Win 7: Weißer Bildschirm nach Hochfahren

Flick · 23.10.2015, 21:23

Guten Abend,

mein Freund hat wohl seit längerer Zeit diesen PC rumstehen, der nicht mehr funktioniert.
Heute habe ich mal versucht ihn wieder anzumachen und bin dabei auf Folgendes gestoßen.
Es wäre klasse, wenn mir jemand dabei helfen könnte ihn wieder zum Laufen zu bringen.

Defogger-Disable:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:41 on 23/10/2015 (Stefan)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015 01
durchgeführt von Stefan (Administrator) auf STEFAN-PC (23-10-2015 22:43:31)
Gestartet von C:\Users\Stefan\Desktop
Geladene Profile: Stefan (Verfügbare Profile: Stefan & Tanja & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: IE)
Start-Modus: Safe Mode (minimal)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Users\Stefan\Desktop\Defogger.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [303376 2009-07-03] (Kaspersky Lab)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (ScanSoft, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [246504 2010-01-11] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [RegUse] => C:\Program Files (x86)\RegUse\RegUse.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [887976 2011-08-23] (Ask)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-02] (Adobe Systems Incorporated)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab)
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-25] (Google Inc.)
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2011-05-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\...\Winlogon: [Shell] C:\Users\Stefan\AppData\Roaming\skype.dat [87040 2011-11-17] () <==== ACHTUNG
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-27] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\sbhook64.dll [67600 2009-07-03] (Kaspersky Lab)
AppInit_DLLs: ,C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\kloehk.dll [13328 2009-07-03] (Kaspersky Lab)
AppInit_DLLs-x32: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll [109072 2010-01-17] (Kaspersky Lab)
AppInit_DLLs-x32: ,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\sbhook.dll [68112 2009-07-03] (Kaspersky Lab)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-03-07]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\W541U V2.0.lnk [2010-01-17]
ShortcutTarget: W541U V2.0.lnk -> C:\Program Files (x86)\Tenda\W541U V2.0\UI.exe ()
Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-02-26]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-10-23]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{747A4846-2CC7-4780-AA49-8888A483221A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F89DAE3E-AA94-4654-9A79-5482F462808E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - WiseConvert Toolbar - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files (x86)\WiseConvert\prxtbWis0.dll (Conduit Ltd.)
URLSearchHook: HKLM-x32 - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
URLSearchHook: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 - WiseConvert Toolbar - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files (x86)\WiseConvert\prxtbWis0.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
SearchScopes: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 -> {911B82DB-7F9B-4F90-B2E9-E054B1946710} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
SearchScopes: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 -> {DB84A3A6-BC07-4951-AA8D-06DF936881AC} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=BCPA&o=16145&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=QK&apn_dtid=YYYYYYYYDE&apn_uid=6D25A602-693C-46E3-A075-A86D04E6955C&apn_sauid=D33B6911-AADD-4F82-8F86-7EC37FB708E9&
BHO: IEVkbdBHO Class -> {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll [2009-07-03] (Kaspersky Lab)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-09-22] (Google Inc.)
BHO: FilterBHO Class -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [2009-07-03] (Kaspersky Lab)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: IEVkbdBHO Class -> {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-07-03] (Kaspersky Lab)
BHO-x32: FileConverter 1.3 Toolbar -> {78e516ef-11de-47a1-8364-a99b917ec5ee} -> C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll [2011-05-09] (Conduit Ltd.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-09-22] (Google Inc.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-08-23] (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-02-26] (Sun Microsystems, Inc.)
BHO-x32: FilterBHO Class -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2010-01-17] (Kaspersky Lab)
