josy1982 | 04.09.2016 17:25 | Code:
OpenShot Video Editor Version 2.1.0 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.1.0 - OpenShot Studios, LLC)
Oracle VM VirtualBox 5.1.4 (HKLM\...\{4EF3FBF6-697D-440A-AADA-7F5D39B73E62}) (Version: 5.1.4 - Oracle Corporation)
PowerArchiver 2016 (HKLM-x32\...\PowerArchiver 2016 16.10.14) (Version: 16.10.14 - ConeXware, Inc.)
PowerArchiver 2016 (x32 Version: 16.10.14 - ConeXware, Inc.) Hidden
PSPPContent (x32 Version: 16.2.0.20 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 16.2.0.20 - Corel Corporation) Hidden
PSPPro64 (Version: 16.2.0.20 - Corel Corporation) Hidden
qBittorrent 3.3.6 (HKLM-x32\...\qBittorrent) (Version: 3.3.6 - The qBittorrent project)
QuickMediaConverter (HKLM-x32\...\QUICKMEDIACONVERTERExécutable Windows 64 bits) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21255 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7329 - Realtek Semiconductor Corp.)
Setup (x32 Version: 16.2.0.20 - Ihr Firmenname) Hidden
SHIELD Streaming (Version: 7.1.0310 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.5.18 - NVIDIA Corporation) Hidden
Skypeâ„¢ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
TweakNow PowerPack (HKLM-x32\...\TweakNow PowerPack_is1) (Version: 4.6.0 - TweakNow.com)
Ultimate Creative Collection (X6) (HKLM-x32\...\_{FE752025-AED8-4AED-BC44-B03C9048A3D4}) (Version: 1.0.0.107 - Corel Corporation)
Ultimate Creative Collection (X6) (x32 Version: 1.0.0.107 - Ihr Firmenname) Hidden
Viber (HKU\S-1-5-21-870488476-3347437722-3144900748-1001\...\{d96d3a07-b1fd-4625-b739-627196eb9aac}) (Version: 6.2.0.1306 - Viber Media Inc.)
Viber (x32 Version: 6.2.0.1306 - Viber Media Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 8.0.1.2.MultiLanguage - COOLWAREMAX)
Windows-Treiberpaket - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFF 1.5.4 (Codename EMMA) (HKLM-x32\...\WinFF_is1) (Version: - WinFF.org)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 15.6.9.0 - WOT Services Oy)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-870488476-3347437722-3144900748-1001_Classes\CLSID\{13D67BB7-DB5F-48AA-884D-7A5D94168509}\InprocServer32 -> C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\iebho.dll ()
CustomCLSID: HKU\S-1-5-21-870488476-3347437722-3144900748-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-870488476-3347437722-3144900748-1001_Classes\CLSID\{8A862E2D-CEB8-480D-AA78-A24367C6EF3C}\InprocServer32 -> C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\iedownloadmanager.dll ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0B7A2C47-E86D-49BE-9078-85FF76E07665} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-02] (Google Inc.)
Task: {1B159AE7-113B-4C0C-A146-152EA1FAA39D} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [2016-08-23] ()
Task: {2A882C2F-1CFE-4096-8686-F23A89719440} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {2D363CE2-E6EF-4039-BB12-0F3C42C517CE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-01] (NVIDIA Corporation)
Task: {36D6B861-C1D7-4708-AF4C-5121589AEF10} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-02] (Google Inc.)
Task: {3B238F68-B412-47DA-A0ED-27755C23E79D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-01] (NVIDIA Corporation)
Task: {3D9B5860-6DAF-4DC0-BCD2-EFA3E33D61F4} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {3DF7E5B3-7FD5-41EE-9A41-C38336D2CCC1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-01] (NVIDIA Corporation)
Task: {464ECD2B-BDB4-4348-B082-55C3EC92AC6C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {5CA6F179-D3D6-49A5-811C-0C805FA54BFA} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {60EB55A3-8844-477D-9CCC-B39BD4CF7D83} - System32\Tasks\EPSON WF-2650 Series Update {47D110FB-9C9C-4366-9ADB-FF6FFC7DF1B6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {64E1D59F-7217-444C-BE75-5B3BB588C403} - System32\Tasks\AupAvUpdate => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\updAvTask.exe [2016-06-01] ()
Task: {67C677C0-541F-4673-987A-40CEE551473A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-01] (NVIDIA Corporation)
Task: {73D55CBA-EEA6-41B6-B110-E763A33CAB63} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2016-07-27] ()
Task: {8BCF4937-F916-479A-8CE3-257135F85A57} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {989C1F98-0736-468A-8DBE-35F37AF1B309} - System32\Tasks\Health-Check-deep => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2016-08-12] (Innovative Solutions)
Task: {A1DBF714-6C9C-45D4-BDB1-816CF97696BF} - System32\Tasks\Health-Check => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2016-08-12] (Innovative Solutions)
Task: {ADDA9809-33BB-4662-A4CD-F24968F420D4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-01] (NVIDIA Corporation)
Task: {C28AF548-06AC-4410-B93E-E8334B4DA095} - System32\Tasks\UninstallMonitor => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe [2016-08-12] (Innovative Solutions GRUP SRL)
Task: {C345ACB4-E13B-4F9A-9C0E-271D30B5D2A0} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {CD6F5B50-2788-4205-AF49-C07EF9C0742D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-03] (ASUS)
Task: {D5ADEE8A-2749-46BC-B8AD-D8FFD6CC6FF2} - System32\Tasks\EPSON WF-2650 Series Update {20C13937-2ACC-4FA1-865D-C27A28D93FF2} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\EPSON WF-2650 Series Update {20C13937-2ACC-4FA1-865D-C27A28D93FF2}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE:/EXE:{20C13937-2ACC-4FA1-865D-C27A28D93FF2} /F:Update WORKGROUP\SONOR_45-45$ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON WF-2650 Series Update {47D110FB-9C9C-4366-9ADB-FF6FFC7DF1B6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE:/EXE:{47D110FB-9C9C-4366-9ADB-FF6FFC7DF1B6} /F:Update WORKGROUP\SONOR_45-45$ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Health-Check-deep.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\Windows\Tasks\Health-Check.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\TeamViewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=oooiobdokpcfdlahlmcddobejikcmkfo
