den Miniport "BlackBerry Device #2, {40663FBD-1959-4C9A-AB8D-6ABB3F80EC9A}" ist das Ereignis "74" aufgetreten.
Error: (01/12/2016 12:44:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_53ec7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/11/2016 06:13:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/11/2016 06:12:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1dfb1b2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/11/2016 05:41:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.
Error: (01/10/2016 11:57:06 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (01/10/2016 11:57:06 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (01/10/2016 11:57:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_54c1b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/10/2016 05:36:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8087.05 MB
Verfügbarer physikalischer RAM: 5963.65 MB
Summe virtueller Speicher: 16279.05 MB
Verfügbarer virtueller Speicher: 13946 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:97.12 GB) (Free:39.35 GB) NTFS
Drive d: (Games) (Fixed) (Total:140.82 GB) (Free:19.6 GB) NTFS
Drive f: (Daten) (Fixed) (Total:1863.01 GB) (Free:1766.87 GB) NTFS
Drive g: (TrekStor) (Fixed) (Total:931.51 GB) (Free:875.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: E82530F0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=140.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2C3A71AB)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 0B51B638)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
17:07:04.0468 0x2384 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:07:20.0391 0x2384 ============================================================
17:07:20.0391 0x2384 Current date / time: 2016/01/12 17:07:20.0391
17:07:20.0391 0x2384 SystemInfo:
17:07:20.0391 0x2384
17:07:20.0391 0x2384 OS Version: 10.0.10586 ServicePack: 0.0
17:07:20.0391 0x2384 Product type: Workstation
17:07:20.0391 0x2384 ComputerName: MORPHEUS
17:07:20.0391 0x2384 UserName: Helliot
17:07:20.0391 0x2384 Windows directory: C:\WINDOWS
17:07:20.0391 0x2384 System windows directory: C:\WINDOWS
17:07:20.0391 0x2384 Running under WOW64
17:07:20.0391 0x2384 Processor architecture: Intel x64
17:07:20.0391 0x2384 Number of processors: 4
17:07:20.0391 0x2384 Page size: 0x1000
17:07:20.0391 0x2384 Boot type: Normal boot
17:07:20.0391 0x2384 ============================================================
17:07:20.0469 0x2384 KLMD registered as C:\WINDOWS\system32\drivers\57035583.sys
17:07:20.0984 0x2384 System UUID: {7C479E4E-87D6-DF4E-59D9-6ADEEC9560D2}
17:07:21.0375 0x2384 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:07:21.0375 0x2384 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:07:21.0375 0x2384 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:07:21.0391 0x2384 ============================================================
17:07:21.0391 0x2384 \Device\Harddisk0\DR0:
17:07:21.0391 0x2384 MBR partitions:
17:07:21.0391 0x2384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:07:21.0391 0x2384 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC23C800
17:07:21.0391 0x2384 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350000, BlocksNum 0x119A2800
17:07:21.0391 0x2384 \Device\Harddisk1\DR1:
17:07:21.0391 0x2384 MBR partitions:
17:07:21.0391 0x2384 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
17:07:21.0391 0x2384 \Device\Harddisk2\DR2:
17:07:21.0391 0x2384 MBR partitions:
17:07:21.0391 0x2384 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
17:07:21.0391 0x2384 ============================================================
17:07:21.0391 0x2384 C: <-> \Device\Harddisk0\DR0\Partition2
17:07:21.0391 0x2384 D: <-> \Device\Harddisk0\DR0\Partition3
17:07:21.0391 0x2384 F: <-> \Device\Harddisk1\DR1\Partition1
17:07:21.0406 0x2384 G: <-> \Device\Harddisk2\DR2\Partition1
17:07:21.0406 0x2384 ============================================================
17:07:21.0406 0x2384 Initialize success
17:07:21.0406 0x2384 ============================================================
17:08:04.0271 0x232c ============================================================
17:08:04.0271 0x232c Scan started
17:08:04.0271 0x232c Mode: Manual; SigCheck; TDLFS;
17:08:04.0271 0x232c ============================================================
17:08:04.0271 0x232c KSN ping started
17:08:06.0611 0x232c KSN ping finished: true
17:08:08.0161 0x232c ================ Scan system memory ========================
17:08:08.0161 0x232c System memory - ok
17:08:08.0161 0x232c ================ Scan services =============================
17:08:08.0208 0x232c 1394ohci - ok
17:08:08.0224 0x232c 3ware - ok
17:08:08.0240 0x232c ACPI - ok
17:08:08.0255 0x232c acpiex - ok
17:08:08.0255 0x232c acpipagr - ok
17:08:08.0271 0x232c AcpiPmi - ok
17:08:08.0286 0x232c acpitime - ok
17:08:08.0286 0x232c [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:08:08.0576 0x232c AdobeARMservice - ok
17:08:08.0654 0x232c [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:08:08.0654 0x232c AdobeFlashPlayerUpdateSvc - ok