BHO-x32: WiseConvert Toolbar -> {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} -> C:\Program Files (x86)\WiseConvert\prxtbWis0.dll [2011-05-09] (Conduit Ltd.)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28] (Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-09-22] (Google Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-08-23] (Ask)
Toolbar: HKLM-x32 - WiseConvert Toolbar - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files (x86)\WiseConvert\prxtbWis0.dll [2011-05-09] (Conduit Ltd.)
Toolbar: HKLM-x32 - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll [2011-05-09] (Conduit Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
Toolbar: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 -> Kein Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  Keine Datei
Toolbar: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 -> Kein Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-02-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-02-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-07] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [{eea12ec4-729d-4703-bc37-106ce9879ce2}] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt
FF Extension: Kaspersky Anti-Spam Extension - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010-01-12] [ist nicht signiert]
FF HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [303376 2009-07-03] (Kaspersky Lab)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2011-03-31] () [Datei ist nicht signiert]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [156688 2009-06-15] (Kaspersky Lab)
S0 KLBG; C:\Windows\System32\DRIVERS\klbg.sys [38416 2008-12-15] (Kaspersky Lab)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [330768 2010-01-12] (Kaspersky Lab)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [26640 2009-05-15] (Kaspersky Lab)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [21008 2009-05-16] (Kaspersky Lab)
S3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [15680 2006-10-31] ()
S3 SaiH0763; C:\Windows\System32\DRIVERS\SaiH0763.sys [176640 2007-07-18] (Saitek)
S3 SaiH0BAC; C:\Windows\System32\DRIVERS\SaiH0BAC.sys [176128 2007-07-02] (Saitek)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-23 22:43 - 2015-10-23 22:44 - 00016153 _____ C:\Users\Stefan\Desktop\FRST.txt
2015-10-23 22:43 - 2015-10-23 22:43 - 00000000 ____D C:\FRST
2015-10-23 22:43 - 2015-10-23 21:28 - 02196480 _____ (Farbar) C:\Users\Stefan\Desktop\FRST64.exe
2015-10-23 22:41 - 2015-10-23 22:41 - 00000474 _____ C:\Users\Stefan\Desktop\defogger_disable.log
2015-10-23 22:41 - 2015-10-23 22:41 - 00000000 _____ C:\Users\Stefan\defogger_reenable
2015-10-23 21:18 - 2015-10-23 21:18 - 00050477 _____ C:\Users\Stefan\Desktop\Defogger.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-23 22:41 - 2010-01-17 09:16 - 00000000 ____D C:\Users\Stefan
2015-10-23 22:39 - 2009-07-14 19:58 - 14267344 _____ C:\Windows\system32\perfh007.dat
2015-10-23 22:39 - 2009-07-14 19:58 - 04400848 _____ C:\Windows\system32\perfc007.dat
2015-10-23 22:39 - 2009-07-14 07:13 - 00005222 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-23 22:29 - 2010-01-12 17:26 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-23 22:17 - 2010-01-17 09:08 - 01417402 _____ C:\Windows\WindowsUpdate.log
2015-10-23 22:16 - 2009-07-14 06:45 - 00014624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-23 22:16 - 2009-07-14 06:45 - 00014624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-23 22:11 - 2010-02-01 10:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-23 22:09 - 2010-01-17 10:50 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-23 22:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-23 22:09 - 2009-07-14 06:51 - 00114003 _____ C:\Windows\setupact.log
2015-10-23 22:04 - 2010-02-01 10:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-23 22:03 - 2013-04-27 15:35 - 00000004 _____ C:\Users\Stefan\AppData\Roaming\skype.ini
2015-10-23 21:43 - 2013-04-04 10:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-23 21:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-01-11 12:28 - 2011-11-17 07:38 - 0087040 _____ () C:\Users\Stefan\AppData\Roaming\skype.dat
2013-04-27 15:35 - 2015-10-23 22:03 - 0000004 _____ () C:\Users\Stefan\AppData\Roaming\skype.ini
2010-02-25 20:11 - 2010-02-25 20:11 - 0007605 _____ () C:\Users\Stefan\AppData\Local\Resmon.ResmonCfg
2010-01-27 17:18 - 2010-10-30 13:31 - 0000017 _____ () C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_sta
2010-01-17 11:01 - 2011-07-25 15:40 - 0001001 _____ () C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_wsc
2011-03-07 13:16 - 2011-03-07 13:34 - 0000777 _____ () C:\ProgramData\hpzinstall.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Stefan\AppData\Roaming\skype.dat
C:\Users\Stefan\AppData\Roaming\skype.ini