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-04 04:19 - 2016-08-25 23:10 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-03 05:00 - 2016-08-23 20:27 - 00848896 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
2016-09-03 05:00 - 2016-08-23 20:24 - 00029696 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll
2016-09-04 04:23 - 2016-09-01 10:29 - 04490296 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-04 04:23 - 2016-09-01 10:29 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-04 04:23 - 2016-09-01 10:29 - 00419896 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-06-08 18:04 - 2016-06-08 18:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-09-03 04:19 - 2016-08-10 12:54 - 00782248 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2016-05-12 22:12 - 2016-05-12 22:12 - 00382072 _____ () C:\Windows\system32\igfxTray.exe
2016-09-04 04:23 - 2016-09-01 10:28 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_system-vc120-mt-1_58.dll
2016-09-04 04:23 - 2016-09-01 10:28 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_regex-vc120-mt-1_58.dll
2016-09-03 05:00 - 2016-06-28 19:14 - 02160128 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2016-09-03 05:00 - 2016-06-28 19:14 - 00484352 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2016-09-03 05:00 - 2016-06-28 19:14 - 12621312 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2016-09-03 05:00 - 2016-06-28 19:14 - 02111488 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2016-09-03 05:00 - 2016-06-28 19:14 - 00663040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2016-09-03 05:00 - 2016-06-28 19:14 - 00139264 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2016-09-03 05:00 - 2016-06-28 19:14 - 00071168 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\postproc-54.dll
2016-09-03 05:00 - 2016-08-23 20:24 - 00099328 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winunivappfeatures.dll
2016-09-03 05:00 - 2016-06-28 18:32 - 65771520 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2016-09-03 05:00 - 2016-06-28 18:32 - 02129920 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2016-09-03 05:00 - 2016-06-28 18:32 - 00087040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2016-09-03 05:17 - 2016-09-03 05:17 - 26540168 _____ () C:\Users\David\AppData\Roaming\ICQ\bin\icq.exe
2016-09-04 03:52 - 2016-06-08 18:07 - 00458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-09-04 03:52 - 2016-06-08 18:18 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-09-04 03:52 - 2016-06-08 18:17 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2011-07-17 06:56 - 2011-07-17 06:56 - 01038848 _____ () C:\Program Files (x86)\WebcamMax\wcmmon.exe
2016-07-20 18:29 - 2016-07-20 18:29 - 15855104 _____ () C:\Program Files (x86)\qBittorrent\qbittorrent.exe
2014-12-21 04:07 - 2014-12-21 04:07 - 00208415 _____ () C:\Windows\SysWOW64\Codecs\TrayMenu.exe
2016-09-03 04:19 - 2016-08-10 12:54 - 01153448 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2016-09-03 04:19 - 2016-08-10 12:54 - 00099240 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2016-09-04 04:23 - 2016-09-01 10:29 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-03 04:37 - 2016-08-12 13:02 - 00010792 _____ () C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\memmgrset.dll
2016-09-03 04:37 - 2014-03-07 11:23 - 00565827 _____ () C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\sqlite3.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2016-09-04 04:23 - 2016-09-01 09:17 - 00502328 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-04 04:23 - 2016-09-01 09:17 - 00256056 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-04 04:23 - 2016-09-01 09:17 - 02799552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-04 04:23 - 2016-09-01 09:17 - 00246328 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-04 04:23 - 2016-09-01 09:17 - 00430136 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-04 04:23 - 2016-09-01 09:17 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-04 04:23 - 2016-09-01 09:17 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-04 04:23 - 2016-09-01 10:28 - 60819000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-07-14 17:32 - 2016-07-14 17:32 - 55714816 _____ () C:\Program Files (x86)\eM Client\libcef.DLL
2016-07-14 17:34 - 2016-07-14 17:34 - 00871936 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2016-09-03 05:17 - 2016-09-03 05:17 - 04058248 _____ () C:\Users\David\AppData\Roaming\ICQ\bin\corelib.dll
2016-09-03 05:43 - 2016-08-09 01:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-09-03 05:43 - 2015-07-02 00:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-09-03 05:43 - 2016-09-01 02:02 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-09-03 05:43 - 2015-07-02 00:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-09-03 05:43 - 2015-07-02 00:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-09-03 05:43 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-09-03 05:43 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll Code:
2016-09-03 05:43 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-09-03 05:43 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-09-03 05:43 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-09-03 05:43 - 2016-09-01 02:02 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-09-03 05:43 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-09-03 05:43 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-08-10 17:54 - 2016-08-10 17:54 - 00042064 _____ () C:\Users\David\AppData\Local\Viber\qrencode.dll