17:08:08.0670 0x232c ADP80XX - ok
17:08:08.0685 0x232c AFD - ok
17:08:08.0705 0x232c agp440 - ok
17:08:08.0714 0x232c ahcache - ok
17:08:08.0714 0x232c AJRouter - ok
17:08:08.0730 0x232c ALG - ok
17:08:08.0730 0x232c AmdK8 - ok
17:08:08.0746 0x232c AmdPPM - ok
17:08:08.0746 0x232c amdsata - ok
17:08:08.0761 0x232c amdsbs - ok
17:08:08.0761 0x232c amdxata - ok
17:08:08.0777 0x232c AppHostSvc - ok
17:08:08.0777 0x232c AppID - ok
17:08:08.0792 0x232c AppIDSvc - ok
17:08:08.0792 0x232c Appinfo - ok
17:08:08.0808 0x232c AppReadiness - ok
17:08:08.0808 0x232c AppXSvc - ok
17:08:08.0824 0x232c arcsas - ok
17:08:08.0839 0x232c [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64 C:\WINDOWS\system32\drivers\asahci64.sys
17:08:08.0871 0x232c asahci64 - ok
17:08:08.0886 0x232c aspnet_state - ok
17:08:08.0886 0x232c AsyncMac - ok
17:08:08.0902 0x232c atapi - ok
17:08:08.0902 0x232c athr - ok
17:08:08.0917 0x232c AudioEndpointBuilder - ok
17:08:08.0917 0x232c Audiosrv - ok
17:08:08.0933 0x232c AxInstSV - ok
17:08:08.0933 0x232c b06bdrv - ok
17:08:08.0933 0x232c BasicDisplay - ok
17:08:08.0949 0x232c BasicRender - ok
17:08:08.0964 0x232c bcmfn - ok
17:08:08.0964 0x232c bcmfn2 - ok
17:08:08.0964 0x232c BDESVC - ok
17:08:08.0964 0x232c Beep - ok
17:08:08.0996 0x232c [ C88B130365524EC69F6B8E0D31D7561D, 5D3797C93420477F4509C037511D497448EFDA7D567E15CB623FB5EEE9209146 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
17:08:09.0011 0x232c BEService - ok
17:08:09.0027 0x232c BFE - ok
17:08:09.0027 0x232c BITS - ok
17:08:09.0042 0x232c [ FBCF6C6B5FF25AFC7A9CBE485ABFCF6E, 858D5435D167FF8AD6552C6151F62DFD273740B7F1E98147DD5A527D6DA350D6 ] BlackBerry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
17:08:09.0058 0x232c BlackBerry Device Manager - ok
17:08:09.0074 0x232c [ 03A9A5014F371F17FF5C8488A9A702CC, A50B3F30BE645C90BFDA16729A00B66E40ED617F33F092A9DB2C0530185A120B ] blackberryncm C:\WINDOWS\System32\drivers\blackberryncm6_AMD64.sys
17:08:09.0121 0x232c blackberryncm - ok
17:08:09.0121 0x232c bowser - ok
17:08:09.0136 0x232c BrokerInfrastructure - ok
17:08:09.0152 0x232c Browser - ok
17:08:09.0152 0x232c BthAvrcpTg - ok
17:08:09.0167 0x232c BthHFEnum - ok
17:08:09.0183 0x232c bthhfhid - ok
17:08:09.0199 0x232c BthHFSrv - ok
17:08:09.0214 0x232c BTHMODEM - ok
17:08:09.0230 0x232c bthserv - ok
17:08:09.0230 0x232c buttonconverter - ok
17:08:09.0246 0x232c CapImg - ok
17:08:09.0261 0x232c cdfs - ok
17:08:09.0261 0x232c CDPSvc - ok
17:08:09.0277 0x232c cdrom - ok
17:08:09.0292 0x232c CertPropSvc - ok
17:08:09.0308 0x232c circlass - ok
17:08:09.0324 0x232c CLFS - ok
17:08:09.0339 0x232c ClipSVC - ok
17:08:09.0355 0x232c CmBatt - ok
17:08:09.0371 0x232c CNG - ok
17:08:09.0371 0x232c cnghwassist - ok
17:08:09.0402 0x232c CompositeBus - ok
17:08:09.0417 0x232c COMSysApp - ok
17:08:09.0433 0x232c condrv - ok
17:08:09.0433 0x232c CoreMessagingRegistrar - ok
17:08:09.0480 0x232c [ BB812787B838A74943DEF209350C3883, 2C168F48A68644AA3CB6167BEC2A260E3E9C78D0766A15AA0FAA39CDBD7FA040 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:08:09.0527 0x232c cphs - ok
17:08:09.0542 0x232c [ D03466C36EF0E5C7694FF38B45271D9D, 367E0C1F0C49C31F26EC6A8828FE5727D70C637FD8C4213D10E43C80A0EA259E ] Creative Media Toolbox 6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
17:08:09.0589 0x232c Creative Media Toolbox 6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
17:08:11.0928 0x232c Detect skipped due to KSN trusted
17:08:11.0928 0x232c Creative Media Toolbox 6 Licensing Service - ok
17:08:11.0928 0x232c CryptSvc - ok
17:08:11.0944 0x232c [ 51D43B57EA8EFFE5CB1E27E01C100A2F, 68995F291422F2C5A2C9C4C673272754E3AC49ED53D6197675EB9E19028163C5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
17:08:11.0959 0x232c CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
17:08:14.0281 0x232c Detect skipped due to KSN trusted
17:08:14.0281 0x232c CTAudSvcService - ok
17:08:14.0313 0x232c [ FD70A153B4C0BE67743A1BD0574EC120, B0419E6981B7472A25C8EE5825248365BAF44B64DC3D620AB0EC92832F059FF6 ] cthda C:\WINDOWS\system32\drivers\cthda.sys
17:08:14.0328 0x232c cthda - ok
17:08:14.0360 0x232c [ BB776BDDBA1EB56C02FB9BDFE8256288, 0597506CF23EE141264849801404A242B8A644AAF084B6FE095A5B9EF06A8A2E ] CtHdaSvc C:\WINDOWS\sysWow64\CtHdaSvc.exe
17:08:14.0485 0x232c CtHdaSvc - ok
17:08:14.0500 0x232c [ 111C2183E72B0018D7F57AF31E7499DB, 2CD6E0FFC1CD210B45FC51EB7CEB0B336CDD9B910651B3551247E5116F019846 ] cthdb C:\WINDOWS\system32\DRIVERS\cthdb.sys
17:08:14.0563 0x232c cthdb - ok
17:08:14.0578 0x232c dam - ok
17:08:14.0578 0x232c dbupdate - ok
17:08:14.0578 0x232c dbupdatem - ok
17:08:14.0610 0x232c DcomLaunch - ok
17:08:14.0610 0x232c DcpSvc - ok
17:08:14.0625 0x232c defragsvc - ok
17:08:14.0641 0x232c DeviceAssociationService - ok
17:08:14.0656 0x232c DeviceInstall - ok
17:08:14.0656 0x232c DevQueryBroker - ok
17:08:14.0672 0x232c Dfsc - ok
17:08:14.0672 0x232c Dhcp - ok
17:08:14.0688 0x232c diagnosticshub.standardcollector.service - ok