Einige Dateien in TEMP:
====================
C:\Users\Stefan\AppData\Local\Temp\AskSLib.dll
C:\Users\Stefan\AppData\Local\Temp\EBU6D.DLL
C:\Users\Stefan\AppData\Local\Temp\EBU7EC.EXE
C:\Users\Stefan\AppData\Local\Temp\EBUAF71.DLL
C:\Users\Stefan\AppData\Local\Temp\EBUCED8.EXE
C:\Users\Stefan\AppData\Local\Temp\EBUCEF6.EXE
C:\Users\Stefan\AppData\Local\Temp\EBUD213.DLL
C:\Users\Stefan\AppData\Local\Temp\EBUD58.DLL
C:\Users\Stefan\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Stefan\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Stefan\AppData\Local\Temp\tbedrs.dll
C:\Users\Stefan\AppData\Local\Temp\TB_EFBA.exe
C:\Users\Stefan\AppData\Local\Temp\TB_EFF9.exe
C:\Users\Stefan\AppData\Local\Temp\_is1E59.exe
C:\Users\Stefan\AppData\Local\Temp\_is1E68.exe
C:\Users\Stefan\AppData\Local\Temp\_is2FC.exe
C:\Users\Stefan\AppData\Local\Temp\_is3C83.exe
C:\Users\Stefan\AppData\Local\Temp\_is47E8.exe
C:\Users\Stefan\AppData\Local\Temp\_is4F19.exe
C:\Users\Stefan\AppData\Local\Temp\_is517A.exe
C:\Users\Stefan\AppData\Local\Temp\_is5783.exe
C:\Users\Stefan\AppData\Local\Temp\_is821A.exe
C:\Users\Stefan\AppData\Local\Temp\_is83C.exe
C:\Users\Stefan\AppData\Local\Temp\_is8874.exe
C:\Users\Stefan\AppData\Local\Temp\_is8D60.exe
C:\Users\Stefan\AppData\Local\Temp\_is90AC.exe
C:\Users\Stefan\AppData\Local\Temp\_is9AE9.exe
C:\Users\Stefan\AppData\Local\Temp\_isB01D.exe
C:\Users\Stefan\AppData\Local\Temp\_isD04B.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-23 21:01