2016-08-10 17:55 - 2016-08-10 17:55 - 00397904 _____ () C:\Users\David\AppData\Local\Viber\imageformats\qsvg.dll
2016-09-03 08:01 - 2013-12-09 15:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-870488476-3347437722-3144900748-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David\Pictures\Wallpaper\night_sky_moon_trees_river_reflection_95979_1920x1080.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C87F5B35-E9B2-4925-9F4B-FF69F988420D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{E3E26090-FFE6-46D5-A493-1286F8808438}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{CF1BA3A8-A1D1-473C-A6DF-C91853FCB7BC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{997A256F-5506-4D51-BA16-53D85BA01F4E}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{49755C9E-FFA0-48A6-B80A-7A1C699FF070}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{136CC0E8-CB15-413E-8510-CBC27E33FF2F}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{A22FFDB8-A2AC-4F25-9ADE-73CB7F7D8537}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [TCP Query User{0ECB9077-7CEF-4849-995F-00FDC70F6D9E}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe
FirewallRules: [UDP Query User{B6FB3418-142E-4E5A-A5F0-11FC6F12D5B1}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe
FirewallRules: [{9199BF7F-17F7-4A4C-B129-F1DCF76ED3AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E23202D5-DC00-4918-AE4C-A561FF0F96B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1EFAB845-D151-4261-B7B6-4DC6F01F024D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2155E5E3-DBFB-4B6B-86D0-C0B41BD7C73D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{118F2E1A-F8C1-4E16-865B-4E855C3E2C46}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{79DEE7AA-C4D1-4579-9DDF-D89E0CE03767}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A333E90C-78F7-4845-B373-1586B517E221}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{78AEE1A2-5585-42BA-9D82-926918FD5C58}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{921B9F8A-C937-44FC-9C5E-F8F07BE08253}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{8325021A-4179-4DA9-96A7-458860BBB99F}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{A421DA3C-59FA-45A3-9570-B148E0D183E7}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{4B57DAA1-D3F0-436B-87A5-9BFA7F52071C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{665E51CD-0B2E-4D4F-9A73-489379A15C06}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{6A594E5E-48C7-42E0-AD61-B5AAF368920C}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{42638317-CCBB-4996-A066-CF8E65348E2B}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
FirewallRules: [{46BA67C5-3E5C-4BA9-82DC-6EED962F44C1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{88463A54-09CB-4D55-86CB-F97CCDA51C1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{C130B361-DCBC-447F-80F8-BC7611320420}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{A10BC970-9BA8-49DB-9108-BB0B7FB16DE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E4C72743-D5FB-4937-82FA-014D56B12C34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{96CAB168-DD47-40F0-A128-B933B397CD0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C7534C61-15BB-4924-98C3-06F7FCD25DF9}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{D3197F2F-D126-4C88-9D85-C8660C760837}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{BE404BDE-5CA1-477B-B9B6-244F58D34F62}] => (Allow) C:\Users\David\Downloads\freefirewall-x64-setup.exe
FirewallRules: [{ECA31298-34EE-4769-8FB6-F07E4E0A6C83}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{51506D61-8ED7-4A63-8AEF-B87ECB0C4D90}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
==================== Wiederherstellungspunkte =========================
04-09-2016 03:52:03 Intel® Driver Update Utility
04-09-2016 03:53:55 Installed Intel(R) Wireless Bluetooth(R)
04-09-2016 15:49:56 Installed Intel(R) Wireless Bluetooth(R)
04-09-2016 16:06:27 Installed Epson Connect Printer Setup
04-09-2016 16:58:11 Free Firewall
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/04/2016 05:52:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: healthmon.exe, Version: 1.1.0.17, Zeitstempel: 0x57c7378e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x6e4
Startzeit der fehlerhaften Anwendung: 0x01d206c230c488ed
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\AdAware\hms\healthmon.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: 87592455-72b7-11e6-8287-4851b736bb44
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Code:
Error: (09/04/2016 05:52:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: healthmon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
bei System.Threading.Thread.Sleep(System.TimeSpan)
bei HealthMonitor.MainMonitor.Worker()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (09/04/2016 05:26:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: healthmon.exe, Version: 1.1.0.17, Zeitstempel: 0x57c7378e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x80c
Startzeit der fehlerhaften Anwendung: 0x01d206bea8833df9
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\AdAware\hms\healthmon.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: fefb7275-72b3-11e6-8286-4851b736bb44
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/04/2016 05:26:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: healthmon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
bei System.Threading.Thread.Sleep(System.TimeSpan)
bei HealthMonitor.MainMonitor.Worker()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (09/04/2016 05:08:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PowerPack.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ff_vfw.dll, Version: 1.3.0.0, Zeitstempel: 0x548199c3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00004d4b
