| |
| |||||||
Log-Analyse und Auswertung: Notebook braucht 15 min zum hochfahrenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.09.2015, 11:32
| #1 |
 |  Notebook braucht 15 min zum hochfahren Hi zusammen, benötige eure Hilfe. In Letzter Zeit braucht mein Notebook 10 min bis der Desktop da ist und nochmal 5 weitere minuten bis er alles geladen hat und Einsatzfähig ist. Und mein Bluetooth funktioniert auch nicht... Benutze Avast Antivirus. Edit: Ach ja und bei mir laufen nach dem Neustart meistens um die 100 Prozesse. Mal mehr mal weniger... Gruß Eugen |
|
23.09.2015, 12:13
| #2 |
| /// the machine /// TB-Ausbilder    | Notebook braucht 15 min zum hochfahren hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
23.09.2015, 12:29
| #3 |
| | Notebook braucht 15 min zum hochfahren FRST.txt:
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Eugen (Administrator) auf EUGEN-PC (23-09-2015 13:18:09)
Gestartet von C:\Users\Eugen\Desktop\Recovery 23-09-2015
Geladene Profile: Eugen (Verfügbare Profile: Eugen & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Giraffic) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
(Giraffic) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(3S-Smart Software Solutions GmbH) C:\Program Files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(3S-Smart Software Solutions GmbH) C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
() C:\Program Files (x86)\IObit\IObit Uninstaller\Install_PintoStartMenu.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\PPUninstaller.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\PPUninstaller.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\DiskDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoCare.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-21] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1236569144-611998795-838250545-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs: ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-21] (AVAST Software)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
BootExecute:
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 11 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2013-05-11] (National Instruments Corporation)
Winsock: Catalog5-x64 11 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560 2013-05-11] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5FD91843-3AE1-472C-9515-E01B26A8728A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EBE3468D-7CD6-4436-AC34-30B3D5192485}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1236569144-611998795-838250545-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1236569144-611998795-838250545-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-1236569144-611998795-838250545-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-1236569144-611998795-838250545-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {0CCD4CB5-9444-44DD-A39F-CCB3A19ADAB1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {46796D2F-6FE6-4DBF-81C0-F1CB6B934773} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {63D5E2AE-DDD8-4B52-936F-14B2D94D438D} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {68CA96C1-E6FB-4B39-96AE-13E6B5B7E8DA} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {A334D4D4-1D46-4F58-856E-74C2419D272E} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-08-24] (IObit)
BHO: Kein Name -> {11111111-1111-1111-1111-110611081104} -> Keine Datei
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Kein Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> Keine Datei
BHO-x32: Kein Name -> {11111111-1111-1111-1111-110611081104} -> Keine Datei
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-13] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-21] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-10-25] ()
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-13] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll Keine Datei
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll Keine Datei
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF SelectedSearchEngine: Google (avast)
FF DefaultSearchEngine: Google (avast)
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\windows\system32\npDeployJava1.dll [2013-04-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-13] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1236569144-611998795-838250545-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Eugen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1236569144-611998795-838250545-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Eugen\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1236569144-611998795-838250545-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Eugen\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1236569144-611998795-838250545-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Eugen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-22] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll [2013-05-29] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2013win32.dll [2013-06-20] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\searchplugins\google-avast.xml [2015-08-24]
FF SearchPlugin: C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\searchplugins\yahoo-avast.xml [2014-07-03]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\Extensions\iobitascsurfingprotection@iobit.com [2015-09-23]
FF Extension: New Tab by Yahoo - C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-08-07]
FF Extension: Greasemonkey - C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-05-31]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-01]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-11-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-23]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1414662494&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9GC614399"
CHR Plugin: (Shockwave Flash) - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\45.0.2454.99\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\45.0.2454.99\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\45.0.2454.99\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL => Keine Datei
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll => Keine Datei
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Eugen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Eugen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\Eugen\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-27]
CHR Extension: (Google Drive) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-09]
CHR Extension: (YouTube) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-09]
CHR Extension: (Adblock Plus) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-23]
CHR Extension: (Google-Suche) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-09]
CHR Extension: (FoxyProxy Standard) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2014-12-06]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-13]
CHR Extension: (AdBlock) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-30]
CHR Extension: (Avast Online Security) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-23]
CHR Extension: (ProxMate) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-03-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-30]
CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2014-10-06]
CHR Extension: (Google Mail) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.CTKEMGO4BIPDMTQEJLN57L342E - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
R2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2014-07-17] (Apache Software Foundation) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-21] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 ENI Server; C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe [651264 2013-04-15] (3S-Smart Software Solutions GmbH) [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
R2 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
S3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2000-01-01] (Intel Corporation)
S3 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2000-01-01] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-24] (IObit)
R2 LkCitadelServer; C:\windows\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
R2 lkClassAds; C:\windows\SysWOW64\lkads.exe [53544 2013-06-12] (National Instruments Corporation)
R2 lkTimeSync; C:\windows\SysWOW64\lktsrv.exe [63792 2013-06-12] (National Instruments Corporation)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S4 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
S4 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-05-08] ()
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57696 2013-06-08] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [81248 2013-06-08] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [380720 2013-06-12] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [260976 2013-05-11] (National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [90440 2013-06-07] (National Instruments Corporation)
R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57680 2013-06-08] (National Instruments Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-11-28] ()
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 RTService; C:\Program Files (x86)\3S Software\CoDeSys SP RTE\RTService.exe [495735 2013-04-16] (3S-Smart Software Solutions GmbH) [Datei ist nicht signiert]
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] () [Datei ist nicht signiert]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-10-14] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-10-14] (Secunia)
R2 ServiceControl_RTE23_3S_GmbH; C:\Program Files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe [188551 2013-04-16] (3S-Smart Software Solutions GmbH) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S4 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3385584 2013-05-08] (Intel® Corporation)
R3 WinHttpAutoProxySvc; winhttp.dll [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 3SRTE; C:\Windows\SysWow64\Drivers\3SRTE.sys [340078 2013-04-16] (3S - Smart Software Solutions GmbH)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-21] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-10-15] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 EterlogicVirtualSerialDriver; C:\windows\system32\drivers\VSPE.sys [40928 2014-06-23] ()
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-04-08] (GFI Software)
S3 h647906; C:\Windows\System32\drivers\h647906.sys [63856 2008-08-08] (Your Corporation)
S3 h648101; C:\Windows\System32\drivers\h648101.sys [65776 2008-08-08] (Your Corporation)
S3 h648103; C:\Windows\System32\drivers\h648103.sys [62960 2008-08-08] (Your Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41272 2008-08-08] (Your Corporation)
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [43192 2008-08-08] (Your Corporation)
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [40856 2008-08-08] (Your Corporation)
S3 ibpcimpm; C:\Windows\SysWow64\Drivers\ibpcimpm.sys [267912 2013-04-16] (3s)
S3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-21] (AVAST Software)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-10-14] (Secunia)
S3 RTIOdrvAPIC; C:\Windows\SysWow64\Drivers\RTIOdrvAPIC.sys [19584 2013-04-16] (3S)
S3 RTIOdrvApplicom; C:\Windows\SysWow64\Drivers\RTIOdrvApplicom.sys [222852 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvAutomata; C:\Windows\SysWow64\Drivers\RTIOdrvAutomata.sys [307020 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvCifX; C:\Windows\SysWow64\Drivers\RTIOdrvCifX.sys [100480 2013-04-16] () [Datei ist nicht signiert]
S3 RTIOdrvCP5613; C:\Windows\SysWow64\Drivers\RTIOdrvCP5613.sys [403408 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvDAMP; C:\Windows\SysWow64\Drivers\RTIOdrvDAMP.sys [84096 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvFC310x; C:\Windows\SysWow64\Drivers\RTIOdrvFC310x.sys [44676 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvHilscherDPM; C:\Windows\SysWow64\Drivers\RTIOdrvHilscherDPM.sys [65678 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvHMS; C:\Windows\SysWow64\Drivers\RTIOdrvHMS.sys [31358 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvKuhnkePBM; C:\Windows\SysWow64\Drivers\RTIOdrvKuhnkePBM.sys [62602 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvSJA; C:\Windows\SysWow64\Drivers\RTIOdrvSJA.sys [111596 2013-04-16] (3s) [Datei ist nicht signiert]
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-21] (Avast Software)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 GPU-Z; \??\C:\Users\Eugen\AppData\Local\Temp\GPU-Z.sys [X]
S3 SBIOSIO; \??\C:\Users\Eugen\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-23 13:17 - 2015-09-23 13:18 - 00000000 ____D C:\Users\Eugen\Desktop\Recovery 23-09-2015
2015-09-23 13:16 - 2015-09-23 13:16 - 02192384 _____ (Farbar) C:\Users\Eugen\Downloads\ADE9.tmp
2015-09-23 13:15 - 2015-09-23 13:15 - 00003184 _____ C:\windows\System32\Tasks\ASC8_PerformanceMonitor
2015-09-23 13:15 - 2015-09-23 13:15 - 00002872 _____ C:\windows\System32\Tasks\ASC8_SkipUac_Eugen
2015-09-23 13:15 - 2015-09-23 13:15 - 00002181 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-09-23 13:15 - 2015-09-23 13:15 - 00000000 ____D C:\windows\Tasks\ImCleanDisabled
2015-09-23 13:15 - 2015-09-23 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-09-23 13:15 - 2015-09-23 13:15 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-09-23 13:11 - 2015-09-23 13:15 - 00000000 ____D C:\ProgramData\ProductData
2015-09-23 13:11 - 2015-09-23 13:15 - 00000000 ____D C:\ProgramData\IObit
2015-09-23 13:11 - 2015-09-23 13:11 - 00002904 _____ C:\windows\System32\Tasks\Uninstaller_SkipUac_Eugen
2015-09-23 13:11 - 2015-09-23 13:11 - 00001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-09-23 13:11 - 2015-09-23 13:11 - 00001354 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-09-23 13:11 - 2015-09-23 13:11 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\ProductData
2015-09-23 13:11 - 2015-09-23 13:11 - 00000000 ____D C:\Users\Eugen\AppData\IObit
2015-09-23 13:10 - 2015-09-23 13:15 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-23 13:10 - 2015-09-23 13:14 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\IObit
2015-09-23 12:59 - 2015-09-23 12:59 - 01457952 _____ C:\Users\Eugen\Desktop\IObit Uninstaller - CHIP-Installer.exe
2015-09-14 20:42 - 2015-09-14 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\premium Poker
2015-09-13 16:44 - 2015-09-13 16:44 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Premium
2015-09-13 16:43 - 2015-09-14 20:42 - 00001489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\premium Poker.lnk
2015-09-13 16:43 - 2015-09-14 20:42 - 00001483 _____ C:\Users\Eugen\Desktop\premium Poker.lnk
2015-09-13 03:26 - 2015-09-13 03:26 - 00000000 ____D C:\Users\Eugen\AppData\Local\YSearchUtil
2015-09-13 03:26 - 2015-09-13 03:26 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-09-13 03:17 - 2015-09-13 03:17 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Sun
2015-09-13 03:17 - 2015-09-13 03:17 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-13 03:17 - 2015-09-13 03:17 - 00000000 ____D C:\Users\Eugen\.oracle_jre_usage
2015-08-24 18:55 - 2015-09-23 13:00 - 00001224 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job
2015-08-24 18:55 - 2015-09-22 21:07 - 00001172 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job
2015-08-24 18:55 - 2015-08-24 18:55 - 00004198 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA
2015-08-24 18:55 - 2015-08-24 18:55 - 00003802 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core
2015-08-24 18:55 - 2015-08-24 18:55 - 00000000 ____D C:\Users\Eugen\AppData\Local\Dropbox
2015-08-24 18:55 - 2015-08-24 18:55 - 00000000 ____D C:\ProgramData\Dropbox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-23 13:21 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-23 13:21 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-23 13:18 - 2013-10-14 13:55 - 00000000 ____D C:\FRST
2015-09-23 13:18 - 2012-05-22 05:05 - 02008148 _____ C:\windows\WindowsUpdate.log
2015-09-23 13:15 - 2013-01-06 00:40 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Apple Computer
2015-09-23 13:14 - 2013-12-11 11:23 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-09-23 13:13 - 2012-05-21 13:22 - 00000000 ____D C:\ProgramData\WildTangent
2015-09-23 13:13 - 2012-05-21 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2015-09-23 13:13 - 2012-05-21 13:22 - 00000000 ____D C:\Program Files (x86)\WildGames
2015-09-23 13:12 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-23 13:11 - 2012-10-12 22:06 - 00000928 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job
2015-09-23 13:03 - 2015-01-05 17:21 - 00000546 _____ C:\windows\Tasks\MATLAB R2012a Startup Accelerator.job
2015-09-23 13:02 - 2013-04-29 18:30 - 00000000 ____D C:\Program Files (x86)\Giraffic
2015-09-23 12:48 - 2014-11-28 13:48 - 00000000 ____D C:\Program Files (x86)\GamersFirst
2015-09-23 12:44 - 2013-05-31 10:55 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-23 12:38 - 2014-11-28 13:48 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
2015-09-23 12:37 - 2012-12-13 20:28 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Amazon
2015-09-23 12:37 - 2012-12-13 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2015-09-23 12:37 - 2012-12-13 20:27 - 00000000 ____D C:\Program Files (x86)\Amazon
2015-09-23 12:37 - 2012-11-30 13:54 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\uTorrent
2015-09-23 12:31 - 2013-05-09 18:16 - 00000434 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-09-23 12:28 - 2013-10-23 15:22 - 00046929 _____ C:\windows\setupact.log
2015-09-23 12:27 - 2013-05-31 10:55 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-23 12:26 - 2012-05-21 13:12 - 00000828 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-09-23 12:26 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-09-23 12:21 - 2012-10-09 18:43 - 00000000 ____D C:\Allgemein
2015-09-23 12:21 - 2012-10-08 12:49 - 00000000 ____D C:\Studium
2015-09-23 12:18 - 2015-01-26 17:55 - 00000000 ____D C:\Users\Eugen\Desktop\CS
2015-09-23 11:55 - 2013-04-09 16:41 - 00002356 _____ C:\Users\Eugen\Desktop\Google Chrome.lnk
2015-09-23 11:55 - 2013-04-09 16:40 - 00001120 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job
2015-09-22 22:11 - 2012-10-12 22:06 - 00000906 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job
2015-09-22 20:59 - 2013-04-09 16:40 - 00001068 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job
2015-09-22 20:57 - 2012-05-21 13:12 - 00000830 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-09-21 21:15 - 2013-12-11 11:23 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 21:15 - 2013-12-11 11:23 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-21 21:15 - 2013-12-11 11:23 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 18:47 - 2013-11-20 22:15 - 00000000 ____D C:\ProgramData\Giraffic
2015-09-20 19:55 - 2012-12-19 17:02 - 00000000 ____D C:\Users\Eugen\AppData\Local\CrashDumps
2015-09-20 19:52 - 2012-09-29 10:58 - 00000000 ____D C:\Users\Eugen\AppData\Local\Google
2015-09-17 19:21 - 2013-04-09 16:40 - 00004090 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA
2015-09-17 19:21 - 2013-04-09 16:40 - 00003694 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core
2015-09-16 22:05 - 2013-11-13 18:26 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-09-16 20:39 - 2013-05-31 10:55 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 20:39 - 2013-05-31 10:55 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 20:08 - 2012-11-26 17:57 - 00000000 ___RD C:\Users\Eugen\Dropbox
2015-09-16 20:07 - 2012-11-26 17:55 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Dropbox
2015-09-15 19:58 - 2009-07-14 07:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-09-14 20:18 - 2013-10-23 15:22 - 00166462 _____ C:\windows\PFRO.log
2015-09-13 16:44 - 2013-04-11 19:43 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\cef-cache
2015-09-13 03:24 - 2014-11-17 14:23 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-13 03:22 - 2014-10-12 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-13 03:17 - 2012-09-29 09:07 - 00000000 ____D C:\Users\Eugen
2015-09-13 03:14 - 2014-11-17 14:24 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-27 22:15 - 2012-10-04 18:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-08-25 21:57 - 2014-06-09 15:37 - 00000000 ____D C:\AdwCleaner
2015-08-24 18:09 - 2012-11-20 11:41 - 00000000 ____D C:\windows\pss
2015-08-24 14:58 - 2014-05-31 15:23 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-24 14:43 - 2012-09-30 14:42 - 00000000 ____D C:\Users\Eugen\AppData\Local\Spotify
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-17 10:57 - 2014-11-17 10:57 - 0027648 _____ () C:\Users\Eugen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-31 16:03 - 2014-05-31 16:03 - 0000218 _____ () C:\Users\Eugen\AppData\Local\recently-used.xbel
2013-04-11 14:54 - 2013-06-07 08:44 - 0007597 _____ () C:\Users\Eugen\AppData\Local\resmon.resmoncfg
2013-06-15 14:01 - 2013-06-15 14:03 - 0014727 _____ () C:\Users\Eugen\AppData\Local\WiDiSetupLog.20130615.140157.txt
2014-10-06 15:09 - 2014-10-06 15:17 - 0000106 _____ () C:\ProgramData\.sdplic
2015-04-08 17:03 - 2015-04-08 17:03 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-10-08 20:56 - 2012-11-23 15:15 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2012-05-21 14:32 - 2012-05-21 14:33 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-21 14:28 - 2012-05-21 14:29 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-05-21 14:31 - 2012-05-21 14:31 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-21 14:29 - 2012-05-21 14:30 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-21 14:31 - 2012-05-21 14:32 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden.
LastRegBack: 2015-09-13 04:56
==================== Ende von FRST.txt ============================
|
|
23.09.2015, 12:30
| #4 |
| | Notebook braucht 15 min zum hochfahren Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von Eugen (2015-09-23 13:24:23)
Gestartet von C:\Users\Eugen\Desktop\Recovery 23-09-2015
Windows 7 Home Premium Service Pack 1 (X64) (2012-09-29 07:07:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1236569144-611998795-838250545-500 - Administrator - Enabled) => C:\Users\Administrator
Eugen (S-1-5-21-1236569144-611998795-838250545-1001 - Administrator - Enabled) => C:\Users\Eugen
Gast (S-1-5-21-1236569144-611998795-838250545-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1236569144-611998795-838250545-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 Complete (HKLM-x32\...\QXJtYTM=_is1) (Version: 1 - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
Battlefield 1942 (HKLM-x32\...\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}) (Version: - )
Battlefield 1942: Secret Weapons of WWII (HKLM-x32\...\{B73B4A99-4173-4747-BBEC-0F05E966F9D2}) (Version: - )
Battlefield 1942: The Road To Rome (HKLM-x32\...\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}) (Version: - )
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bridge Building Game (HKLM-x32\...\Bridge Building Game) (Version: - )
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
bwin Poker (HKLM-x32\...\bwincomPoker) (Version: - bwincom)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CoDeSys for Automation Alliance (HKLM-x32\...\{07976ABB-1EBD-4A65-A7C7-155A0DC17173}) (Version: - 3S-Smart Software Solutions GmbH)
CoDeSys SP RTE (HKLM-x32\...\{C0CBC26C-9A9E-11D4-9304-0000E886B4FC}) (Version: - )
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - )
Counter-Strike Online Game Client (HKLM-x32\...\Counter-Strike Online) (Version: Game Client - IAH Games)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-1236569144-611998795-838250545-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 5.2.0.39882 - Electronic Arts, Inc.)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.3.1 - Samsung Electronics CO., LTD.)
Easy Migration (HKLM-x32\...\{EDE7A262-DB20-4432-A630-2ACEE186C416}) (Version: 1.0 - Samsung Electronics CO., LTD.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.32 - Samsung Electronics CO., LTD.)
Electronics Workbench V5.12 (HKLM-x32\...\Electronics_Workbench_V5) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.0.20150211 - Landesfinanzdirektion Thüringen)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{094D6E27-97CC-447E-8660-56F75CFC1E00}) (Version: 11.1.20702.00 - Microsoft Corporation)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
FIFA 11 Demo (HKLM-x32\...\{DC158DF7-6B36-4C6F-BC91-109014297994}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FINAL FANTASY VIII (HKLM-x32\...\Steam App 39150) (Version: - SQUARE ENIX)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free Audio CD Burner version 2.0.33.324 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.33.324 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.57.324 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.57.324 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GamersFirst LIVE! (HKU\S-1-5-21-1236569144-611998795-838250545-1001\...\GamersFirst LIVE!) (Version: - GamersFirst)
Google Chrome (HKU\S-1-5-21-1236569144-611998795-838250545-1001\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
GTK2-Runtime (HKLM-x32\...\GTK2-Runtime) (Version: - )
HI-TECH C Compiler for the PIC10/12/16 MCUs V9.82PL0 (HKLM-x32\...\PICC 9.82) (Version: 9.82 - HI-TECH Software)
HI-TECH C51-lite V9.60PL0 (HKLM-x32\...\HC51 9.60PL0) (Version: 9.60 - HI-TECH Software)
HI-TECH PICC lite V9.60PL0 (HKLM-x32\...\PICC 9.60PL0) (Version: 9.60 - HI-TECH Software)
HP Deskjet 2510 series - Grundlegende Software für das Gerät (HKLM\...\{288614B1-F070-4B47-A1F5-4790BD8A3176}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Hilfe (HKLM-x32\...\{07B48D2C-E60D-41E6-B546-11D128F633EC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IBM Installation Manager (HKLM\...\IBM Installation Manager) (Version: - )
IBM Software Delivery Platform (HKLM-x32\...\IM-IBM Software Delivery Platform) (Version: - )
IBM® Rational® Software Architect (IBM Software Delivery Platform) (HKLM\...\IBMIM_win.uninstall.registry_IBM Software Delivery Platform_com.ibm.rational.rsa.91) (Version: 9.1 - IBM)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ae509f68-6982-4506-befc-f2218d72cd5e}) (Version: 15.8.0 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.3.171 - IObit)
iTunes (HKLM\...\{37D0157F-45C6-4DB2-9AE5-489DD98CE169}) (Version: 11.1.2.31 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keil µVision4 (HKLM-x32\...\Keil µVision4) (Version: 5.11.2.0 - ARM Ltd)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
LOGO!Soft Comfort V7.0 (Demo) (HKLM\...\LOGO!Soft Comfort V7.0 (Demo)) (Version: 7.0.0.0 - Siemens AG)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Math-Kernel-Bibliotheken (64 Bit) (Version: 1.0.31.0 - National Instruments) Hidden
Math-Kernel-Bibliotheken (64 Bit) (Version: 13.0.13 - National Instruments) Hidden
Math-Kernel-Bibliotheken (x32 Version: 1.0.31.0 - National Instruments) Hidden
Math-Kernel-Bibliotheken (x32 Version: 13.0.13 - National Instruments) Hidden
MATLAB R2012a (HKLM\...\Matlab R2012a) (Version: 7.14 - The MathWorks, Inc.)
Maxima 5.28.0-2 (HKLM-x32\...\Maxima-5.28.0-2_is1) (Version: 5.28.0-2 - The Maxima Development Team)
MB-Ruler (HKLM-x32\...\{7363206E-C7BD-45CD-89A0-792B28409811}_is1) (Version: 5.1 - Markus Bader)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{2e8b5d3e-04b1-40c7-ade4-487d5357ba8c}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{af15e1e3-cd81-4fbb-a41c-c1deef9f1691}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
MinGW-Get version 0.5-beta-20120426-1 (HKLM-x32\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
National Instruments - Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1398 - Electronic Arts)
NI .NET Framework 4.0 (x32 Version: 4.01.49152 - National Instruments) Hidden
NI Authentication 13.0.0 (64-bit) (Version: 13.0.326 - National Instruments) Hidden
NI Authentication 13.0.0 (x32 Version: 13.0.326 - National Instruments) Hidden
NI Circuit Design Suite 11.0 Core (x32 Version: 11.0.278 - National Instruments) Hidden
NI Circuit Design Suite 11.0 Edu Licenses (x32 Version: 11.0.278 - National Instruments) Hidden
NI Circuit Design Suite 11.0 Education (x32 Version: 11.0.278 - National Instruments) Hidden
NI Circuit Design Suite 13.0 Core (x32 Version: 13.0.632 - National Instruments) Hidden
NI Circuit Design Suite 13.0 Edu Licenses (x32 Version: 13.0.632 - National Instruments) Hidden
NI Circuit Design Suite 13.0 Education (x32 Version: 13.0.632 - National Instruments) Hidden
NI Circuit Design Suite Master Database (x32 Version: 13.0.632 - National Instruments) Hidden
NI Curl 13.0.0 (64-bit) (Version: 13.0.324 - National Instruments) Hidden
NI Curl 13.0.0 (x32 Version: 13.0.324 - National Instruments) Hidden
NI Error Reporting Interface Installer 5.5 (x32 Version: 5.50.49152 - National Instruments) Hidden
NI Error Reporting Interface Installer 5.5 for Windows 64-bit (Version: 5.50.49152 - National Instruments) Hidden
NI EulaDepot (x32 Version: 3.20.356 - National Instruments) Hidden
NI Example Finder 13.0 (x32 Version: 13.0.324 - National Instruments) Hidden
NI GMP Windows 32-bit Installer 13.0.0 (x32 Version: 13.0.45.0 - National Instruments) Hidden
NI GMP Windows 64-bit Installer 13.0.0 (Version: 13.0.45.0 - National Instruments) Hidden
NI Help Assistant 2.0 (64bit) (Version: 2.0.3 - National Instruments) Hidden
NI Help Assistant 2.0 (x32 Version: 2.0.3 - National Instruments) Hidden
NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 12.0.219.0 - National Instruments) Hidden
NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 13.0.336 - National Instruments) Hidden
NI LabVIEW 2013 Deployment Framework (x32 Version: 13.0.330 - National Instruments) Hidden
NI LabVIEW Real-Time NBFifo (x32 Version: 8.6.348.0 - National Instruments) Hidden
NI LabVIEW Real-Time NBFifo (x32 Version: 9.0.222.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2009 (x32 Version: 9.0.315.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2012 SP1 f3 (x32 Version: 12.1.58.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 8.6.1 (x32 Version: 8.6.426.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2009 (x32 Version: 9.0.78.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2012 SP1 (x32 Version: 12.1.58.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2013 (x32 Version: 13.0.332 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Web Services (x32 Version: 9.0.197.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Webserver 2012 (x32 Version: 12.5.198.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Webserver 2013 (x32 Version: 13.0.321 - National Instruments) Hidden
NI LabVIEW Runtime-Engine 2013 (x32 Version: 13.0.332 - National Instruments) Hidden
NI LabVIEW Web Server for Run-Time Engine (x32 Version: 8.6.41.0 - National Instruments) Hidden
NI LabVIEW Web Server for Run-Time Engine (x32 Version: 9.0.185.0 - National Instruments) Hidden
NI LabVIEW Web Services Runtime (x32 Version: 8.6.48.0 - National Instruments) Hidden
NI LabWindows/CVI 2013 .NET Library (64-bit) (Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI 2013 .NET Library (x32 Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI 2013 Analysis Library (64-bit) (Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI 2013 Analysis Library (x32 Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI 2013 Low-Level Driver (Original) (x32 Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI 2013 Low-Level Driver (Updated) (x32 Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI 2013 Network Streams Library (64-bit) (Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI 2013 Network Streams Library (x32 Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI 2013 Network Variable Library (64-bit) (Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI 2013 Network Variable Library (x32 Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI 2013 TDMS Library (64-bit) (Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI 2013 TDMS Library (x32 Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI Run-Time Engine 2013 (Updated) (x32 Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI Shared Run-Time Engine 2013 (64-bit) (Version: 13.0.0632 - National Instruments) Hidden
NI LabWindows/CVI Shared Run-Time Engine 2013 (x32 Version: 13.0.0632 - National Instruments) Hidden
NI Launcher (x32 Version: 3.20.356 - National Instruments) Hidden
NI License Manager (x32 Version: 3.7.53 - National Instruments) Hidden
NI Logos 5.5 (64 Bit) (Version: 5.5.293 - National Instruments) Hidden
NI Logos 5.5 (x32 Version: 5.5.293 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.5.294 - National Instruments) Hidden
NI Logos64 XT Support (Version: 5.5.294 - National Instruments) Hidden
NI Math Kernel Libraries (64-bit) (Version: 1.0.14.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.28.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.861.0 - National Instruments) Hidden
NI MAX Remote Configuration 64-bit Installer 5.5 (Version: 5.50.49152 - National Instruments) Hidden
NI MAX Remote Configuration Installer 5.5 (x32 Version: 5.50.49152 - National Instruments) Hidden
NI MDF Support (x32 Version: 3.20.356 - National Instruments) Hidden
NI mDNS Responder 2.2 for Windows 64-bit (Version: 2.20.49152 - National Instruments) Hidden
NI mDNS Responder 2.2.0 (x32 Version: 2.20.49152 - National Instruments) Hidden
NI Measurement Studio ComponentWorks 3D Graph (x32 Version: 8.6.10603 - National Instruments) Hidden
NI MetaSuite Installer (x32 Version: 3.20.356 - National Instruments) Hidden
NI Multisim LabVIEW Interoperability Support 13.0 (x32 Version: 13.0.632 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (64-bit) (Version: 1.0.29.0 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (x32 Version: 1.0.29.0 - National Instruments) Hidden
NI Service Locator 13.0 (x32 Version: 13.0.303 - National Instruments) Hidden
NI SSL LabVIEW RTE 2012 SP1 Support (x32 Version: 12.5.8.0 - National Instruments) Hidden
NI SSL LabVIEW RTE 2013 Support (x32 Version: 13.0.317 - National Instruments) Hidden
NI System API Windows 32-bit 5.5.0 (x32 Version: 5.50.589 - National Instruments) Hidden
NI System API Windows 64-bit 5.5.0 (Version: 5.50.588 - National Instruments) Hidden
NI System State Publisher (64-bit) (Version: 13.0.299 - National Instruments) Hidden
NI System State Publisher (x32 Version: 13.0.304 - National Instruments) Hidden
NI System Web Server 13.0 (x32 Version: 13.0.330 - National Instruments) Hidden
NI System Web Server Base 13.0.0 (64-bit) (Version: 13.0.323 - National Instruments) Hidden
NI System Web Server Base 13.0.0 (x32 Version: 13.0.323 - National Instruments) Hidden
NI TDM Streaming 2.5 (64 Bit) (Version: 2.5.36 - National Instruments) Hidden
NI TDM Streaming 2.5 (x32 Version: 2.5.36 - National Instruments) Hidden
NI Trace Engine (64-bit) (Version: 13.0.324 - National Instruments) Hidden
NI Trace Engine (x32 Version: 13.0.324 - National Instruments) Hidden
NI Uninstaller (x32 Version: 3.20.356 - National Instruments) Hidden
NI Update Service 2.3 (64-bit) (Version: 2.30.53 - National Instruments) Hidden
NI USI 2.0.1 (x32 Version: 2.0.15249 - National Instruments) Hidden
NI USI 2.0.1 64-Bit (Version: 2.0.15249 - National Instruments) Hidden
NI VC2005MSMs x64 (Version: 8.05.0 - National Instruments) Hidden
NI VC2005MSMs x86 (x32 Version: 8.05.0 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
NI VC2010SP1MSMs x64 (Version: 10.0.100 - National Instruments) Hidden
NI VC2010SP1MSMs x86 (x32 Version: 10.0.100 - National Instruments) Hidden
NI Visual C++ 2008 Redistributable Package (x32 Version: 9.00.49152 - National Instruments) Hidden
NI Visual C++ 2010 Redistributable Package (x32 Version: 10.02.49152 - National Instruments) Hidden
NI Web Application Server 13.0 (64 Bit) (Version: 13.0.319 - National Instruments) Hidden
NI Web Application Server 13.0 (x32 Version: 13.0.324 - National Instruments) Hidden
NI Web Pipeline 2.0.1 (x32 Version: 2.0.128.0 - National Instruments) Hidden
NI Web Pipeline 2.0.1 64-bit support (Version: 2.0.122.0 - National Instruments) Hidden
NI-ActiveX-Container (64-bit) (Version: 13.0.4 - National Instruments) Hidden
NI-ActiveX-Container (x32 Version: 13.0.4 - National Instruments) Hidden
NI-Fehlerprotokolle 2013 (x32 Version: 13.0.324 - National Instruments) Hidden
NI-Mesa (Version: 13.0.3 - National Instruments) Hidden
NI-Mesa (x32 Version: 13.0.3 - National Instruments) Hidden
NI-RPC 4.4.0f0 (x32 Version: 4.40.49152 - National Instruments) Hidden
NI-RPC 4.4.0f0 for 64 Bit Windows (Version: 4.40.49152 - National Instruments) Hidden
NI-Update-Dienst 2.3 (x32 Version: 2.30.65 - National Instruments) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4643 - Electronic Arts, Inc.)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Poker at bet365 (HKU\S-1-5-21-1236569144-611998795-838250545-1001\...\bet365poker) (Version: - )
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
premium Poker (HKLM-x32\...\PremiumPoker) (Version: - premium)
PunkBuster für Battlefield 1942 (HKLM-x32\...\{127B684B-A002-44C8-99A7-6CF8F1E26873}) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quick Batch File Compiler 3.6.1.0 (HKLM-x32\...\Quick Batch File Compiler_is1) (Version: 3.6.1.0 - AbyssMedia.com)
Quick Starter (HKLM-x32\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6788 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
S Agent (Version: 1.1.41 - Samsung Electronics CO., LTD.) Hidden
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.) Hidden
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80601 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.6.0.2 - Samsung Electronics CO., LTD.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.6.0 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.8013) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.8013 - Secunia)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - )
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista (HKLM-x32\...\{8FFE4CF9-6A76-44B0-AE7A-FA1F49D98896}) (Version: 4.40 - Silicon Laboratories, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
Spotify (HKU\S-1-5-21-1236569144-611998795-838250545-1001\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
SW Update (HKLM-x32\...\{411B07C7-9307-4AA7-932E-CB506E4CF3A3}) (Version: 2.1.15 - Samsung Electronics CO., LTD.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.40.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
TortoiseSVN 1.8.8.25755 (64 bit) (HKLM\...\{7DAA9D5A-ED99-40D2-AA9D-386722FE105A}) (Version: 1.8.25755 - TortoiseSVN)
Twin USB Vibration Gamepad (HKLM-x32\...\{BA12FD6D-169A-11D7-A6A9-00C026281E5A}) (Version: 2006.7.18 - )
Unified Remote (HKLM-x32\...\{FF63DB41-2880-4C24-A06A-B8BF69B6406B}) (Version: 2.8.0.0 - Unified Remote)
Unity Web Player (HKU\S-1-5-21-1236569144-611998795-838250545-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unterstützung für NI SSL (64 Bit) (Version: 13.0.319 - National Instruments) Hidden
Unterstützung für NI SSL (x32 Version: 13.0.324 - National Instruments) Hidden
Unterstützung für nicht englische Versionen der Runtime-Engine von LabVIEW 2012 SP1. (x32 Version: 12.1.52.0 - National Instruments) Hidden
Unterstützung für nicht englische Versionen der Runtime-Engine von LabVIEW 2013. (x32 Version: 13.0.329 - National Instruments) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Usb GamePad (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - )
USB Network Driver (HKLM-x32\...\{66ED8E01-C915-41F5-B33E-C5C31F27B885}) (Version: V3.70a - )
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.2 - Samsung Electronics CO., LTD.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vektoris3D 2.5 PLUS 2.5.2 (HKLM-x32\...\0531-3074-2651-5065) (Version: 2.5.2 - kapieren.de)
Veoh Giraffic Video Accelerator (HKLM-x32\...\Giraffic) (Version: 0.86.412.230 - Giraffic)
Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)
Virtual Serial Ports Emulator (HKLM-x32\...\{8F3F769D-E9C4-42E5-9B35-82DDCE0790C1}) (Version: 0.938 - Eterlogic.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.1.0 - 1&1 Mail & Media GmbH)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version: - WildTangent) Hidden
Windows Cato version 1.8 (HKLM-x32\...\{D62BE7F1-D3A5-4B80-98BD-5EFC44738C26}_is1) (Version: 1.8 - Davide Catone aka Cato97)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}) (Version: 17.0.10381 - WinZip Computing, S.L. )
Wireshark 1.10.7 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.7 - The Wireshark developer community, hxxp://www.wireshark.org)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Eugen\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Eugen\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1236569144-611998795-838250545-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Eugen\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll Keine Datei
==================== Wiederherstellungspunkte =========================
16-08-2015 12:13:31 Windows Update
20-08-2015 22:26:52 Windows Update
23-09-2015 12:50:07 Removed Apple Application Support
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2014-06-05 19:51 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01FA1EC7-8E2F-4541-8534-8295E8671336} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {054EBF49-0664-4BE4-A0B0-431360C46E86} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {090EF30E-A4A3-4B2D-93CB-651EDE6229CB} - System32\Tasks\ASC8_SkipUac_Eugen => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-04-09] (IObit)
Task: {0B1E54F2-E87C-4B1C-8B79-770ADBA07E8C} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-05-08] (Samsung Electronics CO., LTD.)