17:08:14.0703 0x232c DiagTrack - ok
17:08:14.0750 0x232c [ 68BFCCC1EC25F0F942EA32AD9D67A131, CF19DA2816262D9D532249970581E55DF595A5FD0ABE44C5124A40F42A9B28B4 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
17:08:14.0766 0x232c DigitalWave.Update.Service - ok
17:08:14.0766 0x232c disk - ok
17:08:14.0781 0x232c DmEnrollmentSvc - ok
17:08:14.0781 0x232c dmvsc - ok
17:08:14.0797 0x232c dmwappushservice - ok
17:08:14.0797 0x232c Dnscache - ok
17:08:14.0813 0x232c dot3svc - ok
17:08:14.0813 0x232c DPS - ok
17:08:14.0828 0x232c drmkaud - ok
17:08:14.0844 0x232c DsmSvc - ok
17:08:14.0844 0x232c DsSvc - ok
17:08:14.0860 0x232c DXGKrnl - ok
17:08:14.0860 0x232c Eaphost - ok
17:08:14.0875 0x232c ebdrv - ok
17:08:14.0875 0x232c EFS - ok
17:08:14.0891 0x232c EhStorClass - ok
17:08:14.0891 0x232c EhStorTcgDrv - ok
17:08:14.0906 0x232c embeddedmode - ok
17:08:14.0922 0x232c EntAppSvc - ok
17:08:14.0938 0x232c ErrDev - ok
17:08:14.0953 0x0c50 Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc
17:08:14.0953 0x232c [ F0398A8040D902ED669B5C8C64AD855D, 77B784A6105E34F4ED480993F36B28C68F16080EB590623CBE8DE022274DA359 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
17:08:15.0016 0x232c ESProtectionDriver - ok
17:08:15.0031 0x232c EventSystem - ok
17:08:15.0047 0x232c exfat - ok
17:08:15.0047 0x232c fastfat - ok
17:08:15.0063 0x232c Fax - ok
17:08:15.0078 0x232c fdc - ok
17:08:15.0094 0x232c fdPHost - ok
17:08:15.0110 0x232c FDResPub - ok
17:08:15.0110 0x232c fhsvc - ok
17:08:15.0125 0x232c FileCrypt - ok
17:08:15.0141 0x232c FileInfo - ok
17:08:15.0157 0x232c Filetrace - ok
17:08:15.0172 0x232c flpydisk - ok
17:08:15.0188 0x232c FltMgr - ok
17:08:15.0188 0x232c FontCache - ok
17:08:15.0203 0x232c FontCache3.0.0.0 - ok
17:08:15.0219 0x232c FsDepends - ok
17:08:15.0219 0x232c Fs_Rec - ok
17:08:15.0235 0x232c fvevol - ok
17:08:15.0250 0x232c gagp30kx - ok
17:08:15.0250 0x232c gencounter - ok
17:08:15.0266 0x232c genericusbfn - ok
17:08:15.0407 0x232c [ 97DC871A801DF42AD1008F0BBFD1ED8E, 7D90E1064863D0E976B9D1529A07808E3A38BA0FFEF5E7E920CC049DC05A15F1 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
17:08:15.0625 0x232c GfExperienceService - ok
17:08:15.0657 0x232c GPIOClx0101 - ok
17:08:15.0657 0x232c gpsvc - ok
17:08:15.0672 0x232c GpuEnergyDrv - ok
17:08:15.0688 0x232c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:08:15.0688 0x232c gupdate - ok
17:08:15.0703 0x232c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:08:15.0766 0x232c gupdatem - ok
17:08:15.0782 0x232c HDAudBus - ok
17:08:15.0797 0x232c HidBatt - ok
17:08:15.0813 0x232c HidBth - ok
17:08:15.0828 0x232c hidi2c - ok
17:08:15.0828 0x232c hidinterrupt - ok
17:08:15.0844 0x232c HidIr - ok
17:08:15.0860 0x232c hidserv - ok
17:08:15.0875 0x232c HidUsb - ok
17:08:15.0875 0x232c HomeGroupListener - ok
17:08:15.0891 0x232c HomeGroupProvider - ok
17:08:15.0907 0x232c HpSAMD - ok
17:08:15.0922 0x232c HTTP - ok
17:08:15.0938 0x232c hwpolicy - ok
17:08:15.0953 0x232c hyperkbd - ok
17:08:15.0969 0x232c i8042prt - ok
17:08:15.0969 0x232c iai2c - ok
17:08:15.0985 0x232c iaLPSS2i_I2C - ok
17:08:16.0000 0x232c iaLPSSi_GPIO - ok
17:08:16.0000 0x232c iaLPSSi_I2C - ok
17:08:16.0016 0x232c iaStorAV - ok
17:08:16.0032 0x232c iaStorV - ok
17:08:16.0047 0x232c ibbus - ok
17:08:16.0063 0x232c [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
17:08:16.0063 0x232c ICCS - ok
17:08:16.0078 0x232c icssvc - ok
17:08:16.0094 0x232c IEEtwCollectorService - ok
17:08:16.0469 0x232c [ CEFA6BDB4789F3DA003ACBDCC64F5877, 0FE78AEFA9A75B4A99AD6B73AC3252E4C6DFA9D306FEC02D26C1FD574108BFBA ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:08:16.0532 0x232c igfx - ok
17:08:16.0594 0x232c [ 75909533EECD0CD9D5974B59474AA6C0, F81D0F949F1F01D09C91735C79288395B82C27B8FB78804752E5A678D7EF3860 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
17:08:16.0719 0x232c igfxCUIService1.0.0.0 - ok
17:08:16.0750 0x232c [ 67999A9D34A0B2479381E7A61AFC37AB, 7A1F72B2AD859345E1F092CE80C269767E4EF9931146B7F01E891EC12CCA684F ] ikbevent C:\WINDOWS\system32\DRIVERS\ikbevent.sys
17:08:16.0797 0x232c ikbevent - ok
17:08:16.0813 0x232c IKEEXT - ok
17:08:16.0829 0x232c [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4, A7019D2335CB46DCD9ABDB896622254E58AB265EC3D72A92B1C4890D45DEE85F ] imsevent C:\WINDOWS\system32\DRIVERS\imsevent.sys
17:08:16.0875 0x232c imsevent - ok
17:08:16.0907 0x232c [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:08:16.0985 0x232c intaud_WaveExtensible - ok
17:08:17.0000 0x232c [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:08:17.0016 0x232c Intel(R) Capability Licensing Service Interface - ok
17:08:17.0047 0x232c [ 709C8623721A1F1EF388EA75A07EC33B, 8F3046F1699E7B560827A965C66F3FCACDE24CD451829D4D2218038830344867 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
17:08:17.0094 0x232c Intel(R) ME Service - detected UnsignedFile.Multi.Generic ( 1 )
17:08:17.0407 0x0c50 Object send P2P result: true
17:08:19.0391 0x232c Detect skipped due to KSN trusted
17:08:19.0391 0x232c Intel(R) ME Service - ok