ID des fehlerhaften Prozesses: 0x1b24
Startzeit der fehlerhaften Anwendung: 0x01d206bdd6ef7817
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\TweakNow PowerPack\PowerPack.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ff_vfw.dll
Berichtskennung: 699a7b0e-72b1-11e6-8285-4851b736bb44
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/04/2016 05:03:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: healthmon.exe, Version: 1.1.0.17, Zeitstempel: 0x57c7378e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x67c
Startzeit der fehlerhaften Anwendung: 0x01d206bb5daa0fe9
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\AdAware\hms\healthmon.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: b43d4c04-72b0-11e6-8285-4851b736bb44
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/04/2016 05:03:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: healthmon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
bei System.Threading.Thread.Sleep(System.TimeSpan)
bei HealthMonitor.MainMonitor.Worker()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (09/04/2016 04:35:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: healthmon.exe, Version: 1.1.0.17, Zeitstempel: 0x57c7378e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x7f8
Startzeit der fehlerhaften Anwendung: 0x01d206b76f0df15d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\AdAware\hms\healthmon.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: c58a52a8-72ac-11e6-8284-4851b736bb44
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/04/2016 04:35:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: healthmon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
bei System.Threading.Thread.Sleep(System.TimeSpan)
bei HealthMonitor.MainMonitor.Worker()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (09/04/2016 04:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: healthmon.exe, Version: 1.1.0.17, Zeitstempel: 0x57c7378e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x24b4
Startzeit der fehlerhaften Anwendung: 0x01d206b3253b7d6d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\AdAware\hms\healthmon.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: 7ba08557-72a8-11e6-8283-54a0508c1c1b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (09/04/2016 05:52:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Health Monitor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/04/2016 05:36:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service WILLAMETTE" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/04/2016 05:26:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Health Monitor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/04/2016 05:03:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Health Monitor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/04/2016 04:35:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Health Monitor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/04/2016 04:04:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Health Monitor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/04/2016 03:50:06 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (09/04/2016 03:48:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Health Monitor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/04/2016 03:32:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Health Monitor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/04/2016 03:16:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Health Monitor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-09-03 04:07:29.947
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-03 04:07:29.825
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-03 04:07:29.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 16266.84 MB
Verfügbarer physikalischer RAM: 12493.45 MB
Summe virtueller Speicher: 33674.84 MB
Verfügbarer virtueller Speicher: 29994.04 MB
==================== Laufwerke ================================
Drive c: (WIN81PRO) (Fixed) (Total:223.44 GB) (Free:147.01 GB) NTFS
Drive d: (WIN81PRO2) (Fixed) (Total:223.05 GB) (Free:222.7 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 00037006)
Partition: GPT.
========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 00B7D16F)
Partition: GPT.
==================== Ende von Addition.txt ============================ TDSS: Code:
17:56:50.0156 0x0d10 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
17:56:50.0156 0x0d10 UEFI system
17:57:03.0058 0x0d10 ============================================================
17:57:03.0058 0x0d10 Current date / time: 2016/09/04 17:57:03.0058
17:57:03.0058 0x0d10 SystemInfo:
17:57:03.0058 0x0d10
17:57:03.0058 0x0d10 OS Version: 6.3.9600 ServicePack: 0.0
17:57:03.0058 0x0d10 Product type: Workstation
17:57:03.0058 0x0d10 ComputerName: SONOR_45-45
17:57:03.0058 0x0d10 UserName: xxxxxxxxxxxxxxxxx
17:57:03.0058 0x0d10 Windows directory: C:\Windows
17:57:03.0058 0x0d10 System windows directory: C:\Windows
17:57:03.0058 0x0d10 Running under WOW64
17:57:03.0058 0x0d10 Processor architecture: Intel x64
17:57:03.0058 0x0d10 Number of processors: 8
17:57:03.0058 0x0d10 Page size: 0x1000
17:57:03.0058 0x0d10 Boot type: Normal boot
17:57:03.0058 0x0d10 CodeIntegrityOptions = 0x00000001
17:57:03.0058 0x0d10 ============================================================
17:57:03.0446 0x0d10 KLMD registered as C:\Windows\system32\drivers\62636068.sys
17:57:03.0446 0x0d10 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18423, osProperties = 0x19
17:57:03.0635 0x0d10 System UUID: {ED223F76-4B53-BE6E-6447-A8EE8714085B}
17:57:03.0952 0x0d10 Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:57:03.0952 0x0d10 Drive \Device\Harddisk1\DR1 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:57:03.0955 0x0d10 ============================================================