Task: {1237B163-BECD-4CC2-ACE5-1F3EDC4DB7A4} - System32\Tasks\{456050DE-C76D-4D86-9189-9AB9AA42136B} => C:\Users\Eugen\Desktop\EWB\EWB 5.12\SETUP.EXE
Task: {1805CCE3-8D5F-46F6-9E46-E7144AF98B23} - System32\Tasks\{423DC8DF-E665-4B37-AE54-41DAD10C2296} => pcalua.exe -a C:\Users\Eugen\AppData\Local\Temp\jre-8u40-windows-au.exe -d C:\windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {18C980A6-ADA9-4A9E-A099-C4E500CA7368} - System32\Tasks\Uninstaller_SkipUac_Eugen => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-08-24] (IObit)
Task: {1D380C74-A37E-4BEE-A5B2-E9D7427F5B9C} - System32\Tasks\{8CBBC78B-E2E5-4329-84F7-98397167063B} => pcalua.exe -a C:\Studium\2.Semester\Mathe1\CATO_Setup_1_1.exe -d C:\Studium\2.Semester\Mathe1
Task: {20B584F1-A3E9-49A1-AAF7-4BEEAEB75BC5} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-04-09] (IObit)
Task: {2309A5D0-15DA-4182-B860-A6FD8790BF1E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {2F860402-BBFF-4B36-B7DC-F0CF3A6B02F0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {378E0705-0B32-4122-9AC9-EE54AC09ECDF} - System32\Tasks\MATLAB R2012a Startup Accelerator => C:\Program Files\MATLAB\R2012a\bin\win64\MATLABStartupAccelerator.exe [2011-12-29] ()
Task: {389A6A27-6B38-4F8D-98AB-87004B393A82} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-21] (AVAST Software)
Task: {39A77671-4E2E-49BA-8411-C140BCAFE407} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core => C:\Users\Eugen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-24] (Dropbox, Inc.)
Task: {3C61B3DE-CC31-4B49-A1CC-9D1B1D74F927} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {3DC50B56-AD73-4A17-A7C5-BC88C7FEA774} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {450B53B8-A0A7-4C13-B933-6E9E89D898A8} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-05-02] (Samsung Electronics Co., Ltd.)
Task: {53BDB347-6D74-4E68-8F9C-E931F779D189} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {5C798CCA-AD22-483F-B600-52268023424B} - System32\Tasks\{841E1C6B-13FF-4644-9873-12780054DFAB} => C:\Users\Eugen\Desktop\Structorizer\Structorizer.exe
Task: {64AAAAD1-056B-441C-9A93-33821F649EC7} - System32\Tasks\{C153CA3F-EDE4-47BA-9F80-8B1ACDE4B4ED} => pcalua.exe -a "C:\Users\Eugen\Dropbox\Lerngruppe\Sonstiges\CS1.6Portable\CS 1.6.exe" -d C:\Users\Eugen\Dropbox\Lerngruppe\Sonstiges\CS1.6Portable
Task: {69693C51-0887-482D-A6D7-5F802F87C746} - System32\Tasks\{0EC927AE-0D5E-4D42-BA2E-4C94708947C1} => pcalua.exe -a "C:\Studium\2. Semester\Mathe 1\CATO_Setup_1_1.exe" -d "C:\Studium\2. Semester\Mathe 1"
Task: {6E9D38A4-0EC9-422A-A693-61151DC8E3A1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA => C:\Users\Eugen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-12] (Facebook Inc.)
Task: {6EB46643-2A00-4B6B-BBD9-BA8CD3AE9754} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core => C:\Users\Eugen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-12] (Facebook Inc.)
Task: {78CAEB38-A135-4D15-B703-8E5A89F797CA} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {835AFC18-0A90-4A34-A66B-7BC5FE76884F} - System32\Tasks\{4561DC2B-B9C7-4BB6-A154-AE5848EBA5B4} => C:\Users\Eugen\Desktop\EWB\EWB 5.12\SETUP.EXE
Task: {84FC91D7-C0D4-4BCC-A715-801DACC1E63D} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2011-11-28] (Veoh Networks)
Task: {85896C7E-16DA-4D76-BC7D-78A27828485F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {880DEEF7-CD4F-4DAE-9679-C481077E86D7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA => C:\Users\Eugen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-24] (Dropbox, Inc.)
Task: {8B7D508D-2444-4820-BBF0-5F5E31816D7A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA => C:\Users\Eugen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {9054B15B-5013-4165-973B-3F1C1DC3F1A1} - System32\Tasks\{39176403-3594-48B8-B527-1CB46CC9C1A5} => pcalua.exe -a "C:\Users\Eugen\Downloads\Counter-Strike 1.6 .exe" -d C:\Users\Eugen\Downloads
Task: {94037BE7-D986-441B-9B2B-6C1A1CE257B7} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics)
Task: {98D8679E-AE91-4860-9ADA-D0A6F21DACB4} - System32\Tasks\0 => Chrome.exe <==== ACHTUNG
Task: {9BA9498A-65D3-49C7-A0B0-2F25E93A7556} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-10-30] (SEC)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {B0FD3357-F24C-41C3-99A2-719FD78C9C38} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {B8E13A48-CBBA-40C3-BF99-DE9967167224} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2013-05-28] (National Instruments)
Task: {BBFCA81B-BCF7-4D8C-B73D-C94EC019CB7A} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {C00E4AA4-6D4D-494C-92D4-4B9D48C9DD84} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04] (Oracle Corporation)
Task: {CF2FCC75-70B0-41E5-B03F-566B33BEB3C2} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.)
Task: {D48B59CC-08C0-42E4-8006-C15ABD92987B} - System32\Tasks\{DEDF9F8A-0F6B-4935-ABB1-9DA60356BFB3} => pcalua.exe -a C:\Users\Eugen\Downloads\CATO_Setup_1_1.exe -d C:\Users\Eugen\Downloads
Task: {DBDB8BD6-8BCB-49EC-9407-3BAD17E70D9F} - System32\Tasks\{0E87F801-489E-4B36-98A0-2EAE6C8433E6} => C:\Users\Eugen\Desktop\EWB\EWB 5.12\SETUP.EXE
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E54C3AFF-FB0F-48F5-AFED-BEF2E77339A6} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2012-12-06] (Samsung Electronics CO., LTD.)
Task: {E743A9EF-1EEF-4E27-BB08-8D183C201B69} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.)
Task: {EC4FD860-0325-44CE-86D5-35F8B643C4D4} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)
Task: {F19A20CB-3D74-4121-9FBE-7815318A1002} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {F24ADE05-FD11-4AF7-8068-9D88287C87FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core => C:\Users\Eugen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {F6BB162D-92D8-43F3-AEE6-D33F8B682407} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics)
Task: {FA69D3D1-4F33-417F-8FFC-F8054C82897A} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {FED80C60-3BDE-45D4-9B01-1F8932B22A83} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2014-03-31] (1&1 Mail & Media GmbH)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job => C:\Users\Eugen\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job => C:\Users\Eugen\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job => C:\Users\Eugen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job => C:\Users\Eugen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job => C:\Users\Eugen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job => C:\Users\Eugen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\MATLAB R2012a Startup Accelerator.job => C:\Program Files\MATLAB\R2012a\bin\win64\MATLABStartupAccelerator.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-02-07 10:23 - 2015-01-10 10:07 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-02-07 10:26 - 2015-01-10 01:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-04-11 14:26 - 2011-04-11 14:26 - 00034304 _____ () C:\windows\System32\spd__l.dll
2014-11-28 14:07 - 2014-11-28 14:07 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2013-06-16 14:39 - 2012-02-13 15:02 - 00031624 _____ () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
2014-08-10 17:10 - 2014-08-10 17:10 - 00076032 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-08-10 17:10 - 2014-08-10 17:10 - 00088832 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2011-01-27 15:28 - 2011-01-27 15:28 - 00706048 _____ () C:\windows\system32\SnMinDrv.dll
2012-02-06 04:29 - 2012-01-05 10:24 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2015-09-23 13:11 - 2015-08-24 14:10 - 00058144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\Install_PintoStartMenu.exe
2014-11-22 11:10 - 2014-07-17 13:18 - 00219648 _____ () C:\xampp\apache\bin\pcre.dll
2014-11-22 11:15 - 2014-11-13 03:41 - 00127488 _____ () C:\xampp\php\libpq.dll
2014-11-22 11:10 - 2014-11-13 03:41 - 00117760 _____ () C:\xampp\apache\bin\libssh2.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00655872 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2015-07-21 21:12 - 2015-07-21 21:12 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-21 21:10 - 2015-07-21 21:10 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-02-07 10:23 - 2015-01-10 10:07 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-07-21 21:09 - 2015-07-21 21:09 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-16 00:13 - 2015-09-16 00:13 - 02962944 _____ () C:\Program Files\AVAST Software\Avast\defs\15091501\algo.dll
2015-09-23 12:49 - 2015-09-23 12:49 - 02965504 _____ () C:\Program Files\AVAST Software\Avast\defs\15092300\algo.dll
2014-08-10 16:40 - 2014-08-10 16:40 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2015-09-23 13:11 - 2015-08-24 14:10 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-09-23 13:11 - 2015-08-24 14:10 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-09-23 13:11 - 2015-08-24 14:10 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-09-23 13:11 - 2015-08-24 14:10 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll
2014-08-10 16:40 - 2014-08-10 16:40 - 00071936 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2015-09-23 13:14 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-09-23 13:14 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2015-09-23 13:14 - 2014-12-10 09:14 - 01284896 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\Scan.dll
2015-09-23 13:14 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-09-23 13:14 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-09-23 13:14 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-09-23 11:55 - 2015-09-19 00:13 - 01501512 _____ () C:\Users\Eugen\AppData\Local\Google\Chrome\Application\45.0.2454.99\libglesv2.dll
2015-09-23 11:55 - 2015-09-19 00:13 - 00081224 _____ () C:\Users\Eugen\AppData\Local\Google\Chrome\Application\45.0.2454.99\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1236569144-611998795-838250545-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: SBAMSvc => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NI Error Reporting.lnk => C:\windows\pss\NI Error Reporting.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk => C:\windows\pss\Virtual Router Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Eugen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Eugen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk => C:\windows\pss\GamersFirst LIVE!.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Eugen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Eugen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Deskjet 2510 series.lnk => C:\windows\pss\Tintenwarnungen überwachen - HP Deskjet 2510 series.lnk.Startup
MSCONFIG\startupreg: Ad-Aware Antivirus => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
MSCONFIG\startupreg: Ad-Aware Browsing Protection => "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4530.0\AdAwareTray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: Connectify => C:\Program Files (x86)\Connectify\Connectify.exe
MSCONFIG\startupreg: Connectify Dispatch => C:\Program Files (x86)\Connectify\DispatchUI.exe autorun
MSCONFIG\startupreg: Connectify Hotspot => C:\Program Files (x86)\Connectify\Connectify.exe autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Eugen\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: ENISysTray => C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENISysTray.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Eugen\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\Eugen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_E4A72EC5A88E50CDA6E807998E61A519 => "C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NI Background Service => C:\Program Files (x86)\National Instruments\Shared\Update Service\BackgroundService.exe
MSCONFIG\startupreg: NI Update Service => "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: RTSysTray => "C:\Program Files (x86)\3S Software\CoDeSys SP RTE\RTSysTray.exe"
MSCONFIG\startupreg: SBRegRebootCleaner => "C:\Program Files (x86)\Ad-Aware Antivirus\SBRC.exe"
MSCONFIG\startupreg: SearchProtection => C:\ProgramData\Search Protection\_run.bat
MSCONFIG\startupreg: ShadowPlay => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Spotify => "C:\Users\Eugen\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Eugen\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: SSDMonitor => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: Unified Remote v2 => C:\Program Files (x86)\Unified Remote\RemoteServer.exe
MSCONFIG\startupreg: USB Gamepad => C:\windows\USB Vibration\dr100&110\USB Gamepad.exe -boot
MSCONFIG\startupreg: uTorrent => "C:\Users\Eugen\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
MSCONFIG\startupreg: Wisdom-soft AutoScreenRecorder 3.1 Pro => 0
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{366F685A-9DE5-4573-B067-AF39518F90F4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C69E701F-A2E3-48E5-893D-B3B4D0E1D445}] => (Allow) LPort=2869
FirewallRules: [{99847E21-941A-47E5-B830-04C50BB52DEA}] => (Allow) LPort=1900
FirewallRules: [{5F94D13C-6834-4909-9C8D-7CED673BE92E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F8946FD7-A6BA-44B8-9D2F-699DCB7E547A}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{1F99DF20-84F6-4BD7-8DB6-E186A5290C4A}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe
FirewallRules: [{980D6359-9EFD-4F88-BF23-0C596D887F5E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{615E9027-1DBD-45B0-BD4A-34C316856583}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{059E5B30-F5E4-4F04-B436-339BCE8BB3DA}C:\users\eugen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eugen\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{73BEFFFD-90D4-492B-A49C-82AB2F9A8D01}C:\users\eugen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eugen\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{179FA817-8E3F-463A-A4A5-300BB73CC1D8}C:\users\eugen\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\eugen\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D4FC5D53-595A-4BE1-A878-FAA575FECB5F}C:\users\eugen\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\eugen\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{43BA256D-C834-4F70-AE7C-65875366ED01}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{49F7B538-9ADB-4326-A32B-38CDC61672F5}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{364251E9-DCC9-4F6A-89A7-2A4EF48E4FC6}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{3BCCCC2B-8BA1-4DC2-8996-A99804B4C000}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{5BACEE03-6776-45A4-845D-F7597C93CFBF}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{506918E7-0EC6-403E-A98D-E11990AD415B}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [TCP Query User{6B0D2D3F-278C-4A98-88A7-CDCE809BFF9E}C:\users\eugen\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\eugen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DB09AA11-FB9C-4F03-892C-251367D82911}C:\users\eugen\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\eugen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{201AFABE-0614-45F2-AB2A-3DD81127B8A8}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [UDP Query User{C8764FE9-0266-4213-9568-9B63ECCE428E}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [TCP Query User{91A974A3-60C0-4FFF-830F-7B37ABB67A8E}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [UDP Query User{4A163E9D-B675-4B84-ACDF-CE69DBE82019}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [{7D33EA6D-C29B-484D-BD0A-8FE3682053AC}] => (Allow) C:\Users\Eugen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CB12EA3C-753C-4B26-BF94-02EABB0C457C}] => (Allow) C:\Users\Eugen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{24806AA0-8623-4CDA-B2C6-F30EBC9D6560}] => (Allow) C:\Program Files (x86)\IAHGames\Counter-Strike Online\Bin\cstrike-online.exe
FirewallRules: [{4CFCF0E0-ED94-4949-B9C5-7CF79104A6F5}] => (Allow) C:\Program Files (x86)\IAHGames\Counter-Strike Online\Bin\cstrike-online.exe
FirewallRules: [{FA174909-8712-4524-A5B9-0D36529F26F5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{59C8DD4A-7452-494E-80A9-0714243FB33D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{0378CAAC-61AE-4319-AFF4-056310A70AF2}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{FAEAB74C-7BE0-4616-B250-1AA109E6D6A7}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [{BDCE63F0-7D53-42ED-AF67-41CA3F019C3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\shady_pole\condition zero\hl.exe
FirewallRules: [{ACA345EE-EDA8-4EC5-888B-4A36DE10F587}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\shady_pole\condition zero\hl.exe
FirewallRules: [{7A70A608-6DB7-4C5C-B156-D36762C95D52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{364C5AE1-1404-44A9-B711-9A232DB50D43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{42F6B778-E458-43BF-AC7A-5D7E07A09ABF}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{712A839C-BAA4-4436-82E7-CB56A7672FA1}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{D69A22FB-E6B0-4516-ACDE-22C3572E9581}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{512F31F7-DE4C-4357-81EC-2FC11324D306}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{EE6A5625-A623-4206-9623-568B445DE7A8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{0065BBCB-2650-42CA-865A-DCB8699199EF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{98A7DC38-DB26-447E-8829-DEC1CFC72FEB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6A3C6738-2EDA-420A-82E7-3485750A3F36}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{73514323-7CDB-4E84-A032-99E0AEE81011}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{DA59F0E0-D14A-4490-8461-E576363C92D8}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{FA81B24D-33F5-4217-9EC5-489FCDFFCE1F}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{905C2298-BB1C-4174-956A-9FAEA3561759}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{80492868-014E-4C81-9B4B-A7E1E0E9ED27}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{641CA2F8-CC9D-44D6-951E-CCDCDC1033D5}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{AD7B43A8-E21F-4E12-9419-32442D8F9F8C}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{59D03051-C795-443C-8541-D354BD437C61}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{D02CB9FA-C51A-4330-9D8A-282F69492779}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [{AD59F082-E615-4228-B54A-4B4D1C276A7F}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{13DADCA5-8AFD-4060-95B2-D56EFEA16BD6}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [TCP Query User{FA1B9416-72AC-4B07-9A2B-4BD9E0CCF5FC}C:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe] => (Allow) C:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe
FirewallRules: [UDP Query User{46423FCE-15FA-49BA-91A0-3EAAFC26789C}C:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe] => (Allow) C:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe
FirewallRules: [{51B176CF-D548-4584-9B3B-A5DB3D6B6124}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{33986FD2-D51E-49B5-A0EF-3314C9A2FBE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3906C5BD-3CA5-451B-BB82-1D5B56456A9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1C921D9B-6BC5-4BA1-BE20-4440D1FA8594}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C51507B0-67FF-4646-B7D9-44073EC66853}] => (Allow) C:\Users\Eugen\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5DCD760C-E0A3-495C-AEDE-3C722666D29A}] => (Allow) C:\Users\Eugen\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F7986200-CB06-4D68-93C3-6D7A7D28DFCA}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{9A1976D3-65D4-4DCD-A29B-14529E552C54}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{A84AC3DA-8462-483D-B92D-D19126B59783}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{4F9BF2B9-E1F1-4F8E-AFE2-7B5A9F6DA506}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{117107F5-577C-44C8-AEBD-439886CB0D25}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{98362167-F2FA-461B-8FE6-20DC13122C93}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FE322B18-144C-4641-A3C6-A4218C9B44EC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{41CAC739-01F4-46E2-953A-004085FDE7E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{49522706-1C48-4D09-9674-5C63D66B13D5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9044444F-6F7F-4558-A9A5-070CF83C3A55}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{184430FE-D156-4AC7-A100-DDACD8DAA116}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{DA261C7B-4ED9-45F3-8AAD-48284809C945}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{6BECA8F1-AE1E-4BBE-B57F-040D64895173}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{756DB368-4549-47B4-9CB1-10FA02F7A17C}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{293403AC-BDAA-4DAD-92FC-2C191E4B56C4}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
FirewallRules: [{68DBBBC0-7B58-45B2-BDFD-0F7CBEBB7B9D}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
FirewallRules: [{4D541020-C4A8-4CF9-A716-1E9495E3D42E}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
FirewallRules: [{DAB7122B-EB2E-4A3D-A1A6-9126001CE5C8}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
FirewallRules: [TCP Query User{0087F7CB-761C-4B9E-8492-1A63CFC00E89}C:\java\bin\javaw.exe] => (Allow) C:\java\bin\javaw.exe
FirewallRules: [UDP Query User{A92FF41D-7C86-4B62-9418-99E8FBBFE519}C:\java\bin\javaw.exe] => (Allow) C:\java\bin\javaw.exe
FirewallRules: [{ACDD42AB-6A0B-406D-88FF-24B9706D551C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VIII\FF8_Launcher.exe
FirewallRules: [{00508C67-4ADA-4BBA-85C2-168B6FB8ED16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VIII\FF8_Launcher.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{BCE297FF-3353-4AE9-BAD8-373AFB7502AC}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{6E30FA98-16A7-4490-BB45-5B9A7593AE77}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{5E82323C-DBBE-4F13-A789-784D5886ED25}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{2B9940E0-12B0-47F0-AE9B-50B46A4DAD8E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{68E649CA-C05E-4CF0-B1AB-3C057EF36765}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{3E6F38D8-6D7C-41F1-A24C-5A1F686C283F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{2CB455D8-BDC2-4AEC-85A4-EE50BE741CC8}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{B189ECA1-E8C7-4C7E-BA1F-97A9C9BD200B}] => (Allow) LPort=9570
FirewallRules: [{494F3988-515F-40A7-B260-3A7D4273850D}] => (Allow) LPort=42124
FirewallRules: [TCP Query User{EB9F0D39-3ABE-46ED-AA1B-D6A1BFD8FC6D}C:\users\eugen\appdata\local\temp\rarsfx0\hl.exe] => (Allow) C:\users\eugen\appdata\local\temp\rarsfx0\hl.exe
FirewallRules: [UDP Query User{8717E0B4-071E-4F27-A7A3-B0CE714736B3}C:\users\eugen\appdata\local\temp\rarsfx0\hl.exe] => (Allow) C:\users\eugen\appdata\local\temp\rarsfx0\hl.exe
FirewallRules: [TCP Query User{754328F6-F09C-4EC3-A550-9204AD1DE6D4}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Block) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
FirewallRules: [UDP Query User{9135136F-D800-430A-8E18-6867CC1FD9F7}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Block) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
FirewallRules: [{1B9B3AAD-D229-479D-B510-B6E05328A2A1}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA World\fifaworld.exe
FirewallRules: [{C72D3614-F62A-4C33-9FAD-F4748A837EDB}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA World\fifaworld.exe
FirewallRules: [{6CC76FF6-8593-4C57-B5BE-AA422E8408FF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EF2C0AAD-713C-47FC-AF69-833E8556D631}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{BBE502DD-7DD8-4E3B-BCBF-7C8459727192}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [UDP Query User{6796C073-4B6E-49E4-92C6-AEEF12016258}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [{D8A050E0-4CDE-4957-BDE1-0EB8BC242333}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A66DC5FB-C167-42D3-A982-33A165D0C23E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F1B62CAD-C83A-4C84-AD86-E92EC4E4C44D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4E92CFE6-C937-4A4C-85F7-F705F3DF4B36}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{CA8021AF-1469-41C1-8236-8154A048F452}] => (Allow) C:\Users\Eugen\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{15CAA11E-96EF-4336-B97B-0C375307FD53}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{0D86F846-BE2A-45ED-9C4D-77E9FEAF89E4}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{01A04A3F-87EB-44FB-90DD-82394F782AA9}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{01428A79-333F-4101-9E1A-C28C84C89662}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{45B6C484-F62A-4004-854B-1E8011F6BC68}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{A8E8B935-A226-4757-805E-FAAC1A64B505}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{0460E2A2-EDC5-4650-B7B9-E3CCDD77F997}] => (Allow) C:\Program Files (x86)\3S Software\CoDeSys SP PLCWinNT\PLCWinNT24.exe
FirewallRules: [{D56B410F-AE4E-476A-A789-1F3C9E223C12}] => (Allow) C:\Program Files (x86)\3S Software\CoDeSys SP PLCWinNT\PLCWinNT24.exe
FirewallRules: [TCP Query User{8688CF28-D0EB-4C92-9C90-8D497F049DBA}C:\users\eugen\appdata\local\temp\ibmim4820990835430869529.tmp\jre_6.0.0.sr9_20110208_03\jre\bin\javaw.exe] => (Allow) C:\users\eugen\appdata\local\temp\ibmim4820990835430869529.tmp\jre_6.0.0.sr9_20110208_03\jre\bin\javaw.exe
FirewallRules: [UDP Query User{FCE4B7AC-2729-4EA2-AA09-447A612D91C3}C:\users\eugen\appdata\local\temp\ibmim4820990835430869529.tmp\jre_6.0.0.sr9_20110208_03\jre\bin\javaw.exe] => (Allow) C:\users\eugen\appdata\local\temp\ibmim4820990835430869529.tmp\jre_6.0.0.sr9_20110208_03\jre\bin\javaw.exe
FirewallRules: [TCP Query User{4094315E-9721-43E6-AC01-3E68886BDC15}C:\program files\ibm\sdp\jdk\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\sdp\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{AC2035E4-D1F4-497B-951C-BEBED25065E0}C:\program files\ibm\sdp\jdk\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\sdp\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{B851DE17-5CF7-43B4-9237-1CFB33F289FF}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{9D70F81A-4753-4A57-B4C6-A85BFA21C3B6}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{9433624E-1469-486D-978F-880CC6344372}C:\program files (x86)\rockstar games\gta2\gta2.exe] => (Allow) C:\program files (x86)\rockstar games\gta2\gta2.exe
FirewallRules: [UDP Query User{EFDEF564-24B4-4E99-A192-6D729F3258E1}C:\program files (x86)\rockstar games\gta2\gta2.exe] => (Allow) C:\program files (x86)\rockstar games\gta2\gta2.exe
FirewallRules: [TCP Query User{D2390C77-85C3-4C37-A66C-A9ED49444567}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{852A6556-6BBA-4DA4-9941-3E71BC630A9D}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
FirewallRules: [{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{22EC3136-CADE-4416-9D77-F40268D55AD2}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
FirewallRules: [TCP Query User{92FE7191-FA81-47BB-8BC9-FB509D98F4F7}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{AA1AB6F4-E5B9-4412-BE35-88CEC3D4968C}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{ECF9A2B6-8106-49F6-9F8B-AC17641A0A45}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DAE900C8-F567-4C0F-B3C1-179641AE1D31}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DA310723-B6B3-4F46-A4EA-30F94E9B1CF1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C7C4B23-E731-4DCF-833F-94D21EFC4600}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B1C2878C-53E7-4ADC-AB88-4E6B0E681454}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{34237D15-DA58-49C3-B3B7-48AFAEB61EB6}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{992F632C-7C05-45BC-A675-E5303A00632C}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{89C62F81-0985-4671-9DD4-7718181DC1F3}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [TCP Query User{857FCD2F-3B1A-4DDD-8C86-80C0409D2E66}C:\program files\matlab\r2012a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2012a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{B386F581-5F2F-4599-B0F9-50F8F26A607A}C:\program files\matlab\r2012a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2012a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{7EC384BE-C07C-4104-9573-E4DA094132B5}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{1230A4AE-4851-4B23-984B-02615F96AB54}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{BD3792EA-4EBD-4F76-964B-C961B9F3C092}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
FirewallRules: [{04102E04-1455-447E-907B-F996C10711C2}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
FirewallRules: [{05FD16B1-9AE7-481B-9D2A-17A7B154D188}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{EC99F39E-06C2-4052-93AC-1894F8CE67F5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{4E04FC61-AEE6-42A1-AF9B-154F0A67CE47}C:\users\eugen\desktop\cs\cs 1.6\hl.exe] => (Allow) C:\users\eugen\desktop\cs\cs 1.6\hl.exe
FirewallRules: [UDP Query User{BCD4D0DD-DDC7-4AAE-A676-58E82DE9E20E}C:\users\eugen\desktop\cs\cs 1.6\hl.exe] => (Allow) C:\users\eugen\desktop\cs\cs 1.6\hl.exe
FirewallRules: [{AC8E99FD-3265-41BF-BBCC-0FEFA994ABC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2943947B-38F0-4109-862A-7429A8BC8E90}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D52762D2-5557-4906-BEAF-ADAC62BA7015}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C2A762E3-B233-47A4-BB43-023E171B5893}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A7D5B386-2762-43EE-9449-3E3DA39DDF87}] => (Allow) C:\Program Files\HP\HP Deskjet 2510 series\Bin\USBSetup.exe
FirewallRules: [{00022A65-C020-4C70-8B83-0DFAF0253E98}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{286B6F37-A18D-4B64-9769-E514B38859AA}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{5647CC30-D1DB-4E58-83C2-BF37B99D1355}] => (Allow) LPort=42124
FirewallRules: [{F2804A54-57EB-4DBD-BF6F-E47E1680A889}] => (Allow) LPort=9570
FirewallRules: [{279388B7-3590-4012-8CFA-7C5D87C04A02}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E284104E-9AF2-41F8-8304-D75E00E66D78}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E5044BA3-C051-451C-BF50-E01D87253EC6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{10D14A61-C679-4051-BE03-EA1A26B65DD1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{A8E211EF-653E-419E-A5CD-E1759840DAC2}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{54D4F2A6-DBE3-4CA2-9FA9-562DD6B59E07}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{A31D8B34-E35F-4233-AEEE-905BCC53BEC4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{6B6C7027-CE34-400A-AC7A-2FAA62006A11}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{9C522D73-D4DB-4EC2-9408-EAE7CA59D1A8}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{E9BC1EAA-A6CE-412C-BA66-28CBC6B3EE9F}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{D5D31919-4B50-4239-A716-E558EFBD47C2}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{820825B9-DBA5-4B06-A8E1-C79728D3A5A8}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/23/2015 12:31:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2015 12:28:52 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (09/23/2015 12:23:11 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]
Error: (09/23/2015 11:50:49 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (09/22/2015 08:56:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 70303302
Error: (09/22/2015 08:56:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 70303302
Error: (09/22/2015 08:56:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/22/2015 08:55:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 70302303
Error: (09/22/2015 08:55:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 70302303
Error: (09/22/2015 08:55:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (09/23/2015 01:15:09 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Advanced SystemCare Service 8" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (09/23/2015 12:54:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2015 12:35:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows-Bilderfassung (WIA)" wurde nicht richtig gestartet.