17:08:19.0407 0x232c intelide - ok
17:08:19.0422 0x232c intelpep - ok
17:08:19.0422 0x232c intelppm - ok
17:08:19.0438 0x232c IoQos - ok
17:08:19.0454 0x232c IpFilterDriver - ok
17:08:19.0469 0x232c iphlpsvc - ok
17:08:19.0469 0x232c IPMIDRV - ok
17:08:19.0485 0x232c IPNAT - ok
17:08:19.0501 0x232c IRENUM - ok
17:08:19.0501 0x232c isapnp - ok
17:08:19.0516 0x232c iScsiPrt - ok
17:08:19.0532 0x232c [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
17:08:19.0532 0x232c iwdbus - ok
17:08:19.0563 0x232c [ C44B44E24B929631D9D7368F5B2B40CF, A7F11A5A970FA30CC358B9A0FE8163B686208E424C6682AEA45C06B1E7E11963 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:08:19.0626 0x232c jhi_service - ok
17:08:19.0641 0x232c kbdclass - ok
17:08:19.0641 0x232c kbdhid - ok
17:08:19.0657 0x232c kdnic - ok
17:08:19.0672 0x232c KeyIso - ok
17:08:19.0672 0x232c KSecDD - ok
17:08:19.0688 0x232c KSecPkg - ok
17:08:19.0688 0x232c ksthunk - ok
17:08:19.0688 0x232c KtmRm - ok
17:08:19.0704 0x232c LanmanServer - ok
17:08:19.0719 0x232c LanmanWorkstation - ok
17:08:19.0735 0x232c lfsvc - ok
17:08:19.0751 0x232c [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
17:08:19.0829 0x232c LGBusEnum - ok
17:08:19.0844 0x232c [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
17:08:19.0876 0x232c LGCoreTemp - ok
17:08:19.0876 0x232c [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
17:08:19.0891 0x232c LGJoyXlCore - ok
17:08:19.0923 0x232c [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys
17:08:19.0954 0x232c LGSHidFilt - ok
17:08:19.0969 0x232c [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys
17:08:20.0016 0x232c LGVirHid - ok
17:08:20.0016 0x232c LicenseManager - ok
17:08:20.0032 0x232c lltdio - ok
17:08:20.0032 0x232c lltdsvc - ok
17:08:20.0047 0x232c lmhosts - ok
17:08:20.0047 0x232c [ 75F29D77B0540FCF47EE3BE000BBABDA, 3FFDDC42D51FABAA7F3BFD088F008DE39F3479B25214260D98336F00B6336BFA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:08:20.0063 0x232c LMS - ok
17:08:20.0079 0x232c [ 835492A19713031377DC76B70A0C01E3, 015F4C376BEFFB313914AC8DD66761BF6BE5B5FB040248BB89206EB36959E24E ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
17:08:20.0141 0x232c LogiRegistryService - ok
17:08:20.0157 0x232c LSI_SAS - ok
17:08:20.0172 0x232c LSI_SAS2i - ok
17:08:20.0188 0x232c LSI_SAS3i - ok
17:08:20.0204 0x232c LSI_SSS - ok
17:08:20.0219 0x232c LSM - ok
17:08:20.0219 0x232c luafv - ok
17:08:20.0235 0x232c MapsBroker - ok
17:08:20.0251 0x232c [ 4774408EA07208FBC81E19367702D8EE, 52227ABBC59E040AF9C49996E3E7E1B08C9740987D3F90214933164B02B36645 ] MbaeSvc C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
17:08:20.0266 0x232c MbaeSvc - ok
17:08:20.0282 0x232c [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
17:08:20.0282 0x232c MBAMProtector - ok
17:08:20.0313 0x232c [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
17:08:20.0329 0x232c MBAMScheduler - ok
17:08:20.0360 0x232c [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
17:08:20.0391 0x232c MBAMService - ok
17:08:20.0423 0x232c [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
17:08:20.0501 0x232c MBAMSwissArmy - ok
17:08:20.0516 0x232c [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
17:08:20.0579 0x232c MBAMWebAccessControl - ok
17:08:20.0594 0x232c megasas - ok
17:08:20.0594 0x232c megasr - ok
17:08:20.0610 0x232c [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
17:08:20.0626 0x232c MEIx64 - ok
17:08:20.0626 0x232c MessagingService - ok
17:08:20.0657 0x232c mlx4_bus - ok
17:08:20.0673 0x232c MMCSS - ok
17:08:20.0688 0x232c Modem - ok
17:08:20.0704 0x232c monitor - ok
17:08:20.0719 0x232c mouclass - ok
17:08:20.0751 0x232c mouhid - ok
17:08:20.0766 0x232c mountmgr - ok
17:08:20.0782 0x232c [ C34AFFB6DD93C01DD5E00E692FBC3E96, AE6052DA9DE81E489239C334AA0D9C3A7274C6FA4C0E5DA7F74B6F79318E4246 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:08:20.0813 0x232c MozillaMaintenance - ok
17:08:20.0829 0x232c mpsdrv - ok
17:08:20.0844 0x232c MpsSvc - ok
17:08:20.0844 0x232c MQAC - ok
17:08:20.0860 0x232c MRxDAV - ok
17:08:20.0860 0x232c mrxsmb - ok
17:08:20.0876 0x232c mrxsmb10 - ok
17:08:20.0876 0x232c mrxsmb20 - ok
17:08:20.0891 0x232c MsBridge - ok
17:08:20.0907 0x232c MSDTC - ok
17:08:20.0923 0x232c Msfs - ok
17:08:20.0938 0x232c msgpiowin32 - ok
17:08:20.0938 0x232c mshidkmdf - ok
17:08:20.0954 0x232c mshidumdf - ok
17:08:20.0954 0x232c msisadrv - ok
17:08:20.0969 0x232c MSiSCSI - ok
17:08:20.0985 0x232c msiserver - ok
17:08:20.0985 0x232c MSKSSRV - ok
17:08:21.0001 0x232c MsLldp - ok
17:08:21.0001 0x232c MSMQ - ok
17:08:21.0016 0x232c MSPCLOCK - ok
17:08:21.0016 0x232c MSPQM - ok
17:08:21.0032 0x232c MsRPC - ok
17:08:21.0032 0x232c mssmbios - ok
17:08:21.0048 0x232c MSTEE - ok
17:08:21.0048 0x232c MTConfig - ok
17:08:21.0063 0x232c Mup - ok
17:08:21.0063 0x232c mvumis - ok
17:08:21.0079 0x232c NativeWifiP - ok
17:08:21.0094 0x232c NcaSvc - ok
17:08:21.0094 0x232c NcbService - ok
17:08:21.0110 0x232c NcdAutoSetup - ok
17:08:21.0126 0x232c ndfltr - ok
17:08:21.0141 0x232c NDIS - ok