==================== Ende von FRST.txt ============================

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
durchgeführt von Stefan (2015-10-23 22:44:27)
Gestartet von C:\Users\Stefan\Desktop
Windows 7 Professional Service Pack 1 (X64) (2010-01-17 07:16:07)
Start-Modus: Safe Mode (minimal)
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1742209556-1427280422-2840370602-500 - Administrator - Disabled)
Gast (S-1-5-21-1742209556-1427280422-2840370602-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1742209556-1427280422-2840370602-1002 - Limited - Enabled)
Stefan (S-1-5-21-1742209556-1427280422-2840370602-1001 - Administrator - Enabled) => C:\Users\Stefan
Tanja (S-1-5-21-1742209556-1427280422-2840370602-1003 - Administrator - Enabled) => C:\Users\Tanja
UpdatusUser (S-1-5-21-1742209556-1427280422-2840370602-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Disabled - Out of date) {AE1D740B-8F0F-D137-211D-873D44B3F4AE}
AS: Kaspersky Internet Security (Disabled - Up to date) {157C95EF-A935-DEB9-1BAD-BC4F3F34BE13}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {9626F52E-C560-D06F-0A42-2E08BA60B3D5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4500_G510af_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.175 - Adobe Systems Incorporated)
Adobe Reader 9.5.4 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.4 - Adobe Systems Incorporated)
aerosoft's - Approaching Innsbruck 2004 (HKLM-x32\...\{555C7DA8-8A43-4A5B-A5FB-137C07AA81D0}) (Version: 1.10 - aerosoft)
aerosoft's - Approaching Innsbruck X (HKLM-x32\...\{70864384-DD19-44CB-A999-A917F32F623D}) (Version: 1.10 - aerosoft)
Aerosoft's - German Airfields 1 (HKLM-x32\...\{61C63F60-152B-4D28-B357-6DB81837FA9B}) (Version: 1.10 - Aerosoft)
aerosoft's - German Airports 2 X - FS2004 (HKLM-x32\...\{0705EEB6-2F15-4D19-B37D-84C953E93D18}) (Version: 1.00 - aerosoft)
aerosoft's - German Airports 2 X - FSX (HKLM-x32\...\{01C3630A-7FD2-46DF-B514-A4B829B0021A}) (Version: 1.00 - aerosoft)
aerosoft's - German Airports 3 X - FS2004 (HKLM-x32\...\{4D401B5C-5407-41E8-808F-584E5F46F2EB}) (Version: 1.01 - aerosoft)
aerosoft's - German Airports 3 X - FSX (HKLM-x32\...\{6360C5E9-2842-4213-88B9-47D814FAAD54}) (Version: 1.01 - aerosoft)
aerosoft's - Gibraltar (HKLM-x32\...\{6744F26B-65BD-4D5D-AB43-DF0607659133}) (Version: 1.00 - aerosoft)
aerosoft's - Gibraltar X (HKLM-x32\...\{9E710825-EF34-4976-B6A0-821FE314266F}) (Version: 1.01 - aerosoft)
aerosoft's - Mega Airport Amsterdam (HKLM-x32\...\{CBE420E6-E7C6-427E-816A-8C51B112989C}) (Version: 1.13 - aerosoft)
aerosoft's - Mega Airport Amsterdam FSX (HKLM-x32\...\{0A297C87-BF52-43FD-AD75-EE72228E4457}) (Version: 1.03 - aerosoft)
aerosoft's - Mega Airport Munich (HKLM-x32\...\{1F7AD425-1DF7-48B2-97CE-833B8454FEFE}) (Version: 1.03 - aerosoft)
aerosoft's - Mega Airport Munich X (HKLM-x32\...\{1B19DA07-6870-4E60-9171-5C53AD21A0E0}) (Version: 1.01 - aerosoft)
aerosoft's - Venice X (HKLM-x32\...\{74F493A2-1264-4BF2-A135-0184C68BD580}) (Version: 1.00 - aerosoft)
Aeroworx X-treme King Air B200 v.2.0.1 (HKLM-x32\...\Aeroworx X-treme King Air B200 v.2.0.1) (Version:  - )
Angeln 2011 (HKLM-x32\...\Angeln 2011_is1) (Version:  - Contendo Media GmbH)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
ArmA 2 Uninstall (HKLM-x32\...\ArmA 2) (Version:  - )
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.13.1.0 - Ask.com) <==== ACHTUNG
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileConverter 1.3 Toolbar (HKLM-x32\...\FileConverter_1.3 Toolbar) (Version: 6.9.0.16 - FileConverter 1.3)
FlyTampa's - Mega Airport Vienna X - FS2004 (HKLM-x32\...\{1E8A78E3-3DC9-425B-AB11-EA9B6FE5D243}) (Version: 1.00 - FlyTampa)
FlyTampa's - Mega Airport Vienna X - FSX (HKLM-x32\...\{400BAAA2-F9AC-469F-9772-8DF9CF5C1273}) (Version: 1.00 - FlyTampa)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4413.1752 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java(TM) 6 Update 18 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Just Flight - Flying Club 2 for FS2004 (HKLM-x32\...\{D3A663C9-F81D-4955-9977-827BC12EB9DA}) (Version: 1.00.000 - Just Flight)
Just Flight - Flying Club 2 for FSX (HKLM-x32\...\{8BFFF96F-983E-4A79-9584-1ED7F0E85067}) (Version: 1.00.000 - Just Flight)
Just Flight - FSceneX FS2004 (HKLM-x32\...\{05FBED99-628C-4587-9DFD-57128324EE13}) (Version: 1.00.000 - Just Flight)
Just Flight - FSceneX FSX (HKLM-x32\...\{70F1810A-7D59-4F34-BB05-1E1277CCDCE7}) (Version: 1.00.000 - Just Flight)
Kaspersky Internet Security 2010 (HKLM-x32\...\InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}) (Version: 9.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security 2010 (x32 Version: 9.0.0.463 - Kaspersky Lab) Hidden
Manual CanoScan LiDE 25 (HKLM-x32\...\{C45EB9E5-7165-4FB0-8C31-77FC4743362F}) (Version:  - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.2 (HKLM-x32\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
PC Connectivity Solution (HKLM-x32\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
SAMSUNG Mobile Modem V2 Software (HKLM\...\SAMSUNG Mobile Modem V2) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM-x32\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio 3 USB Driver Installer (HKLM-x32\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ScanSoft OmniPage SE 4.0 (HKLM-x32\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skispringen 2007 (HKLM-x32\...\Skispringen 2007_0001) (Version:  - )
SkyTest® Piloten Edition, Vista-Update 1 (HKLM-x32\...\SkyTest® Piloten Edition, Vista-Update 1_is1) (Version:  - SkyTest)
SkyTest® Support (HKLM-x32\...\SkyTest® Support_is1) (Version:  - SkyTest)
SkyTest® Swiss-Trainingssoftware (HKLM-x32\...\SkyTest® Swiss-Trainingssoftware_is1) (Version:  - SkyTest)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
Tiger Woods PGA TOUR 2003 (HKLM-x32\...\{492E1D84-D7BF-4FA2-A26A-30AFC89EF547}) (Version:  - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
W541U V2.0 (HKLM-x32\...\{D4B5467F-B1F6-43EB-A73D-035881F17B3E}) (Version: 1.00.0000 - Tenda)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\BC15EA930074932BB2C4B4493C9FD4EA95087D1A) (Version: 10/12/2007 6.85.4.0 - Nokia)
WiseConvert Toolbar (HKLM-x32\...\WiseConvert Toolbar) (Version: 6.8.9.0 - WiseConvert)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