Error: (09/23/2015 12:30:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (09/23/2015 12:30:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" wurde nicht richtig gestartet.
Error: (09/23/2015 12:30:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Samsung AllShare PC" wurde nicht richtig gestartet.
Error: (09/23/2015 12:28:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (09/23/2015 12:28:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP Support Solutions Framework Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/23/2015 12:28:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst HP Support Solutions Framework Service erreicht.
Error: (09/23/2015 12:26:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avast Antivirus" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 8089.27 MB
Verfügbarer physikalischer RAM: 3385.32 MB
Summe virtueller Speicher: 16176.73 MB
Verfügbarer virtueller Speicher: 11174.17 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:906.67 GB) (Free:554.05 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3A3C5B8A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=24.7 GB) - (Type=27)
==================== Ende von Addition.txt ============================
|
|
23.09.2015, 18:55
| #5 |
| /// the machine /// TB-Ausbilder | Notebook braucht 15 min zum hochfahren hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.09.2015, 13:12
| #6 |
| | Notebook braucht 15 min zum hochfahren mbar: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.09.24.02
rootkit: v2015.09.22.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Eugen :: EUGEN-PC [administrator]
24.09.2015 13:24:43
mbar-log-2015-09-24 (13-24-43).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 529890
Time elapsed: 39 minute(s), 19 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
24.09.2015, 13:14
| #7 |
| | Notebook braucht 15 min zum hochfahren TDSSKiller: Code:
ATTFilter 14:05:27.0415 0x0140 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
14:05:32.0501 0x0140 ============================================================
14:05:32.0501 0x0140 Current date / time: 2015/09/24 14:05:32.0501
14:05:32.0501 0x0140 SystemInfo:
14:05:32.0501 0x0140
14:05:32.0501 0x0140 OS Version: 6.1.7601 ServicePack: 1.0
14:05:32.0501 0x0140 Product type: Workstation
14:05:32.0501 0x0140 ComputerName: EUGEN-PC
14:05:32.0501 0x0140 UserName: Eugen
14:05:32.0501 0x0140 Windows directory: C:\windows
14:05:32.0501 0x0140 System windows directory: C:\windows
14:05:32.0501 0x0140 Running under WOW64
14:05:32.0501 0x0140 Processor architecture: Intel x64
14:05:32.0501 0x0140 Number of processors: 4
14:05:32.0501 0x0140 Page size: 0x1000
14:05:32.0501 0x0140 Boot type: Normal boot
14:05:32.0501 0x0140 ============================================================
14:05:33.0172 0x0140 KLMD registered as C:\windows\system32\drivers\28272670.sys
14:05:34.0129 0x0140 System UUID: {3CE87A48-4A37-0E65-6A08-558885582F8A}
14:05:35.0774 0x0140 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:05:35.0786 0x0140 ============================================================
14:05:35.0786 0x0140 \Device\Harddisk0\DR0:
14:05:35.0786 0x0140 MBR partitions:
14:05:35.0786 0x0140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:05:35.0786 0x0140 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x71557000
14:05:35.0786 0x0140 ============================================================
14:05:35.0884 0x0140 C: <-> \Device\Harddisk0\DR0\Partition2
14:05:35.0926 0x0140 ============================================================
14:05:35.0926 0x0140 Initialize success
14:05:35.0926 0x0140 ============================================================
14:07:12.0888 0x0fa8 ============================================================
14:07:12.0888 0x0fa8 Scan started
14:07:12.0888 0x0fa8 Mode: Manual; SigCheck; TDLFS;
14:07:12.0888 0x0fa8 ============================================================
14:07:12.0888 0x0fa8 KSN ping started
14:07:15.0975 0x0fa8 KSN ping finished: true
14:07:17.0215 0x0fa8 ================ Scan system memory ========================
14:07:17.0215 0x0fa8 System memory - ok
14:07:17.0215 0x0fa8 ================ Scan services =============================
14:07:17.0498 0x0fa8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
14:07:17.0648 0x0fa8 1394ohci - ok
14:07:17.0698 0x0fa8 3SRTE - ok
14:07:17.0743 0x0fa8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
14:07:17.0775 0x0fa8 ACPI - ok
14:07:17.0805 0x0fa8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
14:07:17.0853 0x0fa8 AcpiPmi - ok
14:07:18.0093 0x0fa8 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:07:18.0109 0x0fa8 AdobeARMservice - ok
14:07:18.0265 0x0fa8 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:07:18.0296 0x0fa8 AdobeFlashPlayerUpdateSvc - ok
14:07:18.0452 0x0fa8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
14:07:18.0499 0x0fa8 adp94xx - ok
14:07:18.0530 0x0fa8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
14:07:18.0545 0x0fa8 adpahci - ok
14:07:18.0561 0x0fa8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
14:07:18.0577 0x0fa8 adpu320 - ok
14:07:18.0608 0x0fa8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
14:07:18.0686 0x0fa8 AeLookupSvc - ok
14:07:18.0764 0x0fa8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
14:07:18.0811 0x0fa8 AFD - ok
14:07:18.0857 0x0fa8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
14:07:18.0873 0x0fa8 agp440 - ok
14:07:18.0904 0x0fa8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
14:07:18.0935 0x0fa8 ALG - ok
14:07:18.0982 0x0fa8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
14:07:18.0998 0x0fa8 aliide - ok
14:07:19.0029 0x0fa8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
14:07:19.0045 0x0fa8 amdide - ok
14:07:19.0123 0x0fa8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
14:07:19.0185 0x0fa8 AmdK8 - ok
14:07:19.0216 0x0fa8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
14:07:19.0294 0x0fa8 AmdPPM - ok
14:07:19.0357 0x0fa8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
14:07:19.0388 0x0fa8 amdsata - ok
14:07:19.0419 0x0fa8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
14:07:19.0450 0x0fa8 amdsbs - ok
14:07:19.0466 0x0fa8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
14:07:19.0481 0x0fa8 amdxata - ok
14:07:19.0591 0x0fa8 [ 9C385432C11AECC647E8D0BC7663AB48, 4DDD1DCA5FD515EA95AD12BAEE42082BE4111B9FA13FFC101F5E7BD83290AC0F ] AMPPAL C:\windows\system32\DRIVERS\AMPPAL.sys
14:07:19.0622 0x0fa8 AMPPAL - ok
14:07:19.0642 0x0fa8 [ 9C385432C11AECC647E8D0BC7663AB48, 4DDD1DCA5FD515EA95AD12BAEE42082BE4111B9FA13FFC101F5E7BD83290AC0F ] AMPPALP C:\windows\system32\DRIVERS\amppal.sys
14:07:19.0674 0x0fa8 AMPPALP - ok
14:07:19.0783 0x0fa8 [ CCB61487A9D9416EC8985279E37608BF, 02097150E4C80F58417E7FF8617B14452F2B3B183ABE8075BC7EB1C1F08B5DA8 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
14:07:19.0830 0x0fa8 AMPPALR3 - ok
14:07:19.0876 0x0fa8 [ 4DE0D5D747A73797C95A97DCCE5018B5, 17EC669675C2E43515EFE2D8BCC9DDFFBE64F99EBFB9A6DAB429F65A2B504560 ] androidusb C:\windows\system32\Drivers\ssadadb.sys
14:07:19.0908 0x0fa8 androidusb - ok
14:07:19.0954 0x0fa8 [ 4FC6E2C2FC50445450651F42E90CC0BD, BC04902B1A5A5C3354E1C4A5C69906ED7DF19F90286BE1AC4E4224E05ED36184 ] Apowersoft_AudioDevice C:\windows\system32\drivers\Apowersoft_AudioDevice.sys
14:07:19.0986 0x0fa8 Apowersoft_AudioDevice - ok
14:07:20.0173 0x0fa8 [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\windows\system32\inetsrv\apphostsvc.dll
14:07:20.0235 0x0fa8 AppHostSvc - ok
14:07:20.0282 0x0fa8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys
14:07:20.0376 0x0fa8 AppID - ok
14:07:20.0407 0x0fa8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll
14:07:20.0485 0x0fa8 AppIDSvc - ok
14:07:20.0532 0x0fa8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
14:07:20.0578 0x0fa8 Appinfo - ok
14:07:20.0656 0x0fa8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
14:07:20.0672 0x0fa8 arc - ok
14:07:20.0688 0x0fa8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
14:07:20.0719 0x0fa8 arcsas - ok
14:07:20.0890 0x0fa8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:07:20.0922 0x0fa8 aspnet_state - ok
14:07:21.0015 0x0fa8 [ 25863B5A3AC02DD35063D77C1F1415FF, F3F61F83CCF78F2FB3CD3DC66C28C1BE4D6D6F3C7440B6E5F7EEAC3739DB80DD ] aswHwid C:\windows\system32\drivers\aswHwid.sys
14:07:21.0046 0x0fa8 aswHwid - ok
14:07:21.0093 0x0fa8 [ 2894AC8C6159201940C8CD5B33CC5203, 4717301395100BD71B49451109AA29A58F702AF1E24C816CE5CC4320B6F3CA67 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
14:07:21.0109 0x0fa8 aswMonFlt - ok
14:07:21.0171 0x0fa8 [ C384DC3DDF65F3E011DFBDFDB500F89A, 0B15E09AE0DA51000B2AAF5DE6C5BBD7EBE4EB1DACB680A159AD9369CDA6D7D1 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
14:07:21.0202 0x0fa8 aswRdr - ok
14:07:21.0218 0x0fa8 [ 7F5ADFD9CA8EF06D020273B81BFFD731, 04A47F26DA3E507D9C984D7C737EC29B04AA88F68222FB4538BEA80D4D07D7FB ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
14:07:21.0249 0x0fa8 aswRvrt - ok
14:07:21.0327 0x0fa8 [ 441FF83841FEF24969A28B6971C061D5, 2183810CC9F1113B6A1795BF604183555174EBE5E0384182432DFBCB19CDB157 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
14:07:21.0390 0x0fa8 aswSnx - ok
14:07:21.0514 0x0fa8 [ 13E75FA8BF6403DC0F4248C648234D20, 70A3E176CEA71F961032DD65E8431A049C087A910C3470637759F78F7374C09E ] aswSP C:\windows\system32\drivers\aswSP.sys
14:07:21.0561 0x0fa8 aswSP - ok
14:07:21.0608 0x0fa8 [ 82F2525A22A380AA977428490AA849E3, 457F3D58B23BB61ED1BFA84B4CB2E12EE54C4BA7F9286F952E6632477EE9B548 ] aswStm C:\windows\system32\drivers\aswStm.sys
14:07:21.0639 0x0fa8 aswStm - ok
14:07:21.0670 0x0fa8 [ 2F3F0B08EBF741FE22745BECC794CE34, 969C12129C9C9981BF20656057C05290E050B410E4ECF8405C020F9A23728099 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
14:07:21.0702 0x0fa8 aswVmm - ok
14:07:21.0733 0x0fa8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
14:07:21.0811 0x0fa8 AsyncMac - ok
14:07:21.0858 0x0fa8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
14:07:21.0873 0x0fa8 atapi - ok
14:07:21.0951 0x0fa8 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
14:07:22.0029 0x0fa8 AudioEndpointBuilder - ok
14:07:22.0045 0x0fa8 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\windows\System32\Audiosrv.dll
14:07:22.0076 0x0fa8 AudioSrv - ok
14:07:22.0201 0x0fa8 [ A97E144E84A665B22AE6E6A93E4DD465, 888D702B9B9E6C446AD7499571DAEAB072BEF141FF3300E74C6E538FA312BDCD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:07:22.0232 0x0fa8 avast! Antivirus - ok
14:07:22.0569 0x0fa8 [ CCC3FE1DDCCF99633539B3D7681EF7D7, 0C048EDCD22681C82586845B822990FB4A9303B3B1F4161EBA5A6C444EF7C5CC ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
14:07:22.0694 0x0fa8 AvastVBoxSvc - ok
14:07:22.0756 0x0fa8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
14:07:22.0819 0x0fa8 AxInstSV - ok
14:07:22.0881 0x0fa8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
14:07:22.0948 0x0fa8 b06bdrv - ok
14:07:22.0983 0x0fa8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
14:07:23.0023 0x0fa8 b57nd60a - ok
14:07:23.0075 0x0fa8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
14:07:23.0110 0x0fa8 BDESVC - ok
14:07:23.0130 0x0fa8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
14:07:23.0195 0x0fa8 Beep - ok
14:07:23.0263 0x0fa8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
14:07:23.0315 0x0fa8 BFE - ok
14:07:23.0380 0x0fa8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\system32\qmgr.dll
14:07:23.0468 0x0fa8 BITS - ok
14:07:23.0500 0x0fa8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
14:07:23.0528 0x0fa8 blbdrive - ok
14:07:23.0706 0x0fa8 [ A52EA1D8C2900055323C93DDB252A3DA, 70C30AACE3948DFD2E4C52818F93F03AF32430B43229F613FEE3C4CD4FA1EFE6 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
14:07:23.0753 0x0fa8 Bluetooth Device Monitor - ok
14:07:23.0809 0x0fa8 [ 091210450CA7CED08F360D9D7FEC5D11, 52298A6FE7DCF5EA484E6A1CBE48E2B1106D006E18F2278CB38AAAB10BB905BD ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
14:07:23.0849 0x0fa8 Bluetooth Media Service - ok
14:07:23.0960 0x0fa8 [ 392450754E17FF778CBC5B9D20583AD1, 4E2CC0D5D41303202EE7655FB1F779C41808A714486BAFF22A321A5BAF9FD0F6 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
14:07:23.0992 0x0fa8 Bluetooth OBEX Service - ok
14:07:24.0038 0x0fa8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
14:07:24.0085 0x0fa8 bowser - ok
14:07:24.0135 0x0fa8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
14:07:24.0177 0x0fa8 BrFiltLo - ok
14:07:24.0195 0x0fa8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
14:07:24.0235 0x0fa8 BrFiltUp - ok
14:07:24.0290 0x0fa8 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
14:07:24.0365 0x0fa8 BridgeMP - ok
14:07:24.0432 0x0fa8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
14:07:24.0472 0x0fa8 Browser - ok
14:07:24.0503 0x0fa8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
14:07:24.0566 0x0fa8 Brserid - ok
14:07:24.0566 0x0fa8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
14:07:24.0612 0x0fa8 BrSerWdm - ok
14:07:24.0628 0x0fa8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
14:07:24.0659 0x0fa8 BrUsbMdm - ok
14:07:24.0690 0x0fa8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
14:07:24.0722 0x0fa8 BrUsbSer - ok
14:07:24.0737 0x0fa8 BstHdAndroidSvc - ok
14:07:24.0768 0x0fa8 BstHdDrv - ok
14:07:24.0784 0x0fa8 BstHdLogRotatorSvc - ok
14:07:24.0784 0x0fa8 BstHdUpdaterSvc - ok
14:07:24.0846 0x0fa8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
14:07:24.0893 0x0fa8 BthEnum - ok
14:07:24.0924 0x0fa8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
14:07:24.0971 0x0fa8 BTHMODEM - ok
14:07:24.0987 0x0fa8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
14:07:25.0049 0x0fa8 BthPan - ok
14:07:25.0106 0x0fa8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
14:07:25.0153 0x0fa8 BTHPORT - ok
14:07:25.0215 0x0fa8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
14:07:25.0262 0x0fa8 bthserv - ok
14:07:25.0309 0x0fa8 [ D30286FF3C7B6318C024D2BC2955C1BF, 47863D046C94A5C19F7D4E0BA393E6FE1E249C78FAB9B8705F7DD2CD87EAC16C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
14:07:25.0324 0x0fa8 BTHSSecurityMgr - ok
14:07:25.0356 0x0fa8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
14:07:25.0387 0x0fa8 BTHUSB - ok
14:07:25.0418 0x0fa8 [ 988CC6CC49303665D3B2435C51505C3F, 5217A7A1BAD77EBF4E5D68D191FCFD7CE4FB96ABB91638383A077BE9CE794EE3 ] btmaux C:\windows\system32\DRIVERS\btmaux.sys
14:07:25.0449 0x0fa8 btmaux - ok
14:07:25.0496 0x0fa8 [ 2B4B508AFAC2A563931AF1FE875A5B16, F6A5261BD3FB8AE7BF26F32B681A15E56317EF8A9D8AB84B9B6BCA66F5484698 ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys
14:07:25.0558 0x0fa8 btmhsf - ok
14:07:25.0629 0x0fa8 catchme - ok
14:07:25.0655 0x0fa8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
14:07:25.0739 0x0fa8 cdfs - ok
14:07:25.0786 0x0fa8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
14:07:25.0833 0x0fa8 cdrom - ok
14:07:25.0853 0x0fa8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
14:07:25.0938 0x0fa8 CertPropSvc - ok
14:07:25.0985 0x0fa8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
14:07:26.0047 0x0fa8 circlass - ok
14:07:26.0094 0x0fa8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
14:07:26.0141 0x0fa8 CLFS - ok
14:07:26.0221 0x0fa8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:07:26.0237 0x0fa8 clr_optimization_v2.0.50727_32 - ok
14:07:26.0331 0x0fa8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:07:26.0346 0x0fa8 clr_optimization_v2.0.50727_64 - ok
14:07:26.0444 0x0fa8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:07:26.0471 0x0fa8 clr_optimization_v4.0.30319_32 - ok
14:07:26.0501 0x0fa8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:07:26.0519 0x0fa8 clr_optimization_v4.0.30319_64 - ok
14:07:26.0569 0x0fa8 [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
14:07:26.0589 0x0fa8 clwvd - ok
14:07:26.0619 0x0fa8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
14:07:26.0674 0x0fa8 CmBatt - ok
14:07:26.0709 0x0fa8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
14:07:26.0726 0x0fa8 cmdide - ok
14:07:26.0832 0x0fa8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\windows\system32\Drivers\cng.sys
14:07:26.0879 0x0fa8 CNG - ok
14:07:26.0946 0x0fa8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
14:07:26.0962 0x0fa8 Compbatt - ok
14:07:26.0983 0x0fa8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
14:07:27.0045 0x0fa8 CompositeBus - ok
14:07:27.0045 0x0fa8 COMSysApp - ok
14:07:27.0154 0x0fa8 [ 4F19119C392210244FC0108E76939DC5, 95613A562C020BAEB2A011C2603900DC9AE718D869B4ED9E6070D40F2E2D0ACE ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
14:07:27.0185 0x0fa8 cphs - ok
14:07:27.0222 0x0fa8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
14:07:27.0237 0x0fa8 crcdisk - ok
14:07:27.0297 0x0fa8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\windows\system32\cryptsvc.dll
14:07:27.0339 0x0fa8 CryptSvc - ok
14:07:27.0402 0x0fa8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
14:07:27.0484 0x0fa8 DcomLaunch - ok
14:07:27.0524 0x0fa8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
14:07:27.0572 0x0fa8 defragsvc - ok
14:07:27.0619 0x0fa8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
14:07:27.0697 0x0fa8 DfsC - ok
14:07:27.0759 0x0fa8 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
14:07:27.0791 0x0fa8 dg_ssudbus - ok
14:07:27.0837 0x0fa8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
14:07:27.0915 0x0fa8 Dhcp - ok
14:07:27.0947 0x0fa8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
14:07:28.0025 0x0fa8 discache - ok
14:07:28.0071 0x0fa8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
14:07:28.0087 0x0fa8 Disk - ok
14:07:28.0149 0x0fa8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
14:07:28.0212 0x0fa8 Dnscache - ok
14:07:28.0243 0x0fa8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
14:07:28.0290 0x0fa8 dot3svc - ok
14:07:28.0321 0x0fa8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
14:07:28.0368 0x0fa8 DPS - ok
14:07:28.0415 0x0fa8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
14:07:28.0461 0x0fa8 drmkaud - ok
14:07:28.0493 0x0fa8 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
14:07:28.0524 0x0fa8 dtsoftbus01 - ok
14:07:28.0602 0x0fa8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
14:07:28.0649 0x0fa8 DXGKrnl - ok
14:07:28.0695 0x0fa8 EagleX64 - ok
14:07:28.0727 0x0fa8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
14:07:28.0805 0x0fa8 EapHost - ok
14:07:28.0961 0x0fa8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
14:07:29.0085 0x0fa8 ebdrv - ok
14:07:29.0132 0x0fa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\windows\System32\lsass.exe
14:07:29.0163 0x0fa8 EFS - ok
14:07:29.0257 0x0fa8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
14:07:29.0319 0x0fa8 ehRecvr - ok
14:07:29.0351 0x0fa8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
14:07:29.0397 0x0fa8 ehSched - ok
14:07:29.0460 0x0fa8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
14:07:29.0491 0x0fa8 elxstor - ok
14:07:29.0772 0x0fa8 [ 4519F836EC5C9CB88AD64CDBAE542F1C, BAD771C7FC4EDC23901BBAC5130511D3C8FB9229DB85D1BF236922AF12597EBA ] ENI Server C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe
14:07:29.0819 0x0fa8 ENI Server - detected UnsignedFile.Multi.Generic ( 1 )
14:07:32.0377 0x0fa8 ENI Server ( UnsignedFile.Multi.Generic ) - warning
14:07:35.0262 0x0fa8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
14:07:35.0319 0x0fa8 ErrDev - ok
14:07:35.0402 0x0fa8 [ F1F28F681D29B830E3A33B4CCB541CC9, 65FA0F17D6E204A64B8F47DBE7C6D09502A6518E18BE370D6A61FA9FA8AF98EF ] EterlogicVirtualSerialDriver C:\windows\system32\drivers\VSPE.sys
14:07:35.0427 0x0fa8 EterlogicVirtualSerialDriver - ok
14:07:35.0470 0x0fa8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
14:07:35.0548 0x0fa8 EventSystem - ok
14:07:35.0740 0x0fa8 [ 66C0B8E98DA9469EFC040272BE3341DE, D3E9C918B88FBBEEBBF56BF545DDCB4F43047534223348D6C8FA694F071443CB ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:07:35.0780 0x0fa8 EvtEng - ok
14:07:35.0805 0x0fa8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
14:07:35.0881 0x0fa8 exfat - ok
14:07:35.0899 0x0fa8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
14:07:35.0950 0x0fa8 fastfat - ok
14:07:36.0007 0x0fa8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
14:07:36.0072 0x0fa8 Fax - ok
14:07:36.0103 0x0fa8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
14:07:36.0135 0x0fa8 fdc - ok
14:07:36.0163 0x0fa8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
14:07:36.0223 0x0fa8 fdPHost - ok
14:07:36.0239 0x0fa8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
14:07:36.0301 0x0fa8 FDResPub - ok
14:07:36.0317 0x0fa8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
14:07:36.0333 0x0fa8 FileInfo - ok
14:07:36.0348 0x0fa8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
14:07:36.0379 0x0fa8 Filetrace - ok
14:07:36.0395 0x0fa8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
14:07:36.0411 0x0fa8 flpydisk - ok
14:07:36.0442 0x0fa8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
14:07:36.0457 0x0fa8 FltMgr - ok
14:07:36.0538 0x0fa8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll
14:07:36.0585 0x0fa8 FontCache - ok
14:07:36.0631 0x0fa8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:07:36.0647 0x0fa8 FontCache3.0.0.0 - ok
14:07:36.0663 0x0fa8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
14:07:36.0694 0x0fa8 FsDepends - ok
14:07:36.0744 0x0fa8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
14:07:36.0764 0x0fa8 Fs_Rec - ok
14:07:36.0837 0x0fa8 [ 13799CB7521A39724FFDEA2E5D9C8305, 14FDF6273CEAD3E4E391F538D0FF4E3E258FC34B1B1074C73B72961E640377E0 ] FTDIBUS C:\windows\system32\drivers\ftdibus.sys
14:07:36.0857 0x0fa8 FTDIBUS - ok
14:07:36.0887 0x0fa8 [ F1544BBC7E08BB5B9E9E97996C3FA04B, 2D998E4DCF7EA918B537119583BE678121148DB314BDC338925D8588A30F4BE0 ] FTSER2K C:\windows\system32\drivers\ftser2k.sys
14:07:36.0924 0x0fa8 FTSER2K - ok
14:07:36.0992 0x0fa8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
14:07:37.0024 0x0fa8 fvevol - ok
14:07:37.0055 0x0fa8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
14:07:37.0086 0x0fa8 gagp30kx - ok
14:07:37.0273 0x0fa8 [ C2730FE9713C1C474257A7085386B11E, 7D35D00D2B455841C8C9A87CE92885CD22F4B8B6690CB21443ED1B515117EF95 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:07:37.0336 0x0fa8 GfExperienceService - ok
14:07:37.0398 0x0fa8 [ 9F5E8645FECD68C0ECC374F5A4AE068A, 7F225A1DC6B665EF3DB8B19D553194A1D6020EEDA74A9CEE0E9B22FE4573C4B6 ] gfiark C:\windows\system32\drivers\gfiark.sys
14:07:37.0429 0x0fa8 gfiark - ok
14:07:37.0492 0x0fa8 [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto C:\windows\system32\drivers\gfibto.sys
14:07:37.0523 0x0fa8 gfibto - ok
14:07:37.0570 0x0fa8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
14:07:37.0648 0x0fa8 gpsvc - ok
14:07:37.0726 0x0fa8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:07:37.0757 0x0fa8 gupdate - ok
14:07:37.0788 0x0fa8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:07:37.0804 0x0fa8 gupdatem - ok
14:07:37.0866 0x0fa8 [ 5620987F669BF77F5B1661FD8D2B87E2, AD110D22DF098F83BA1A731E0425EE3C772663B7B468939E13CF8D370FB480D5 ] h647906 C:\windows\system32\drivers\h647906.sys
14:07:37.0882 0x0fa8 h647906 - ok
14:07:37.0897 0x0fa8 [ 0A76E72DF5B4A72164417EFC1003CF5B, D4EA42102A7082FC0035F9101B8F131CB0CEA4FBD09EEFF1F3A6B0401A9E1633 ] h648101 C:\windows\system32\drivers\h648101.sys
14:07:37.0929 0x0fa8 h648101 - ok
14:07:37.0944 0x0fa8 [ A0EBF606CB423FAFBC2225F49540EBFC, 0576A3ADF15AE06601570710106CDA77B6FD6AEECC2373845DB08C76524FC2DF ] h648103 C:\windows\system32\drivers\h648103.sys
14:07:37.0960 0x0fa8 h648103 - ok
14:07:38.0022 0x0fa8 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
14:07:38.0038 0x0fa8 hamachi - ok
14:07:38.0100 0x0fa8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
14:07:38.0147 0x0fa8 hcw85cir - ok
14:07:38.0225 0x0fa8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
14:07:38.0287 0x0fa8 HdAudAddService - ok
14:07:38.0319 0x0fa8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
14:07:38.0350 0x0fa8 HDAudBus - ok
14:07:38.0365 0x0fa8 hid7906 - ok
14:07:38.0381 0x0fa8 hid8101 - ok
14:07:38.0381 0x0fa8 hid8103 - ok
14:07:38.0397 0x0fa8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
14:07:38.0443 0x0fa8 HidBatt - ok
14:07:38.0459 0x0fa8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
14:07:38.0490 0x0fa8 HidBth - ok
14:07:38.0506 0x0fa8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
14:07:38.0521 0x0fa8 HidIr - ok
14:07:38.0537 0x0fa8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\System32\hidserv.dll
14:07:38.0584 0x0fa8 hidserv - ok
14:07:38.0631 0x0fa8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
14:07:38.0662 0x0fa8 HidUsb - ok
14:07:38.0677 0x0fa8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
14:07:38.0755 0x0fa8 hkmsvc - ok
14:07:38.0787 0x0fa8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
14:07:38.0818 0x0fa8 HomeGroupListener - ok
14:07:38.0865 0x0fa8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
14:07:38.0896 0x0fa8 HomeGroupProvider - ok
14:07:38.0943 0x0fa8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
14:07:38.0958 0x0fa8 HpSAMD - ok
14:07:39.0130 0x0fa8 [ 1878A79551F2EDAE7EBD110AAE6D33AD, 1F409360B44AEB3A6023E953EAB350FFB3EB8322F589E2422AB312288B33A2DA ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
14:07:39.0145 0x0fa8 HPSupportSolutionsFrameworkService - ok
14:07:39.0208 0x0fa8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
14:07:39.0309 0x0fa8 HTTP - ok
14:07:39.0325 0x0fa8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
14:07:39.0340 0x0fa8 hwpolicy - ok
14:07:39.0387 0x0fa8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
14:07:39.0418 0x0fa8 i8042prt - ok
14:07:39.0465 0x0fa8 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
14:07:39.0496 0x0fa8 iaStor - ok
14:07:39.0559 0x0fa8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
14:07:39.0590 0x0fa8 iaStorV - ok
14:07:39.0605 0x0fa8 ibpcimpm - ok
14:07:39.0637 0x0fa8 [ 60CC7AE9AEDB4D1E7923BD053B176D97, 52783EE81DCA8267267ADD862A1BF049765BB154F904196B55C0CA26E30FD393 ] ibtfltcoex C:\windows\system32\DRIVERS\iBtFltCoex.sys
14:07:39.0668 0x0fa8 ibtfltcoex - ok
14:07:39.0746 0x0fa8 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
14:07:39.0777 0x0fa8 ICCS - ok
14:07:39.0855 0x0fa8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:07:39.0917 0x0fa8 idsvc - ok
14:07:39.0980 0x0fa8 IEEtwCollectorService - ok
14:07:40.0214 0x0fa8 [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
14:07:40.0448 0x0fa8 igfx - ok
14:07:40.0479 0x0fa8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
14:07:40.0495 0x0fa8 iirsp - ok
14:07:40.0588 0x0fa8 [ AB55B8A9B13130F638546881CE4425F8, 8427E67BE02ECABAA3F0C48BD4205BCBD4C978B48AE4E7336DA5821DFC49029E ] IISADMIN C:\windows\system32\inetsrv\inetinfo.exe
14:07:40.0635 0x0fa8 IISADMIN - ok
14:07:40.0729 0x0fa8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
14:07:40.0807 0x0fa8 IKEEXT - ok
14:07:40.0869 0x0fa8 [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
14:07:40.0885 0x0fa8 intaud_WaveExtensible - ok
14:07:41.0087 0x0fa8 [ 5C0BBE779BA3D6F84EB5AE3CB8793E11, EA729B622F30E847E2700787E6747A33769B405DD08D36175AACF42BE7A8600F ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
14:07:41.0259 0x0fa8 IntcAzAudAddService - ok
14:07:41.0337 0x0fa8 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
14:07:41.0384 0x0fa8 IntcDAud - ok
14:07:41.0493 0x0fa8 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:07:41.0524 0x0fa8 Intel(R) Capability Licensing Service Interface - ok
14:07:41.0571 0x0fa8 [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
14:07:41.0602 0x0fa8 Intel(R) ME Service - ok
14:07:41.0633 0x0fa8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
14:07:41.0665 0x0fa8 intelide - ok
14:07:41.0696 0x0fa8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
14:07:41.0727 0x0fa8 intelppm - ok
14:07:41.0758 0x0fa8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
14:07:41.0836 0x0fa8 IPBusEnum - ok
14:07:41.0867 0x0fa8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
14:07:41.0930 0x0fa8 IpFilterDriver - ok
14:07:41.0977 0x0fa8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
14:07:42.0023 0x0fa8 iphlpsvc - ok
14:07:42.0039 0x0fa8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
14:07:42.0070 0x0fa8 IPMIDRV - ok
14:07:42.0101 0x0fa8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
14:07:42.0164 0x0fa8 IPNAT - ok
14:07:42.0242 0x0fa8 [ 11FE7637A49B67D9B1F895B2AD4D982F, D448DA9083044E0B2627042D9FA5DC65C74A34AB09FF627777634B254260F4FB ] iprip C:\windows\System32\iprip.dll
14:07:42.0273 0x0fa8 iprip - ok
14:07:42.0304 0x0fa8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
14:07:42.0351 0x0fa8 IRENUM - ok