17:08:21.0141 0x232c NdisCap - ok
17:08:21.0157 0x232c NdisImPlatform - ok
17:08:21.0173 0x232c NdisTapi - ok
17:08:21.0188 0x232c Ndisuio - ok
17:08:21.0204 0x232c NdisVirtualBus - ok
17:08:21.0219 0x232c NdisWan - ok
17:08:21.0235 0x232c ndiswanlegacy - ok
17:08:21.0251 0x232c ndproxy - ok
17:08:21.0266 0x232c Ndu - ok
17:08:21.0266 0x232c NetBIOS - ok
17:08:21.0282 0x232c NetBT - ok
17:08:21.0298 0x232c Netlogon - ok
17:08:21.0313 0x232c Netman - ok
17:08:21.0329 0x232c NetMsmqActivator - ok
17:08:21.0329 0x232c NetPipeActivator - ok
17:08:21.0360 0x232c netprofm - ok
17:08:21.0376 0x232c NetSetupSvc - ok
17:08:21.0376 0x232c NetTcpActivator - ok
17:08:21.0391 0x232c NetTcpPortSharing - ok
17:08:21.0407 0x232c NgcCtnrSvc - ok
17:08:21.0423 0x232c NgcSvc - ok
17:08:21.0423 0x232c NlaSvc - ok
17:08:21.0423 0x232c Npfs - ok
17:08:21.0423 0x232c npsvctrig - ok
17:08:21.0438 0x232c nsi - ok
17:08:21.0454 0x232c nsiproxy - ok
17:08:21.0485 0x232c NTFS - ok
17:08:21.0485 0x232c Null - ok
17:08:21.0532 0x232c [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
17:08:21.0579 0x232c NVHDA - ok
17:08:22.0398 0x232c [ 2C5C31D18A238768346B896DCE154DBF, A6CD62787B1D57EE63A75B61063B0FEB2193571DF20845F52F6DBF42DC6C6110 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
17:08:22.0570 0x232c nvlddmkm - ok
17:08:22.0633 0x232c [ FB9407F47E184208E4880FA1DC28B9D4, 7FCA90AF10F9C578B928B93301EF3FB85157BB71D9F6865D6CD5CB5C0ECF3A2F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:08:22.0664 0x232c NvNetworkService - ok
17:08:22.0680 0x232c nvraid - ok
17:08:22.0680 0x232c nvstor - ok
17:08:22.0680 0x232c [ 9F0938D041D6203DA3B95AA3EBE4C34E, 4BBF1E49C9B521C42ABAAC1A4274E785F4E20611D091D5BE218408A2D5753B0E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:08:22.0680 0x232c NvStreamKms - ok
17:08:22.0883 0x232c [ 2F6ABCFB6B992A4DF5EFD9E6B7BAFF2B, 17864F9BE08F76E6875167A2E9CA15A01C12872635399FF66CEBEA91FE43B541 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
17:08:23.0008 0x232c NvStreamNetworkSvc - ok
17:08:23.0117 0x232c [ A8FD46F7EA7410847C3EBE84C4B18BB1, 6F428B26035268131F4AFED141307642FB20042B998BDDF6C3E27306711A6067 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
17:08:23.0211 0x232c NvStreamSvc - ok
17:08:23.0273 0x232c [ DAF8A50D2CFDFBEA9AE33F0EE5D1AE7B, C72B9FEC5354ED38F0CB08ACE64811307B97154B518EF618EA04F6E48376C5BE ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
17:08:23.0289 0x232c nvsvc - ok
17:08:23.0320 0x232c [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
17:08:23.0367 0x232c nvvad_WaveExtensible - ok
17:08:23.0383 0x232c nv_agp - ok
17:08:23.0399 0x232c OneSyncSvc - ok
17:08:23.0448 0x232c [ 28DDD258E19923891AC9B1A95E3D0F44, F7FD0EEBEDCBE8C2AE0C6B191B047F88F9D9BD375B78CCA252A4C2E52D9622C1 ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
17:08:23.0495 0x232c Origin Client Service - ok
17:08:23.0510 0x232c p2pimsvc - ok
17:08:23.0510 0x232c p2psvc - ok
17:08:23.0526 0x232c Parport - ok
17:08:23.0541 0x232c partmgr - ok
17:08:23.0557 0x232c PcaSvc - ok
17:08:23.0573 0x232c pci - ok
17:08:23.0588 0x232c pciide - ok
17:08:23.0604 0x232c pcmcia - ok
17:08:23.0620 0x232c pcw - ok
17:08:23.0635 0x232c pdc - ok
17:08:23.0714 0x232c [ 9C63D4C4F00A6C20DB51515ABD8BD0A0, 8E1E87C5A6AC770529341F3BB53EAFFF0948C20FC605F9C482B6FB5E57BEED1B ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
17:08:23.0947 0x232c PDF Architect 3 - ok
17:08:23.0998 0x232c [ 8510198FCE40F07D5ED7F8BD5CF05A93, 7DC420519851C3A9724F0406B280860E645CBFFDC6D6BF6679A79ED2FDD9C6BF ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
17:08:24.0017 0x232c PDF Architect 3 CrashHandler - ok
17:08:24.0039 0x232c [ 10B6DFA227FDDC0AA533778B0BF52460, D04442CE945E19B40920112B9AED6EE492302D962DBF133F58FF466072CFD5E3 ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
17:08:24.0042 0x232c PDF Architect 3 Creator - ok
17:08:24.0058 0x232c PEAUTH - ok
17:08:24.0073 0x232c percsas2i - ok
17:08:24.0073 0x232c percsas3i - ok
17:08:24.0105 0x232c PerfHost - ok
17:08:24.0136 0x232c PhoneSvc - ok
17:08:24.0152 0x232c PimIndexMaintenanceSvc - ok
17:08:24.0152 0x232c pla - ok
17:08:24.0167 0x232c PlugPlay - ok
17:08:24.0183 0x232c [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
17:08:24.0198 0x232c PnkBstrA - ok
17:08:24.0214 0x232c PNRPAutoReg - ok
17:08:24.0226 0x232c PNRPsvc - ok
17:08:24.0242 0x232c PolicyAgent - ok
17:08:24.0245 0x232c Power - ok
17:08:24.0248 0x232c PptpMiniport - ok
17:08:24.0321 0x232c [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:08:24.0415 0x232c PrintNotify - ok
17:08:24.0415 0x232c Processor - ok
17:08:24.0415 0x232c ProfSvc - ok
17:08:24.0431 0x232c Psched - ok
17:08:24.0431 0x232c QWAVE - ok
17:08:24.0431 0x232c QWAVEdrv - ok
17:08:24.0446 0x232c RasAcd - ok
17:08:24.0462 0x232c RasAgileVpn - ok
17:08:24.0487 0x232c RasAuto - ok
17:08:24.0492 0x232c Rasl2tp - ok
17:08:24.0492 0x232c RasMan - ok
17:08:24.0508 0x232c RasPppoe - ok
17:08:24.0524 0x232c RasSstp - ok
17:08:24.0539 0x232c rdbss - ok
17:08:24.0555 0x232c rdpbus - ok