17:57:03.0955 0x0d10 \Device\Harddisk0\DR0:
17:57:03.0955 0x0d10 GPT partitions:
17:57:03.0955 0x0d10 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {40B344D1-5C13-4D82-A326-C2CEA0F35A82}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
17:57:03.0955 0x0d10 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D86F6069-71C5-40EF-8338-8D4A3435F061}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
17:57:03.0955 0x0d10 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {59AEB804-AEDB-4602-A81C-2F4A11475998}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
17:57:03.0955 0x0d10 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AEF6449D-15A5-42DA-B9B3-6BBCB83F36FB}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0x1BE1B800
17:57:03.0955 0x0d10 MBR partitions:
17:57:03.0955 0x0d10 \Device\Harddisk1\DR1:
17:57:03.0955 0x0d10 GPT partitions:
17:57:03.0956 0x0d10 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CE4DC5F5-E895-4567-BADE-4C607B44C0AE}, Name: Microsoft reserved partition, StartLBA 0x800, BlocksNum 0x40000
17:57:03.0956 0x0d10 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2DDB91CC-0EA1-4BA6-B928-91FC21CA2575}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x1BEE3800
17:57:03.0956 0x0d10 MBR partitions:
17:57:03.0956 0x0d10 ============================================================
17:57:03.0956 0x0d10 Initialize success
17:57:03.0956 0x0d10 ============================================================
17:57:08.0501 0x09a8 ============================================================
17:57:08.0501 0x09a8 Scan started
17:57:08.0501 0x09a8 Mode: Manual; SigCheck; TDLFS;
17:57:08.0501 0x09a8 ============================================================
17:57:08.0501 0x09a8 KSN ping started
17:57:08.0573 0x09a8 KSN ping finished: true
17:57:08.0709 0x09a8 ================ Scan system memory ========================
17:57:08.0709 0x09a8 System memory - ok
17:57:08.0709 0x09a8 ================ Scan services =============================
17:57:08.0716 0x09a8 1394ohci - ok
17:57:08.0718 0x09a8 360AntiHacker - ok
17:57:08.0719 0x09a8 360AvFlt - ok
17:57:08.0721 0x09a8 360Box64 - ok
17:57:08.0723 0x09a8 360Camera - ok
17:57:08.0725 0x09a8 360FsFlt - ok
17:57:08.0727 0x09a8 3ware - ok
17:57:08.0729 0x09a8 ACPI - ok
17:57:08.0731 0x09a8 acpiex - ok
17:57:08.0732 0x09a8 acpipagr - ok
17:57:08.0734 0x09a8 AcpiPmi - ok
17:57:08.0736 0x09a8 acpitime - ok
17:57:08.0739 0x09a8 AdobeARMservice - ok
17:57:08.0741 0x09a8 ADP80XX - ok
17:57:08.0743 0x09a8 AeLookupSvc - ok
17:57:08.0745 0x09a8 AFD - ok
17:57:08.0747 0x09a8 agp440 - ok
17:57:08.0749 0x09a8 ahcache - ok
17:57:08.0750 0x09a8 AiCharger - ok
17:57:08.0752 0x09a8 ALG - ok
17:57:08.0754 0x09a8 AmdK8 - ok
17:57:08.0756 0x09a8 AmdPPM - ok
17:57:08.0758 0x09a8 amdsata - ok
17:57:08.0761 0x09a8 amdsbs - ok
17:57:08.0763 0x09a8 amdxata - ok
17:57:08.0765 0x09a8 AppID - ok
17:57:08.0767 0x09a8 AppIDSvc - ok
17:57:08.0769 0x09a8 Appinfo - ok
17:57:08.0771 0x09a8 AppMgmt - ok
17:57:08.0773 0x09a8 AppReadiness - ok
17:57:08.0775 0x09a8 AppXSvc - ok
17:57:08.0777 0x09a8 arcsas - ok
17:57:08.0779 0x09a8 ASLDRService - ok
17:57:08.0781 0x09a8 ASMMAP64 - ok
17:57:08.0783 0x09a8 atapi - ok
17:57:08.0784 0x09a8 ATKGFNEXSrv - ok
17:57:08.0786 0x09a8 ATKWMIACPIIO - ok
17:57:08.0788 0x09a8 ATP - ok
17:57:08.0790 0x09a8 AudioEndpointBuilder - ok
17:57:08.0792 0x09a8 Audiosrv - ok
17:57:08.0793 0x09a8 AxInstSV - ok
17:57:08.0795 0x09a8 b06bdrv - ok
17:57:08.0797 0x09a8 BAPIDRV - ok
17:57:08.0799 0x09a8 BasicDisplay - ok
17:57:08.0801 0x09a8 BasicRender - ok
17:57:08.0803 0x09a8 bcmfn2 - ok
17:57:08.0806 0x09a8 BDESVC - ok
17:57:08.0808 0x09a8 Beep - ok
17:57:08.0809 0x09a8 BFE - ok
17:57:08.0811 0x09a8 BITS - ok
17:57:08.0813 0x09a8 Bluetooth Device Monitor - ok
17:57:08.0815 0x09a8 Bluetooth OBEX Service - ok
17:57:08.0817 0x09a8 bowser - ok
17:57:08.0818 0x09a8 BrokerInfrastructure - ok
17:57:08.0820 0x09a8 Browser - ok
17:57:08.0822 0x09a8 BthAvrcpTg - ok
17:57:08.0824 0x09a8 BthEnum - ok
17:57:08.0825 0x09a8 BthHFEnum - ok
17:57:08.0827 0x09a8 bthhfhid - ok
17:57:08.0829 0x09a8 BthHFSrv - ok
17:57:08.0831 0x09a8 BthLEEnum - ok
17:57:08.0832 0x09a8 BTHMODEM - ok
17:57:08.0834 0x09a8 BthPan - ok
17:57:08.0836 0x09a8 BTHPORT - ok
17:57:08.0837 0x09a8 bthserv - ok
17:57:08.0839 0x09a8 BTHUSB - ok
17:57:08.0841 0x09a8 btmaux - ok
17:57:08.0842 0x09a8 btmhsf - ok
17:57:08.0844 0x09a8 cdfs - ok
17:57:08.0846 0x09a8 cdrom - ok
17:57:08.0848 0x09a8 CertPropSvc - ok
17:57:08.0850 0x09a8 chromoting - ok
17:57:08.0852 0x09a8 circlass - ok
17:57:08.0854 0x09a8 CLFS - ok
17:57:08.0859 0x09a8 CmBatt - ok
17:57:08.0860 0x09a8 CNG - ok
17:57:08.0863 0x09a8 CompositeBus - ok
17:57:08.0865 0x09a8 COMSysApp - ok
17:57:08.0867 0x09a8 condrv - ok
17:57:08.0869 0x09a8 cphs - ok
17:57:08.0871 0x09a8 CryptSvc - ok
17:57:08.0873 0x09a8 CSC - ok
17:57:08.0875 0x09a8 CscService - ok
17:57:08.0877 0x09a8 dam - ok
17:57:08.0879 0x09a8 DcomLaunch - ok
17:57:08.0881 0x09a8 defragsvc - ok
17:57:08.0883 0x09a8 DeviceAssociationService - ok
17:57:08.0884 0x09a8 DeviceInstall - ok
17:57:08.0886 0x09a8 Dfsc - ok
17:57:08.0888 0x09a8 Dhcp - ok
17:57:08.0891 0x09a8 DiagTrack - ok
17:57:08.0893 0x09a8 disk - ok
17:57:08.0894 0x09a8 dmvsc - ok Code:
17:57:08.0896 0x09a8 Dnscache - ok
17:57:08.0898 0x09a8 dot3svc - ok
17:57:08.0899 0x09a8 DPS - ok
17:57:08.0901 0x09a8 DriverMFTService - ok
17:57:08.0903 0x09a8 drmkaud - ok
17:57:08.0905 0x09a8 DsmSvc - ok
17:57:08.0907 0x09a8 DXGKrnl - ok
17:57:08.0909 0x09a8 Eaphost - ok
17:57:08.0910 0x09a8 ebdrv - ok
17:57:08.0912 0x09a8 EFS - ok
17:57:08.0914 0x09a8 EhStorClass - ok
17:57:08.0915 0x09a8 EhStorTcgDrv - ok
17:57:08.0917 0x09a8 epmntdrv - ok