14:07:42.0382 0x0fa8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
14:07:42.0398 0x0fa8 isapnp - ok
14:07:42.0460 0x0fa8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
14:07:42.0491 0x0fa8 iScsiPrt - ok
14:07:42.0554 0x0fa8 [ 8E4577C6E0D3114170509159DE658907, 2FC7F96766537716503AB1BAD7EBDB2F16F3CE1584AF4261D57C6A4E00E1A417 ] iusb3hcs C:\windows\system32\DRIVERS\iusb3hcs.sys
14:07:42.0585 0x0fa8 iusb3hcs - ok
14:07:42.0616 0x0fa8 [ FE76346E9B57DA575BD1B3BD0CCAD7FF, 8961A08326F66E9FDF63912797C605FEEC23F9B0453D132AB6897DA98BC9AEAB ] iusb3hub C:\windows\system32\DRIVERS\iusb3hub.sys
14:07:42.0647 0x0fa8 iusb3hub - ok
14:07:42.0694 0x0fa8 [ 1008CD90DA2198FFD250298DEB9DF160, 2CBA5FF2369861E8F8A55799AFFFC8E5B331A8BD17B559641E87A4C6C0D70206 ] iusb3xhc C:\windows\system32\DRIVERS\iusb3xhc.sys
14:07:42.0741 0x0fa8 iusb3xhc - ok
14:07:42.0788 0x0fa8 [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys
14:07:42.0803 0x0fa8 iwdbus - ok
14:07:42.0835 0x0fa8 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:07:42.0850 0x0fa8 jhi_service - ok
14:07:42.0881 0x0fa8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
14:07:42.0897 0x0fa8 kbdclass - ok
14:07:42.0928 0x0fa8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
14:07:42.0959 0x0fa8 kbdhid - ok
14:07:42.0991 0x0fa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\windows\system32\lsass.exe
14:07:43.0022 0x0fa8 KeyIso - ok
14:07:43.0069 0x0fa8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
14:07:43.0084 0x0fa8 KSecDD - ok
14:07:43.0147 0x0fa8 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
14:07:43.0162 0x0fa8 KSecPkg - ok
14:07:43.0193 0x0fa8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
14:07:43.0256 0x0fa8 ksthunk - ok
14:07:43.0287 0x0fa8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
14:07:43.0396 0x0fa8 KtmRm - ok
14:07:43.0443 0x0fa8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\System32\srvsvc.dll
14:07:43.0505 0x0fa8 LanmanServer - ok
14:07:43.0537 0x0fa8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
14:07:43.0583 0x0fa8 LanmanWorkstation - ok
14:07:43.0833 0x0fa8 [ 62423C3546C9ABD34C156AC7E73A4177, F4F686C0D612696B1AF1EF55C297C785C30CD7B0633609829D866615ACE49791 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
14:07:43.0927 0x0fa8 LiveUpdateSvc - ok
14:07:44.0114 0x0fa8 [ 20CDB07017497C94A0BAD253C4BAFCBC, 5633D245525F9B8CAC4E87A95B0E19D1F34839483ED75AC8F7661DA29BC87EE7 ] LkCitadelServer C:\windows\SysWOW64\lkcitdl.exe
14:07:44.0176 0x0fa8 LkCitadelServer - ok
14:07:44.0192 0x0fa8 [ 7CBF0476029371402D14CD776612EE6A, A8792826BC259E2AF7FFB6FBDA9E924D91D98D1E8D81A59ADCA515F83544D895 ] lkClassAds C:\windows\SysWOW64\lkads.exe
14:07:44.0223 0x0fa8 lkClassAds - ok
14:07:44.0254 0x0fa8 [ B9BA33801B5F9B79F0949AF206F96177, 8E2A459F844830F016B3BC2770C47B2D2414F82111C18712C14DEB8E2AA8D7BA ] lkTimeSync C:\windows\SysWOW64\lktsrv.exe
14:07:44.0270 0x0fa8 lkTimeSync - ok
14:07:44.0317 0x0fa8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
14:07:44.0379 0x0fa8 lltdio - ok
14:07:44.0426 0x0fa8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
14:07:44.0504 0x0fa8 lltdsvc - ok
14:07:44.0535 0x0fa8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
14:07:44.0597 0x0fa8 lmhosts - ok
14:07:44.0644 0x0fa8 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:07:44.0660 0x0fa8 LMS - ok
14:07:44.0691 0x0fa8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
14:07:44.0707 0x0fa8 LSI_FC - ok
14:07:44.0738 0x0fa8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
14:07:44.0753 0x0fa8 LSI_SAS - ok
14:07:44.0769 0x0fa8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
14:07:44.0785 0x0fa8 LSI_SAS2 - ok
14:07:44.0800 0x0fa8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
14:07:44.0816 0x0fa8 LSI_SCSI - ok
14:07:44.0847 0x0fa8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
14:07:44.0894 0x0fa8 luafv - ok
14:07:44.0925 0x0fa8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
14:07:44.0972 0x0fa8 Mcx2Svc - ok
14:07:44.0987 0x0fa8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
14:07:45.0003 0x0fa8 megasas - ok
14:07:45.0034 0x0fa8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
14:07:45.0050 0x0fa8 MegaSR - ok
14:07:45.0097 0x0fa8 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
14:07:45.0128 0x0fa8 MEIx64 - ok
14:07:45.0377 0x0fa8 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:07:45.0393 0x0fa8 Microsoft Office Groove Audit Service - ok
14:07:45.0440 0x0fa8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
14:07:45.0502 0x0fa8 MMCSS - ok
14:07:45.0518 0x0fa8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
14:07:45.0580 0x0fa8 Modem - ok
14:07:45.0627 0x0fa8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
14:07:45.0674 0x0fa8 monitor - ok
14:07:45.0705 0x0fa8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
14:07:45.0736 0x0fa8 mouclass - ok
14:07:45.0752 0x0fa8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
14:07:45.0783 0x0fa8 mouhid - ok
14:07:45.0814 0x0fa8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
14:07:45.0845 0x0fa8 mountmgr - ok
14:07:45.0861 0x0fa8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
14:07:45.0892 0x0fa8 mpio - ok
14:07:45.0908 0x0fa8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
14:07:45.0955 0x0fa8 mpsdrv - ok
14:07:46.0017 0x0fa8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
14:07:46.0095 0x0fa8 MpsSvc - ok
14:07:46.0173 0x0fa8 [ CD22D2563039DDA6793F7624719363A7, 82C91467EDCB61B1DD086A1D25925E4D89E43EF6EFAE3C59AFF3D73280119AF6 ] MQAC C:\windows\system32\drivers\mqac.sys
14:07:46.0204 0x0fa8 MQAC - ok
14:07:46.0267 0x0fa8 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
14:07:46.0313 0x0fa8 MRxDAV - ok
14:07:46.0360 0x0fa8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
14:07:46.0423 0x0fa8 mrxsmb - ok
14:07:46.0454 0x0fa8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
14:07:46.0485 0x0fa8 mrxsmb10 - ok
14:07:46.0501 0x0fa8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
14:07:46.0532 0x0fa8 mrxsmb20 - ok
14:07:46.0563 0x0fa8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
14:07:46.0579 0x0fa8 msahci - ok
14:07:46.0610 0x0fa8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
14:07:46.0641 0x0fa8 msdsm - ok
14:07:46.0672 0x0fa8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
14:07:46.0719 0x0fa8 MSDTC - ok
14:07:46.0735 0x0fa8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
14:07:46.0797 0x0fa8 Msfs - ok
14:07:46.0828 0x0fa8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
14:07:46.0875 0x0fa8 mshidkmdf - ok
14:07:46.0891 0x0fa8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
14:07:46.0891 0x0fa8 msisadrv - ok
14:07:46.0937 0x0fa8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
14:07:46.0984 0x0fa8 MSiSCSI - ok
14:07:46.0984 0x0fa8 msiserver - ok
14:07:47.0015 0x0fa8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
14:07:47.0062 0x0fa8 MSKSSRV - ok
14:07:47.0140 0x0fa8 [ FAAEAEF99E53561BEEE58F946CA56F0D, 78AC692C4B80616E4C44ED20954B8D2FCE2215056C2ED3522123E5B50A7CE67A ] MSMQ C:\windows\system32\mqsvc.exe
14:07:47.0171 0x0fa8 MSMQ - ok
14:07:47.0203 0x0fa8 [ 59ED174FD4314B0218DC91F9BFA6CD3D, 13B95FA9892D09341CE46FA7EEB01FF9C88AA9DCB8FBF0A73FFAE567AAA4E02A ] MSMQTriggers C:\windows\system32\mqtgsvc.exe
14:07:47.0234 0x0fa8 MSMQTriggers - ok
14:07:47.0265 0x0fa8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
14:07:47.0327 0x0fa8 MSPCLOCK - ok
14:07:47.0359 0x0fa8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
14:07:47.0421 0x0fa8 MSPQM - ok
14:07:47.0437 0x0fa8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
14:07:47.0452 0x0fa8 MsRPC - ok
14:07:47.0468 0x0fa8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
14:07:47.0483 0x0fa8 mssmbios - ok
14:07:47.0499 0x0fa8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
14:07:47.0530 0x0fa8 MSTEE - ok
14:07:47.0546 0x0fa8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
14:07:47.0593 0x0fa8 MTConfig - ok
14:07:47.0608 0x0fa8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
14:07:47.0639 0x0fa8 Mup - ok
14:07:47.0733 0x0fa8 [ EC42D7EE4A7ADCC481D35CCE842E1BA2, BAAE976A8D59FAA61A14A77396E5A7D94FA5F75E1F95ACDF23AED72028898A54 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:07:47.0749 0x0fa8 MyWiFiDHCPDNS - ok
14:07:47.0795 0x0fa8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
14:07:47.0889 0x0fa8 napagent - ok
14:07:47.0920 0x0fa8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
14:07:47.0998 0x0fa8 NativeWifiP - ok
14:07:48.0107 0x0fa8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
14:07:48.0154 0x0fa8 NDIS - ok
14:07:48.0248 0x0fa8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
14:07:48.0341 0x0fa8 NdisCap - ok
14:07:48.0373 0x0fa8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
14:07:48.0451 0x0fa8 NdisTapi - ok
14:07:48.0482 0x0fa8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
14:07:48.0544 0x0fa8 Ndisuio - ok
14:07:48.0560 0x0fa8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
14:07:48.0607 0x0fa8 NdisWan - ok
14:07:48.0638 0x0fa8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
14:07:48.0685 0x0fa8 NDProxy - ok
14:07:48.0700 0x0fa8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
14:07:48.0747 0x0fa8 NetBIOS - ok
14:07:48.0763 0x0fa8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
14:07:48.0809 0x0fa8 NetBT - ok
14:07:48.0841 0x0fa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\windows\system32\lsass.exe
14:07:48.0872 0x0fa8 Netlogon - ok
14:07:48.0919 0x0fa8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
14:07:48.0981 0x0fa8 Netman - ok
14:07:49.0121 0x0fa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:07:49.0153 0x0fa8 NetMsmqActivator - ok
14:07:49.0168 0x0fa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:07:49.0184 0x0fa8 NetPipeActivator - ok
14:07:49.0231 0x0fa8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
14:07:49.0309 0x0fa8 netprofm - ok
14:07:49.0309 0x0fa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:07:49.0324 0x0fa8 NetTcpActivator - ok
14:07:49.0324 0x0fa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:07:49.0340 0x0fa8 NetTcpPortSharing - ok
14:07:49.0683 0x0fa8 [ A8E77F6E120E5C3E8DE673111C09D770, 0B12F19CC823A02AB4D7C75508CD776A3650063E43DE924DAE523BEBFCF3AEF9 ] NETwNs64 C:\windows\system32\DRIVERS\NETwsw00.sys
14:07:50.0127 0x0fa8 NETwNs64 - ok
14:07:50.0174 0x0fa8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
14:07:50.0174 0x0fa8 nfrd960 - ok
14:07:50.0252 0x0fa8 [ 531ABFAFAE0AFA2F3E9BBB2C08477ED1, 434C4DAE4BD03F61174CD71F41FF7927769F045ECF841550C29E4E055675423E ] ngvss C:\windows\system32\drivers\ngvss.sys
14:07:50.0283 0x0fa8 ngvss - ok
14:07:50.0455 0x0fa8 [ F0EA0AD4B1AFFEFE4AB34191D539509B, A5AEEC0F934F2FCC513545DD6E93FD3E516A7879F406A4E365AA8DA6349C63B1 ] NIApplicationWebServer C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
14:07:50.0471 0x0fa8 NIApplicationWebServer - ok
14:07:50.0611 0x0fa8 [ E78AFBF3B76E805AED87C933A636BDA6, 5DD7B6E101D4B30BBCABA31E31CFF09DEFF96CE6E3A49F53315838110833AF09 ] NIApplicationWebServer64 C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
14:07:50.0627 0x0fa8 NIApplicationWebServer64 - ok
14:07:50.0798 0x0fa8 [ 3B712766DEA950ACA65789B460AA1899, 3FAC4AB814688EC1976CA10CBD59EA89941288D129495730B281E97450C0D111 ] NIDomainService C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
14:07:50.0845 0x0fa8 NIDomainService - ok
14:07:50.0985 0x0fa8 [ AA8896BCD689851665EFC02DC41181AC, 9860DF5E072F4F3E10CE919767EB755EA5FC35B533886007657A24D864A1CA27 ] NILM License Manager C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
14:07:51.0126 0x0fa8 NILM License Manager - ok
14:07:51.0251 0x0fa8 [ F59599F4C0B3259AC1355F34E6AC6342, 228A4E921F001AD0BE98A499BC5DFD644EEBC3B80D00895F79CD6EE7B49F4AF1 ] nimDNSResponder C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
14:07:51.0282 0x0fa8 nimDNSResponder - ok
14:07:51.0329 0x0fa8 NiSvcLoc - ok
14:07:51.0375 0x0fa8 [ FD919AC3746322662DC21CDB7B9ADC07, A7187FE29C41A24E4854FF70E87A03C3C850314F0CD9A853BEBAC8B5260A3BB8 ] NISystemWebServer C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
14:07:51.0391 0x0fa8 NISystemWebServer - ok
14:07:51.0453 0x0fa8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
14:07:51.0500 0x0fa8 NlaSvc - ok
14:07:51.0516 0x0fa8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
14:07:51.0547 0x0fa8 Npfs - ok
14:07:51.0578 0x0fa8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
14:07:51.0625 0x0fa8 nsi - ok
14:07:51.0656 0x0fa8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
14:07:51.0703 0x0fa8 nsiproxy - ok
14:07:51.0812 0x0fa8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
14:07:51.0875 0x0fa8 Ntfs - ok
14:07:51.0890 0x0fa8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
14:07:51.0953 0x0fa8 Null - ok
14:07:52.0343 0x0fa8 [ 7F58A8A5F208557F1FF8D7F45D5811DB, D9999DAD9BBBC907C8633AD08D90E40D861E9941A74CCF3C6183C9E220FEA0E9 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
14:07:52.0717 0x0fa8 nvlddmkm - ok
14:07:52.0889 0x0fa8 [ F9CF3FB8DD81B390783532B3C98D6976, 8C94638136CFAEB3ED6DD7CE2059E98B64B15918DDB0796CC0B88474EE99F5BF ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:07:52.0967 0x0fa8 NvNetworkService - ok
14:07:53.0013 0x0fa8 [ BA17213DA758C56F3834FDF01BF22B4C, E162888B50FEDF96A02DF84E0BAF3F23EA4E4F2BD231DB3ACF4C4B40A5F566A8 ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
14:07:53.0029 0x0fa8 nvpciflt - ok
14:07:53.0091 0x0fa8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
14:07:53.0123 0x0fa8 nvraid - ok
14:07:53.0154 0x0fa8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
14:07:53.0169 0x0fa8 nvstor - ok
14:07:53.0263 0x0fa8 [ 3A7B0570D896602E37EAF80EC3D1615A, 1F5A71432F96731115ADA2A50E605923666188D08F9FD748424AB6588D0E1482 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:07:53.0294 0x0fa8 NvStreamKms - ok
14:07:53.0341 0x0fa8 NvStreamSvc - ok
14:07:53.0466 0x0fa8 [ 806069C408AE736E2182D2FF6C2FA8EE, 9C2D2309C4F4135772C53C10C7442BCA362657B062177B20C2F00DC2137E8362 ] nvsvc C:\windows\system32\nvvsvc.exe
14:07:53.0513 0x0fa8 nvsvc - ok
14:07:53.0591 0x0fa8 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\windows\system32\drivers\nvvad64v.sys
14:07:53.0606 0x0fa8 nvvad_WaveExtensible - ok
14:07:53.0653 0x0fa8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
14:07:53.0669 0x0fa8 nv_agp - ok
14:07:53.0856 0x0fa8 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:07:53.0887 0x0fa8 odserv - ok
14:07:53.0918 0x0fa8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
14:07:53.0949 0x0fa8 ohci1394 - ok
14:07:54.0152 0x0fa8 [ 29B093BA6759118DB14AF41026385E03, 660176D122344A79E52FFD9FE3D32D1967D9B22BC4AD76549D839B09693D0713 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
14:07:54.0215 0x0fa8 Origin Client Service - ok
14:07:54.0293 0x0fa8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:07:54.0324 0x0fa8 ose - ok
14:07:54.0386 0x0fa8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
14:07:54.0433 0x0fa8 p2pimsvc - ok
14:07:54.0464 0x0fa8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
14:07:54.0527 0x0fa8 p2psvc - ok
14:07:54.0558 0x0fa8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
14:07:54.0589 0x0fa8 Parport - ok
14:07:54.0636 0x0fa8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
14:07:54.0651 0x0fa8 partmgr - ok
14:07:54.0683 0x0fa8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
14:07:54.0729 0x0fa8 PcaSvc - ok
14:07:54.0761 0x0fa8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
14:07:54.0776 0x0fa8 pci - ok
14:07:54.0823 0x0fa8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
14:07:54.0839 0x0fa8 pciide - ok
14:07:54.0870 0x0fa8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
14:07:54.0885 0x0fa8 pcmcia - ok
14:07:54.0917 0x0fa8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
14:07:54.0932 0x0fa8 pcw - ok
14:07:54.0979 0x0fa8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys
14:07:55.0041 0x0fa8 PEAUTH - ok
14:07:55.0104 0x0fa8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
14:07:55.0151 0x0fa8 PerfHost - ok
14:07:55.0229 0x0fa8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
14:07:55.0369 0x0fa8 pla - ok
14:07:55.0463 0x0fa8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
14:07:55.0509 0x0fa8 PlugPlay - ok
14:07:55.0525 0x0fa8 PnkBstrA - ok
14:07:55.0556 0x0fa8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
14:07:55.0603 0x0fa8 PNRPAutoReg - ok
14:07:55.0634 0x0fa8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
14:07:55.0665 0x0fa8 PNRPsvc - ok
14:07:55.0712 0x0fa8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
14:07:55.0775 0x0fa8 PolicyAgent - ok
14:07:55.0806 0x0fa8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
14:07:55.0884 0x0fa8 Power - ok
14:07:55.0915 0x0fa8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
14:07:55.0962 0x0fa8 PptpMiniport - ok
14:07:55.0977 0x0fa8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
14:07:56.0024 0x0fa8 Processor - ok
14:07:56.0055 0x0fa8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
14:07:56.0087 0x0fa8 ProfSvc - ok
14:07:56.0133 0x0fa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
14:07:56.0149 0x0fa8 ProtectedStorage - ok
14:07:56.0196 0x0fa8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
14:07:56.0258 0x0fa8 Psched - ok
14:07:56.0367 0x0fa8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
14:07:56.0414 0x0fa8 ql2300 - ok
14:07:56.0445 0x0fa8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
14:07:56.0461 0x0fa8 ql40xx - ok
14:07:56.0477 0x0fa8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
14:07:56.0508 0x0fa8 QWAVE - ok
14:07:56.0523 0x0fa8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
14:07:56.0539 0x0fa8 QWAVEdrv - ok
14:07:56.0555 0x0fa8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
14:07:56.0601 0x0fa8 RasAcd - ok
14:07:56.0633 0x0fa8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
14:07:56.0695 0x0fa8 RasAgileVpn - ok
14:07:56.0711 0x0fa8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
14:07:56.0773 0x0fa8 RasAuto - ok
14:07:56.0789 0x0fa8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
14:07:56.0835 0x0fa8 Rasl2tp - ok
14:07:56.0867 0x0fa8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
14:07:56.0945 0x0fa8 RasMan - ok
14:07:56.0960 0x0fa8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
14:07:57.0038 0x0fa8 RasPppoe - ok
14:07:57.0069 0x0fa8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
14:07:57.0132 0x0fa8 RasSstp - ok
14:07:57.0163 0x0fa8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
14:07:57.0241 0x0fa8 rdbss - ok
14:07:57.0257 0x0fa8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
14:07:57.0303 0x0fa8 rdpbus - ok
14:07:57.0319 0x0fa8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
14:07:57.0381 0x0fa8 RDPCDD - ok
14:07:57.0413 0x0fa8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
14:07:57.0475 0x0fa8 RDPENCDD - ok
14:07:57.0491 0x0fa8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
14:07:57.0537 0x0fa8 RDPREFMP - ok
14:07:57.0678 0x0fa8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
14:07:57.0709 0x0fa8 RdpVideoMiniport - ok
14:07:57.0771 0x0fa8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
14:07:57.0834 0x0fa8 RDPWD - ok
14:07:57.0865 0x0fa8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
14:07:57.0896 0x0fa8 rdyboost - ok
14:07:57.0974 0x0fa8 [ 75F18D3406E3C7262EC88F4E965BDD84, 66850DB3D7DE5B3E425CA4B5FC0815B953B0C01B7F0F055F2F550CE7693CF5F6 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:07:58.0005 0x0fa8 RegSrvc - ok
14:07:58.0037 0x0fa8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
14:07:58.0115 0x0fa8 RemoteAccess - ok
14:07:58.0146 0x0fa8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
14:07:58.0208 0x0fa8 RemoteRegistry - ok
14:07:58.0239 0x0fa8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
14:07:58.0286 0x0fa8 RFCOMM - ok
14:07:58.0411 0x0fa8 [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
14:07:58.0442 0x0fa8 RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
14:08:00.0985 0x0fa8 Detect skipped due to KSN trusted
14:08:00.0985 0x0fa8 RichVideo - ok
14:08:01.0047 0x0fa8 [ CAF88D6573D21CD2AA27001DDBFDC74D, 8256B93E586953F1B594BFFA1F005DB08325CAF1729A93820B09F60DAA998C97 ] RMCAST C:\windows\system32\DRIVERS\RMCAST.sys
14:08:01.0110 0x0fa8 RMCAST - ok
14:08:01.0141 0x0fa8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
14:08:01.0203 0x0fa8 RpcEptMapper - ok
14:08:01.0219 0x0fa8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
14:08:01.0235 0x0fa8 RpcLocator - ok
14:08:01.0250 0x0fa8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
14:08:01.0297 0x0fa8 RpcSs - ok
14:08:01.0328 0x0fa8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
14:08:01.0375 0x0fa8 rspndr - ok
14:08:01.0375 0x0fa8 RTIOdrvAPIC - ok
14:08:01.0406 0x0fa8 RTIOdrvApplicom - ok
14:08:01.0406 0x0fa8 RTIOdrvAutomata - ok
14:08:01.0437 0x0fa8 RTIOdrvCifX - ok
14:08:01.0437 0x0fa8 RTIOdrvCP5613 - ok
14:08:01.0437 0x0fa8 RTIOdrvDAMP - ok
14:08:01.0453 0x0fa8 RTIOdrvFC310x - ok
14:08:01.0453 0x0fa8 RTIOdrvHilscherDPM - ok
14:08:01.0469 0x0fa8 RTIOdrvHMS - ok
14:08:01.0469 0x0fa8 RTIOdrvKuhnkePBM - ok
14:08:01.0469 0x0fa8 RTIOdrvSJA - ok
14:08:01.0531 0x0fa8 [ 6CF9DB101A75360E98659F823852E540, A7D48DF41A831EEF9978B51786EF80DB9CC40602BE66D46CA11BE1548BC2D10C ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
14:08:01.0562 0x0fa8 RTL8167 - ok
14:08:01.0718 0x0fa8 [ 17758E7D23EBD8F4A9B3F44C720E2AC2, A8851CFB71DFB4E7207DDDE8029E85D8BD8268F504FEDF487C15C89094C14974 ] RTService C:\Program Files (x86)\3S Software\CoDeSys SP RTE\RTService.exe
14:08:01.0781 0x0fa8 RTService - detected UnsignedFile.Multi.Generic ( 1 )
14:08:04.0250 0x0fa8 RTService ( UnsignedFile.Multi.Generic ) - warning
14:08:06.0762 0x0fa8 [ 62DB6CC4B0818F1B5F3441241B098F12, 7A53B3FBA3F82EDE6FA688E531FBE7EC9E1AE329090C0AFE0DCD64F65BD90F21 ] SABI C:\windows\system32\Drivers\SABI.sys
14:08:06.0793 0x0fa8 SABI - ok
14:08:06.0824 0x0fa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\windows\system32\lsass.exe
14:08:06.0856 0x0fa8 SamSs - ok
14:08:06.0949 0x0fa8 SamsungAllShareV2.0 - ok
14:08:06.0980 0x0fa8 [ 5E66ABD041D76C46CBF55AEF910FCA56, AA275FE0506EE47EB717451F8415E29757C813F29F5C4B5D1629902B15831966 ] SamsungDeviceConfigurationWinService C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
14:08:06.0996 0x0fa8 SamsungDeviceConfigurationWinService - detected UnsignedFile.Multi.Generic ( 1 )
14:08:12.0929 0x0fa8 Detect skipped due to KSN trusted
14:08:12.0929 0x0fa8 SamsungDeviceConfigurationWinService - ok
14:08:13.0054 0x0fa8 SBIOSIO - ok
14:08:13.0085 0x0fa8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
14:08:13.0116 0x0fa8 sbp2port - ok
14:08:13.0147 0x0fa8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
14:08:13.0210 0x0fa8 SCardSvr - ok
14:08:13.0225 0x0fa8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
14:08:13.0272 0x0fa8 scfilter - ok
14:08:13.0319 0x0fa8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
14:08:13.0397 0x0fa8 Schedule - ok
14:08:13.0413 0x0fa8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
14:08:13.0444 0x0fa8 SCPolicySvc - ok
14:08:13.0475 0x0fa8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
14:08:13.0537 0x0fa8 SDRSVC - ok
14:08:13.0569 0x0fa8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
14:08:13.0615 0x0fa8 secdrv - ok
14:08:13.0631 0x0fa8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
14:08:13.0709 0x0fa8 seclogon - ok
14:08:13.0725 0x0fa8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\system32\sens.dll
14:08:13.0756 0x0fa8 SENS - ok
14:08:13.0787 0x0fa8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
14:08:13.0834 0x0fa8 SensrSvc - ok
14:08:13.0849 0x0fa8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
14:08:13.0896 0x0fa8 Serenum - ok
14:08:13.0912 0x0fa8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
14:08:13.0959 0x0fa8 Serial - ok
14:08:13.0974 0x0fa8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
14:08:14.0021 0x0fa8 sermouse - ok
14:08:14.0083 0x0fa8 [ 3AC7C8B48C1F10ECA73598124914B64F, 1C8FDCFB1E8D8E7272F5B3ECD072622A2E283755AC0CAC97533F072CA6B3E994 ] ServiceControl_RTE23_3S_GmbH C:\Program Files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe
14:08:14.0115 0x0fa8 ServiceControl_RTE23_3S_GmbH - detected UnsignedFile.Multi.Generic ( 1 )
14:08:16.0616 0x0fa8 ServiceControl_RTE23_3S_GmbH ( UnsignedFile.Multi.Generic ) - warning
14:08:16.0616 0x0fa8 Force sending object to P2P due to detect: ServiceControl_RTE23_3S_GmbH
14:08:19.0408 0x0fa8 Object send P2P result: true
14:08:21.0925 0x0fa8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
14:08:21.0971 0x0fa8 SessionEnv - ok
14:08:21.0971 0x0fa8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
14:08:22.0003 0x0fa8 sffdisk - ok
14:08:22.0003 0x0fa8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
14:08:22.0034 0x0fa8 sffp_mmc - ok
14:08:22.0049 0x0fa8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
14:08:22.0065 0x0fa8 sffp_sd - ok
14:08:22.0081 0x0fa8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
14:08:22.0096 0x0fa8 sfloppy - ok
14:08:22.0159 0x0fa8 [ 2FE1CD3AA602414841DB10AD96C95A5E, 1A2489DF37C13B578E69AA0D3D5DB3627C77750C45D78BB2872E29DD10253326 ] SGDrv C:\windows\system32\DRIVERS\SGdrv64.sys
14:08:22.0190 0x0fa8 SGDrv - ok
14:08:22.0252 0x0fa8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
14:08:22.0315 0x0fa8 SharedAccess - ok
14:08:22.0346 0x0fa8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
14:08:22.0393 0x0fa8 ShellHWDetection - ok
14:08:22.0455 0x0fa8 [ 8C61B219882C9C9ECA09BEDB82B0DDB1, 711681040D9CD93D603F55AB8D62371F5D51917C14818F27859E23E2D60EB18F ] silabenm C:\windows\system32\DRIVERS\silabenm.sys
14:08:22.0486 0x0fa8 silabenm - ok
14:08:22.0517 0x0fa8 [ 2641655FAD6C1EA0F3677978E2BF28C1, E703CE74D09E901BF531589E181DCF95B9C63E09FE1B99E38DEA9EE47EE458BA ] silabser C:\windows\system32\DRIVERS\silabser.sys
14:08:22.0564 0x0fa8 silabser - ok
14:08:22.0595 0x0fa8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
14:08:22.0611 0x0fa8 SiSRaid2 - ok
14:08:22.0642 0x0fa8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
14:08:22.0673 0x0fa8 SiSRaid4 - ok
14:08:22.0767 0x0fa8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:08:22.0798 0x0fa8 SkypeUpdate - ok
14:08:22.0829 0x0fa8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
14:08:22.0892 0x0fa8 Smb - ok
14:08:22.0939 0x0fa8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
14:08:22.0970 0x0fa8 SNMPTRAP - ok
14:08:23.0001 0x0fa8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
14:08:23.0017 0x0fa8 spldr - ok
14:08:23.0079 0x0fa8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
14:08:23.0110 0x0fa8 Spooler - ok
14:08:23.0251 0x0fa8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
14:08:23.0375 0x0fa8 sppsvc - ok
14:08:23.0391 0x0fa8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
14:08:23.0438 0x0fa8 sppuinotify - ok
14:08:23.0485 0x0fa8 [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:08:23.0516 0x0fa8 SQLWriter - ok
14:08:23.0578 0x0fa8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
14:08:23.0641 0x0fa8 srv - ok
14:08:23.0672 0x0fa8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
14:08:23.0765 0x0fa8 srv2 - ok
14:08:23.0781 0x0fa8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
14:08:23.0828 0x0fa8 srvnet - ok
14:08:23.0875 0x0fa8 [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus C:\windows\system32\DRIVERS\ssadbus.sys
14:08:23.0921 0x0fa8 ssadbus - ok
14:08:23.0968 0x0fa8 [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl C:\windows\system32\DRIVERS\ssadmdfl.sys
14:08:24.0031 0x0fa8 ssadmdfl - ok
14:08:24.0077 0x0fa8 [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm C:\windows\system32\DRIVERS\ssadmdm.sys
14:08:24.0124 0x0fa8 ssadmdm - ok
14:08:24.0155 0x0fa8 [ D33D1BD3EC0E766211A234F56A12726D, 53EEAA94865554F8422D111D717B548DF553B5B8647D2A45F3718BF4AEEBEC27 ] ssadserd C:\windows\system32\DRIVERS\ssadserd.sys
14:08:24.0202 0x0fa8 ssadserd - ok
14:08:24.0265 0x0fa8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
14:08:24.0327 0x0fa8 SSDPSRV - ok
14:08:24.0343 0x0fa8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
14:08:24.0389 0x0fa8 SstpSvc - ok
14:08:24.0452 0x0fa8 [ AAF6F247F1DC370C593B4430974EAD9C, 232D0D62EC83A5537ADB28B5DC01074BA812FE6C70C54F70CD7A5EF1BC19D3E1 ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
14:08:24.0467 0x0fa8 ssudmdm - ok
14:08:24.0514 0x0fa8 StarOpen - ok
14:08:24.0608 0x0fa8 [ 5FFDA96330357A914A69D79BE1988A38, E2A03A8D108C210B1111E2466E3DD381F0FA440B95B5013DC728EAD9CFE448AF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:08:24.0655 0x0fa8 Steam Client Service - ok
14:08:24.0686 0x0fa8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
14:08:24.0701 0x0fa8 stexstor - ok
14:08:24.0748 0x0fa8 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