17:08:24.0555 0x232c RDPDR - ok
17:08:24.0570 0x232c RdpVideoMiniport - ok
17:08:24.0570 0x232c rdyboost - ok
17:08:24.0586 0x232c ReFSv1 - ok
17:08:24.0633 0x232c [ 84C83C7577407C4FF6AB1379EE944610, 497695C775D193357996BE6009247026596907B5568BDD32DA8677042F9BA302 ] regi C:\Windows\system32\drivers\regi.sys
17:08:24.0680 0x232c regi - ok
17:08:24.0695 0x232c RemoteAccess - ok
17:08:24.0711 0x232c RemoteRegistry - ok
17:08:24.0727 0x232c RetailDemo - ok
17:08:24.0742 0x232c [ 2B00B7041B52CE1AE29AD911B2B735C0, FF5BD8F84028CAE539B65F395B2C52D7ADE7E6915EDE467247AA597AFF282485 ] RIM MDNS C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
17:08:24.0742 0x232c RIM MDNS - ok
17:08:24.0821 0x232c [ 1E8D50BEA8B2D0C1C08937C6B04FD7C8, B196B940F037119EF890DCF3F9D819D77C0927B59DD290D5442C9E9E4593FB60 ] RIM Tunnel Service C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
17:08:24.0899 0x232c RIM Tunnel Service - ok
17:08:24.0899 0x232c [ ACDAE153E985974714423A705C3490C7, B7D38141B34B7E0CA3D36B7A6E662F76474C8AFAAD32EEECE5D1E290D4B84A7B ] RimUsb C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys
17:08:24.0946 0x232c RimUsb - ok
17:08:24.0961 0x232c [ 8D5E629E39FD2A36ADF963BBAECC15D2, 63C857DEC2A28D94519392412CAD1DFAA84FA5BE84AB8EA4862872CA8EE55A92 ] rimvndis C:\WINDOWS\System32\Drivers\rimvndis6_AMD64.sys
17:08:24.0992 0x232c rimvndis - ok
17:08:25.0008 0x232c [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys
17:08:25.0039 0x232c RimVSerPort - ok
17:08:25.0055 0x232c ROOTMODEM - ok
17:08:25.0055 0x232c RpcEptMapper - ok
17:08:25.0071 0x232c RpcLocator - ok
17:08:25.0071 0x232c RpcSs - ok
17:08:25.0086 0x232c rspndr - ok
17:08:25.0086 0x232c rt640x64 - ok
17:08:25.0086 0x232c s3cap - ok
17:08:25.0102 0x232c SamSs - ok
17:08:25.0102 0x232c sbp2port - ok
17:08:25.0117 0x232c SCardSvr - ok
17:08:25.0133 0x232c ScDeviceEnum - ok
17:08:25.0149 0x232c scfilter - ok
17:08:25.0164 0x232c Schedule - ok
17:08:25.0180 0x232c SCPolicySvc - ok
17:08:25.0180 0x232c sdbus - ok
17:08:25.0196 0x232c SDRSVC - ok
17:08:25.0211 0x232c sdstor - ok
17:08:25.0246 0x232c seclogon - ok
17:08:25.0260 0x232c SENS - ok
17:08:25.0263 0x232c SensorDataService - ok
17:08:25.0267 0x232c SensorService - ok
17:08:25.0278 0x232c SensrSvc - ok
17:08:25.0294 0x232c SerCx - ok
17:08:25.0310 0x232c SerCx2 - ok
17:08:25.0326 0x232c Serenum - ok
17:08:25.0341 0x232c Serial - ok
17:08:25.0357 0x232c sermouse - ok
17:08:25.0357 0x232c SessionEnv - ok
17:08:25.0357 0x232c sfloppy - ok
17:08:25.0388 0x232c SharedAccess - ok
17:08:25.0404 0x232c ShellHWDetection - ok
17:08:25.0404 0x232c SiSRaid2 - ok
17:08:25.0419 0x232c SiSRaid4 - ok
17:08:25.0435 0x232c [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:08:25.0451 0x232c SkypeUpdate - ok
17:08:25.0466 0x232c smphost - ok
17:08:25.0482 0x232c SmsRouter - ok
17:08:25.0510 0x232c SNMPTRAP - ok
17:08:25.0525 0x232c spaceport - ok
17:08:25.0541 0x232c SpbCx - ok
17:08:25.0557 0x232c Spooler - ok
17:08:25.0572 0x232c sppsvc - ok
17:08:25.0604 0x232c srv - ok
17:08:25.0619 0x232c srv2 - ok
17:08:25.0635 0x232c srvnet - ok
17:08:25.0650 0x232c SSDPSRV - ok
17:08:25.0682 0x232c SstpSvc - ok
17:08:25.0682 0x232c StateRepository - ok
17:08:25.0822 0x232c [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:08:25.0932 0x232c Steam Client Service - ok
17:08:25.0963 0x232c [ 361FCD486D585F388B576E48D11157B2, D14B73976F46ADAC70A08B07B0A25928D25DBC808CFC6297C3E45077749C1758 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:08:25.0963 0x232c Stereo Service - ok
17:08:25.0979 0x232c stexstor - ok
17:08:25.0994 0x232c stisvc - ok
17:08:25.0994 0x232c storahci - ok
17:08:26.0010 0x232c storflt - ok
17:08:26.0010 0x232c stornvme - ok
17:08:26.0025 0x232c storqosflt - ok
17:08:26.0041 0x232c StorSvc - ok
17:08:26.0041 0x232c storufs - ok
17:08:26.0041 0x232c storvsc - ok
17:08:26.0057 0x232c svsvc - ok
17:08:26.0072 0x232c swenum - ok
17:08:26.0072 0x232c swprv - ok
17:08:26.0072 0x232c Synth3dVsc - ok
17:08:26.0072 0x232c SysMain - ok
17:08:26.0072 0x232c SystemEventsBroker - ok
17:08:26.0088 0x232c TabletInputService - ok
17:08:26.0088 0x232c TapiSrv - ok
17:08:26.0104 0x232c Tcpip - ok
17:08:26.0119 0x232c Tcpip6 - ok
17:08:26.0135 0x232c tcpipreg - ok
17:08:26.0150 0x232c tdx - ok
17:08:26.0166 0x232c terminpt - ok
17:08:26.0182 0x232c TermService - ok
17:08:26.0197 0x232c Themes - ok
17:08:26.0229 0x232c TieringEngineService - ok
17:08:26.0244 0x232c tiledatamodelsvc - ok
17:08:26.0260 0x232c TimeBroker - ok
17:08:26.0276 0x232c TPM - ok
17:08:26.0307 0x232c TrkWks - ok
17:08:26.0307 0x232c TrustedInstaller - ok
17:08:26.0322 0x232c tsusbflt - ok
17:08:26.0338 0x232c TsUsbGD - ok
17:08:26.0354 0x232c tunnel - ok
17:08:26.0369 0x232c tzautoupdate - ok
17:08:26.0401 0x232c uagp35 - ok
17:08:26.0416 0x232c UASPStor - ok
17:08:26.0416 0x232c UcmCx0101 - ok
17:08:26.0432 0x232c UcmUcsi - ok
17:08:26.0447 0x232c Ucx01000 - ok
17:08:26.0463 0x232c UdeCx - ok
17:08:26.0479 0x232c udfs - ok
17:08:26.0494 0x232c UEFI - ok