17:57:08.0919 0x09a8 EpsonScanSvc - ok
17:57:08.0921 0x09a8 ErrDev - ok
17:57:08.0926 0x09a8 EuGdiDrv - ok
17:57:08.0929 0x09a8 EventSystem - ok
17:57:08.0931 0x09a8 EvtEng - ok
17:57:08.0933 0x09a8 exfat - ok
17:57:08.0934 0x09a8 fastfat - ok
17:57:08.0936 0x09a8 Fax - ok
17:57:08.0938 0x09a8 fdc - ok
17:57:08.0940 0x09a8 fdPHost - ok
17:57:08.0942 0x09a8 FDResPub - ok
17:57:08.0943 0x09a8 fhsvc - ok
17:57:08.0945 0x09a8 FileInfo - ok
17:57:08.0947 0x09a8 Filetrace - ok
17:57:08.0948 0x09a8 flpydisk - ok
17:57:08.0950 0x09a8 FltMgr - ok
17:57:08.0952 0x09a8 FontCache - ok
17:57:08.0953 0x09a8 FontCache3.0.0.0 - ok
17:57:08.0955 0x09a8 FsDepends - ok
17:57:08.0957 0x09a8 Fs_Rec - ok
17:57:08.0959 0x09a8 fvevol - ok
17:57:08.0961 0x09a8 FxPPM - ok
17:57:08.0962 0x09a8 gagp30kx - ok
17:57:08.0964 0x09a8 gencounter - ok
17:57:08.0966 0x09a8 GPIOClx0101 - ok
17:57:08.0968 0x09a8 gpsvc - ok
17:57:08.0969 0x09a8 gupdate - ok
17:57:08.0971 0x09a8 gupdatem - ok
17:57:08.0973 0x09a8 HdAudAddService - ok
17:57:08.0975 0x09a8 HDAudBus - ok
17:57:08.0976 0x09a8 healthmon - ok
17:57:08.0978 0x09a8 HidBatt - ok
17:57:08.0980 0x09a8 HidBth - ok
17:57:08.0982 0x09a8 hidi2c - ok
17:57:08.0983 0x09a8 HidIr - ok
17:57:08.0985 0x09a8 hidserv - ok
17:57:08.0987 0x09a8 HIDSwitch - ok
17:57:08.0988 0x09a8 HidUsb - ok
17:57:08.0990 0x09a8 hkmsvc - ok
17:57:08.0992 0x09a8 HomeGroupListener - ok
17:57:08.0994 0x09a8 HomeGroupProvider - ok
17:57:08.0995 0x09a8 HpSAMD - ok
17:57:08.0997 0x09a8 HTTP - ok
17:57:08.0999 0x09a8 HWiNFO32 - ok
17:57:09.0000 0x09a8 hwpolicy - ok
17:57:09.0002 0x09a8 hyperkbd - ok
17:57:09.0004 0x09a8 HyperVideo - ok
17:57:09.0006 0x09a8 i8042prt - ok
17:57:09.0008 0x09a8 iaLPSSi_GPIO - ok
17:57:09.0011 0x09a8 iaLPSSi_I2C - ok
17:57:09.0012 0x09a8 iaStorA - ok
17:57:09.0013 0x09a8 iaStorAV - ok
17:57:09.0016 0x09a8 iaStorV - ok
17:57:09.0019 0x09a8 ibtsiva - ok
17:57:09.0020 0x09a8 ibtusb - ok
17:57:09.0022 0x09a8 IEEtwCollectorService - ok
17:57:09.0024 0x09a8 igfx - ok
17:57:09.0026 0x09a8 igfxCUIService1.0.0.0 - ok
17:57:09.0028 0x09a8 IKEEXT - ok
17:57:09.0031 0x09a8 InnovativeSolutions_monitor - ok
17:57:09.0034 0x09a8 intaud_WaveExtensible - ok
17:57:09.0036 0x09a8 IntcAzAudAddService - ok
17:57:09.0038 0x09a8 IntcDAud - ok
17:57:09.0039 0x09a8 Intel(R) Capability Licensing Service Interface - ok
17:57:09.0041 0x09a8 Intel(R) Capability Licensing Service TCP IP Interface - ok
17:57:09.0043 0x09a8 intelide - ok
17:57:09.0045 0x09a8 intelpep - ok
17:57:09.0047 0x09a8 intelppm - ok
17:57:09.0049 0x09a8 IpFilterDriver - ok
17:57:09.0051 0x09a8 iphlpsvc - ok
17:57:09.0052 0x09a8 IPMIDRV - ok
17:57:09.0054 0x09a8 IPNAT - ok
17:57:09.0056 0x09a8 IRENUM - ok
17:57:09.0058 0x09a8 isapnp - ok
17:57:09.0060 0x09a8 iScsiPrt - ok
17:57:09.0061 0x09a8 iwdbus - ok
17:57:09.0063 0x09a8 jhi_service - ok
17:57:09.0065 0x09a8 kbdclass - ok
17:57:09.0067 0x09a8 kbdhid - ok
17:57:09.0069 0x09a8 kbfiltr - ok
17:57:09.0071 0x09a8 kbldfltr - ok
17:57:09.0073 0x09a8 kdnic - ok
17:57:09.0075 0x09a8 KeyIso - ok
17:57:09.0076 0x09a8 KSecDD - ok
17:57:09.0078 0x09a8 KSecPkg - ok
17:57:09.0080 0x09a8 ksthunk - ok
17:57:09.0081 0x09a8 KtmRm - ok
17:57:09.0083 0x09a8 LanmanServer - ok
17:57:09.0085 0x09a8 LanmanWorkstation - ok
17:57:09.0087 0x09a8 lfsvc - ok
17:57:09.0089 0x09a8 lltdio - ok
17:57:09.0091 0x09a8 lltdsvc - ok
17:57:09.0093 0x09a8 lmhosts - ok
17:57:09.0094 0x09a8 LMS - ok
17:57:09.0097 0x09a8 LSI_SAS - ok
17:57:09.0099 0x09a8 LSI_SAS2 - ok
17:57:09.0101 0x09a8 LSI_SAS3 - ok
17:57:09.0102 0x09a8 LSI_SSS - ok
17:57:09.0104 0x09a8 LSM - ok
17:57:09.0106 0x09a8 luafv - ok
17:57:09.0108 0x09a8 megasas - ok
17:57:09.0110 0x09a8 megasr - ok
17:57:09.0112 0x09a8 MEIx64 - ok
17:57:09.0113 0x09a8 MMCSS - ok
17:57:09.0115 0x09a8 Modem - ok
17:57:09.0117 0x09a8 monitor - ok
17:57:09.0118 0x09a8 mouclass - ok
17:57:09.0120 0x09a8 mouhid - ok
17:57:09.0122 0x09a8 mountmgr - ok
17:57:09.0124 0x09a8 mpsdrv - ok
17:57:09.0126 0x09a8 MpsSvc - ok
17:57:09.0128 0x09a8 MRxDAV - ok
17:57:09.0129 0x09a8 mrxsmb - ok
17:57:09.0131 0x09a8 mrxsmb10 - ok
17:57:09.0133 0x09a8 mrxsmb20 - ok
17:57:09.0134 0x09a8 MsBridge - ok
17:57:09.0136 0x09a8 MSDTC - ok
17:57:09.0139 0x09a8 Msfs - ok
17:57:09.0142 0x09a8 msgpiowin32 - ok
17:57:09.0143 0x09a8 mshidkmdf - ok
17:57:09.0145 0x09a8 mshidumdf - ok
17:57:09.0147 0x09a8 msisadrv - ok
17:57:09.0149 0x09a8 MSiSCSI - ok
17:57:09.0151 0x09a8 msiserver - ok
17:57:09.0152 0x09a8 MsKeyboardFilter - ok
17:57:09.0154 0x09a8 MSKSSRV - ok
17:57:09.0156 0x09a8 MsLldp - ok
17:57:09.0158 0x09a8 MSPCLOCK - ok
17:57:09.0160 0x09a8 MSPQM - ok
17:57:09.0161 0x09a8 MsRPC - ok
17:57:09.0164 0x09a8 mssmbios - ok
17:57:09.0166 0x09a8 MSTEE - ok
17:57:09.0168 0x09a8 MTConfig - ok
17:57:09.0170 0x09a8 Mup - ok
17:57:09.0171 0x09a8 mvumis - ok
17:57:09.0173 0x09a8 MyWiFiDHCPDNS - ok
17:57:09.0175 0x09a8 napagent - ok
17:57:09.0177 0x09a8 NativeWifiP - ok
17:57:09.0179 0x09a8 NcaSvc - ok
17:57:09.0180 0x09a8 NcbService - ok
17:57:09.0182 0x09a8 NcdAutoSetup - ok
17:57:09.0184 0x09a8 NDIS - ok
17:57:09.0186 0x09a8 NdisCap - ok
17:57:09.0188 0x09a8 NdisImPlatform - ok
17:57:09.0189 0x09a8 NdisTapi - ok
17:57:09.0191 0x09a8 Ndisuio - ok
17:57:09.0193 0x09a8 NdisVirtualBus - ok
17:57:09.0195 0x09a8 NdisWan - ok
17:57:09.0197 0x09a8 NdisWanLegacy - ok
17:57:09.0198 0x09a8 NDProxy - ok
17:57:09.0200 0x09a8 Ndu - ok
17:57:09.0202 0x09a8 NetBIOS - ok
17:57:09.0204 0x09a8 NetBT - ok
17:57:09.0206 0x09a8 Netlogon - ok
17:57:09.0208 0x09a8 Netman - ok
17:57:09.0210 0x09a8 netprofm - ok
17:57:09.0211 0x09a8 NetTcpPortSharing - ok
17:57:09.0213 0x09a8 netvsc - ok
17:57:09.0215 0x09a8 NETwNb64 - ok
17:57:09.0217 0x09a8 NETwNe64 - ok
17:57:09.0219 0x09a8 NlaSvc - ok
17:57:09.0220 0x09a8 Npfs - ok
17:57:09.0223 0x09a8 npggsvc - ok
17:57:09.0225 0x09a8 npsvctrig - ok