14:08:24.0779 0x0fa8 StillCam - ok
14:08:24.0826 0x0fa8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
14:08:24.0904 0x0fa8 stisvc - ok
14:08:24.0920 0x0fa8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\DRIVERS\swenum.sys
14:08:24.0935 0x0fa8 swenum - ok
14:08:24.0982 0x0fa8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
14:08:25.0060 0x0fa8 swprv - ok
14:08:25.0091 0x0fa8 [ 7E488378004FF5F9DCD1711522B1241A, 5A5BF12C6650E7CAFA4892A6961D2E09AC33CE2920EDB0730143D0ADCDBFC0FC ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
14:08:25.0123 0x0fa8 SynTP - ok
14:08:25.0201 0x0fa8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
14:08:25.0294 0x0fa8 SysMain - ok
14:08:25.0325 0x0fa8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
14:08:25.0357 0x0fa8 TabletInputService - ok
14:08:25.0372 0x0fa8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
14:08:25.0435 0x0fa8 TapiSrv - ok
14:08:25.0450 0x0fa8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
14:08:25.0497 0x0fa8 TBS - ok
14:08:25.0606 0x0fa8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
14:08:25.0669 0x0fa8 Tcpip - ok
14:08:25.0762 0x0fa8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
14:08:25.0809 0x0fa8 TCPIP6 - ok
14:08:25.0840 0x0fa8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
14:08:25.0887 0x0fa8 tcpipreg - ok
14:08:25.0918 0x0fa8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
14:08:25.0949 0x0fa8 TDPIPE - ok
14:08:25.0981 0x0fa8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
14:08:26.0012 0x0fa8 TDTCP - ok
14:08:26.0059 0x0fa8 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
14:08:26.0105 0x0fa8 tdx - ok
14:08:26.0667 0x0fa8 [ 758B320E709CBF1D0C34A18390EEE6E8, E90EEC1C65958873FA7327307184D5155C94D50C59D9869A9EA5834E8CADE4CD ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:08:27.0151 0x0fa8 TeamViewer - ok
14:08:27.0213 0x0fa8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\DRIVERS\termdd.sys
14:08:27.0229 0x0fa8 TermDD - ok
14:08:27.0322 0x0fa8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
14:08:27.0385 0x0fa8 TermService - ok
14:08:27.0416 0x0fa8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
14:08:27.0447 0x0fa8 Themes - ok
14:08:27.0478 0x0fa8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
14:08:27.0525 0x0fa8 THREADORDER - ok
14:08:27.0541 0x0fa8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
14:08:27.0587 0x0fa8 TrkWks - ok
14:08:27.0634 0x0fa8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
14:08:27.0697 0x0fa8 TrustedInstaller - ok
14:08:27.0759 0x0fa8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
14:08:27.0806 0x0fa8 tssecsrv - ok
14:08:27.0868 0x0fa8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
14:08:27.0899 0x0fa8 TsUsbFlt - ok
14:08:27.0931 0x0fa8 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
14:08:27.0962 0x0fa8 TsUsbGD - ok
14:08:28.0040 0x0fa8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
14:08:28.0133 0x0fa8 tunnel - ok
14:08:28.0180 0x0fa8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
14:08:28.0196 0x0fa8 uagp35 - ok
14:08:28.0243 0x0fa8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
14:08:28.0352 0x0fa8 udfs - ok
14:08:28.0367 0x0fa8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
14:08:28.0399 0x0fa8 UI0Detect - ok
14:08:28.0430 0x0fa8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
14:08:28.0461 0x0fa8 uliagpkx - ok
14:08:28.0492 0x0fa8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
14:08:28.0523 0x0fa8 umbus - ok
14:08:28.0555 0x0fa8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
14:08:28.0601 0x0fa8 UmPass - ok
14:08:28.0711 0x0fa8 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:08:28.0742 0x0fa8 UNS - ok
14:08:28.0789 0x0fa8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
14:08:28.0851 0x0fa8 upnphost - ok
14:08:28.0898 0x0fa8 [ 8047D8AFA070A4C3B9FCBDBF77A84C45, D8B47716EE57391E3B9CBE3B35FF1F933F08E40B1C8C12EB5BE2438D9E409FF0 ] usb3Hub C:\windows\system32\DRIVERS\usb3Hub.sys
14:08:28.0913 0x0fa8 usb3Hub - ok
14:08:28.0976 0x0fa8 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
14:08:28.0991 0x0fa8 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
14:08:31.0628 0x0fa8 Detect skipped due to KSN trusted
14:08:31.0628 0x0fa8 USBAAPL64 - ok
14:08:31.0690 0x0fa8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
14:08:31.0737 0x0fa8 usbccgp - ok
14:08:31.0768 0x0fa8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
14:08:31.0784 0x0fa8 usbcir - ok
14:08:31.0831 0x0fa8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys
14:08:31.0862 0x0fa8 usbehci - ok
14:08:31.0893 0x0fa8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
14:08:31.0924 0x0fa8 usbhub - ok
14:08:31.0971 0x0fa8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
14:08:32.0018 0x0fa8 usbohci - ok
14:08:32.0049 0x0fa8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
14:08:32.0096 0x0fa8 usbprint - ok
14:08:32.0127 0x0fa8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
14:08:32.0174 0x0fa8 usbscan - ok
14:08:32.0205 0x0fa8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
14:08:32.0252 0x0fa8 USBSTOR - ok
14:08:32.0299 0x0fa8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
14:08:32.0330 0x0fa8 usbuhci - ok
14:08:32.0377 0x0fa8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
14:08:32.0423 0x0fa8 usbvideo - ok
14:08:32.0439 0x0fa8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
14:08:32.0517 0x0fa8 UxSms - ok
14:08:32.0533 0x0fa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\windows\system32\lsass.exe
14:08:32.0564 0x0fa8 VaultSvc - ok
14:08:32.0798 0x0fa8 [ 2D8A86BE49A1AD9D05678A2A10F64CE7, 771B5882267B593A1E389DB26F21C3F790D534C8C98FD4A8F043978EA6E09CD6 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
14:08:32.0829 0x0fa8 VBoxAswDrv - ok
14:08:32.0876 0x0fa8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
14:08:32.0891 0x0fa8 vdrvroot - ok
14:08:32.0938 0x0fa8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
14:08:33.0016 0x0fa8 vds - ok
14:08:33.0032 0x0fa8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
14:08:33.0047 0x0fa8 vga - ok
14:08:33.0063 0x0fa8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
14:08:33.0125 0x0fa8 VgaSave - ok
14:08:33.0157 0x0fa8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
14:08:33.0172 0x0fa8 vhdmp - ok
14:08:33.0203 0x0fa8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
14:08:33.0219 0x0fa8 viaide - ok
14:08:33.0250 0x0fa8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
14:08:33.0266 0x0fa8 volmgr - ok
14:08:33.0297 0x0fa8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
14:08:33.0328 0x0fa8 volmgrx - ok
14:08:33.0391 0x0fa8 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\windows\system32\drivers\volsnap.sys
14:08:33.0422 0x0fa8 volsnap - ok
14:08:33.0453 0x0fa8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
14:08:33.0484 0x0fa8 vsmraid - ok
14:08:33.0583 0x0fa8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
14:08:33.0676 0x0fa8 VSS - ok
14:08:33.0708 0x0fa8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
14:08:33.0739 0x0fa8 vwifibus - ok
14:08:33.0801 0x0fa8 [ 13A0DECD1794DE60A8427862C8669D27, 4024AF9F2F052BC80C85F5B9A671499C20AF38838206CC649E6EFE37C380D3BF ] VWiFiFlt C:\windows\system32\DRIVERS\vwififlt.sys
14:08:33.0848 0x0fa8 VWiFiFlt - ok
14:08:33.0895 0x0fa8 [ 49003B357D101CDC474937437ECF5ABC, D3EC570D616DC39FE6BF02DA1CD6C30CD07C27CC5B4B6FD6DACB5D8A4F1596A6 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
14:08:33.0942 0x0fa8 vwifimp - ok
14:08:33.0988 0x0fa8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
14:08:34.0082 0x0fa8 W32Time - ok
14:08:34.0191 0x0fa8 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\windows\system32\inetsrv\iisw3adm.dll
14:08:34.0254 0x0fa8 W3SVC - ok
14:08:34.0285 0x0fa8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
14:08:34.0332 0x0fa8 WacomPen - ok
14:08:34.0378 0x0fa8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
14:08:34.0441 0x0fa8 WANARP - ok
14:08:34.0456 0x0fa8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
14:08:34.0488 0x0fa8 Wanarpv6 - ok
14:08:34.0581 0x0fa8 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\windows\system32\inetsrv\iisw3adm.dll
14:08:34.0612 0x0fa8 WAS - ok
14:08:34.0675 0x0fa8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
14:08:34.0737 0x0fa8 wbengine - ok
14:08:34.0753 0x0fa8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
14:08:34.0800 0x0fa8 WbioSrvc - ok
14:08:34.0815 0x0fa8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
14:08:34.0846 0x0fa8 wcncsvc - ok
14:08:34.0862 0x0fa8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
14:08:34.0878 0x0fa8 WcsPlugInService - ok
14:08:34.0924 0x0fa8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
14:08:34.0940 0x0fa8 Wd - ok
14:08:34.0971 0x0fa8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
14:08:35.0018 0x0fa8 Wdf01000 - ok
14:08:35.0034 0x0fa8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
14:08:35.0065 0x0fa8 WdiServiceHost - ok
14:08:35.0065 0x0fa8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
14:08:35.0096 0x0fa8 WdiSystemHost - ok
14:08:35.0127 0x0fa8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
14:08:35.0174 0x0fa8 WebClient - ok
14:08:35.0205 0x0fa8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
14:08:35.0268 0x0fa8 Wecsvc - ok
14:08:35.0299 0x0fa8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
14:08:35.0330 0x0fa8 wercplsupport - ok
14:08:35.0361 0x0fa8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
14:08:35.0408 0x0fa8 WerSvc - ok
14:08:35.0424 0x0fa8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
14:08:35.0455 0x0fa8 WfpLwf - ok
14:08:35.0470 0x0fa8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
14:08:35.0486 0x0fa8 WIMMount - ok
14:08:35.0517 0x0fa8 WinDefend - ok
14:08:35.0533 0x0fa8 WinHttpAutoProxySvc - ok
14:08:35.0595 0x0fa8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
14:08:35.0673 0x0fa8 Winmgmt - ok
14:08:35.0782 0x0fa8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
14:08:35.0860 0x0fa8 WinRM - ok
14:08:35.0938 0x0fa8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
14:08:35.0985 0x0fa8 WinUsb - ok
14:08:36.0048 0x0fa8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
14:08:36.0126 0x0fa8 Wlansvc - ok
14:08:36.0204 0x0fa8 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:08:36.0219 0x0fa8 wlcrasvc - ok
14:08:36.0406 0x0fa8 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:08:36.0500 0x0fa8 wlidsvc - ok
14:08:36.0531 0x0fa8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
14:08:36.0547 0x0fa8 WmiAcpi - ok
14:08:36.0562 0x0fa8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
14:08:36.0594 0x0fa8 wmiApSrv - ok
14:08:36.0625 0x0fa8 WMPNetworkSvc - ok
14:08:36.0656 0x0fa8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
14:08:36.0672 0x0fa8 WPCSvc - ok
14:08:36.0703 0x0fa8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
14:08:36.0734 0x0fa8 WPDBusEnum - ok
14:08:36.0765 0x0fa8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
14:08:36.0828 0x0fa8 ws2ifsl - ok
14:08:36.0859 0x0fa8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\system32\wscsvc.dll
14:08:36.0937 0x0fa8 wscsvc - ok
14:08:36.0937 0x0fa8 WSearch - ok
14:08:37.0077 0x0fa8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\windows\system32\wuaueng.dll
14:08:37.0140 0x0fa8 wuauserv - ok
14:08:37.0186 0x0fa8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
14:08:37.0218 0x0fa8 WudfPf - ok
14:08:37.0249 0x0fa8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
14:08:37.0296 0x0fa8 WUDFRd - ok
14:08:37.0327 0x0fa8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
14:08:37.0374 0x0fa8 wudfsvc - ok
14:08:37.0420 0x0fa8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
14:08:37.0467 0x0fa8 WwanSvc - ok
14:08:37.0514 0x0fa8 [ 24E57041608ED6A9D7FDAD0D9EC214E2, 895A16072F5EFFF57A7DCA21917540726BF816A2746EC47A066AAD363F69E5D7 ] XHCIPort C:\windows\system32\DRIVERS\XHCIPort.sys
14:08:37.0545 0x0fa8 XHCIPort - ok
14:08:37.0608 0x0fa8 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
14:08:37.0654 0x0fa8 xusb21 - ok
14:08:37.0857 0x0fa8 [ 903FFC88097C1E83E2F1A90093B5A96F, DBDD3CECB6CFF054EBF13859354099F1B805557C60CCE00D44486CAEFB5DCB43 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
14:08:37.0951 0x0fa8 ZeroConfigService - ok
14:08:38.0013 0x0fa8 ================ Scan global ===============================
14:08:38.0044 0x0fa8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
14:08:38.0091 0x0fa8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
14:08:38.0107 0x0fa8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
14:08:38.0154 0x0fa8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
14:08:38.0185 0x0fa8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
14:08:38.0200 0x0fa8 [ Global ] - ok
14:08:38.0200 0x0fa8 ================ Scan MBR ==================================
14:08:38.0216 0x0fa8 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
14:08:38.0590 0x0fa8 \Device\Harddisk0\DR0 - ok
14:08:38.0590 0x0fa8 ================ Scan VBR ==================================
14:08:38.0590 0x0fa8 [ 19003AA414E7B47AA06AF4A5C1D6BDC8 ] \Device\Harddisk0\DR0\Partition1
14:08:38.0637 0x0fa8 \Device\Harddisk0\DR0\Partition1 - ok
14:08:38.0637 0x0fa8 [ D2F38A16034B907E4966BCCD8CF380DA ] \Device\Harddisk0\DR0\Partition2
14:08:38.0684 0x0fa8 \Device\Harddisk0\DR0\Partition2 - ok
14:08:38.0684 0x0fa8 ================ Scan generic autorun ======================
14:08:38.0684 0x0fa8 BTMTrayAgent - ok
14:08:39.0012 0x0fa8 [ 799450710D1B09FAF0D220B4DA3BF431, EE77DE14BC91D9A26D08AF4507071BB13F9D7F835AE6616B7D313F4FAF877793 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
14:08:39.0136 0x0fa8 AvastUI.exe - ok
14:08:39.0230 0x0fa8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:08:39.0277 0x0fa8 Sidebar - ok
14:08:39.0308 0x0fa8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:08:39.0339 0x0fa8 mctadmin - ok
14:08:40.0082 0x0fa8 [ FB5B78A3DE88FD3B725DA574497BC225, 0096C3ED0E29153E6A9E84C121B79A170FEDFE521AEA1BC602BC536E1795E5F3 ] C:\Program Files\CCleaner\CCleaner64.exe
14:08:40.0253 0x0fa8 CCleaner Monitoring - ok
14:08:40.0316 0x0fa8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:08:40.0347 0x0fa8 Sidebar - ok
14:08:40.0363 0x0fa8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:08:40.0378 0x0fa8 mctadmin - ok
14:08:40.0519 0x0fa8 uTorrent - ok
14:08:40.0581 0x0fa8 Spotify Web Helper - ok
14:08:40.0581 0x0fa8 Waiting for KSN requests completion. In queue: 138
14:08:41.0584 0x0fa8 Waiting for KSN requests completion. In queue: 138
14:08:42.0598 0x0fa8 Waiting for KSN requests completion. In queue: 138
14:08:43.0690 0x0fa8 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x41000 ( enabled : updated )
14:08:43.0722 0x0fa8 Win FW state via NFP2: enabled ( trusted )
14:08:46.0223 0x0fa8 ============================================================
14:08:46.0223 0x0fa8 Scan finished
14:08:46.0223 0x0fa8 ============================================================
14:08:46.0223 0x1768 Detected object count: 3
14:08:46.0223 0x1768 Actual detected object count: 3
14:09:52.0271 0x1768 ENI Server ( UnsignedFile.Multi.Generic ) - skipped by user
14:09:52.0271 0x1768 ENI Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:09:52.0271 0x1768 RTService ( UnsignedFile.Multi.Generic ) - skipped by user
14:09:52.0271 0x1768 RTService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:09:52.0271 0x1768 ServiceControl_RTE23_3S_GmbH ( UnsignedFile.Multi.Generic ) - skipped by user
14:09:52.0271 0x1768 ServiceControl_RTE23_3S_GmbH ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:10:03.0027 0x1a54 Deinitialize success
|
|
24.09.2015, 20:48
| #8 |
| /// the machine /// TB-Ausbilder | Notebook braucht 15 min zum hochfahren hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.09.2015, 09:21
| #9 |
| | Notebook braucht 15 min zum hochfahren ComboFix: Code:
ATTFilter ComboFix 15-09-21.01 - Eugen 25.09.2015 9:41.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8089.6357 [GMT 2:00]
ausgeführt von:: c:\users\Eugen\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Roaming
c:\users\Eugen\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-08-25 bis 2015-09-25 ))))))))))))))))))))))))))))))
.
.
2015-09-25 07:59 . 2015-09-25 07:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-09-25 07:59 . 2015-09-25 07:59 -------- d-----w- c:\users\UpdatusUser.Eugen-PC\AppData\Local\temp
2015-09-25 07:59 . 2015-09-25 07:59 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-09-25 07:59 . 2015-09-25 07:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-09-25 07:59 . 2015-09-25 07:59 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2015-09-24 15:49 . 2015-09-24 15:49 -------- d-----w- C:\a2bc45f176124b184621ac
2015-09-24 15:48 . 2015-09-24 15:48 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-09-24 15:48 . 2015-09-24 15:48 -------- d-----r- c:\program files (x86)\Skype
2015-09-24 11:24 . 2015-09-24 12:04 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-09-23 16:52 . 2015-02-18 07:06 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2015-09-23 16:52 . 2015-02-18 07:04 142336 ----a-w- c:\windows\system32\poqexec.exe
2015-09-23 16:52 . 2015-04-11 03:19 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-09-23 16:51 . 2015-06-25 10:06 115136 ----a-w- c:\windows\system32\consent.exe
2015-09-23 16:51 . 2015-06-25 10:01 1941504 ----a-w- c:\windows\system32\authui.dll
2015-09-23 16:51 . 2015-06-25 10:01 70656 ----a-w- c:\windows\system32\appinfo.dll
2015-09-23 16:51 . 2015-06-25 09:44 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2015-09-23 16:51 . 2015-06-15 21:45 3242496 ----a-w- c:\windows\system32\msi.dll
2015-09-23 16:51 . 2015-06-15 21:43 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2015-09-23 16:51 . 2015-06-15 21:45 504320 ----a-w- c:\windows\system32\msihnd.dll
2015-09-23 16:51 . 2015-06-15 21:44 128000 ----a-w- c:\windows\system32\msiexec.exe
2015-09-23 16:51 . 2015-06-15 21:43 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2015-09-23 16:51 . 2015-06-15 21:42 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2015-09-23 16:51 . 2015-06-15 21:42 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-09-23 16:51 . 2015-06-15 21:37 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
2015-09-23 16:48 . 2015-08-26 18:07 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-09-23 16:00 . 2015-09-23 16:01 -------- d-----w- c:\program files\CCleaner
2015-09-23 15:52 . 2015-07-23 00:06 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-09-23 15:51 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-09-23 15:51 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-09-23 15:51 . 2015-07-09 17:57 193536 ----a-w- c:\windows\system32\notepad.exe
2015-09-23 15:51 . 2015-07-09 17:57 193536 ----a-w- c:\windows\notepad.exe
2015-09-23 15:51 . 2015-07-09 17:42 179712 ----a-w- c:\windows\SysWow64\notepad.exe
2015-09-23 13:03 . 2015-09-23 13:03 -------- d-----w- c:\users\Eugen\AppData\Local\Steam
2015-09-23 11:15 . 2015-09-23 11:15 -------- d-----w- c:\programdata\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-09-23 11:15 . 2015-09-23 11:15 -------- d-----w- c:\program files (x86)\Common Files\IObit
2015-09-23 11:11 . 2015-09-23 11:11 -------- d-----w- c:\users\Eugen\AppData\Roaming\ProductData
2015-09-23 11:11 . 2015-09-23 11:15 -------- d-----w- c:\programdata\ProductData
2015-09-23 11:11 . 2015-09-23 11:15 -------- d-----w- c:\programdata\IObit
2015-09-23 11:10 . 2015-09-23 15:07 -------- d-----w- c:\program files (x86)\IObit
2015-09-23 11:10 . 2015-09-23 11:30 -------- d-----w- c:\users\Eugen\AppData\Roaming\IObit
2015-09-14 18:21 . 2015-09-14 18:21 -------- d-----w- c:\windows\SysWow64\config\systemprofile\.oracle_jre_usage
2015-09-13 14:44 . 2015-09-13 14:44 -------- d-----w- c:\users\Eugen\AppData\Roaming\Premium
2015-09-13 01:26 . 2015-09-13 01:26 -------- d-----w- c:\users\Eugen\AppData\Local\YSearchUtil
2015-09-13 01:21 . 2015-09-13 01:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-09-13 01:17 . 2015-09-13 01:17 -------- d-----w- c:\users\Eugen\.oracle_jre_usage
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-24 13:45 . 2015-09-24 13:45 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5187A41A-23AA-44F6-B565-A6ADF095F43D}\offreg.2124.dll
2015-09-24 11:24 . 2014-06-09 12:36 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-09-24 11:23 . 2014-06-09 12:35 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-09-21 19:15 . 2013-12-11 09:23 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-09-21 19:15 . 2013-12-11 09:23 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-09-16 03:43 . 2015-09-24 13:39 11062400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5187A41A-23AA-44F6-B565-A6ADF095F43D}\mpengine.dll
2015-09-13 01:14 . 2014-11-17 12:24 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-07-22 17:53 . 2015-09-23 15:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-07-21 19:12 . 2014-04-10 05:10 150160 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-07-21 19:12 . 2013-10-23 13:30 274808 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-07-21 19:12 . 2013-10-23 13:30 447944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-07-21 19:12 . 2013-10-23 13:30 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-07-21 19:12 . 2013-10-23 13:30 90968 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-07-21 19:12 . 2015-07-21 19:12 378880 ----a-w- c:\windows\system32\aswBoot.exe
2015-07-21 19:12 . 2014-05-28 08:50 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-07-21 19:12 . 2013-10-23 13:30 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-07-21 19:10 . 2015-07-21 19:10 43112 ----a-w- c:\windows\avastSS.scr
2015-07-21 19:08 . 2013-10-23 13:30 1048856 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-07-21 19:07 . 2015-07-21 19:13 115152 ----a-w- c:\windows\system32\drivers\ngvss.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-08-19 8455960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-07-21 6109776]
.
c:\users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Eugen\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-9-13 39175960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
R2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 3SRTE;RTE 3S System Driver; [x]
R3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 h647906;DragonRise H647906 AMD64 Driver;c:\windows\system32\drivers\h647906.sys;c:\windows\SYSNATIVE\drivers\h647906.sys [x]
R3 h648101;DragonRise H648101 AMD64 Driver;c:\windows\system32\drivers\h648101.sys;c:\windows\SYSNATIVE\drivers\h648101.sys [x]
R3 h648103;DragonRise H648103 AMD64 Driver;c:\windows\system32\drivers\h648103.sys;c:\windows\SYSNATIVE\drivers\h648103.sys [x]
R3 hid7906;hid7906;c:\windows\system32\drivers\hid7906.sys;c:\windows\SYSNATIVE\drivers\hid7906.sys [x]
R3 hid8101;hid8101;c:\windows\system32\drivers\hid8101.sys;c:\windows\SYSNATIVE\drivers\hid8101.sys [x]
R3 hid8103;hid8103;c:\windows\system32\drivers\hid8103.sys;c:\windows\SYSNATIVE\drivers\hid8103.sys [x]
R3 ibpcimpm;ibpcimpm; [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R3 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R3 iprip;RIP-Überwachung;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTIOdrvAPIC;RTIOdrvAPIC; [x]
R3 RTIOdrvApplicom;RTIOdrvApplicom; [x]
R3 RTIOdrvAutomata;RTIOdrvAutomata; [x]
R3 RTIOdrvCifX;RTIOdrvCifX; [x]
R3 RTIOdrvCP5613;RTIOdrvCP5613; [x]
R3 RTIOdrvDAMP;RTIOdrvDAMP; [x]
R3 RTIOdrvFC310x;RTIOdrvFC310x; [x]
R3 RTIOdrvHilscherDPM;RTIOdrvHilscherDPM; [x]
R3 RTIOdrvHMS;RTIOdrvHMS; [x]
R3 RTIOdrvKuhnkePBM;RTIOdrvKuhnkePBM; [x]
R3 RTIOdrvSJA;RTIOdrvSJA; [x]
R3 SBIOSIO;SBIOSIO;c:\users\Eugen\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys;c:\users\Eugen\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
R4 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R4 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R4 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R4 ENI Server;ENI Server;c:\program files (x86)\3S Software\CoDeSys ENI Server\ENI.exe;c:\program files (x86)\3S Software\CoDeSys ENI Server\ENI.exe [x]
R4 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
R4 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [x]
R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe;c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [x]
R4 nimDNSResponder;NI mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [x]
R4 NISystemWebServer;NI System Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe;c:\program files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [x]
R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R4 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R4 RTService;RT Service 3S KM;c:\program files (x86)\3S Software\CoDeSys SP RTE\RTService.exe;c:\program files (x86)\3S Software\CoDeSys SP RTE\RTService.exe [x]
R4 ServiceControl_RTE23_3S_GmbH;ServiceControl_RTE23_3S_GmbH;c:\program files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe;c:\program files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 ngvss;ngvss; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver;c:\windows\system32\drivers\VSPE.sys;c:\windows\SYSNATIVE\drivers\VSPE.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;c:\program files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe;c:\program files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [x]
S2 SGDrv;SGDrv;c:\windows\system32\DRIVERS\SGdrv64.sys;c:\windows\SYSNATIVE\DRIVERS\SGdrv64.sys [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\system32\DRIVERS\usb3Hub.sys;c:\windows\SYSNATIVE\DRIVERS\usb3Hub.sys [x]
S3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\system32\DRIVERS\XHCIPort.sys;c:\windows\SYSNATIVE\DRIVERS\XHCIPort.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2015-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 19:15]
.
2015-09-24 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job
- c:\users\Eugen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-24 16:55]
.
2015-09-25 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job
- c:\users\Eugen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-24 16:55]
.
2015-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-31 01:12]
.
2015-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-31 01:12]
.
2015-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job
- c:\users\Eugen\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-09 01:13]
.
2015-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job
- c:\users\Eugen\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-09 01:13]
.
2015-09-25 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 04:41]
.
2015-09-24 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 04:41]
.
2015-09-25 c:\windows\Tasks\MATLAB R2012a Startup Accelerator.job
- c:\program files\MATLAB\R2012a\bin\win64\MATLABStartupAccelerator.exe [2015-01-05 01:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2015-08-24 12:11 2472224 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-07-29 07:23 775496 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-07-29 07:23 775496 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-07-29 07:23 775496 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-21 19:12 777544 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-02-21 11406608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
mDefault_Page_URL = about:blank
mDefault_Search_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\Eugen\AppData\Local\Temp\ie_script.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{11111111-1111-1111-1111-110611081104} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Free YouTube to MP3 Converter_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AA609D72-8482-4076-8991-8CDAE5B93BCB}"=hex:51,66,7a,6c,4c,1d,38,12,1c,9e,73,
ae,b0,ca,18,05,f6,87,cf,9a,e0,e7,7f,df
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}"=hex:51,66,7a,6c,4c,1d,38,12,27,28,80,
ea,f2,9b,77,08,dc,cc,8d,48,4c,7b,c9,f2
.
[HKEY_USERS\S-1-5-21-1236569144-611998795-838250545-1001\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\DirectInput\VID_0810&PID_0001\Calibration\1\Type\Axes]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
c:\program files (x86)\Samsung\Easy Settings\dmhkcore.exe
c:\program files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
c:\program files (x86)\Samsung\Easy Settings\SmartSetting.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
c:\program files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-09-25 10:17:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-09-25 08:17
ComboFix2.txt 2014-06-05 18:04
ComboFix3.txt 2013-06-14 17:58
.
Vor Suchlauf: 34 Verzeichnis(se), 649.990.619.136 Bytes frei
Nach Suchlauf: 37 Verzeichnis(se), 670.116.118.528 Bytes frei
.