17:08:26.0510 0x232c Ufx01000 - ok
17:08:26.0526 0x232c UfxChipidea - ok
17:08:26.0541 0x232c ufxsynopsys - ok
17:08:26.0572 0x232c UI0Detect - ok
17:08:26.0588 0x232c uliagpkx - ok
17:08:26.0604 0x232c umbus - ok
17:08:26.0619 0x232c UmPass - ok
17:08:26.0635 0x232c UmRdpService - ok
17:08:26.0651 0x232c UnistoreSvc - ok
17:08:26.0682 0x232c [ 193AD338F2A64D17300AD640ADFA5D0A, DABFFFE66CE7335F477C14C1D95AB9DB3C2EA3155ACBE41049FE217532E731C0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:08:26.0697 0x232c UNS - ok
17:08:26.0713 0x232c upnphost - ok
17:08:26.0713 0x232c UrsChipidea - ok
17:08:26.0729 0x232c UrsCx01000 - ok
17:08:26.0744 0x232c UrsSynopsys - ok
17:08:26.0744 0x232c usbccgp - ok
17:08:26.0760 0x232c usbcir - ok
17:08:26.0776 0x232c usbehci - ok
17:08:26.0776 0x232c usbhub - ok
17:08:26.0791 0x232c USBHUB3 - ok
17:08:26.0791 0x232c usbohci - ok
17:08:26.0807 0x232c usbprint - ok
17:08:26.0822 0x232c usbser - ok
17:08:26.0838 0x232c USBSTOR - ok
17:08:26.0838 0x232c usbuhci - ok
17:08:26.0854 0x232c USBXHCI - ok
17:08:26.0869 0x232c UserDataSvc - ok
17:08:26.0901 0x232c UserManager - ok
17:08:26.0916 0x232c UsoSvc - ok
17:08:26.0932 0x232c VaultSvc - ok
17:08:26.0947 0x232c vdrvroot - ok
17:08:26.0963 0x232c vds - ok
17:08:26.0979 0x232c VerifierExt - ok
17:08:26.0994 0x232c vhdmp - ok
17:08:27.0010 0x232c vhf - ok
17:08:27.0026 0x232c vmbus - ok
17:08:27.0057 0x232c VMBusHID - ok
17:08:27.0072 0x232c vmicguestinterface - ok
17:08:27.0088 0x232c vmicheartbeat - ok
17:08:27.0104 0x232c vmickvpexchange - ok
17:08:27.0119 0x232c vmicrdv - ok
17:08:27.0135 0x232c vmicshutdown - ok
17:08:27.0151 0x232c vmictimesync - ok
17:08:27.0166 0x232c vmicvmsession - ok
17:08:27.0166 0x232c vmicvss - ok
17:08:27.0182 0x232c volmgr - ok
17:08:27.0213 0x232c volmgrx - ok
17:08:27.0213 0x232c volsnap - ok
17:08:27.0229 0x232c vpci - ok
17:08:27.0229 0x232c vsmraid - ok
17:08:27.0244 0x232c VSS - ok
17:08:27.0244 0x232c VSTXRAID - ok
17:08:27.0260 0x232c vwifibus - ok
17:08:27.0276 0x232c vwififlt - ok
17:08:27.0291 0x232c vwifimp - ok
17:08:27.0307 0x232c W32Time - ok
17:08:27.0322 0x232c w3logsvc - ok
17:08:27.0338 0x232c W3SVC - ok
17:08:27.0369 0x232c WacomPen - ok
17:08:27.0385 0x232c WalletService - ok
17:08:27.0401 0x232c wanarp - ok
17:08:27.0419 0x232c wanarpv6 - ok
17:08:27.0420 0x232c WAS - ok
17:08:27.0436 0x232c wbengine - ok
17:08:27.0452 0x232c WbioSrvc - ok
17:08:27.0467 0x232c Wcmsvc - ok
17:08:27.0483 0x232c wcncsvc - ok
17:08:27.0499 0x232c WcsPlugInService - ok
17:08:27.0514 0x232c WdBoot - ok
17:08:27.0530 0x232c Wdf01000 - ok
17:08:27.0545 0x232c WdFilter - ok
17:08:27.0561 0x232c WdiServiceHost - ok
17:08:27.0577 0x232c WdiSystemHost - ok
17:08:27.0577 0x232c wdiwifi - ok
17:08:27.0577 0x232c WdNisDrv - ok
17:08:27.0577 0x232c WdNisSvc - ok
17:08:27.0592 0x232c WebClient - ok
17:08:27.0608 0x232c Wecsvc - ok
17:08:27.0624 0x232c WEPHOSTSVC - ok
17:08:27.0639 0x232c wercplsupport - ok
17:08:27.0655 0x232c WerSvc - ok
17:08:27.0670 0x232c WFPLWFS - ok
17:08:27.0686 0x232c WiaRpc - ok
17:08:27.0717 0x232c WIMMount - ok
17:08:27.0717 0x232c WinDefend - ok
17:08:27.0749 0x232c WindowsTrustedRT - ok
17:08:27.0780 0x232c WindowsTrustedRTProxy - ok
17:08:27.0795 0x232c WinHttpAutoProxySvc - ok
17:08:27.0811 0x232c WinMad - ok
17:08:27.0827 0x232c Winmgmt - ok
17:08:27.0827 0x232c WinRM - ok
17:08:27.0858 0x232c WINUSB - ok
17:08:27.0889 0x232c WinVerbs - ok
17:08:27.0905 0x232c WlanSvc - ok
17:08:27.0920 0x232c wlidsvc - ok
17:08:27.0920 0x232c [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
17:08:27.0967 0x232c WmBEnum - ok
17:08:27.0999 0x232c [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
17:08:27.0999 0x232c WmFilter - ok
17:08:28.0014 0x232c WmiAcpi - ok
17:08:28.0030 0x232c wmiApSrv - ok
17:08:28.0045 0x232c WMPNetworkSvc - ok
17:08:28.0061 0x232c [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
17:08:28.0108 0x232c WmVirHid - ok
17:08:28.0139 0x232c [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
17:08:28.0186 0x232c WmXlCore - ok
17:08:28.0233 0x232c [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
17:08:28.0342 0x232c Wof - ok
17:08:28.0389 0x232c workfolderssvc - ok
17:08:28.0405 0x232c wpcfltr - ok
17:08:28.0421 0x232c WPDBusEnum - ok
17:08:28.0436 0x232c WpdUpFltr - ok
17:08:28.0467 0x232c WpnService - ok
17:08:28.0483 0x232c [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001 C:\WINDOWS\system32\drivers\WPRO_41_2001.sys
17:08:28.0546 0x232c WPRO_41_2001 - ok
17:08:28.0561 0x232c ws2ifsl - ok
17:08:28.0577 0x232c wscsvc - ok
17:08:28.0592 0x232c WSearch - ok
17:08:28.0624 0x232c WSService - ok
17:08:28.0639 0x232c wuauserv - ok
17:08:28.0655 0x232c WudfPf - ok
17:08:28.0655 0x232c WUDFRd - ok
17:08:28.0655 0x232c wudfsvc - ok
17:08:28.0686 0x232c WUDFWpdFs - ok
17:08:28.0702 0x232c WUDFWpdMtp - ok
17:08:28.0717 0x232c WwanSvc - ok
17:08:28.0733 0x232c XblAuthManager - ok
17:08:28.0749 0x232c XblGameSave - ok
17:08:28.0764 0x232c xboxgip - ok
17:08:28.0796 0x232c XboxNetApiSvc - ok