17:57:09.0227 0x09a8 nsi - ok
17:57:09.0228 0x09a8 nsiproxy - ok
17:57:09.0231 0x09a8 Ntfs - ok
17:57:09.0233 0x09a8 Null - ok
17:57:09.0235 0x09a8 NvContainerLocalSystem - ok
17:57:09.0237 0x09a8 NvContainerNetworkService - ok
17:57:09.0239 0x09a8 NVIDIA Wireless Controller Service - ok
17:57:09.0241 0x09a8 nvlddmkm - ok
17:57:09.0243 0x09a8 nvraid - ok
17:57:09.0245 0x09a8 nvstor - ok
17:57:09.0247 0x09a8 NvStreamKms - ok
17:57:09.0248 0x09a8 nvsvc - ok
17:57:09.0250 0x09a8 nvvad_WaveExtensible - ok
17:57:09.0252 0x09a8 nv_agp - ok
17:57:09.0254 0x09a8 p2pimsvc - ok
17:57:09.0256 0x09a8 p2psvc - ok
17:57:09.0257 0x09a8 Parport - ok
17:57:09.0259 0x09a8 partmgr - ok
17:57:09.0261 0x09a8 PcaSvc - ok
17:57:09.0263 0x09a8 pci - ok
17:57:09.0264 0x09a8 pciide - ok
17:57:09.0266 0x09a8 pcmcia - ok
17:57:09.0268 0x09a8 pcw - ok
17:57:09.0270 0x09a8 pdc - ok
17:57:09.0272 0x09a8 PEAUTH - ok
17:57:09.0274 0x09a8 PeerDistSvc - ok
17:57:09.0276 0x09a8 PerfHost - ok
17:57:09.0280 0x09a8 pla - ok
17:57:09.0282 0x09a8 PlugPlay - ok
17:57:09.0284 0x09a8 PNRPAutoReg - ok
17:57:09.0286 0x09a8 PNRPsvc - ok
17:57:09.0287 0x09a8 PolicyAgent - ok Code:
17:57:09.0290 0x09a8 Power - ok
17:57:09.0292 0x09a8 PrintNotify - ok
17:57:09.0294 0x09a8 Processor - ok
17:57:09.0296 0x09a8 ProfSvc - ok
17:57:09.0297 0x09a8 Psched - ok
17:57:09.0299 0x09a8 PSI_SVC_2_x64 - ok
17:57:09.0301 0x09a8 QHActiveDefense - ok
17:57:09.0303 0x09a8 QWAVE - ok
17:57:09.0304 0x09a8 QWAVEdrv - ok
17:57:09.0306 0x09a8 RasAcd - ok
17:57:09.0308 0x09a8 RasAuto - ok
17:57:09.0310 0x09a8 RasMan - ok
17:57:09.0312 0x09a8 RasPppoe - ok
17:57:09.0314 0x09a8 rdbss - ok
17:57:09.0317 0x09a8 rdpbus - ok
17:57:09.0318 0x09a8 RDPDR - ok
17:57:09.0322 0x09a8 RdpVideoMiniport - ok
17:57:09.0323 0x09a8 rdyboost - ok
17:57:09.0325 0x09a8 ReFS - ok
17:57:09.0328 0x09a8 RegSrvc - ok
17:57:09.0330 0x09a8 RemoteAccess - ok
17:57:09.0332 0x09a8 RemoteRegistry - ok
17:57:09.0333 0x09a8 RFCOMM - ok
17:57:09.0335 0x09a8 RpcEptMapper - ok
17:57:09.0337 0x09a8 RpcLocator - ok
17:57:09.0339 0x09a8 RpcSs - ok
17:57:09.0341 0x09a8 rspndr - ok
17:57:09.0343 0x09a8 RTL8168 - ok
17:57:09.0345 0x09a8 RTSPER - ok
17:57:09.0346 0x09a8 s3cap - ok
17:57:09.0348 0x09a8 SamSs - ok
17:57:09.0350 0x09a8 sbp2port - ok
17:57:09.0352 0x09a8 SCardSvr - ok
17:57:09.0353 0x09a8 ScDeviceEnum - ok
17:57:09.0355 0x09a8 scfilter - ok
17:57:09.0357 0x09a8 Schedule - ok
17:57:09.0359 0x09a8 SCPolicySvc - ok
17:57:09.0361 0x09a8 sdbus - ok
17:57:09.0363 0x09a8 sdstor - ok
17:57:09.0364 0x09a8 secdrv - ok
17:57:09.0366 0x09a8 seclogon - ok
17:57:09.0368 0x09a8 semav6msr64 - ok
17:57:09.0370 0x09a8 SENS - ok
17:57:09.0372 0x09a8 SensrSvc - ok
17:57:09.0374 0x09a8 SerCx - ok
17:57:09.0376 0x09a8 SerCx2 - ok
17:57:09.0377 0x09a8 Serenum - ok
17:57:09.0379 0x09a8 Serial - ok
17:57:09.0381 0x09a8 sermouse - ok
17:57:09.0385 0x09a8 SessionEnv - ok
17:57:09.0387 0x09a8 sfloppy - ok
17:57:09.0389 0x09a8 SharedAccess - ok
17:57:09.0391 0x09a8 ShellHWDetection - ok
17:57:09.0393 0x09a8 SiSRaid2 - ok
17:57:09.0395 0x09a8 SiSRaid4 - ok
17:57:09.0397 0x09a8 SkypeUpdate - ok
17:57:09.0399 0x09a8 smphost - ok
17:57:09.0402 0x09a8 SNMPTRAP - ok
17:57:09.0404 0x09a8 spaceport - ok
17:57:09.0406 0x09a8 SpbCx - ok
17:57:09.0408 0x09a8 Spooler - ok
17:57:09.0410 0x09a8 sppsvc - ok
17:57:09.0411 0x09a8 srv - ok
17:57:09.0413 0x09a8 srv2 - ok
17:57:09.0415 0x09a8 srvnet - ok
17:57:09.0417 0x09a8 SSDPSRV - ok
17:57:09.0419 0x09a8 SstpSvc - ok
17:57:09.0420 0x09a8 Steam Client Service - ok
17:57:09.0422 0x09a8 stexstor - ok
17:57:09.0424 0x09a8 stisvc - ok
17:57:09.0426 0x09a8 storahci - ok
17:57:09.0428 0x09a8 storflt - ok
17:57:09.0429 0x09a8 stornvme - ok
17:57:09.0431 0x09a8 StorSvc - ok
17:57:09.0433 0x09a8 storvsc - ok
17:57:09.0435 0x09a8 storvsp - ok
17:57:09.0437 0x09a8 svsvc - ok
17:57:09.0439 0x09a8 swenum - ok
17:57:09.0441 0x09a8 swprv - ok
17:57:09.0442 0x09a8 SysMain - ok
17:57:09.0444 0x09a8 SystemEventsBroker - ok
17:57:09.0446 0x09a8 SystemUsageReportSvc_WILLAMETTE - ok
17:57:09.0449 0x09a8 TabletInputService - ok
17:57:09.0450 0x09a8 TapiSrv - ok
17:57:09.0452 0x09a8 Tcpip - ok
17:57:09.0454 0x09a8 TCPIP6 - ok
17:57:09.0456 0x09a8 tcpipreg - ok
17:57:09.0459 0x09a8 tdx - ok
17:57:09.0460 0x09a8 TeamViewer - ok
17:57:09.0462 0x09a8 terminpt - ok
17:57:09.0464 0x09a8 TermService - ok
17:57:09.0466 0x09a8 Themes - ok
17:57:09.0468 0x09a8 THREADORDER - ok
17:57:09.0470 0x09a8 TimeBroker - ok
17:57:09.0471 0x09a8 TPM - ok
17:57:09.0474 0x09a8 TrkWks - ok
17:57:09.0476 0x09a8 TrustedInstaller - ok
17:57:09.0479 0x09a8 TsUsbFlt - ok
17:57:09.0480 0x09a8 TsUsbGD - ok
17:57:09.0483 0x09a8 tunnel - ok
17:57:09.0484 0x09a8 t_mouse.sys - ok
17:57:09.0486 0x09a8 uagp35 - ok
17:57:09.0488 0x09a8 UASPStor - ok
17:57:09.0490 0x09a8 UCX01000 - ok
17:57:09.0492 0x09a8 udfs - ok
17:57:09.0494 0x09a8 UEFI - ok
17:57:09.0497 0x09a8 UI0Detect - ok
17:57:09.0499 0x09a8 uliagpkx - ok
17:57:09.0501 0x09a8 umbus - ok
17:57:09.0502 0x09a8 UmPass - ok
17:57:09.0504 0x09a8 UmRdpService - ok
17:57:09.0506 0x09a8 upnphost - ok
17:57:09.0508 0x09a8 usbccgp - ok
17:57:09.0510 0x09a8 usbcir - ok
17:57:09.0512 0x09a8 usbehci - ok
17:57:09.0513 0x09a8 usbhub - ok
17:57:09.0515 0x09a8 USBHUB3 - ok
17:57:09.0517 0x09a8 usbohci - ok
17:57:09.0519 0x09a8 usbprint - ok
17:57:09.0520 0x09a8 USBSTOR - ok
17:57:09.0522 0x09a8 usbuhci - ok
17:57:09.0524 0x09a8 usbvideo - ok
17:57:09.0526 0x09a8 USBXHCI - ok
17:57:09.0527 0x09a8 USER_ESRV_SVC_WILLAMETTE - ok
17:57:09.0529 0x09a8 VaultSvc - ok
17:57:09.0531 0x09a8 VBoxDrv - ok
17:57:09.0533 0x09a8 VBoxNetAdp - ok
17:57:09.0534 0x09a8 VBoxNetLwf - ok
17:57:09.0536 0x09a8 VBoxUSBMon - ok
17:57:09.0538 0x09a8 vdrvroot - ok
17:57:09.0540 0x09a8 vds - ok
17:57:09.0542 0x09a8 VerifierExt - ok