16-07-2013 18:36:49 Windows Update
23-07-2013 17:24:48 Windows Update
30-07-2013 13:18:20 Windows Update
03-08-2013 22:45:15 Windows Update
13-08-2013 21:57:46 Windows Update
16-08-2013 11:15:12 Windows Update
19-08-2013 09:53:38 Windows Update
19-08-2013 10:02:47 Windows Update
22-09-2013 10:01:05 Windows Update
01-11-2013 14:49:50 Windows Update
19-02-2014 17:06:05 Windows Update
23-10-2015 21:08:13 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05EB03F3-AB32-4B1B-8145-90C4C4F6522F} - System32\Tasks\{46A32B05-88DD-40EB-8A26-28E03BC6CE75} => C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {0D2BC4FA-0151-4766-95F7-BC6136EE967C} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2011-08-23] () <==== ACHTUNG
Task: {26A3AF49-A883-4AA4-BF7A-CF76A119AFCC} - System32\Tasks\{C74ABA19-BCDB-49BD-A11F-74F9C243E1EF} => C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {2765F195-302A-4327-B36F-016F359A5E72} - System32\Tasks\{58A1CFDE-F387-40EC-B538-2AE345D3DFB0} => pcalua.exe -a D:\install.exe -d D:\
Task: {28CD9D69-E525-4658-B975-01FE4E87D038} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01] (Google Inc.)
Task: {2A3214DD-92A1-4186-9629-E6CF28B43D75} - System32\Tasks\{3C396E1C-06D1-4C1F-8955-8CD487D9641C} => pcalua.exe -a D:\setup.exe -d D:\
Task: {2E16C02A-FD2F-4B19-9FDF-B5044FF7B999} - System32\Tasks\RegUse => C:\Program Files (x86)\RegUse\RegUse.exe
Task: {33C632C0-CED4-488F-B1DB-59CE91E547E0} - System32\Tasks\{C0730147-C614-46DA-9770-CF355B87CA7C} => C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {3894EDD5-1133-43E4-8E4A-4FD83EB78610} - System32\Tasks\{A83A13DA-B3D7-4CA1-8762-3A765C386675} => C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {38CA386D-4586-4AF1-B81B-C8222D22798C} - System32\Tasks\{F1285D07-6710-4E36-B22B-1FCEA407DA47} => C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {3B97A80B-AA6F-43F5-840E-E34CDE2B9026} - System32\Tasks\{AC351330-9541-420C-98D2-6CEB644750DE} => C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {4330F446-1FD3-4497-A910-A21D6AB28D77} - System32\Tasks\{C9A58D92-C380-4E42-839A-A4F9E09C00C0} => D:\Winterbriefing 2011 12\WOPS\WOPS.EXE
Task: {55F217CE-829E-41D6-B2FA-96576CB109D8} - System32\Tasks\{B77DF47A-6AB9-466E-9534-02206E9B3D52} => C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {5B34D3C6-41F7-4320-A9F7-02978AB29466} - System32\Tasks\{44FDE469-8F50-4E5A-8806-27D94B7FF4AD} => D:\Winterbriefing 2011 12\WOPS\WOPS.EXE
Task: {A9004D46-5BE1-4DE1-A24E-127E7CC3BEF2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-22] (Adobe Systems Incorporated)
Task: {CE8C39E2-57A2-4B68-84E3-E8D9800B9B3C} - System32\Tasks\{68639CEF-2FAA-4B41-8C13-E4A11E5FEE24} => C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {CEF1AE70-D3F2-4FBA-A986-3814D8527A2A} - System32\Tasks\{D0367BEB-5981-473E-B540-D7DDBE483536} => D:\Winterbriefing 2011 12\WOPS\WOPS.EXE
Task: {CF42414B-865B-45DE-A732-99C24E298A18} - System32\Tasks\{D87CF9D4-EA4D-4F71-B164-1EC68D303D6B} => C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {DB05FA9A-1432-4288-8F92-A5AC50DD26AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01] (Google Inc.)
Task: {E0EC7A98-7C39-4E6E-BE79-829FD614D525} - System32\Tasks\{A91FCB08-EE47-41EF-A7DD-8CBD251B6EF2} => C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {E6510CA9-7CBA-4984-9D8F-7DEDBA1B1393} - System32\Tasks\{93A9CE90-0B55-4C07-9757-16DD96D79548} => C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {EDBA927E-95F7-4350-B5B5-7412603BE4E3} - System32\Tasks\{C9118C16-34DE-4634-BC1C-19FC0D5B4DB2} => D:\Winterbriefing 2011 12\WOPS\WOPS.EXE