17:08:28.0796 0x232c xinputhid - ok
17:08:28.0811 0x232c ================ Scan global ===============================
17:08:28.0905 0x232c [ Global ] - ok
17:08:28.0905 0x232c ================ Scan MBR ==================================
17:08:28.0905 0x232c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:08:29.0061 0x232c \Device\Harddisk0\DR0 - ok
17:08:29.0077 0x232c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:08:29.0139 0x232c \Device\Harddisk1\DR1 - ok
17:08:29.0139 0x232c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
17:08:29.0889 0x232c \Device\Harddisk2\DR2 - ok
17:08:29.0889 0x232c ================ Scan VBR ==================================
17:08:29.0889 0x232c [ 1FF6CA933A00458307B5BE9A55F85876 ] \Device\Harddisk0\DR0\Partition1
17:08:29.0905 0x232c \Device\Harddisk0\DR0\Partition1 - ok
17:08:29.0905 0x232c [ 71709CE15C8CC56028B584A38AA06DDC ] \Device\Harddisk0\DR0\Partition2
17:08:29.0905 0x232c \Device\Harddisk0\DR0\Partition2 - ok
17:08:29.0905 0x232c [ 94A49332897DFD79DF6CF43A6D869119 ] \Device\Harddisk0\DR0\Partition3
17:08:29.0905 0x232c \Device\Harddisk0\DR0\Partition3 - ok
17:08:29.0905 0x232c [ 614277AB4FEDE6F5545AD0E267B38825 ] \Device\Harddisk1\DR1\Partition1
17:08:29.0968 0x232c \Device\Harddisk1\DR1\Partition1 - ok
17:08:29.0968 0x232c [ B5CA8BF51C74D1C1702BECAEA96E755D ] \Device\Harddisk2\DR2\Partition1
17:08:30.0014 0x232c \Device\Harddisk2\DR2\Partition1 - ok
17:08:30.0030 0x232c ================ Scan generic autorun ======================
17:08:30.0311 0x232c [ 915706084701A81E159AF9A7DFD4447C, 2576EB32CFB5FF2733F2B1F5AD41C27CDF2610B008A766DA64824FDD7BB0741C ] C:\Program Files\Logitech Gaming Software\LCore.exe
17:08:30.0639 0x232c Launch LCore - ok
17:08:30.0671 0x232c [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
17:08:30.0749 0x232c Start WingMan Profiler - ok
17:08:30.0811 0x232c [ 59F14B3C78849982699CE34068708308, 008137E41CAFB78522C655F6661CA49B9629ABD40319419B1DDE60E96CBE7504 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:08:30.0843 0x232c NvBackend - ok
17:08:30.0874 0x232c ShadowPlay - ok
17:08:30.0874 0x232c [ 4D241A6A8F6BA9FA32FF836551FFDCEA, DEE87DFB6A8E87D40E3653435223B54AF2AB232DDC02D22468C126C54096F006 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
17:08:30.0921 0x232c USB3MON - ok
17:08:30.0953 0x232c OneDriveSetup - ok
17:08:30.0954 0x232c OneDriveSetup - ok
17:08:30.0998 0x232c [ DE76D8D3E89686D2842520CC0D55AF44, 16C97A9CEFA6529BE61410EBF9BE9299F6AC8272C6296A936F1B18BD5DAFDB5E ] C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
17:08:31.0081 0x232c Revo Uninstaller - ok
17:08:31.0143 0x232c [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe
17:08:31.0221 0x232c Akamai NetSession Interface - ok
17:08:31.0409 0x232c [ CE1DEC053DA24927E89D9AA196D31281, 39DD431CFCD10AA4E176062E33A0262FEE5806E192B37037C97439B1CEF232C8 ] C:\Program Files\CCleaner\CCleaner64.exe
17:08:31.0531 0x232c CCleaner Monitoring - ok
17:08:31.0765 0x232c [ 6798339CF7C87F5F567A8F050614D6B8, 679180427BD3423EA2C3D81869CAE77B2E6FF149FE374FFDD40C5D8AC0FCD81B ] C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
17:08:31.0906 0x232c FileHippo.com - ok
17:08:31.0969 0x232c Uninstall C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64 - ok
17:08:31.0984 0x232c OneDriveSetup - ok
17:08:32.0031 0x232c [ DE76D8D3E89686D2842520CC0D55AF44, 16C97A9CEFA6529BE61410EBF9BE9299F6AC8272C6296A936F1B18BD5DAFDB5E ] C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
17:08:32.0078 0x232c Revo Uninstaller - ok
17:08:32.0094 0x232c WinPatrol - ok
17:08:32.0219 0x232c [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe
17:08:32.0281 0x232c Akamai NetSession Interface - ok
17:08:32.0453 0x232c [ CE1DEC053DA24927E89D9AA196D31281, 39DD431CFCD10AA4E176062E33A0262FEE5806E192B37037C97439B1CEF232C8 ] C:\Program Files\CCleaner\CCleaner64.exe
17:08:32.0578 0x232c CCleaner Monitoring - ok
17:08:32.0578 0x232c WAB Migrate - ok
17:08:32.0594 0x232c OneDriveSetup - ok
17:08:32.0594 0x232c WAB Migrate - ok
17:08:32.0594 0x232c Waiting for KSN requests completion. In queue: 73
17:08:32.0997 0x0368 Object required for P2P: [ DAF8A50D2CFDFBEA9AE33F0EE5D1AE7B ] nvsvc
17:08:33.0612 0x232c Waiting for KSN requests completion. In queue: 35
17:08:34.0614 0x232c Waiting for KSN requests completion. In queue: 35
17:08:35.0440 0x0368 Object send P2P result: true
17:08:35.0690 0x232c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x61100 ( enabled : updated )
17:08:35.0706 0x232c Win FW state via NFP2: enabled ( trusted )
17:08:38.0127 0x232c ============================================================
17:08:38.0127 0x232c Scan finished
17:08:38.0127 0x232c ============================================================
17:08:38.0127 0x25b0 Detected object count: 0
17:08:38.0127 0x25b0 Actual detected object count: 0
|
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
TDSSKiller.exe und speichere diese Datei auf dem Desktop
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
und 
und speichere die Logdatei auf Deinem Desktop.