- - End Of File - - 3D9C696D0C773B568EB085302F21AD9B
|
|
25.09.2015, 18:20
| #10 |
| /// the machine /// TB-Ausbilder | Notebook braucht 15 min zum hochfahren Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.09.2015, 13:01
| #11 |
| | Notebook braucht 15 min zum hochfahren mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 28.09.2015 Suchlaufzeit: 12:26 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.28.02 Rootkit-Datenbank: v2015.09.22.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Eugen Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 530555 Abgelaufene Zeit: 33 Min., 44 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 82 PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{682F447F-3BF1-4B70-A370-742E24629AEB}, In Quarantäne, [e062ca6b216ac37389bdcdcdc73da15f], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{697FE81A-7663-4A59-94AA-DF4A5DC765F4}, In Quarantäne, [6dd54aeb860551e59ea95842fc0825db], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0D526A3-9EA2-4694-BD5F-9FF7D5E3C338}, In Quarantäne, [073b79bc4f3c132385c0e0baf0143ec2], PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunAsStandardUser10EC8BD803824DEA847D1B5203881374, Löschen bei Neustart, [98aab97c107b44f295ada2130103659b], PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnceF6B15EA0219147D99C50D27C94509156, Löschen bei Neustart, [54ee5bdabccf85b1d17162531be9c53b], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{682F447F-3BF1-4B70-A370-742E24629AEB}, In Quarantäne, [ae9400357d0e4aecc97d237758ac8779], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{697FE81A-7663-4A59-94AA-DF4A5DC765F4}, In Quarantäne, [49f9b87d6b206acc6ed9415991736e92], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0D526A3-9EA2-4694-BD5F-9FF7D5E3C338}, In Quarantäne, [68da8baa800be94d81c44852fa0a6d93], PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [dc667cb96c1f4aec070012b381837e82], PUP.Optional.RadioCanyon, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Radio Canyon, In Quarantäne, [85bd59dcf398e05683c18c2e2cd8867a], PUP.Optional.SuperOptimizer, HKU\S-1-5-19\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [b2900f26f69549ed2ddac8fd48bc1ce4], PUP.Optional.SuperOptimizer, HKU\S-1-5-20\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [b2900c29b6d595a187808d38ce367987], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{130CF00C-F51D-431F-A662-826ED3E8C89E}, In Quarantäne, [86bc1025d6b5cc6a4fd68e0c32d2a15f], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1AAF94FA-F68A-4543-B6F8-4EBE26A21F74}, In Quarantäne, [a59d072e9bf0989ee1446e2c30d4b14f], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1B254165-9881-44D0-8EA4-65CA3BA6A5C5}, In Quarantäne, [d56d7fb6612aad8976ae15850301f60a], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1CAB609C-8073-49FC-B610-476083AB7E33}, In Quarantäne, [96accb6a1e6db68003225842ec18d729], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D5CD374-D63C-4D8D-BB32-58119E5DA9F4}, In Quarantäne, [4df56ec798f379bdb66f069448bcaf51], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2928CE6F-8C66-499C-9367-48CE76B042A6}, In Quarantäne, [b2905ed79eedc96df72d18826f9532ce], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3463ACF5-B31A-41D0-894F-FF71245D235C}, In Quarantäne, [2c162d085b30092d66bfaeece0241ce4], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35AB8522-74D4-40B6-94A2-5E6A3DD71672}, In Quarantäne, [7dc502338efd67cf0c188515e12349b7], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{404B7938-1306-4B36-97B0-33C5F737B29C}, In Quarantäne, [e85a23123a51d85ee144811942c2b24e], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4393F602-BDE5-42EE-BD7E-B73546F8EAD1}, In Quarantäne, [7dc5f4417912fb3bfe26f6a46b99de22], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{483C4A59-A829-4CF4-9DDA-DE49D835572E}, In Quarantäne, [98aa171e8efda98d35ef44561de745bb], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{49789359-B32C-4266-B7F6-ECFBE7D25E2C}, In Quarantäne, [2f130a2ba9e2c274d54fc4d64fb5847c], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4E819F87-2CF4-4120-8138-26BDAC90B3FF}, In Quarantäne, [7fc39b9ab5d669cda67f8416d52fef11], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4F7138ED-B597-47E4-8619-93626AB64A45}, In Quarantäne, [073b1a1bbdce6acc52d2d0ca1ce80ff1], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{52A840E6-9D43-436A-9598-D0FF526CE5D6}, In Quarantäne, [44fe94a1bfcc4beb69bcd1c922e2f50b], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53BBA211-4E61-4D7C-9ACE-AC15CE2C5AB6}, In Quarantäne, [94aecf662f5c1f17c362603adf25867a], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59D02789-B782-4B90-907D-D47CB9B825A0}, In Quarantäne, [93af89ac93f8b87efc28bcde27dd45bb], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5ECC9579-315B-43C1-8362-93E2D95B3AEE}, In Quarantäne, [52f03401b7d42b0b25ff38621de76a96], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{60C4E046-D0B3-4D88-BB63-E64CDBE61DB7}, In Quarantäne, [063c69ccb7d444f250d4d0ca976de21e], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6135A8C8-3976-4243-BADA-9CA2B3281286}, In Quarantäne, [4bf7d56035568da9cd58d4c64eb6956b], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{682F447F-3BF1-4B70-A370-742E24629AEB}, In Quarantäne, [083ad065a4e7f541eb39cfcb679df20e], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{697FE81A-7663-4A59-94AA-DF4A5DC765F4}, In Quarantäne, [52f089ac781380b682a39ffba26260a0], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F7DD48E-1732-410C-9B25-EF9250B8FFBA}, In Quarantäne, [f1512f06543758def233f2a80ef616ea], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{77D99DEB-72FB-4E05-8DB1-185989A887E7}, In Quarantäne, [172bd164cdbe0c2a65c0aded6b9948b8], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7D599D30-9BF1-4180-BB3D-D5461E22AAAA}, In Quarantäne, [d9690b2ac8c373c367bddbbf8282e51b], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EBB1027-3139-4320-BA2D-50EAAD5833C2}, In Quarantäne, [5be781b490fb93a3ed386d2da3614fb1], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EE7401A-D945-4CEB-A637-364B1030B921}, In Quarantäne, [231f90a5acdfe35356cf98029f650af6], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{83A03133-8643-4982-AA30-224A56FA5EEC}, In Quarantäne, [053d5ed7eba0bb7bfa2ba7f3f80cb24e], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{854780B9-CF9C-4139-A7E7-6A237FEE4137}, In Quarantäne, [59e9ca6b414a4beb2ef7b8e212f25da3], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86205741-969F-4AF0-9511-2B1768E04354}, In Quarantäne, [e0620e27cdbece689e86a0fafc08a15f], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8E4C6612-94E8-43FE-9689-9481DE231640}, In Quarantäne, [8db555e0fe8d5ed84dd89efc11f310f0], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{902584E4-5943-470C-BD9C-4B94D96F819C}, In Quarantäne, [a89ad75e5536be7866beb4e65fa54eb2], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{90D8C964-4779-4E43-9972-73608F4977E8}, In Quarantäne, [e55d4ee7fb909e9876ae4a50ec18d62a], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{924EC260-82D9-476C-A128-A557B8AFCA4B}, In Quarantäne, [51f1b481e4a79f97f82d881233d102fe], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9285465B-5A9C-4C66-A247-5ABA8043611A}, In Quarantäne, [9ea4bb7a6d1e06304cd977236d97936d], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94629E06-1083-4FA5-A355-32CFB815C959}, In Quarantäne, [7ec44ce96427a78f02238d0d3aca7e82], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94B74F36-167B-406A-B4CC-A58F17DD61E5}, In Quarantäne, [e85a221397f44ee82ef7cecc58acf907], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{983D5356-DF2A-4FBB-BE85-79837C47D537}, In Quarantäne, [69d9a392701b9a9c6abb3169966e58a8], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9D763CBB-47D8-4C38-B278-887413F1FB32}, In Quarantäne, [73cf062f1675ef474adab1e90cf8867a], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E636EC8-168F-420C-8699-7CB4BCFEE086}, In Quarantäne, [cd750e2746456acc1014faa011f3c739], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A101F4AF-FBB5-434E-A099-678AD1494C85}, In Quarantäne, [4af84de8a6e586b02afbc3d77193c53b], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A31A02B2-EBBF-4921-B229-883970FD4B79}, In Quarantäne, [60e243f20c7fad8957ce56440cf8fd03], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A8FBEBBD-7399-4C12-8A60-3DA7F0D8FD58}, In Quarantäne, [e45ee45152391c1a081dc5d5a75dc53b], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A96B6711-17D5-4388-BA8D-6496F150534E}, In Quarantäne, [40024bea6a2194a2ce56c7d3857ff709], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AA736CEC-AFBF-4EFF-A8A3-4FA22E4D204A}, In Quarantäne, [0d351d186f1cfb3ba48067333ec624dc], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC426517-7974-435F-9FA6-19D27EF0FE41}, In Quarantäne, [72d0ae87bdce3ef85acaecaea55f3bc5], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD75B023-2755-4977-A939-96DFB3953077}, In Quarantäne, [e35f171e018a54e2b86d009aa85c20e0], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3545B24-CC69-4F81-A814-3DF72A90B083}, In Quarantäne, [ba881a1b1873fc3aff25a1f9d72db14f], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B5066464-3852-4DB6-A180-C513C664254F}, In Quarantäne, [a2a0181dee9d39fdb2739802ab5938c8], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C142D659-ECAD-436A-9A78-22635BC5E948}, In Quarantäne, [4af87fb60289f54176aeafebd33145bb], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C41C87C8-8972-497F-AE32-E1D66B6B59EA}, In Quarantäne, [92b0e3520a81da5cd74d86142bd960a0], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5EDC71B-C183-48D6-BD36-FB11812EB5B0}, In Quarantäne, [281a40f53c4f51e5978d8f0bca3a4fb1], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C68AA6FD-D138-4B82-9193-40A67FF6C866}, In Quarantäne, [80c243f2f09b9d9958cd306ad33137c9], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C9B46FC8-5EE3-446D-BF10-E8BE7B726B8B}, In Quarantäne, [c181191c57341e1868bcf8a23ec6817f], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0C02537-F754-4CF4-827E-ED75852DAF37}, In Quarantäne, [d072cf665536d26458cd287203017987], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0D526A3-9EA2-4694-BD5F-9FF7D5E3C338}, In Quarantäne, [a2a0092c068575c16bb82278887c847c], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D126A75D-C5D1-42BB-97D5-33294C5742D0}, In Quarantäne, [e55d53e21a71bf77869e8119d4306d93], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D366B1BA-8CA4-40C4-AFA5-10A74F264F6E}, In Quarantäne, [d36f59dcd9b237ff1212eeac60a443bd], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D5890093-1EAE-4103-9FC0-494791CDC85D}, In Quarantäne, [42008aab177476c0be67a3f74fb504fc], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D75A7BBC-55CE-495B-B64A-7DB982B38046}, In Quarantäne, [9aa867ce52393df947dec7d363a1c33d], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D8AABDCF-8CAE-4503-A43E-316D6B18E275}, In Quarantäne, [6bd7cf6667249d99fb29b8e2778d8d73], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DAFE4896-806D-404D-A93E-3CC5A2CC195A}, In Quarantäne, [e85a93a2f794ed49a3810a90956f2cd4], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DB1B8ACD-8DF8-4A2D-9C96-C2E4B4136C1A}, In Quarantäne, [d66c4ee7c0cb3402a67fbcde5aaa07f9], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA072B1C-DD0A-4154-B239-44F39BA9229D}, In Quarantäne, [f94975c0d0bb84b2a4808119af553cc4], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EE62A371-CD1B-4AB5-B92E-54DA8B40CC25}, In Quarantäne, [d86a2312c7c4ce6877adbddd659f13ed], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EEDC5098-9090-481C-BCED-ABB9BA1C813F}, In Quarantäne, [57eb6dc8a9e27db980a5cccef113a45c], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2D25AB3-30CE-409A-B07A-A55BF8847CE6}, In Quarantäne, [ca78df566e1d4cea51d3702adf25619f], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F3F51B37-8326-4E20-9520-98E8519F9FFD}, In Quarantäne, [cf7304315e2d2c0ad94b5149dd27d828], PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FE04A83A-6B13-46C2-BAD3-48EEEE5B6F45}, In Quarantäne, [1b2786afbad173c3eb3ac0da8f75fc04], PUP.Optional.SpeedDial, HKU\S-1-5-21-1236569144-611998795-838250545-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{31090377-0740-419E-BEFC-A56E50500D5B}, In Quarantäne, [41014aebb9d256e0070b0db6b450d62a], Registrierungswerte: 80 PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{682f447f-3bf1-4b70-a370-742e24629aeb}|AppName, Radio Canyon-buttonutil.exe, In Quarantäne, [e062ca6b216ac37389bdcdcdc73da15f] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{697fe81a-7663-4a59-94aa-df4a5dc765f4}|AppName, Radio Canyon-codedownloader.exe, In Quarantäne, [6dd54aeb860551e59ea95842fc0825db] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{d0d526a3-9ea2-4694-bd5f-9ff7d5e3c338}|AppName, Radio Canyon-bg.exe, In Quarantäne, [073b79bc4f3c132385c0e0baf0143ec2] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{682f447f-3bf1-4b70-a370-742e24629aeb}|AppName, Radio Canyon-buttonutil.exe, In Quarantäne, [ae9400357d0e4aecc97d237758ac8779] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{697fe81a-7663-4a59-94aa-df4a5dc765f4}|AppName, Radio Canyon-codedownloader.exe, In Quarantäne, [49f9b87d6b206acc6ed9415991736e92] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{d0d526a3-9ea2-4694-bd5f-9ff7d5e3c338}|AppName, Radio Canyon-bg.exe, In Quarantäne, [68da8baa800be94d81c44852fa0a6d93] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{130CF00C-F51D-431F-A662-826ED3E8C89E}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [86bc1025d6b5cc6a4fd68e0c32d2a15f] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1AAF94FA-F68A-4543-B6F8-4EBE26A21F74}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [a59d072e9bf0989ee1446e2c30d4b14f] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1B254165-9881-44D0-8EA4-65CA3BA6A5C5}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [d56d7fb6612aad8976ae15850301f60a] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1CAB609C-8073-49FC-B610-476083AB7E33}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [96accb6a1e6db68003225842ec18d729] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D5CD374-D63C-4D8D-BB32-58119E5DA9F4}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [4df56ec798f379bdb66f069448bcaf51] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2928CE6F-8C66-499C-9367-48CE76B042A6}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [b2905ed79eedc96df72d18826f9532ce] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3463ACF5-B31A-41D0-894F-FF71245D235C}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [2c162d085b30092d66bfaeece0241ce4] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35AB8522-74D4-40B6-94A2-5E6A3DD71672}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [7dc502338efd67cf0c188515e12349b7] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{404B7938-1306-4B36-97B0-33C5F737B29C}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [e85a23123a51d85ee144811942c2b24e] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4393F602-BDE5-42EE-BD7E-B73546F8EAD1}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [7dc5f4417912fb3bfe26f6a46b99de22] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{483C4A59-A829-4CF4-9DDA-DE49D835572E}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [98aa171e8efda98d35ef44561de745bb] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{49789359-B32C-4266-B7F6-ECFBE7D25E2C}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [2f130a2ba9e2c274d54fc4d64fb5847c] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4E819F87-2CF4-4120-8138-26BDAC90B3FF}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [7fc39b9ab5d669cda67f8416d52fef11] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4F7138ED-B597-47E4-8619-93626AB64A45}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [073b1a1bbdce6acc52d2d0ca1ce80ff1] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{52A840E6-9D43-436A-9598-D0FF526CE5D6}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [44fe94a1bfcc4beb69bcd1c922e2f50b] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53BBA211-4E61-4D7C-9ACE-AC15CE2C5AB6}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [94aecf662f5c1f17c362603adf25867a] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59D02789-B782-4B90-907D-D47CB9B825A0}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [93af89ac93f8b87efc28bcde27dd45bb] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5ECC9579-315B-43C1-8362-93E2D95B3AEE}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [52f03401b7d42b0b25ff38621de76a96] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{60C4E046-D0B3-4D88-BB63-E64CDBE61DB7}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [063c69ccb7d444f250d4d0ca976de21e] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6135A8C8-3976-4243-BADA-9CA2B3281286}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [4bf7d56035568da9cd58d4c64eb6956b] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{682f447f-3bf1-4b70-a370-742e24629aeb}|AppName, Radio Canyon-buttonutil.exe, In Quarantäne, [083ad065a4e7f541eb39cfcb679df20e] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{697fe81a-7663-4a59-94aa-df4a5dc765f4}|AppName, Radio Canyon-codedownloader.exe, In Quarantäne, [52f089ac781380b682a39ffba26260a0] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F7DD48E-1732-410C-9B25-EF9250B8FFBA}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [f1512f06543758def233f2a80ef616ea] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{77D99DEB-72FB-4E05-8DB1-185989A887E7}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [172bd164cdbe0c2a65c0aded6b9948b8] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7D599D30-9BF1-4180-BB3D-D5461E22AAAA}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [d9690b2ac8c373c367bddbbf8282e51b] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EBB1027-3139-4320-BA2D-50EAAD5833C2}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [5be781b490fb93a3ed386d2da3614fb1] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EE7401A-D945-4CEB-A637-364B1030B921}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [231f90a5acdfe35356cf98029f650af6] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{83A03133-8643-4982-AA30-224A56FA5EEC}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [053d5ed7eba0bb7bfa2ba7f3f80cb24e] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{854780B9-CF9C-4139-A7E7-6A237FEE4137}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [59e9ca6b414a4beb2ef7b8e212f25da3] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86205741-969F-4AF0-9511-2B1768E04354}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [e0620e27cdbece689e86a0fafc08a15f] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8E4C6612-94E8-43FE-9689-9481DE231640}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [8db555e0fe8d5ed84dd89efc11f310f0] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{902584E4-5943-470C-BD9C-4B94D96F819C}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [a89ad75e5536be7866beb4e65fa54eb2] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{90D8C964-4779-4E43-9972-73608F4977E8}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [e55d4ee7fb909e9876ae4a50ec18d62a] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{924EC260-82D9-476C-A128-A557B8AFCA4B}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [51f1b481e4a79f97f82d881233d102fe] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9285465B-5A9C-4C66-A247-5ABA8043611A}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [9ea4bb7a6d1e06304cd977236d97936d] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94629E06-1083-4FA5-A355-32CFB815C959}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [7ec44ce96427a78f02238d0d3aca7e82] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94B74F36-167B-406A-B4CC-A58F17DD61E5}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [e85a221397f44ee82ef7cecc58acf907] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{983D5356-DF2A-4FBB-BE85-79837C47D537}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [69d9a392701b9a9c6abb3169966e58a8] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9D763CBB-47D8-4C38-B278-887413F1FB32}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [73cf062f1675ef474adab1e90cf8867a] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E636EC8-168F-420C-8699-7CB4BCFEE086}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [cd750e2746456acc1014faa011f3c739] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A101F4AF-FBB5-434E-A099-678AD1494C85}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [4af84de8a6e586b02afbc3d77193c53b] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A31A02B2-EBBF-4921-B229-883970FD4B79}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [60e243f20c7fad8957ce56440cf8fd03] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A8FBEBBD-7399-4C12-8A60-3DA7F0D8FD58}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [e45ee45152391c1a081dc5d5a75dc53b] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A96B6711-17D5-4388-BA8D-6496F150534E}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [40024bea6a2194a2ce56c7d3857ff709] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AA736CEC-AFBF-4EFF-A8A3-4FA22E4D204A}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [0d351d186f1cfb3ba48067333ec624dc] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC426517-7974-435F-9FA6-19D27EF0FE41}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [72d0ae87bdce3ef85acaecaea55f3bc5] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD75B023-2755-4977-A939-96DFB3953077}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [e35f171e018a54e2b86d009aa85c20e0] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3545B24-CC69-4F81-A814-3DF72A90B083}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [ba881a1b1873fc3aff25a1f9d72db14f] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B5066464-3852-4DB6-A180-C513C664254F}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [a2a0181dee9d39fdb2739802ab5938c8] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C142D659-ECAD-436A-9A78-22635BC5E948}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [4af87fb60289f54176aeafebd33145bb] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C41C87C8-8972-497F-AE32-E1D66B6B59EA}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [92b0e3520a81da5cd74d86142bd960a0] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5EDC71B-C183-48D6-BD36-FB11812EB5B0}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [281a40f53c4f51e5978d8f0bca3a4fb1] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C68AA6FD-D138-4B82-9193-40A67FF6C866}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [80c243f2f09b9d9958cd306ad33137c9] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C9B46FC8-5EE3-446D-BF10-E8BE7B726B8B}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [c181191c57341e1868bcf8a23ec6817f] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0C02537-F754-4CF4-827E-ED75852DAF37}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [d072cf665536d26458cd287203017987] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{d0d526a3-9ea2-4694-bd5f-9ff7d5e3c338}|AppName, Radio Canyon-bg.exe, In Quarantäne, [a2a0092c068575c16bb82278887c847c] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D126A75D-C5D1-42BB-97D5-33294C5742D0}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [e55d53e21a71bf77869e8119d4306d93] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D366B1BA-8CA4-40C4-AFA5-10A74F264F6E}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [d36f59dcd9b237ff1212eeac60a443bd] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D5890093-1EAE-4103-9FC0-494791CDC85D}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [42008aab177476c0be67a3f74fb504fc] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D75A7BBC-55CE-495B-B64A-7DB982B38046}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [9aa867ce52393df947dec7d363a1c33d] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D8AABDCF-8CAE-4503-A43E-316D6B18E275}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [6bd7cf6667249d99fb29b8e2778d8d73] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DAFE4896-806D-404D-A93E-3CC5A2CC195A}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [e85a93a2f794ed49a3810a90956f2cd4] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DB1B8ACD-8DF8-4A2D-9C96-C2E4B4136C1A}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [d66c4ee7c0cb3402a67fbcde5aaa07f9] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA072B1C-DD0A-4154-B239-44F39BA9229D}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [f94975c0d0bb84b2a4808119af553cc4] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EE62A371-CD1B-4AB5-B92E-54DA8B40CC25}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [d86a2312c7c4ce6877adbddd659f13ed] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EEDC5098-9090-481C-BCED-ABB9BA1C813F}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [57eb6dc8a9e27db980a5cccef113a45c] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2D25AB3-30CE-409A-B07A-A55BF8847CE6}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [ca78df566e1d4cea51d3702adf25619f] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F3F51B37-8326-4E20-9520-98E8519F9FFD}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-buttonutil.exe, In Quarantäne, [cf7304315e2d2c0ad94b5149dd27d828] PUP.Optional.CrossRider, HKU\S-1-5-21-1236569144-611998795-838250545-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FE04A83A-6B13-46C2-BAD3-48EEEE5B6F45}|AppName, 0030c55a-45f8-4037-a112-111fe7bcfd6b-2.exe-codedownloader.exe, In Quarantäne, [1b2786afbad173c3eb3ac0da8f75fc04] PUP.Optional.SpeedDial, HKU\S-1-5-21-1236569144-611998795-838250545-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{31090377-0740-419E-BEFC-A56E50500D5B}|URL, hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dvd_14_24_ch&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0A0EyDyD0DyCzz0ByB0ByDtN0D0Tzu0SzzzytCtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyEtByE0C0CtB0AtGtByC0AtAtG0FyEzz0DtGyDtBtA0BtGyByC0DtC0AzztD0FyCtBzzzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzyyEtB0B0Fzy0EtGyEyEtB0FtG0BtB0C0EtG0C0FtB0CtGtAzztAyDtCzz0ByD0DyC0EyD2Q&cr=1397500138&ir=, In Quarantäne, [41014aebb9d256e0070b0db6b450d62a] PUP.Optional.SpeedDial, HKU\S-1-5-21-1236569144-611998795-838250545-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{31090377-0740-419E-BEFC-A56E50500D5B}|TopResultURLFallback, hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dvd_14_24_ch&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0A0EyDyD0DyCzz0ByB0ByDtN0D0Tzu0SzzzytCtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyEtByE0C0CtB0AtGtByC0AtAtG0FyEzz0DtGyDtBtA0BtGyByC0DtC0AzztD0FyCtBzzzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzyyEtB0B0Fzy0EtGyEyEtB0FtG0BtB0C0EtG0C0FtB0CtGtAzztAyDtCzz0ByD0DyC0EyD2Q&cr=1397500138&ir=, In Quarantäne, [4bf774c1c3c870c6878bfac9e61ecf31] PUP.Optional.SpeedDial, HKU\S-1-5-21-1236569144-611998795-838250545-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{31090377-0740-419E-BEFC-A56E50500D5B}|FaviconPath, C:\Program Files (x86)\Speedial\1.8.29.15\FavIcon.ico, In Quarantäne, [55ede74e9eed9d998b87348f42c236ca] PUP.Optional.SpeedDial, HKU\S-1-5-21-1236569144-611998795-838250545-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{31090377-0740-419E-BEFC-A56E50500D5B}, Speedial, In Quarantäne, [19290e27becd310541d1972cba4a5ba5] PUP.Optional.SpeedDial, HKU\S-1-5-21-1236569144-611998795-838250545-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{31090377-0740-419E-BEFC-A56E50500D5B}|DisplayName, Speedial, In Quarantäne, [64dea78e6a21ba7c33df15ae56ae4eb2] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 3 PUP.Optional.Bandoo, C:\Users\Eugen\Downloads\2553.tmp, In Quarantäne, [4df5cf663655a88e9b8626be7c84ef11], PUP.Optional.WinYahoo, C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi, In Quarantäne, [0e349e97573464d29f98d6f854b07e82], PUP.Optional.SpeedDial, C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\3gwvr4zd.default\prefs.js, Gut: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (browser.startup.homepage", "hxxp://speedial.com), Ersetzt,[ba88f144ff8cd3638d2f407ab84daa56] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.009 - Bericht erstellt am 28/09/2015 um 13:33:40
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-27.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Eugen - EUGEN-PC
# Gestartet von : C:\Users\Eugen\Desktop\Recovery 23-09-2015\adwcleaner_5.009.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\ProgramData\productdata
[-] Ordner Gelöscht : C:\Users\Eugen\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\Users\Eugen\AppData\Roaming\Premium
[-] Ordner Gelöscht : C:\Users\Eugen\AppData\Roaming\productdata
[-] Ordner Gelöscht : C:\windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\npnkeeiehehhefofiekoflfedgehcdhl
[-] Datei Gelöscht : C:\windows\Sysnative\drivers\swdumon.sys
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
[-] Task Gelöscht : Adobe Flash Player Updater
[-] Task Gelöscht : NIUpdateServiceCheckTask
***** [ Registrierungsdatenbank ] *****
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Radio Canyon-bg.exe]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87daed4d-3f07-4525-8da3-ab819f05dad0}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87daed4d-3f07-4525-8da3-ab819f05dad0}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
***** [ Internetbrowser ] *****
[-] [C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Gelöscht : hxxp://www.sweet-page.com/?type=hp&ts=1414662494&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9GC614399
[-] [C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : bakijjialdiiboeaknfpmflphhmljfkd
[-] [C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : npdicihegicnhaangkdmcgbjceoemeoo
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [5321 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.3 (09.21.2015:1)
OS: Windows 7 Home Premium x64
Ran by Eugen on 28.09.2015 at 13:44:36,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\windows\system32\tasks\0
Successfully deleted: [Task] C:\windows\system32\tasks\EasySpeedUpManager
Successfully deleted: [Task] C:\windows\system32\tasks\Uninstaller_SkipUac_Eugen
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\TuneUp Disk Space Explorer Shell Extension
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611081104}
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Eugen\Appdata\Local\{0EE04FDE-9CD1-4477-95D8-71855CC39673}
Successfully deleted: [Empty Folder] C:\Users\Eugen\Appdata\Local\{9F9E9A05-8CAE-4C14-A324-63F1D72798B5}
Successfully deleted: [Empty Folder] C:\Users\Eugen\Appdata\Local\{DB3B7B52-093F-4A13-8761-F9B885C13EBF}
Successfully deleted: [Folder] C:\ProgramData\ad-aware browsing protection
Successfully deleted: [Folder] C:\Users\Eugen\Appdata\Local\adawarebp
Successfully deleted: [Folder] C:\Users\Eugen\Appdata\Local\cre
Successfully deleted: [Folder] C:\Users\Eugen\Documents\add-in express
Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
[C:\Users\Eugen\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Eugen\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Eugen\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Eugen\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
npdicihegicnhaangkdmcgbjceoemeoo
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.09.2015 at 13:53:33,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
28.09.2015, 13:04
| #12 |
| | Notebook braucht 15 min zum hochfahren FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Eugen (Administrator) auf EUGEN-PC (28-09-2015 13:55:24)
Gestartet von C:\Users\Eugen\Desktop\Recovery 23-09-2015
Geladene Profile: Eugen (Verfügbare Profile: Eugen & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-21] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-21] (AVAST Software)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-09-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute:
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 10 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2013-05-11] (National Instruments Corporation)
Winsock: Catalog5-x64 10 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560 2013-05-11] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EBE3468D-7CD6-4436-AC34-30B3D5192485}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1236569144-611998795-838250545-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1236569144-611998795-838250545-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {0CCD4CB5-9444-44DD-A39F-CCB3A19ADAB1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {46796D2F-6FE6-4DBF-81C0-F1CB6B934773} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {63D5E2AE-DDD8-4B52-936F-14B2D94D438D} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {68CA96C1-E6FB-4B39-96AE-13E6B5B7E8DA} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {A334D4D4-1D46-4F58-856E-74C2419D272E} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-13] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-21] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Kein Name -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-13] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF SelectedSearchEngine: Google (avast)
FF DefaultSearchEngine: Google (avast)
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\windows\system32\npDeployJava1.dll [2013-04-11] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1236569144-611998795-838250545-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Eugen\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1236569144-611998795-838250545-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Eugen\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1236569144-611998795-838250545-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Eugen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-22] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\searchplugins\google-avast.xml [2015-08-24]
FF SearchPlugin: C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\searchplugins\yahoo-avast.xml [2014-07-03]
FF Extension: Greasemonkey - C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-05-31]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-11-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-23]
FF Extension: Kein Name - C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\extensions\iobitascsurfingprotection@iobit.com [nicht gefunden]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR Plugin: (Shockwave Flash) - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\45.0.2454.99\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\45.0.2454.99\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\45.0.2454.99\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL => Keine Datei
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll => Keine Datei
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Eugen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Eugen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Eugen\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-27]
CHR Extension: (Google Drive) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-09]
CHR Extension: (YouTube) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-09]
CHR Extension: (Adblock Plus) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-23]
CHR Extension: (Google-Suche) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-09]
CHR Extension: (FoxyProxy Standard) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2014-12-06]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-13]
CHR Extension: (AdBlock) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-30]
CHR Extension: (Avast Online Security) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-23]
CHR Extension: (ProxMate) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-03-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-30]
CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2014-10-06]
CHR Extension: (Google Mail) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: Google Chrome.CTKEMGO4BIPDMTQEJLN57L342E - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-21] (Avast Software)
S4 ENI Server; C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe [651264 2013-04-15] (3S-Smart Software Solutions GmbH) [Datei ist nicht signiert]
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
S3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2000-01-01] (Intel Corporation)
S3 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2000-01-01] (Intel Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-24] (IObit)
S4 LkCitadelServer; C:\windows\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
S4 lkClassAds; C:\windows\SysWOW64\lkads.exe [53544 2013-06-12] (National Instruments Corporation)
S4 lkTimeSync; C:\windows\SysWOW64\lktsrv.exe [63792 2013-06-12] (National Instruments Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
S4 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-05-08] ()
S4 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57696 2013-06-08] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [81248 2013-06-08] (National Instruments Corporation)
S4 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [380720 2013-06-12] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
S4 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [260976 2013-05-11] (National Instruments Corporation)
S4 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [90440 2013-06-07] (National Instruments Corporation)
S4 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57680 2013-06-08] (National Instruments Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
S2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-11-28] ()
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [Datei ist nicht signiert]
S4 RTService; C:\Program Files (x86)\3S Software\CoDeSys SP RTE\RTService.exe [495735 2013-04-16] (3S-Smart Software Solutions GmbH) [Datei ist nicht signiert]
S2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] () [Datei ist nicht signiert]
S4 ServiceControl_RTE23_3S_GmbH; C:\Program Files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe [188551 2013-04-16] (3S-Smart Software Solutions GmbH) [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S4 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3385584 2013-05-08] (Intel® Corporation)
S2 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [X]
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [X]
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [X]
S2 SamsungAllShareV2.0; "C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 3SRTE; C:\Windows\SysWow64\Drivers\3SRTE.sys [340078 2013-04-16] (3S - Smart Software Solutions GmbH)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-21] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-10-15] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 EterlogicVirtualSerialDriver; C:\windows\system32\drivers\VSPE.sys [40928 2014-06-23] ()
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-04-08] (GFI Software)
S3 h647906; C:\Windows\System32\drivers\h647906.sys [63856 2008-08-08] (Your Corporation)
S3 h648101; C:\Windows\System32\drivers\h648101.sys [65776 2008-08-08] (Your Corporation)
S3 h648103; C:\Windows\System32\drivers\h648103.sys [62960 2008-08-08] (Your Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41272 2008-08-08] (Your Corporation)
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [43192 2008-08-08] (Your Corporation)
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [40856 2008-08-08] (Your Corporation)
S3 ibpcimpm; C:\Windows\SysWow64\Drivers\ibpcimpm.sys [267912 2013-04-16] (3s)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-21] (AVAST Software)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 RTIOdrvAPIC; C:\Windows\SysWow64\Drivers\RTIOdrvAPIC.sys [19584 2013-04-16] (3S)
S3 RTIOdrvApplicom; C:\Windows\SysWow64\Drivers\RTIOdrvApplicom.sys [222852 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvAutomata; C:\Windows\SysWow64\Drivers\RTIOdrvAutomata.sys [307020 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvCifX; C:\Windows\SysWow64\Drivers\RTIOdrvCifX.sys [100480 2013-04-16] () [Datei ist nicht signiert]
S3 RTIOdrvCP5613; C:\Windows\SysWow64\Drivers\RTIOdrvCP5613.sys [403408 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvDAMP; C:\Windows\SysWow64\Drivers\RTIOdrvDAMP.sys [84096 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvFC310x; C:\Windows\SysWow64\Drivers\RTIOdrvFC310x.sys [44676 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvHilscherDPM; C:\Windows\SysWow64\Drivers\RTIOdrvHilscherDPM.sys [65678 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvHMS; C:\Windows\SysWow64\Drivers\RTIOdrvHMS.sys [31358 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvKuhnkePBM; C:\Windows\SysWow64\Drivers\RTIOdrvKuhnkePBM.sys [62602 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvSJA; C:\Windows\SysWow64\Drivers\RTIOdrvSJA.sys [111596 2013-04-16] (3s) [Datei ist nicht signiert]
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-21] (Avast Software)
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 SBIOSIO; \??\C:\Users\Eugen\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-28 13:53 - 2015-09-28 13:53 - 00002925 _____ C:\Users\Eugen\Desktop\JRT.txt
2015-09-28 13:44 - 2015-09-22 19:06 - 01800512 _____ (Malwarebytes) C:\Users\Eugen\Desktop\JRT.exe
2015-09-28 13:38 - 2015-09-28 13:38 - 00005416 _____ C:\Users\Eugen\Desktop\AdwCleaner[C6].txt
2015-09-28 13:27 - 2015-09-28 13:27 - 00043851 _____ C:\Users\Eugen\Desktop\mbam.txt
2015-09-28 12:23 - 2015-09-28 12:23 - 00001062 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-27 22:43 - 2015-09-27 22:43 - 00000000 ____D C:\Users\Eugen\AppData\Local\GWX
2015-09-25 12:44 - 2015-09-25 12:50 - 00000000 ___SD C:\windows\system32\GWX
2015-09-25 12:44 - 2015-09-25 12:44 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-09-25 12:33 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-09-25 12:33 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-09-25 12:33 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-09-25 12:33 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2015-09-25 11:39 - 2015-01-09 01:44 - 00419936 _____ C:\windows\SysWOW64\locale.nls
2015-09-25 11:39 - 2015-01-09 01:43 - 00419936 _____ C:\windows\system32\locale.nls
2015-09-25 11:34 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-25 11:34 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-25 10:51 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-09-25 10:51 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-09-25 10:42 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-09-25 10:42 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-09-25 10:42 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-09-25 10:42 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-09-25 10:42 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-09-25 10:42 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-09-25 10:42 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-09-25 10:42 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-09-25 10:42 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-09-25 10:42 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-09-25 10:42 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-09-25 10:17 - 2015-09-25 10:17 - 00049965 _____ C:\ComboFix.txt
2015-09-25 09:37 - 2015-09-25 10:18 - 00000000 ____D C:\ComboFix
2015-09-24 17:49 - 2015-09-24 17:49 - 00000000 ____D C:\a2bc45f176124b184621ac
2015-09-24 17:48 - 2015-09-24 17:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-24 17:48 - 2015-09-24 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-24 13:25 - 2015-09-24 13:25 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Eugen\Desktop\tdsskiller.exe
2015-09-24 13:24 - 2015-09-24 14:04 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-24 13:23 - 2015-09-24 14:04 - 00000000 ____D C:\Users\Eugen\Desktop\mbar