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegUse.job => C:\Program Files (x86)\RegUse\RegUse.exe-shed C:\Program Files (x86)\RegUse\RegUse.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-23 21:18 - 2015-10-23 21:18 - 00050477 _____ () C:\Users\Stefan\Desktop\Defogger.exe
2009-07-03 16:48 - 2009-07-03 16:48 - 02048528 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avzkrnl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "UseAlternateShell"="1"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3E06BCE8-2663-468F-92B4-BF2F37B67EC4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{335C799F-51A1-4875-9408-E0F959B9E5D1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{58217FDD-E4B1-4637-9A6F-EEB39C418882}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{0965BF34-5B3A-47B3-B8DD-175548193AAB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{6B0C5DD8-F3D8-4E69-99CD-4E692748BD05}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7978582E-B340-40F1-AF57-F2AE3D7CAEDC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{BCD10155-26C3-4090-B228-7AFCCC61FEE6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{84B8697C-0F47-442A-A227-9DCFDA8B4673}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{246BDBAB-E0E0-4DA8-BD47-5AB2575E36F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{2512754C-0BA3-4263-8F33-086FA5F861E7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{45FCA22E-A261-4644-8B14-BC73D2B10161}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{7CA2968C-2771-4DA8-A42A-B1753446ABC9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{F0FE532C-B8F2-4AE6-B19E-129614CF2355}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{7B220040-559A-4388-8092-68B0D7BF9856}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{32EA3C81-3928-4762-A1C1-C4F62BDA5D23}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{D4CEF9EE-9DAF-46F8-B9B9-A0D7E78EB9B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{17C24CD5-5000-40DE-B7DB-94C77B4213CF}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{739FF04C-6F23-4592-96BF-D5CB53DFF516}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{F89D2192-CCFA-4E51-8910-922C9A70F7C3}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{E3B8F166-ADDB-4AF7-9081-385AB3811445}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{20BF5AF9-7E39-4086-9969-95D44DDE7582}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{DC9FF868-B2D5-4113-80B7-3F872522FC8A}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{37AC82CE-215D-48B7-9D74-25208F2773E8}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{C7449A24-FB54-460C-801A-E52E5D758029}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{DB760FA9-E791-4575-A9C1-6E4DEC4E03D0}] => (Allow) C:\Program Files (x86)\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{D1CE3598-34AD-4685-92E7-150B9E127596}] => (Allow) C:\Program Files (x86)\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{2199EE55-E05F-4224-A89B-D3F856CE598E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{044D8368-B33C-4DBD-A5C5-679886564CB9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/23/2015 10:39:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (10/23/2015 10:39:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (10/23/2015 10:39:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (10/23/2015 10:22:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (10/23/2015 10:22:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (10/23/2015 10:22:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (10/23/2015 10:14:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (10/23/2015 10:14:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (10/23/2015 10:14:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (10/23/2015 10:02:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.