17:57:09.0544 0x09a8 vhdmp - ok
17:57:09.0546 0x09a8 viaide - ok
17:57:09.0548 0x09a8 Vid - ok
17:57:09.0549 0x09a8 vmbus - ok
17:57:09.0551 0x09a8 VMBusHID - ok
17:57:09.0553 0x09a8 vmbusr - ok
17:57:09.0555 0x09a8 vmicguestinterface - ok
17:57:09.0557 0x09a8 vmicheartbeat - ok
17:57:09.0558 0x09a8 vmickvpexchange - ok
17:57:09.0560 0x09a8 vmicrdv - ok
17:57:09.0562 0x09a8 vmicshutdown - ok
17:57:09.0563 0x09a8 vmictimesync - ok
17:57:09.0565 0x09a8 vmicvss - ok
17:57:09.0567 0x09a8 volmgr - ok
17:57:09.0569 0x09a8 volmgrx - ok
17:57:09.0570 0x09a8 volsnap - ok
17:57:09.0572 0x09a8 vpci - ok
17:57:09.0574 0x09a8 vpcivsp - ok
17:57:09.0576 0x09a8 vsmraid - ok
17:57:09.0578 0x09a8 VSS - ok
17:57:09.0579 0x09a8 VSTXRAID - ok
17:57:09.0581 0x09a8 vwifibus - ok
17:57:09.0583 0x09a8 vwififlt - ok
17:57:09.0585 0x09a8 vwifimp - ok
17:57:09.0587 0x09a8 W32Time - ok
17:57:09.0588 0x09a8 WacomPen - ok
17:57:09.0590 0x09a8 wbengine - ok
17:57:09.0592 0x09a8 WbioSrvc - ok
17:57:09.0594 0x09a8 Wcmsvc - ok
17:57:09.0596 0x09a8 WCMVCAM - ok
17:57:09.0598 0x09a8 wcncsvc - ok
17:57:09.0600 0x09a8 WcsPlugInService - ok
17:57:09.0602 0x09a8 WdBoot - ok
17:57:09.0603 0x09a8 Wdf01000 - ok
17:57:09.0605 0x09a8 WdFilter - ok
17:57:09.0607 0x09a8 WdiServiceHost - ok
17:57:09.0609 0x09a8 WdiSystemHost - ok
17:57:09.0611 0x09a8 WdNisDrv - ok
17:57:09.0613 0x09a8 WdNisSvc - ok
17:57:09.0615 0x09a8 WebClient - ok
17:57:09.0617 0x09a8 Wecsvc - ok
17:57:09.0619 0x09a8 WEPHOSTSVC - ok
17:57:09.0620 0x09a8 wercplsupport - ok
17:57:09.0622 0x09a8 WerSvc - ok
17:57:09.0624 0x09a8 WFPLWFS - ok
17:57:09.0626 0x09a8 WiaRpc - ok
17:57:09.0628 0x09a8 WIMMount - ok
17:57:09.0630 0x09a8 WinDefend - ok
17:57:09.0633 0x09a8 WinHttpAutoProxySvc - ok
17:57:09.0635 0x09a8 Winmgmt - ok
17:57:09.0637 0x09a8 WinRM - ok
17:57:09.0641 0x09a8 WlanSvc - ok
17:57:09.0643 0x09a8 wlidsvc - ok
17:57:09.0645 0x09a8 WmiAcpi - ok
17:57:09.0647 0x09a8 wmiApSrv - ok
17:57:09.0649 0x09a8 WMPNetworkSvc - ok
17:57:09.0651 0x09a8 Wof - ok
17:57:09.0654 0x09a8 workfolderssvc - ok
17:57:09.0655 0x09a8 wpcfltr - ok
17:57:09.0657 0x09a8 WPCSvc - ok
17:57:09.0659 0x09a8 WPDBusEnum - ok
17:57:09.0661 0x09a8 WpdUpFltr - ok
17:57:09.0663 0x09a8 ws2ifsl - ok
17:57:09.0665 0x09a8 wscsvc - ok
17:57:09.0667 0x09a8 WSDPrintDevice - ok
17:57:09.0669 0x09a8 WSDScan - ok
17:57:09.0670 0x09a8 WSearch - ok
17:57:09.0673 0x09a8 WSService - ok
17:57:09.0675 0x09a8 wuauserv - ok
17:57:09.0677 0x09a8 WudfPf - ok
17:57:09.0679 0x09a8 WUDFRd - ok
17:57:09.0681 0x09a8 wudfsvc - ok
17:57:09.0683 0x09a8 WUDFWpdFs - ok
17:57:09.0685 0x09a8 WwanSvc - ok
17:57:09.0687 0x09a8 ZeroConfigService - ok
17:57:09.0694 0x09a8 ================ Scan global ===============================
17:57:09.0695 0x09a8 [ Global ] - ok
17:57:09.0695 0x09a8 ================ Scan MBR ==================================
17:57:09.0698 0x09a8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:57:09.0724 0x09a8 \Device\Harddisk0\DR0 - ok
17:57:09.0726 0x09a8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:57:09.0761 0x09a8 \Device\Harddisk1\DR1 - ok
17:57:09.0761 0x09a8 ================ Scan VBR ==================================
17:57:09.0762 0x09a8 [ 698C0A411B5D6FC349492FAAE6A3B278 ] \Device\Harddisk0\DR0\Partition1
17:57:09.0763 0x09a8 \Device\Harddisk0\DR0\Partition1 - ok
17:57:09.0765 0x09a8 [ 3134F361089AF13626F26DD0D3618D22 ] \Device\Harddisk0\DR0\Partition2
17:57:09.0765 0x09a8 \Device\Harddisk0\DR0\Partition2 - ok
17:57:09.0767 0x09a8 [ 02CE700CFD16E0C562D0FC736136EAE9 ] \Device\Harddisk0\DR0\Partition3
17:57:09.0767 0x09a8 \Device\Harddisk0\DR0\Partition3 - ok
17:57:09.0768 0x09a8 [ C7684A0EFBBAF66C017DB98EC9A524DB ] \Device\Harddisk0\DR0\Partition4
17:57:09.0769 0x09a8 \Device\Harddisk0\DR0\Partition4 - ok
17:57:09.0770 0x09a8 [ BDB82A0BA1A988EAB30FCE40F886661E ] \Device\Harddisk1\DR1\Partition1
17:57:09.0770 0x09a8 \Device\Harddisk1\DR1\Partition1 - ok
17:57:09.0772 0x09a8 [ 77C49A17894DA6001F7ED05DA904700A ] \Device\Harddisk1\DR1\Partition2
17:57:09.0773 0x09a8 \Device\Harddisk1\DR1\Partition2 - ok
17:57:09.0773 0x09a8 ================ Scan generic autorun ======================
17:57:09.0773 0x09a8 BTMTrayAgent - ok
17:57:09.0774 0x09a8 Classic Start Menu - ok
17:57:09.0775 0x09a8 MouseDriver - ok
17:57:09.0775 0x09a8 IntelPROSet - ok
17:57:09.0776 0x09a8 ShadowPlay - ok
17:57:09.0777 0x09a8 Codec Settings UAC Manager - ok
17:57:09.0778 0x09a8 QHSafeTray - ok
17:57:09.0778 0x09a8 EaseUS EPM tray - ok
17:57:09.0779 0x09a8 EaseUS Cleanup - ok
17:57:09.0780 0x09a8 SunJavaUpdateSched - ok
17:57:09.0781 0x09a8 FUFAXRCV - ok
17:57:09.0782 0x09a8 FUFAXSTM - ok
17:57:09.0783 0x09a8 EEventManager - ok
17:57:09.0783 0x09a8 Skype - ok
17:57:09.0784 0x09a8 eM Client - ok
17:57:09.0785 0x09a8 Free Download Manager - ok
17:57:09.0786 0x09a8 icq.desktop - ok
17:57:09.0787 0x09a8 Steam - ok
17:57:09.0787 0x09a8 Viber - ok
17:57:09.0788 0x09a8 EPLTarget\P0000000000000000 - ok
17:57:09.0789 0x09a8 WebcamMaxAutoRun - ok
17:57:09.0790 0x09a8 qBittorrent - ok
17:57:09.0791 0x09a8 FreeFirewall - ok
17:57:09.0791 0x09a8 EPLTarget\P0000000000000001 - ok
17:57:09.0805 0x09a8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
17:57:09.0805 0x09a8 AV detected via SS2: 360 Total Security, C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe ( 8.8.0.1001 ), 0x50000 ( disabled : updated )
17:57:09.0808 0x09a8 Win FW state via NFP2: disabled ( trusted )
17:57:09.0882 0x09a8 ============================================================
17:57:09.0882 0x09a8 Scan finished
17:57:09.0882 0x09a8 ============================================================
17:57:09.0887 0x09a4 Detected object count: 0
17:57:09.0887 0x09a4 Actual detected object count: 0
17:57:12.0476 0x1760 Deinitialize success Hoffe hab das richtig gemacht mit dem stückeln. Gruß |