2015-09-23 19:48 - 2015-09-28 13:35 - 00004960 _____ C:\windows\PFRO.log
2015-09-23 19:48 - 2015-09-28 13:35 - 00000840 _____ C:\windows\setupact.log
2015-09-23 19:48 - 2015-09-23 19:48 - 00000000 _____ C:\windows\setuperr.log
2015-09-23 19:08 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-09-23 19:08 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-09-23 19:08 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-09-23 19:08 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-09-23 19:08 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-09-23 19:08 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-09-23 19:08 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-09-23 19:08 - 2015-06-03 22:16 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-09-23 19:08 - 2015-06-03 22:16 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-09-23 19:07 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-09-23 19:07 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-09-23 19:07 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-09-23 19:07 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-09-23 19:07 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-09-23 19:07 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-09-23 19:07 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-09-23 19:07 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-09-23 19:07 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2015-09-23 19:07 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-09-23 19:07 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-09-23 19:07 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-09-23 19:06 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-09-23 19:06 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-09-23 19:06 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-09-23 19:06 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-09-23 19:06 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-09-23 19:06 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-09-23 19:06 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-09-23 19:06 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-09-23 19:06 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-09-23 19:06 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-09-23 19:06 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-09-23 19:06 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-09-23 19:05 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-09-23 19:05 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-09-23 19:05 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-09-23 19:05 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-09-23 19:05 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-09-23 19:04 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2015-09-23 19:04 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-09-23 19:04 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-09-23 19:04 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-09-23 19:04 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-09-23 19:04 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-09-23 19:04 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-09-23 19:04 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-09-23 19:04 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-09-23 19:04 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-09-23 19:04 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-09-23 19:04 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-09-23 19:04 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-09-23 19:04 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-09-23 19:04 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-09-23 19:04 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-09-23 19:04 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-09-23 19:04 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-09-23 19:04 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-09-23 19:04 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-09-23 19:04 - 2015-06-03 22:17 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-09-23 19:04 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-09-23 19:04 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-09-23 19:04 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-09-23 19:04 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-09-23 19:04 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-09-23 19:04 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-09-23 19:04 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-09-23 19:04 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-09-23 19:04 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-09-23 19:04 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-09-23 19:04 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-09-23 19:04 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-09-23 19:04 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-09-23 19:04 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-09-23 19:04 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-09-23 19:00 - 2015-09-23 19:01 - 00347816 _____ (Microsoft Corporation) C:\Users\Eugen\Desktop\MicrosoftFixit.wu.FISC.1366458398205341.1.1.Run.exe
2015-09-23 18:59 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-09-23 18:59 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-09-23 18:54 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-09-23 18:53 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-09-23 18:53 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-09-23 18:53 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-09-23 18:52 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-09-23 18:52 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-09-23 18:52 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-09-23 18:52 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-09-23 18:52 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-09-23 18:52 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-09-23 18:52 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-09-23 18:52 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-09-23 18:52 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-09-23 18:52 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-09-23 18:52 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-09-23 18:52 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-09-23 18:52 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-09-23 18:52 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-09-23 18:52 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-09-23 18:52 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-09-23 18:52 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-09-23 18:52 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-09-23 18:52 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-09-23 18:52 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-09-23 18:52 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-09-23 18:52 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-09-23 18:52 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-09-23 18:52 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-09-23 18:52 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-09-23 18:52 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-09-23 18:52 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-09-23 18:52 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-09-23 18:52 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-09-23 18:52 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-09-23 18:52 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-09-23 18:52 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-09-23 18:52 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-09-23 18:52 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-09-23 18:52 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-09-23 18:52 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-09-23 18:52 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-09-23 18:52 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-09-23 18:52 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-09-23 18:52 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-09-23 18:52 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-09-23 18:52 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-09-23 18:52 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-09-23 18:52 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-09-23 18:52 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-09-23 18:52 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-23 18:52 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-09-23 18:52 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-09-23 18:52 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-09-23 18:52 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-09-23 18:52 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-09-23 18:52 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-09-23 18:52 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-09-23 18:52 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-09-23 18:52 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-09-23 18:52 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-09-23 18:52 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-09-23 18:52 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-09-23 18:52 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-09-23 18:52 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-09-23 18:52 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-09-23 18:52 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-09-23 18:52 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-09-23 18:52 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-09-23 18:52 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-09-23 18:52 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-09-23 18:52 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2015-09-23 18:52 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-09-23 18:52 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-09-23 18:52 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-09-23 18:52 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-09-23 18:51 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-09-23 18:51 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-09-23 18:51 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-09-23 18:51 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-09-23 18:51 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-09-23 18:51 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-09-23 18:51 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-09-23 18:51 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-09-23 18:51 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-09-23 18:51 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-09-23 18:51 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-09-23 18:51 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-09-23 18:51 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-09-23 18:51 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-09-23 18:51 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-09-23 18:51 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-09-23 18:51 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-09-23 18:51 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-09-23 18:51 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-09-23 18:51 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-09-23 18:51 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-09-23 18:51 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-09-23 18:50 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-09-23 18:50 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-09-23 18:50 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-09-23 18:50 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-09-23 18:50 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-09-23 18:50 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-09-23 18:50 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-09-23 18:50 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-09-23 18:50 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-09-23 18:50 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-09-23 18:50 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-09-23 18:50 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-09-23 18:50 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-09-23 18:50 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-09-23 18:50 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-09-23 18:50 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-09-23 18:50 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-09-23 18:50 - 2015-06-03 22:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-09-23 18:50 - 2015-06-03 22:16 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-09-23 18:50 - 2015-06-03 22:16 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-09-23 18:50 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-09-23 18:50 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-09-23 18:50 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-09-23 18:50 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-09-23 18:50 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-09-23 18:50 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-09-23 18:50 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-09-23 18:50 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-09-23 18:50 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-09-23 18:48 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-09-23 18:48 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-09-23 18:48 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-09-23 18:48 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-09-23 18:48 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-09-23 18:48 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-09-23 18:48 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-09-23 18:48 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-09-23 18:48 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-09-23 18:01 - 2015-09-23 18:01 - 00002790 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2015-09-23 18:01 - 2015-09-23 18:01 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-23 18:01 - 2015-09-23 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-23 18:00 - 2015-09-23 18:01 - 00000000 ____D C:\Program Files\CCleaner
2015-09-23 17:53 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-09-23 17:53 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-09-23 17:53 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-09-23 17:53 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-09-23 17:53 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-09-23 17:53 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-09-23 17:53 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-09-23 17:53 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-09-23 17:53 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-09-23 17:53 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-09-23 17:53 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-09-23 17:53 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-09-23 17:53 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-09-23 17:53 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-09-23 17:53 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-09-23 17:53 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-09-23 17:53 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-09-23 17:53 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-09-23 17:53 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-09-23 17:53 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-09-23 17:53 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-09-23 17:53 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-09-23 17:53 - 2015-06-03 22:17 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-09-23 17:52 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-09-23 17:52 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-09-23 17:52 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-09-23 17:52 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-09-23 17:52 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-09-23 17:52 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-09-23 17:52 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-09-23 17:52 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-09-23 17:52 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-09-23 17:52 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-09-23 17:52 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-09-23 17:52 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-09-23 17:52 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-09-23 17:52 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-09-23 17:52 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-09-23 17:52 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-09-23 17:52 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-09-23 17:52 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-23 17:52 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-09-23 17:52 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-09-23 17:52 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-09-23 17:52 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-09-23 17:52 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-09-23 17:52 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-09-23 17:52 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2015-09-23 17:52 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-09-23 17:52 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-09-23 17:51 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-09-23 17:51 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-09-23 17:51 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-09-23 17:51 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-09-23 17:51 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-09-23 17:51 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-09-23 17:51 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-09-23 16:11 - 2014-05-04 19:54 - 00000426 _____ C:\AVScanner.ini
2015-09-23 15:03 - 2015-09-23 15:03 - 00000000 ____D C:\Users\Eugen\AppData\Local\Steam
2015-09-23 13:17 - 2015-09-28 13:43 - 00000000 ____D C:\Users\Eugen\Desktop\Recovery 23-09-2015
2015-09-23 13:16 - 2015-09-23 13:16 - 02192384 _____ (Farbar) C:\Users\Eugen\Downloads\ADE9.tmp
2015-09-23 13:15 - 2015-09-23 13:15 - 00000000 ____D C:\windows\Tasks\ImCleanDisabled
2015-09-23 13:15 - 2015-09-23 13:15 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-09-23 13:11 - 2015-09-23 13:15 - 00000000 ____D C:\ProgramData\IObit
2015-09-23 13:11 - 2015-09-23 13:11 - 00001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-09-23 13:11 - 2015-09-23 13:11 - 00001354 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-09-23 13:11 - 2015-09-23 13:11 - 00000000 ____D C:\Users\Eugen\AppData\IObit
2015-09-23 13:10 - 2015-09-23 17:07 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-23 13:10 - 2015-09-23 13:30 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\IObit
2015-09-14 20:42 - 2015-09-14 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\premium Poker
2015-09-13 16:43 - 2015-09-14 20:42 - 00001489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\premium Poker.lnk
2015-09-13 16:43 - 2015-09-14 20:42 - 00001483 _____ C:\Users\Eugen\Desktop\premium Poker.lnk
2015-09-13 03:17 - 2015-09-13 03:17 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Sun
2015-09-13 03:17 - 2015-09-13 03:17 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-13 03:17 - 2015-09-13 03:17 - 00000000 ____D C:\Users\Eugen\.oracle_jre_usage
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-28 13:55 - 2013-10-14 13:55 - 00000000 ____D C:\FRST
2015-09-28 13:47 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-28 13:47 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-28 13:45 - 2015-01-05 17:21 - 00000546 _____ C:\windows\Tasks\MATLAB R2012a Startup Accelerator.job
2015-09-28 13:44 - 2013-05-31 10:55 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-28 13:42 - 2012-11-26 17:57 - 00000000 ___RD C:\Users\Eugen\Dropbox
2015-09-28 13:39 - 2012-11-26 17:55 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Dropbox
2015-09-28 13:36 - 2014-06-09 14:36 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-28 13:36 - 2013-05-31 10:55 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-28 13:36 - 2013-05-09 18:16 - 00000434 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-09-28 13:35 - 2012-05-21 13:12 - 00000828 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-09-28 13:35 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-09-28 13:34 - 2012-05-22 05:05 - 01413998 _____ C:\windows\WindowsUpdate.log
2015-09-28 13:33 - 2014-06-09 15:37 - 00000000 ____D C:\AdwCleaner
2015-09-28 13:26 - 2013-04-09 16:40 - 00001120 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job
2015-09-28 13:00 - 2015-08-24 18:55 - 00001224 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job
2015-09-28 12:23 - 2014-06-09 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-28 12:23 - 2014-06-09 14:35 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-27 22:44 - 2012-12-19 17:02 - 00000000 ____D C:\Users\Eugen\AppData\Local\CrashDumps
2015-09-27 22:43 - 2015-08-24 18:55 - 00001172 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job
2015-09-27 22:43 - 2013-04-09 16:40 - 00001068 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job
2015-09-27 22:42 - 2013-11-13 18:26 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-09-27 22:36 - 2012-05-21 13:12 - 00000830 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-09-25 16:57 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-09-25 13:54 - 2012-11-03 21:01 - 00000000 ____D C:\Users\Eugen\AppData\Local\Samsung
2015-09-25 13:54 - 2012-05-21 13:21 - 00000000 ____D C:\ProgramData\SAMSUNG
2015-09-25 13:54 - 2012-05-21 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-09-25 13:54 - 2012-05-21 13:20 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-09-25 13:53 - 2012-10-08 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3
2015-09-25 13:53 - 2012-05-21 13:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-25 13:51 - 2012-05-21 13:30 - 00000000 ____D C:\ProgramData\WinClon
2015-09-25 12:44 - 2009-07-14 05:20 - 00000000 ____D C:\windows\tracing
2015-09-25 12:39 - 2012-09-29 09:51 - 01785266 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-09-25 12:39 - 2012-05-22 04:55 - 00775470 _____ C:\windows\system32\perfh007.dat
2015-09-25 12:39 - 2012-05-22 04:55 - 00176406 _____ C:\windows\system32\perfc007.dat
2015-09-25 12:39 - 2009-07-14 07:13 - 01785266 _____ C:\windows\system32\PerfStringBackup.INI
2015-09-25 12:00 - 2009-07-14 06:45 - 00456072 _____ C:\windows\system32\FNTCACHE.DAT
2015-09-25 11:55 - 2015-01-08 17:19 - 00000000 ____D C:\windows\system32\appraiser
2015-09-25 11:55 - 2014-05-28 10:23 - 00000000 ___SD C:\windows\system32\CompatTel
2015-09-25 11:55 - 2012-05-22 04:30 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-25 11:55 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\Dism
2015-09-25 11:55 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\Dism
2015-09-25 11:55 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2015-09-25 11:55 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-09-25 11:35 - 2012-11-20 11:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-25 11:23 - 2013-10-23 14:43 - 00000000 ____D C:\windows\system32\MRT
2015-09-25 10:18 - 2014-12-12 15:45 - 00000000 ____D C:\Users\Eugen\AppData\Local\TSVNCache
2015-09-25 10:18 - 2013-06-14 19:35 - 00000000 ____D C:\Qoobox
2015-09-25 10:05 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2015-09-25 09:59 - 2013-06-14 19:34 - 00000000 ____D C:\windows\erdnt
2015-09-24 19:47 - 2009-07-14 07:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-09-24 17:47 - 2012-09-29 09:09 - 00000000 ____D C:\ProgramData\Skype
2015-09-23 19:48 - 2012-05-21 14:28 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-09-23 19:33 - 2012-05-21 14:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2015-09-23 19:27 - 2012-05-21 14:28 - 00000000 ____D C:\ProgramData\CyberLink
2015-09-23 19:26 - 2012-05-21 14:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-09-23 18:11 - 2014-01-18 20:31 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\TeamViewer
2015-09-23 18:10 - 2013-10-15 15:46 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\DAEMON Tools Lite
2015-09-23 18:09 - 2014-11-10 13:16 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Notepad++
2015-09-23 18:09 - 2013-01-11 20:23 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-09-23 18:07 - 2011-02-11 21:57 - 00000000 ____D C:\windows\Panther
2015-09-23 18:04 - 2012-10-03 07:59 - 00000000 ____D C:\windows\Minidump
2015-09-23 17:22 - 2013-06-15 13:48 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-23 17:21 - 2014-03-20 15:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-09-23 17:21 - 2014-03-20 14:59 - 00000000 ____D C:\windows\system32\1031
2015-09-23 17:21 - 2012-05-21 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2015-09-23 17:21 - 2012-05-21 13:22 - 00000000 ____D C:\Program Files (x86)\WildGames
2015-09-23 17:21 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-23 17:21 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-23 17:21 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-09-23 17:18 - 2012-05-21 13:22 - 00000000 ____D C:\ProgramData\WildTangent
2015-09-23 17:13 - 2013-04-29 18:27 - 00000000 ____D C:\Program Files (x86)\Veoh Networks
2015-09-23 17:08 - 2014-03-20 14:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-09-23 17:07 - 2013-10-23 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-09-23 17:05 - 2013-10-23 16:08 - 00000000 ____D C:\Program Files (x86)\Secunia
2015-09-23 17:03 - 2014-03-20 15:05 - 00000000 ____D C:\windows\SysWOW64\1031
2015-09-23 17:03 - 2013-06-16 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-09-23 16:56 - 2013-06-16 11:17 - 00000000 ____D C:\Program Files\Samsung AnyWeb Print
2015-09-23 16:42 - 2014-11-11 23:16 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Atari
2015-09-23 16:37 - 2013-11-19 21:58 - 00000000 ____D C:\Users\Eugen\AppData\Local\PokerStars.EU
2015-09-23 16:36 - 2014-03-19 22:57 - 00000000 ____D C:\Poker
2015-09-23 16:36 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\MSBuild
2015-09-23 16:31 - 2013-03-17 14:28 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-09-23 16:11 - 2012-10-12 22:05 - 00000000 ____D C:\Users\Eugen\AppData\Local\Facebook
2015-09-23 16:08 - 2014-01-11 13:30 - 00000000 ____D C:\Users\Eugen\.LOGOComfort7.0
2015-09-23 16:05 - 2013-10-23 16:18 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-09-23 16:02 - 2014-07-08 20:59 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-09-23 16:02 - 2014-07-08 20:59 - 00000000 ____D C:\Program Files\Image-Line
2015-09-23 16:02 - 2014-07-08 20:51 - 00000000 ____D C:\Program Files (x86)\Image-Line
2015-09-23 15:59 - 2014-10-06 13:57 - 00000000 ____D C:\Program Files\IBM
2015-09-23 15:51 - 2014-04-03 11:10 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software
2015-09-23 15:51 - 2014-04-03 11:10 - 00000000 ____D C:\Program Files (x86)\HI-TECH Software
2015-09-23 15:48 - 2014-11-08 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTK2 Runtime
2015-09-23 15:47 - 2013-10-15 20:04 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-09-23 15:45 - 2013-10-15 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-09-23 15:44 - 2014-11-28 13:48 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
2015-09-23 15:44 - 2014-11-28 13:48 - 00000000 ____D C:\Users\Eugen\AppData\Local\GamersFirst
2015-09-23 15:42 - 2013-01-29 19:12 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-09-23 15:42 - 2012-11-22 20:29 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\DVDVideoSoft
2015-09-23 15:42 - 2012-11-22 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-23 15:41 - 2014-07-08 20:59 - 00000000 ____D C:\Program Files (x86)\DSPRobotics
2015-09-23 15:37 - 2013-09-26 10:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-23 15:33 - 2014-04-10 21:32 - 00000000 ____D C:\Program Files (x86)\EWB512
2015-09-23 15:33 - 2009-07-14 04:34 - 00000493 _____ C:\windows\win.ini
2015-09-23 15:06 - 2014-05-28 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Cleaner Pro
2015-09-23 15:05 - 2014-01-30 20:44 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-23 15:05 - 2013-01-22 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-23 15:05 - 2013-01-22 16:08 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-23 14:58 - 2013-01-22 16:03 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IAHGames
2015-09-23 14:58 - 2013-01-22 16:03 - 00000000 ____D C:\Program Files (x86)\IAHGames
2015-09-23 14:45 - 2015-02-09 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bridge Building Game
2015-09-23 14:35 - 2014-04-24 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-09-23 14:35 - 2014-04-24 14:27 - 00000000 ____D C:\ProgramData\BlueStacks
2015-09-23 14:23 - 2014-05-31 19:32 - 00000000 ____D C:\Program Files (x86)\Arma 3
2015-09-23 13:15 - 2013-01-06 00:40 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Apple Computer
2015-09-23 12:48 - 2014-11-28 13:48 - 00000000 ____D C:\Program Files (x86)\GamersFirst
2015-09-23 12:37 - 2012-12-13 20:28 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Amazon
2015-09-23 12:37 - 2012-12-13 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2015-09-23 12:37 - 2012-12-13 20:27 - 00000000 ____D C:\Program Files (x86)\Amazon
2015-09-23 12:37 - 2012-11-30 13:54 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\uTorrent
2015-09-23 12:21 - 2012-10-09 18:43 - 00000000 ____D C:\Allgemein
2015-09-23 12:21 - 2012-10-08 12:49 - 00000000 ____D C:\Studium
2015-09-23 12:18 - 2015-01-26 17:55 - 00000000 ____D C:\Users\Eugen\Desktop\CS
2015-09-23 11:55 - 2013-04-09 16:41 - 00002356 _____ C:\Users\Eugen\Desktop\Google Chrome.lnk
2015-09-21 21:15 - 2013-12-11 11:23 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 21:15 - 2013-12-11 11:23 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-20 19:52 - 2012-09-29 10:58 - 00000000 ____D C:\Users\Eugen\AppData\Local\Google
2015-09-17 19:21 - 2013-04-09 16:40 - 00004090 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA
2015-09-17 19:21 - 2013-04-09 16:40 - 00003694 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core
2015-09-16 20:39 - 2013-05-31 10:55 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 20:39 - 2013-05-31 10:55 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-13 16:44 - 2013-04-11 19:43 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\cef-cache
2015-09-13 03:24 - 2014-11-17 14:23 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-13 03:22 - 2014-10-12 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-13 03:17 - 2012-09-29 09:07 - 00000000 ____D C:\Users\Eugen
2015-09-13 03:14 - 2014-11-17 14:24 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-17 10:57 - 2014-11-17 10:57 - 0027648 _____ () C:\Users\Eugen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-31 16:03 - 2014-05-31 16:03 - 0000218 _____ () C:\Users\Eugen\AppData\Local\recently-used.xbel
2013-04-11 14:54 - 2013-06-07 08:44 - 0007597 _____ () C:\Users\Eugen\AppData\Local\resmon.resmoncfg
2013-06-15 14:01 - 2013-06-15 14:03 - 0014727 _____ () C:\Users\Eugen\AppData\Local\WiDiSetupLog.20130615.140157.txt
2015-04-08 17:03 - 2015-04-08 17:03 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-10-08 20:56 - 2012-11-23 15:15 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2012-05-21 14:32 - 2012-05-21 14:33 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-21 14:28 - 2012-05-21 14:29 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-05-21 14:31 - 2012-05-21 14:31 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-21 14:29 - 2012-05-21 14:30 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-21 14:31 - 2012-05-21 14:32 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
Einige Dateien in TEMP:
====================
C:\Users\Eugen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprmlalm.dll
C:\Users\Eugen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwjxy_0.dll
C:\Users\Eugen\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-24 15:40
==================== Ende von FRST.txt ============================
|
|
29.09.2015, 12:08
| #13 |
| /// the machine /// TB-Ausbilder | Notebook braucht 15 min zum hochfahrenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.09.2015, 20:39
| #14 |
| | Notebook braucht 15 min zum hochfahren Nach dem Starten des ESET Online Scanners: Unerwarteter Fehler 101 Ok nach nem Neustart gings. Hier der ESET-Log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=75583d38ce73544d8f5e902c199b01e0
# end=init
# utc_time=2015-09-29 12:30:17
# local_time=2015-09-29 02:30:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
DLL:pipe not connected. attempts=120
DLL:pipe not connected. attempts=120
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=75583d38ce73544d8f5e902c199b01e0
# end=init
# utc_time=2015-09-29 01:04:00
# local_time=2015-09-29 03:04:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25994
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=75583d38ce73544d8f5e902c199b01e0
# end=updated
# utc_time=2015-09-29 01:12:50
# local_time=2015-09-29 03:12:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=75583d38ce73544d8f5e902c199b01e0
# engine=25994
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-29 06:43:41
# local_time=2015-09-29 08:43:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 608803 61017260 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 110530 195182071 0 0
# scanned=567009
# found=53
# cleaned=0
# scan_time=19851
sh=E6927AB501867065F72817D8FE33766BC0267303 ft=1 fh=994504d87cea9d96 vn="Variante von Win32/SpeedingUpMyPC Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir"
sh=10087285CCDA6F411644B11B9636289E77BFC93A ft=1 fh=0b3cbf8f5103dddd vn="Variante von Win32/SProtector.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash.dll.vir"
sh=1375A8FFF1D262AD65AB09311A91AA9B96E83049 ft=1 fh=72898e0453db9d6a vn="Variante von Win32/SProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll.vir"
sh=760945B68CB957BA6E5D88FA9CE0EE9A4E32F782 ft=1 fh=eb1c350c9cb96ebd vn="Variante von Win32/Adware.SpeedingUpMyPC.AD Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProGuard.exe.vir"
sh=4B39BB455A0B98AFC387BC7385958E72EB64B226 ft=1 fh=5437d1233e2cadfe vn="Variante von Win32/Adware.SpeedingUpMyPC.AC Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProLauncher.exe.vir"
sh=ABBEF683598FC4EC055225D82956310B45FDD9D0 ft=1 fh=bb9357f68cde7a1b vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProReminder.exe.vir"
sh=A74CBB54241DC565FC91B5BC42C1AC82C6FE718C ft=1 fh=ce41dfc3fe115523 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSchedule.exe.vir"
sh=334CDF415B1D7451E47C5F8A265A3FEC87FCF08F ft=1 fh=e13095f3b76b07eb vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir"
sh=6BC05F4C1AC60B82368E9C8521F7505FFE8FC83F ft=1 fh=e5a255aa5337b0d1 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProStart.exe.vir"
sh=21D68FD20EF2716AD84220B3D21C6CAE766BE461 ft=1 fh=765153f17b6a2b89 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProUninstaller.exe.vir"
sh=EBFC14E95B4DE969B84F4AC79D025F7B4494F651 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Radio Canyon\0030c55a-45f8-4037-a112-111fe7bcfd6b.crx.vir"
sh=448F69721EFF5B115A9588EF52E8D9F5237B4BAE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Radio Canyon\0030c55a-45f8-4037-a112-111fe7bcfd6b.xpi.vir"
sh=C7067A941DBE65009C5810E23441E20B6F40C4AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Radio Canyon\fb9d84ea-e40d-4226-8a4c-ed76ee0c9259.crx.vir"
sh=55613265CE347F592D262576D09AFB4087FFF8B5 ft=1 fh=bb3527e0f1ee2f18 vn="Variante von Win64/Toolbar.Crossrider.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Radio Canyon\Radio Canyon-bho64.dll.vir"
sh=55530CEE82380890CAE255B3F7F384330A5DEC24 ft=1 fh=10145027ac7e4e77 vn="Variante von Win32/Toolbar.CrossRider.BD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Radio Canyon\Radio Canyon-buttonutil.dll.vir"
sh=6684F04FAA6BA71E5B5BC9723DCCB7535A078752 ft=1 fh=1e2251f923e6c3c6 vn="Variante von Win64/Toolbar.Crossrider.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Radio Canyon\Radio Canyon-buttonutil64.dll.vir"
sh=FAFC99B4FE015920D6037E6C3F7DCF2923BD9CC4 ft=1 fh=7a0801f78ba97540 vn="Variante von Win32/Toolbar.CrossRider.AW evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Radio Canyon\Uninstall.exe.vir"
sh=AFD822ED90B309BF2B8E574009BF39BE6EF24CD3 ft=1 fh=e5662d300c6fdacf vn="Variante von Win32/InstallCore.ADB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Speedial\1.8.29.15\uninstall.exe.vir"
sh=9AE9A2C0B8241366357206097FD312B5671FCAE8 ft=1 fh=dc7a3c84863e13b7 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir"
sh=41E3366114D7725DCB46FB1D28DA4CB31C0938B9 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Eugen\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx.vir"
sh=99F97AD369E8621AB4D17DF53E80E60FEE99C727 ft=1 fh=42567613b862d846 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Eugen\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=52C6BF734E3171FABBD0CB26CD6834CC3D5772B2 ft=1 fh=4d0a8f22c24b0521 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Allgemein\Firefox - CHIP-Installer.exe"
sh=AD762C18716C8735D7B2E0CD22346F6F8415C1D7 ft=1 fh=af0ad400c548e91b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Allgemein\VLC media player 64 Bit - CHIP-Installer.exe"
sh=E54ACBAC3D87A385EF187C37C428799DA021071C ft=1 fh=5ea8b4e501a8ddf5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Allgemein\Wireshark 64 Bit - CHIP-Installer.exe"
sh=91295AA24445546A1D7C460262DDB8F3A77149F2 ft=1 fh=e7a108f5a4a6d508 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Eugen\AppData\Roaming\uTorrent\updates\3.3.2_30180.exe"
sh=82B70102F7059ED1F3FE0DAA6C1FCE01AEC6318C ft=1 fh=3c9b13d0edd8c869 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Eugen\Downloads\GPU Z - CHIP-Downloader.exe"
sh=65F3E3173D53313795386AAE1CB56D6DB88EBAFF ft=1 fh=c2fa0b2ed78f40af vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Eugen\Downloads\Hill Climb Racing APK Android App - CHIP-Downloader.exe"
sh=2A265B327803FCFC8719DC1DA693E8B682D1B522 ft=1 fh=0a8b3298d1095957 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Eugen\Downloads\StreamTorrent - CHIP-Installer.exe"
sh=91295AA24445546A1D7C460262DDB8F3A77149F2 ft=1 fh=e7a108f5a4a6d508 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Eugen\Downloads\utorrent.exe"
sh=B48D87EFAE47A5B06CCC4A036C817F747A483E2F ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\adbec7.msi"
sh=BD49B453B73270E1A848ED5F928398C7215502C9 ft=1 fh=a77779ef5da6f96e vn="Win32/Conficker.AI Wurm" ac=I fn="H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx"
sh=4C929F89E59670E7CD0A9927AF9B9794D1136C4A ft=1 fh=c0469ad632bfa79c vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="H:\Programme\Uniblue\RegistryBooster\Launcher.exe"
sh=DBC8AD4693B91AB7916C242622B29C209F335CCA ft=1 fh=cdf9e87ab1c0297d vn="Variante von Win32/RegistryBooster.D evtl. unerwünschte Anwendung" ac=I fn="H:\Programme\Uniblue\RegistryBooster\registrybooster.exe"
sh=54D400A676229809D9FF84D4AAFFA3887A480D2C ft=1 fh=c71c00110e8cd270 vn="Variante von Win32/Adware.OneStep.AF Anwendung" ac=I fn="H:\Programme\ScanQuery\scanquery.dll"
sh=58616C7F8970F6777EB8A828C281B5D5AB7FCE74 ft=1 fh=783b6e1daac52ee7 vn="Variante von Win32/Adware.OneStep.Z Anwendung" ac=I fn="H:\Programme\ScanQuery\scanquery.exe"
sh=E21200251E8405C9538B7C30D1535131B034EB0E ft=1 fh=a58cfcb929ddcc7f vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="H:\Programme\pdfforge Toolbar\WidgiHelper.exe"
sh=7B8F1CAE33997E51B24BC1D52440E05A921C04BC ft=1 fh=3bc0c3e27d4d4577 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="H:\Programme\pdfforge Toolbar\IE\4.5\pdfforgeToolbarIE.dll"
sh=FC9625EEC2918457014556525FB280BA0C2BE84F ft=0 fh=0000000000000000 vn="Win32/Adware.OneStep Anwendung" ac=I fn="H:\Programme\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\chrome\scanquery.jar"
sh=ABA0F43F547A86487917BB706D83F7F32FEA479E ft=1 fh=64f4ef9d4dc3c582 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\System Volume Information\_restore{46A08D03-8663-446E-9E2E-D1DB6E412B69}\RP11\A0002397.exe"
sh=646C2247ECE5E04144506DCB492EE39FED37BAD8 ft=1 fh=398a74cd3e07013f vn="Win32/Toolbar.Conduit.A evtl. unerwünschte Anwendung" ac=I fn="H:\System Volume Information\_restore{46A08D03-8663-446E-9E2E-D1DB6E412B69}\RP11\A0002398.exe"
sh=8671ACFCBDA75F4FDE5EDA500A9FAD6052F7E7F8 ft=1 fh=61d137ec10918feb vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="H:\System Volume Information\_restore{46A08D03-8663-446E-9E2E-D1DB6E412B69}\RP11\A0002409.exe"
sh=BB1B824E699480F0E72670CE730E1E32B11BB3DE ft=1 fh=26b246975d29f3b6 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="H:\System Volume Information\_restore{46A08D03-8663-446E-9E2E-D1DB6E412B69}\RP11\A0002412.exe"
sh=0E73E5F50253E821FD87BB845AEA0983CCFAE404 ft=0 fh=0000000000000000 vn="Variante von Generik.MFNZBXQ Trojaner" ac=I fn="H:\System Volume Information\_restore{46A08D03-8663-446E-9E2E-D1DB6E412B69}\RP12\A0003762.inf"
sh=6994FC133F3D99F1B1257370C9BC01BD54AF5D30 ft=1 fh=d1eb868415c0b931 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="H:\System Volume Information\_restore{2444A9CE-BA53-4602-BDF8-28D44202B689}\RP128\A0086335.exe"
sh=B25DFC38B84D9E21F4ECE88E942AAF3CC22EAB8E ft=1 fh=cda1cbd4b2e6ebee vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\System Volume Information\_restore{2444A9CE-BA53-4602-BDF8-28D44202B689}\RP128\A0087214.exe"
sh=E2161434966832B99FFABBD0AD7EBF5EBE6F1930 ft=1 fh=d14e6112b516cf0e vn="Variante von Win32/Adware.GamePlayLabs evtl. unerwünschte Anwendung" ac=I fn="H:\System Volume Information\_restore{2444A9CE-BA53-4602-BDF8-28D44202B689}\RP128\A0087218.exe"
sh=E5AB41BD9FC5166F039421C8F3B022752C3C605A ft=1 fh=9bffae5f27f9209e vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="H:\Neuer Ordner (2)\Neuer Ordner\Downloads\FreeYouTubeToMP3Converter(1).exe"
sh=B25DFC38B84D9E21F4ECE88E942AAF3CC22EAB8E ft=1 fh=cda1cbd4b2e6ebee vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Neuer Ordner (2)\31.03.2011\Downloads\FreeYouTubeToMP333Converter.exe"
sh=6994FC133F3D99F1B1257370C9BC01BD54AF5D30 ft=1 fh=d1eb868415c0b931 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="H:\Neuer Ordner (2)\Downloads\zaSetup_92_058_000_de.exe"
sh=78E374F51C29261D12F72DE4587FDEA65F19203D ft=0 fh=0000000000000000 vn="WMA/TrojanDownloader.Wimad.D Trojaner" ac=I fn="H:\Neuer Ordner (2)\FESTPLATTE\Musik\Deutsch\Hip Hop\Aggro\B-Tight Neger Neger\03 Track 3 (b-tight).wma"
sh=76CB10F5828DB2E25CEA5555709A229183E29A00 ft=1 fh=d78f3da79356f4db vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Neuer Ordner (2)\FESTPLATTE\Installationen\CDex-win32-1.70-b4-2009.exe"
sh=B3400852EADDE159B90188F1BB313FBBFFD48D8C ft=1 fh=d71604a559e354e8 vn="Variante von Generik.CILWIIQ Trojaner" ac=I fn="H:\Neuer Ordner (2)\FESTPLATTE\Installationen\FLV2Video_Setup_r44744.exe"
sh=592F61AA3F5CF06D5E304E52E767C09E404447A1 ft=1 fh=8a8ff7b6e7ed9323 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Neuer Ordner (2)\FESTPLATTE\Installationen\FreeYouTubeToMp3Converter328.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.008
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 60
Adobe Flash Player 19.0.0.185
Adobe Reader 10.1.15 Adobe Reader out of Date!
Google Chrome (45.0.2454.101)
Google Chrome (45.0.2454.99)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Aber trotzdem so ca. 5-10 minuten. Ja und Bluetooth funktioniert immer noch nicht :-( |
|
29.09.2015, 20:42
| #15 |
| | Notebook braucht 15 min zum hochfahren FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Eugen (Administrator) auf EUGEN-PC (29-09-2015 21:40:07)
Gestartet von C:\Users\Eugen\Desktop\Recovery 23-09-2015
Geladene Profile: Eugen (Verfügbare Profile: Eugen & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Google Inc.) C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-21] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1236569144-611998795-838250545-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-21] (AVAST Software)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eugen\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-09-28]
ShortcutTarget: Dropbox.lnk -> C:\Users\Eugen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute:
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 10 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2013-05-11] (National Instruments Corporation)
Winsock: Catalog5-x64 10 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560 2013-05-11] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EBE3468D-7CD6-4436-AC34-30B3D5192485}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1236569144-611998795-838250545-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1236569144-611998795-838250545-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {0CCD4CB5-9444-44DD-A39F-CCB3A19ADAB1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {46796D2F-6FE6-4DBF-81C0-F1CB6B934773} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {63D5E2AE-DDD8-4B52-936F-14B2D94D438D} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {68CA96C1-E6FB-4B39-96AE-13E6B5B7E8DA} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1236569144-611998795-838250545-1001 -> {A334D4D4-1D46-4F58-856E-74C2419D272E} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-13] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-21] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Kein Name -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-13] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF SelectedSearchEngine: Google (avast)
FF DefaultSearchEngine: Google (avast)
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\windows\system32\npDeployJava1.dll [2013-04-11] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1236569144-611998795-838250545-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Eugen\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1236569144-611998795-838250545-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Eugen\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1236569144-611998795-838250545-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Eugen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-22] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\searchplugins\google-avast.xml [2015-08-24]
FF SearchPlugin: C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\searchplugins\yahoo-avast.xml [2014-07-03]
FF Extension: Greasemonkey - C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-05-31]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-11-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-23]
FF Extension: Kein Name - C:\Users\Eugen\AppData\Roaming\Mozilla\Firefox\Profiles\imwrfoal.default\extensions\iobitascsurfingprotection@iobit.com [nicht gefunden]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR Plugin: (Shockwave Flash) - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\45.0.2454.101\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL => Keine Datei
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll => Keine Datei
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Eugen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Eugen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Eugen\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-27]
CHR Extension: (Google Drive) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-09]
CHR Extension: (YouTube) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-09]
CHR Extension: (Adblock Plus) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-23]
CHR Extension: (Google-Suche) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-09]
CHR Extension: (FoxyProxy Standard) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2014-12-06]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-13]
CHR Extension: (AdBlock) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-30]
CHR Extension: (Avast Online Security) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-23]
CHR Extension: (ProxMate) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-03-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-30]
CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2014-10-06]
CHR Extension: (Google Mail) - C:\Users\Eugen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: Google Chrome.CTKEMGO4BIPDMTQEJLN57L342E - C:\Users\Eugen\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-21] (Avast Software)
S4 ENI Server; C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe [651264 2013-04-15] (3S-Smart Software Solutions GmbH) [Datei ist nicht signiert]
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
S3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2000-01-01] (Intel Corporation)
S3 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2000-01-01] (Intel Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-24] (IObit)
S4 LkCitadelServer; C:\windows\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
S4 lkClassAds; C:\windows\SysWOW64\lkads.exe [53544 2013-06-12] (National Instruments Corporation)
S4 lkTimeSync; C:\windows\SysWOW64\lktsrv.exe [63792 2013-06-12] (National Instruments Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
S4 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-05-08] ()
S4 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57696 2013-06-08] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [81248 2013-06-08] (National Instruments Corporation)
S4 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [380720 2013-06-12] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
S4 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [260976 2013-05-11] (National Instruments Corporation)
S4 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [90440 2013-06-07] (National Instruments Corporation)
S4 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57680 2013-06-08] (National Instruments Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-11-28] ()
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [Datei ist nicht signiert]
S4 RTService; C:\Program Files (x86)\3S Software\CoDeSys SP RTE\RTService.exe [495735 2013-04-16] (3S-Smart Software Solutions GmbH) [Datei ist nicht signiert]
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] () [Datei ist nicht signiert]
S4 ServiceControl_RTE23_3S_GmbH; C:\Program Files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe [188551 2013-04-16] (3S-Smart Software Solutions GmbH) [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S4 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3385584 2013-05-08] (Intel® Corporation)
S2 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [X]
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [X]
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [X]
S2 SamsungAllShareV2.0; "C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 3SRTE; C:\Windows\SysWow64\Drivers\3SRTE.sys [340078 2013-04-16] (3S - Smart Software Solutions GmbH)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-21] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-10-15] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 EterlogicVirtualSerialDriver; C:\windows\system32\drivers\VSPE.sys [40928 2014-06-23] ()
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-04-08] (GFI Software)
S3 h647906; C:\Windows\System32\drivers\h647906.sys [63856 2008-08-08] (Your Corporation)
S3 h648101; C:\Windows\System32\drivers\h648101.sys [65776 2008-08-08] (Your Corporation)
S3 h648103; C:\Windows\System32\drivers\h648103.sys [62960 2008-08-08] (Your Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41272 2008-08-08] (Your Corporation)
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [43192 2008-08-08] (Your Corporation)
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [40856 2008-08-08] (Your Corporation)
S3 ibpcimpm; C:\Windows\SysWow64\Drivers\ibpcimpm.sys [267912 2013-04-16] (3s)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-28] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-21] (AVAST Software)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 RTIOdrvAPIC; C:\Windows\SysWow64\Drivers\RTIOdrvAPIC.sys [19584 2013-04-16] (3S)
S3 RTIOdrvApplicom; C:\Windows\SysWow64\Drivers\RTIOdrvApplicom.sys [222852 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvAutomata; C:\Windows\SysWow64\Drivers\RTIOdrvAutomata.sys [307020 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvCifX; C:\Windows\SysWow64\Drivers\RTIOdrvCifX.sys [100480 2013-04-16] () [Datei ist nicht signiert]
S3 RTIOdrvCP5613; C:\Windows\SysWow64\Drivers\RTIOdrvCP5613.sys [403408 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvDAMP; C:\Windows\SysWow64\Drivers\RTIOdrvDAMP.sys [84096 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvFC310x; C:\Windows\SysWow64\Drivers\RTIOdrvFC310x.sys [44676 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvHilscherDPM; C:\Windows\SysWow64\Drivers\RTIOdrvHilscherDPM.sys [65678 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvHMS; C:\Windows\SysWow64\Drivers\RTIOdrvHMS.sys [31358 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvKuhnkePBM; C:\Windows\SysWow64\Drivers\RTIOdrvKuhnkePBM.sys [62602 2013-04-16] (3s) [Datei ist nicht signiert]
S3 RTIOdrvSJA; C:\Windows\SysWow64\Drivers\RTIOdrvSJA.sys [111596 2013-04-16] (3s) [Datei ist nicht signiert]
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-21] (Avast Software)
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 SBIOSIO; \??\C:\Users\Eugen\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-29 21:36 - 2015-09-29 21:36 - 00852704 _____ C:\Users\Eugen\Desktop\SecurityCheck.exe
2015-09-29 14:29 - 2015-09-29 14:29 - 02870984 _____ (ESET) C:\Users\Eugen\Desktop\esetsmartinstaller_deu.exe
2015-09-28 17:20 - 2015-09-29 21:16 - 00000963 _____ C:\windows\setupact.log
2015-09-28 17:20 - 2015-09-28 17:20 - 00000000 _____ C:\windows\setuperr.log
2015-09-28 13:53 - 2015-09-28 13:53 - 00002925 _____ C:\Users\Eugen\Desktop\JRT.txt
2015-09-28 13:44 - 2015-09-22 19:06 - 01800512 _____ (Malwarebytes) C:\Users\Eugen\Desktop\JRT.exe
2015-09-28 13:38 - 2015-09-28 13:38 - 00005416 _____ C:\Users\Eugen\Desktop\AdwCleaner[C6].txt
2015-09-28 13:27 - 2015-09-28 13:27 - 00043851 _____ C:\Users\Eugen\Desktop\mbam.txt
2015-09-28 12:23 - 2015-09-28 12:23 - 00001062 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-27 22:43 - 2015-09-27 22:43 - 00000000 ____D C:\Users\Eugen\AppData\Local\GWX
2015-09-25 12:44 - 2015-09-25 12:50 - 00000000 ___SD C:\windows\system32\GWX
2015-09-25 12:44 - 2015-09-25 12:44 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-09-25 12:33 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-09-25 12:33 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-09-25 12:33 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-09-25 12:33 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2015-09-25 11:39 - 2015-01-09 01:44 - 00419936 _____ C:\windows\SysWOW64\locale.nls
2015-09-25 11:39 - 2015-01-09 01:43 - 00419936 _____ C:\windows\system32\locale.nls
2015-09-25 11:34 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-25 11:34 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-25 10:51 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-09-25 10:51 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-09-25 10:42 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-09-25 10:42 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-09-25 10:42 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-09-25 10:42 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-09-25 10:42 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-09-25 10:42 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-09-25 10:42 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-09-25 10:42 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-09-25 10:42 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-09-25 10:42 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-09-25 10:42 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-09-25 10:17 - 2015-09-25 10:17 - 00049965 _____ C:\ComboFix.txt
2015-09-25 09:37 - 2015-09-25 10:18 - 00000000 ____D C:\ComboFix
2015-09-24 17:49 - 2015-09-24 17:49 - 00000000 ____D C:\a2bc45f176124b184621ac
2015-09-24 17:48 - 2015-09-24 17:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-24 17:48 - 2015-09-24 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-24 13:25 - 2015-09-24 13:25 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Eugen\Desktop\tdsskiller.exe
2015-09-24 13:24 - 2015-09-24 14:04 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-24 13:23 - 2015-09-24 14:04 - 00000000 ____D C:\Users\Eugen\Desktop\mbar
2015-09-23 19:08 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-09-23 19:08 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-09-23 19:08 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-09-23 19:08 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-09-23 19:08 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-09-23 19:08 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-09-23 19:08 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-09-23 19:08 - 2015-06-03 22:16 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-09-23 19:08 - 2015-06-03 22:16 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-09-23 19:07 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-09-23 19:07 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-09-23 19:07 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-09-23 19:07 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-09-23 19:07 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-09-23 19:07 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-09-23 19:07 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-09-23 19:07 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-09-23 19:07 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-09-23 19:07 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-09-23 19:07 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-09-23 19:07 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2015-09-23 19:07 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-09-23 19:07 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-09-23 19:07 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-09-23 19:06 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-09-23 19:06 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-09-23 19:06 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-09-23 19:06 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-09-23 19:06 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-09-23 19:06 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-09-23 19:06 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-09-23 19:06 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-09-23 19:06 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-09-23 19:06 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-09-23 19:06 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-09-23 19:06 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-09-23 19:05 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-09-23 19:05 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-09-23 19:05 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-09-23 19:05 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-09-23 19:05 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-09-23 19:04 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2015-09-23 19:04 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-09-23 19:04 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-09-23 19:04 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-09-23 19:04 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-09-23 19:04 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-09-23 19:04 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-09-23 19:04 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-09-23 19:04 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-09-23 19:04 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-09-23 19:04 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-09-23 19:04 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-09-23 19:04 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-09-23 19:04 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-09-23 19:04 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-09-23 19:04 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-09-23 19:04 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-09-23 19:04 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-09-23 19:04 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-09-23 19:04 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-09-23 19:04 - 2015-06-03 22:17 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-09-23 19:04 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-09-23 19:04 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-09-23 19:04 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-09-23 19:04 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-09-23 19:04 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-09-23 19:04 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-09-23 19:04 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-09-23 19:04 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-09-23 19:04 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-09-23 19:04 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-09-23 19:04 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-09-23 19:04 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-09-23 19:04 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-09-23 19:04 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-09-23 19:04 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-09-23 19:00 - 2015-09-23 19:01 - 00347816 _____ (Microsoft Corporation) C:\Users\Eugen\Desktop\MicrosoftFixit.wu.FISC.1366458398205341.1.1.Run.exe
2015-09-23 18:59 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-09-23 18:59 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-09-23 18:54 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-09-23 18:53 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-09-23 18:53 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-09-23 18:53 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-09-23 18:52 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-09-23 18:52 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-09-23 18:52 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-09-23 18:52 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-09-23 18:52 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-09-23 18:52 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-09-23 18:52 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-09-23 18:52 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-09-23 18:52 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-09-23 18:52 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-09-23 18:52 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-09-23 18:52 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-09-23 18:52 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-09-23 18:52 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-09-23 18:52 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-09-23 18:52 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-09-23 18:52 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-09-23 18:52 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-09-23 18:52 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-09-23 18:52 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-09-23 18:52 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-09-23 18:52 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-09-23 18:52 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-09-23 18:52 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-09-23 18:52 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-09-23 18:52 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-09-23 18:52 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-09-23 18:52 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-09-23 18:52 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-09-23 18:52 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-09-23 18:52 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-09-23 18:52 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-09-23 18:52 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-09-23 18:52 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-09-23 18:52 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-09-23 18:52 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-09-23 18:52 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-09-23 18:52 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-09-23 18:52 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-09-23 18:52 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-09-23 18:52 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-09-23 18:52 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-09-23 18:52 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-09-23 18:52 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-09-23 18:52 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-09-23 18:52 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-23 18:52 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-09-23 18:52 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-09-23 18:52 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-09-23 18:52 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-09-23 18:52 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-09-23 18:52 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-09-23 18:52 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-09-23 18:52 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-09-23 18:52 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-09-23 18:52 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-09-23 18:52 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-09-23 18:52 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-09-23 18:52 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-09-23 18:52 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-09-23 18:52 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-09-23 18:52 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-09-23 18:52 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-09-23 18:52 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-09-23 18:52 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-09-23 18:52 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-09-23 18:52 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2015-09-23 18:52 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-09-23 18:52 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-09-23 18:52 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-09-23 18:52 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-09-23 18:51 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-09-23 18:51 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-09-23 18:51 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-09-23 18:51 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-09-23 18:51 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-09-23 18:51 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-09-23 18:51 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-09-23 18:51 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-09-23 18:51 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-09-23 18:51 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-09-23 18:51 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-09-23 18:51 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-09-23 18:51 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-09-23 18:51 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-09-23 18:51 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-09-23 18:51 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-09-23 18:51 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-09-23 18:51 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-09-23 18:51 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-09-23 18:51 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-09-23 18:51 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-09-23 18:51 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-09-23 18:50 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-09-23 18:50 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-09-23 18:50 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-09-23 18:50 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-09-23 18:50 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-09-23 18:50 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-09-23 18:50 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-09-23 18:50 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-09-23 18:50 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-09-23 18:50 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-09-23 18:50 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-09-23 18:50 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-09-23 18:50 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-09-23 18:50 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-09-23 18:50 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-09-23 18:50 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-09-23 18:50 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-09-23 18:50 - 2015-06-03 22:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-09-23 18:50 - 2015-06-03 22:16 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-09-23 18:50 - 2015-06-03 22:16 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-09-23 18:50 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-09-23 18:50 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-09-23 18:50 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-09-23 18:50 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-09-23 18:50 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-09-23 18:50 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-09-23 18:50 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-09-23 18:50 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-09-23 18:50 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-09-23 18:48 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-09-23 18:48 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-09-23 18:48 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-09-23 18:48 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-09-23 18:48 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-09-23 18:48 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-09-23 18:48 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-09-23 18:48 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-09-23 18:48 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-09-23 18:48 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-09-23 18:01 - 2015-09-23 18:01 - 00002790 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2015-09-23 18:01 - 2015-09-23 18:01 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-23 18:01 - 2015-09-23 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-23 18:00 - 2015-09-23 18:01 - 00000000 ____D C:\Program Files\CCleaner
2015-09-23 17:53 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-09-23 17:53 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-09-23 17:53 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-09-23 17:53 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-09-23 17:53 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-09-23 17:53 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-09-23 17:53 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-09-23 17:53 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-09-23 17:53 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-09-23 17:53 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-09-23 17:53 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-09-23 17:53 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-09-23 17:53 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-09-23 17:53 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-09-23 17:53 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-09-23 17:53 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-09-23 17:53 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-09-23 17:53 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-09-23 17:53 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-09-23 17:53 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-09-23 17:53 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-09-23 17:53 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-09-23 17:53 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-09-23 17:53 - 2015-06-03 22:17 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-09-23 17:52 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-09-23 17:52 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-09-23 17:52 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-09-23 17:52 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-09-23 17:52 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-09-23 17:52 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-09-23 17:52 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-09-23 17:52 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-09-23 17:52 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-09-23 17:52 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-23 17:52 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-09-23 17:52 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-09-23 17:52 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-09-23 17:52 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-09-23 17:52 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-09-23 17:52 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-09-23 17:52 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-09-23 17:52 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-09-23 17:52 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-09-23 17:52 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-09-23 17:52 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-23 17:52 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-23 17:52 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-09-23 17:52 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-09-23 17:52 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-09-23 17:52 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-09-23 17:52 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-09-23 17:52 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-09-23 17:52 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2015-09-23 17:52 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-09-23 17:52 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-09-23 17:51 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-09-23 17:51 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-09-23 17:51 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-09-23 17:51 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-09-23 17:51 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-09-23 17:51 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-09-23 17:51 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-09-23 16:11 - 2014-05-04 19:54 - 00000426 _____ C:\AVScanner.ini
2015-09-23 15:03 - 2015-09-23 15:03 - 00000000 ____D C:\Users\Eugen\AppData\Local\Steam
2015-09-23 13:18 - 2015-09-28 13:58 - 00104913 _____ C:\Users\Eugen\Desktop\FRST.txt
2015-09-23 13:17 - 2015-09-29 21:40 - 00000000 ____D C:\Users\Eugen\Desktop\Recovery 23-09-2015
2015-09-23 13:16 - 2015-09-23 13:16 - 02192384 _____ (Farbar) C:\Users\Eugen\Downloads\ADE9.tmp
2015-09-23 13:15 - 2015-09-23 13:15 - 00000000 ____D C:\windows\Tasks\ImCleanDisabled
2015-09-23 13:15 - 2015-09-23 13:15 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-09-23 13:11 - 2015-09-23 13:15 - 00000000 ____D C:\ProgramData\IObit
2015-09-23 13:11 - 2015-09-23 13:11 - 00001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-09-23 13:11 - 2015-09-23 13:11 - 00001354 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-09-23 13:11 - 2015-09-23 13:11 - 00000000 ____D C:\Users\Eugen\AppData\IObit
2015-09-23 13:10 - 2015-09-23 17:07 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-23 13:10 - 2015-09-23 13:30 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\IObit
2015-09-14 20:42 - 2015-09-14 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\premium Poker
2015-09-13 16:43 - 2015-09-14 20:42 - 00001489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\premium Poker.lnk
2015-09-13 16:43 - 2015-09-14 20:42 - 00001483 _____ C:\Users\Eugen\Desktop\premium Poker.lnk
2015-09-13 03:17 - 2015-09-13 03:17 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Sun
2015-09-13 03:17 - 2015-09-13 03:17 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-13 03:17 - 2015-09-13 03:17 - 00000000 ____D C:\Users\Eugen\.oracle_jre_usage
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-29 21:40 - 2013-10-14 13:55 - 00000000 ____D C:\FRST
2015-09-29 21:39 - 2014-11-10 13:16 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Notepad++
2015-09-29 21:36 - 2012-11-26 17:57 - 00000000 ___RD C:\Users\Eugen\Dropbox
2015-09-29 21:32 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-29 21:32 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-29 21:28 - 2012-11-26 17:55 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Dropbox
2015-09-29 21:26 - 2013-04-09 16:40 - 00001120 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job
2015-09-29 21:22 - 2015-01-05 17:21 - 00000546 _____ C:\windows\Tasks\MATLAB R2012a Startup Accelerator.job
2015-09-29 21:20 - 2013-11-13 18:26 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-09-29 21:19 - 2013-05-31 10:55 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-29 21:17 - 2013-05-09 18:16 - 00000434 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-09-29 21:17 - 2012-05-21 13:12 - 00000828 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-09-29 21:16 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-09-29 21:15 - 2012-05-22 05:05 - 01471237 _____ C:\windows\WindowsUpdate.log
2015-09-29 21:00 - 2015-08-24 18:55 - 00001224 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA.job
2015-09-29 20:44 - 2013-05-31 10:55 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-29 19:26 - 2013-04-09 16:40 - 00001068 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job
2015-09-29 19:00 - 2015-08-24 18:55 - 00001172 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core.job
2015-09-29 18:18 - 2012-05-21 13:12 - 00000830 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-09-29 14:56 - 2012-05-22 04:55 - 00775470 _____ C:\windows\system32\perfh007.dat
2015-09-29 14:56 - 2012-05-22 04:55 - 00176406 _____ C:\windows\system32\perfc007.dat
2015-09-29 14:56 - 2009-07-14 07:13 - 01810986 _____ C:\windows\system32\PerfStringBackup.INI
2015-09-29 14:20 - 2009-07-14 05:20 - 00000000 ____D C:\windows\AppCompat
2015-09-28 17:42 - 2013-04-09 16:41 - 00002356 _____ C:\Users\Eugen\Desktop\Google Chrome.lnk
2015-09-28 14:19 - 2012-12-19 17:02 - 00000000 ____D C:\Users\Eugen\AppData\Local\CrashDumps
2015-09-28 14:08 - 2014-12-12 15:45 - 00000000 ____D C:\Users\Eugen\AppData\Local\TSVNCache
2015-09-28 13:36 - 2014-06-09 14:36 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-28 13:33 - 2014-06-09 15:37 - 00000000 ____D C:\AdwCleaner
2015-09-28 12:23 - 2014-06-09 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-28 12:23 - 2014-06-09 14:35 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-25 16:57 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-09-25 13:54 - 2012-11-03 21:01 - 00000000 ____D C:\Users\Eugen\AppData\Local\Samsung
2015-09-25 13:54 - 2012-05-21 13:21 - 00000000 ____D C:\ProgramData\SAMSUNG
2015-09-25 13:54 - 2012-05-21 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-09-25 13:54 - 2012-05-21 13:20 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-09-25 13:53 - 2012-10-08 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3
2015-09-25 13:53 - 2012-05-21 13:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-25 13:51 - 2012-05-21 13:30 - 00000000 ____D C:\ProgramData\WinClon
2015-09-25 12:44 - 2009-07-14 05:20 - 00000000 ____D C:\windows\tracing
2015-09-25 12:39 - 2012-09-29 09:51 - 01785266 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-09-25 12:00 - 2009-07-14 06:45 - 00456072 _____ C:\windows\system32\FNTCACHE.DAT
2015-09-25 11:55 - 2015-01-08 17:19 - 00000000 ____D C:\windows\system32\appraiser
2015-09-25 11:55 - 2014-05-28 10:23 - 00000000 ___SD C:\windows\system32\CompatTel
2015-09-25 11:55 - 2012-05-22 04:30 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-25 11:55 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\Dism
2015-09-25 11:55 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\Dism
2015-09-25 11:55 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2015-09-25 11:55 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-09-25 11:35 - 2012-11-20 11:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-25 11:23 - 2013-10-23 14:43 - 00000000 ____D C:\windows\system32\MRT
2015-09-25 10:18 - 2013-06-14 19:35 - 00000000 ____D C:\Qoobox
2015-09-25 10:05 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2015-09-25 09:59 - 2013-06-14 19:34 - 00000000 ____D C:\windows\erdnt
2015-09-24 19:47 - 2009-07-14 07:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-09-24 17:47 - 2012-09-29 09:09 - 00000000 ____D C:\ProgramData\Skype
2015-09-23 19:48 - 2012-05-21 14:28 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-09-23 19:33 - 2012-05-21 14:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2015-09-23 19:27 - 2012-05-21 14:28 - 00000000 ____D C:\ProgramData\CyberLink
2015-09-23 19:26 - 2012-05-21 14:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-09-23 18:11 - 2014-01-18 20:31 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\TeamViewer
2015-09-23 18:10 - 2013-10-15 15:46 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\DAEMON Tools Lite
2015-09-23 18:09 - 2013-01-11 20:23 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-09-23 18:07 - 2011-02-11 21:57 - 00000000 ____D C:\windows\Panther
2015-09-23 18:04 - 2012-10-03 07:59 - 00000000 ____D C:\windows\Minidump
2015-09-23 17:22 - 2013-06-15 13:48 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-23 17:21 - 2014-03-20 15:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-09-23 17:21 - 2014-03-20 14:59 - 00000000 ____D C:\windows\system32\1031
2015-09-23 17:21 - 2012-05-21 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2015-09-23 17:21 - 2012-05-21 13:22 - 00000000 ____D C:\Program Files (x86)\WildGames
2015-09-23 17:21 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-23 17:21 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-23 17:21 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-09-23 17:18 - 2012-05-21 13:22 - 00000000 ____D C:\ProgramData\WildTangent
2015-09-23 17:13 - 2013-04-29 18:27 - 00000000 ____D C:\Program Files (x86)\Veoh Networks
2015-09-23 17:08 - 2014-03-20 14:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-09-23 17:07 - 2013-10-23 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-09-23 17:05 - 2013-10-23 16:08 - 00000000 ____D C:\Program Files (x86)\Secunia
2015-09-23 17:03 - 2014-03-20 15:05 - 00000000 ____D C:\windows\SysWOW64\1031
2015-09-23 17:03 - 2013-06-16 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-09-23 16:56 - 2013-06-16 11:17 - 00000000 ____D C:\Program Files\Samsung AnyWeb Print
2015-09-23 16:42 - 2014-11-11 23:16 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Atari
2015-09-23 16:37 - 2013-11-19 21:58 - 00000000 ____D C:\Users\Eugen\AppData\Local\PokerStars.EU
2015-09-23 16:36 - 2014-03-19 22:57 - 00000000 ____D C:\Poker
2015-09-23 16:36 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\MSBuild
2015-09-23 16:31 - 2013-03-17 14:28 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-09-23 16:11 - 2012-10-12 22:05 - 00000000 ____D C:\Users\Eugen\AppData\Local\Facebook
2015-09-23 16:08 - 2014-01-11 13:30 - 00000000 ____D C:\Users\Eugen\.LOGOComfort7.0
2015-09-23 16:05 - 2013-10-23 16:18 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-09-23 16:02 - 2014-07-08 20:59 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-09-23 16:02 - 2014-07-08 20:59 - 00000000 ____D C:\Program Files\Image-Line
2015-09-23 16:02 - 2014-07-08 20:51 - 00000000 ____D C:\Program Files (x86)\Image-Line
2015-09-23 15:59 - 2014-10-06 13:57 - 00000000 ____D C:\Program Files\IBM
2015-09-23 15:51 - 2014-04-03 11:10 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software
2015-09-23 15:51 - 2014-04-03 11:10 - 00000000 ____D C:\Program Files (x86)\HI-TECH Software
2015-09-23 15:48 - 2014-11-08 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTK2 Runtime
2015-09-23 15:47 - 2013-10-15 20:04 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-09-23 15:45 - 2013-10-15 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-09-23 15:44 - 2014-11-28 13:48 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
2015-09-23 15:44 - 2014-11-28 13:48 - 00000000 ____D C:\Users\Eugen\AppData\Local\GamersFirst
2015-09-23 15:42 - 2013-01-29 19:12 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-09-23 15:42 - 2012-11-22 20:29 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\DVDVideoSoft
2015-09-23 15:42 - 2012-11-22 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-23 15:41 - 2014-07-08 20:59 - 00000000 ____D C:\Program Files (x86)\DSPRobotics
2015-09-23 15:37 - 2013-09-26 10:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-23 15:33 - 2014-04-10 21:32 - 00000000 ____D C:\Program Files (x86)\EWB512
2015-09-23 15:33 - 2009-07-14 04:34 - 00000493 _____ C:\windows\win.ini
2015-09-23 15:06 - 2014-05-28 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Cleaner Pro
2015-09-23 15:05 - 2014-01-30 20:44 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-23 15:05 - 2013-01-22 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-23 15:05 - 2013-01-22 16:08 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-23 14:58 - 2013-01-22 16:03 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IAHGames
2015-09-23 14:58 - 2013-01-22 16:03 - 00000000 ____D C:\Program Files (x86)\IAHGames
2015-09-23 14:45 - 2015-02-09 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bridge Building Game
2015-09-23 14:35 - 2014-04-24 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-09-23 14:35 - 2014-04-24 14:27 - 00000000 ____D C:\ProgramData\BlueStacks
2015-09-23 14:23 - 2014-05-31 19:32 - 00000000 ____D C:\Program Files (x86)\Arma 3
2015-09-23 13:15 - 2013-01-06 00:40 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Apple Computer
2015-09-23 12:48 - 2014-11-28 13:48 - 00000000 ____D C:\Program Files (x86)\GamersFirst
2015-09-23 12:37 - 2012-12-13 20:28 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\Amazon
2015-09-23 12:37 - 2012-12-13 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2015-09-23 12:37 - 2012-12-13 20:27 - 00000000 ____D C:\Program Files (x86)\Amazon
2015-09-23 12:37 - 2012-11-30 13:54 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\uTorrent
2015-09-23 12:21 - 2012-10-09 18:43 - 00000000 ____D C:\Allgemein
2015-09-23 12:21 - 2012-10-08 12:49 - 00000000 ____D C:\Studium
2015-09-23 12:18 - 2015-01-26 17:55 - 00000000 ____D C:\Users\Eugen\Desktop\CS
2015-09-21 21:15 - 2013-12-11 11:23 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 21:15 - 2013-12-11 11:23 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-20 19:52 - 2012-09-29 10:58 - 00000000 ____D C:\Users\Eugen\AppData\Local\Google
2015-09-17 19:21 - 2013-04-09 16:40 - 00004090 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001UA
2015-09-17 19:21 - 2013-04-09 16:40 - 00003694 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1236569144-611998795-838250545-1001Core
2015-09-16 20:39 - 2013-05-31 10:55 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 20:39 - 2013-05-31 10:55 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-13 16:44 - 2013-04-11 19:43 - 00000000 ____D C:\Users\Eugen\AppData\Roaming\cef-cache
2015-09-13 03:24 - 2014-11-17 14:23 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-13 03:22 - 2014-10-12 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-13 03:17 - 2012-09-29 09:07 - 00000000 ____D C:\Users\Eugen
2015-09-13 03:14 - 2014-11-17 14:24 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-17 10:57 - 2014-11-17 10:57 - 0027648 _____ () C:\Users\Eugen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-31 16:03 - 2014-05-31 16:03 - 0000218 _____ () C:\Users\Eugen\AppData\Local\recently-used.xbel
2013-04-11 14:54 - 2013-06-07 08:44 - 0007597 _____ () C:\Users\Eugen\AppData\Local\resmon.resmoncfg
2013-06-15 14:01 - 2013-06-15 14:03 - 0014727 _____ () C:\Users\Eugen\AppData\Local\WiDiSetupLog.20130615.140157.txt
2015-04-08 17:03 - 2015-04-08 17:03 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-10-08 20:56 - 2012-11-23 15:15 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2012-05-21 14:32 - 2012-05-21 14:33 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-21 14:28 - 2012-05-21 14:29 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-05-21 14:31 - 2012-05-21 14:31 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-21 14:29 - 2012-05-21 14:30 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-21 14:31 - 2012-05-21 14:32 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
Einige Dateien in TEMP:
====================
C:\Users\Eugen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmhopwn.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-24 15:40
==================== Ende von FRST.txt ============================
|
|
WARNUNG an die MITLESER: 
Linear-Darstellung