Details:
Could not query the status of the EventSystem service.

System Error:
Der Computer wird heruntergefahren.
.


Systemfehler:
=============
Error: (10/23/2015 10:22:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/23/2015 10:22:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/23/2015 10:22:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/23/2015 10:19:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/23/2015 10:19:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/23/2015 10:19:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/23/2015 10:19:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/23/2015 10:19:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/23/2015 10:19:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/23/2015 10:19:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


CodeIntegrity:
===================================
  Date: 2015-10-23 22:09:30.065
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-23 22:09:29.831
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-23 22:07:18.878
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-23 22:07:18.644
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-23 22:04:42.081
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-23 22:04:41.847
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-23 22:02:46.628
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-23 22:02:46.394
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-23 20:31:33.798
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-23 20:31:33.564
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X4 945 Processor
Prozentuale Nutzung des RAM: 10%
Installierter physikalischer RAM: 8191.24 MB
Verfügbarer physikalischer RAM: 7299.55 MB
Summe virtueller Speicher: 16380.67 MB
Verfügbarer virtueller Speicher: 15529.44 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:465.76 GB) (Free:348.47 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive i: () (Removable) (Total:0.25 GB) (Free:0.24 GB) FAT

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B2D84878)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 251.9 MB) (Disk ID: 005EE49A)
Partition 1: (Active) - (Size=252 MB) - (Type=06)

==================== Ende von Addition.txt ============================

Gmer:

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-10-23 23:00:29
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 WDC_WD5000AAKS-00A7B2 rev.01.03B01 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Stefan\AppData\Local\Temp\ugliqpob.sys


---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\svchost.exe [1284:1360]  000007fef7f79688

---- EOF - GMER 2.1 ----

Besten Dank schonmal!

schrauber · 24.10.2015, 08:32

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Flick · 24.10.2015, 10:06

Hallo schrauber,

danke für die schnelle Antwort!
Hier die Ergebnisse:
Leider konnte ich die Database in Mbar nicht updaten.
1.Fehler: DNS error
2.Fehler: No address found

Hier die Logs:

Mbar-Nr.1:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01

Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 10.0.9200.16686
Stefan :: STEFAN-PC [administrator]

24.10.2015 10:54:39
mbar-log-2015-10-24 (10-54-39).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 409539
Time elapsed: 12 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|shell (Trojan.Agent.RNS) -> Data: explorer.exe,C:\Users\Stefan\AppData\Roaming\skype.dat -> Delete on reboot. [ce6f89b4e4983afc13c9e881966e6e92]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Stefan\AppData\Roaming\skype.dat (Trojan.Ransom.Gend) -> Delete on reboot. [ae8f1e1fe9935adcfce28b9998697f81]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Mbar-Nr.2:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Stefan :: STEFAN-PC [administrator]

24.10.2015 11:42:26
mbar-log-2015-10-24 (11-42-26).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 410374
Time elapsed: 14 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

TDSS:

Code:

ATTFilter

11:59:21.0354 0x08a4  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
11:59:28.0281 0x08a4  ============================================================
11:59:28.0281 0x08a4  Current date / time: 2015/10/24 11:59:28.0281
11:59:28.0281 0x08a4  SystemInfo:
11:59:28.0281 0x08a4  
11:59:28.0281 0x08a4  OS Version: 6.1.7601 ServicePack: 1.0
11:59:28.0281 0x08a4  Product type: Workstation
11:59:28.0281 0x08a4  ComputerName: STEFAN-PC
11:59:28.0281 0x08a4  UserName: Stefan
11:59:28.0281 0x08a4  Windows directory: C:\Windows
11:59:28.0281 0x08a4  System windows directory: C:\Windows
11:59:28.0281 0x08a4  Running under WOW64
11:59:28.0281 0x08a4  Processor architecture: Intel x64
11:59:28.0281 0x08a4  Number of processors: 4
11:59:28.0281 0x08a4  Page size: 0x1000
11:59:28.0281 0x08a4  Boot type: Normal boot
11:59:28.0281 0x08a4  ============================================================
11:59:29.0731 0x08a4  KLMD registered as C:\Windows\system32\drivers\33021836.sys
11:59:29.0950 0x08a4  System UUID: {41C28B63-B417-EBF9-7ACD-08382AB98B43}
11:59:30.0324 0x08a4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:59:30.0340 0x08a4  Drive \Device\Harddisk1\DR1 - Size: 0xFBE0000 ( 0.25 Gb ), SectorSize: 0x200, Cylinders: 0x20, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:59:30.0340 0x08a4  ============================================================
11:59:30.0340 0x08a4  \Device\Harddisk0\DR0:
11:59:30.0340 0x08a4  MBR partitions:
11:59:30.0340 0x08a4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
11:59:30.0340 0x08a4  \Device\Harddisk1\DR1:
11:59:30.0340 0x08a4  MBR partitions:
11:59:30.0340 0x08a4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x7DEE0
11:59:30.0340 0x08a4  ============================================================
11:59:30.0371 0x08a4  C: <-> \Device\Harddisk0\DR0\Partition1
11:59:30.0371 0x08a4  ============================================================
11:59:30.0371 0x08a4  Initialize success
11:59:30.0371 0x08a4  ============================================================
12:00:34.0581 0x07b8  ============================================================
12:00:34.0581 0x07b8  Scan started
12:00:34.0581 0x07b8  Mode: Manual; SigCheck; TDLFS; 
12:00:34.0581 0x07b8  ============================================================
12:00:34.0581 0x07b8  KSN ping started
12:00:55.0453 0x07b8  KSN ping finished: false
12:00:56.0499 0x07b8  ================ Scan system memory ========================
12:00:56.0499 0x07b8  System memory - ok
12:00:56.0499 0x07b8  ================ Scan services =============================
12:00:56.0623 0x07b8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:00:56.0733 0x07b8  1394ohci - ok
12:00:56.0779 0x07b8  [ 6E9C8B324980AFE454C6F7762E2B4478, B65CC18B2A63EC28FF125F547F71FD265299CE30128174AE05FFEE05108B69AC ] acedrv07        C:\Windows\system32\drivers\acedrv07.sys
12:00:56.0795 0x07b8  acedrv07 - detected UnsignedFile.Multi.Generic ( 1 )
12:01:00.0726 0x07b8  acedrv07 ( UnsignedFile.Multi.Generic ) - warning
12:01:00.0789 0x07b8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:01:00.0820 0x07b8  ACPI - ok
12:01:00.0851 0x07b8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:01:00.0882 0x07b8  AcpiPmi - ok
12:01:00.0976 0x07b8  [ 24A0876D07EF356DCBC1D7A7929354AB, 765653E856EC5841DB851363E7C7CFC332D3605789ECD0998762F60ADD56A0D8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:01:01.0007 0x07b8  AdobeFlashPlayerUpdateSvc - ok
12:01:01.0038 0x07b8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:01:01.0069 0x07b8  adp94xx - ok
12:01:01.0101 0x07b8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:01:01.0132 0x07b8  adpahci - ok
12:01:01.0147 0x07b8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:01:01.0163 0x07b8  adpu320 - ok
12:01:01.0179 0x07b8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:01:01.0319 0x07b8  AeLookupSvc - ok
12:01:01.0381 0x07b8  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
12:01:01.0428 0x07b8  AFD - ok
12:01:01.0459 0x07b8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:01:01.0475 0x07b8  agp440 - ok
12:01:01.0491 0x07b8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:01:01.0600 0x07b8  ALG - ok
12:01:01.0662 0x07b8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:01:01.0709 0x07b8  aliide - ok
12:01:01.0709 0x07b8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:01:01.0740 0x07b8  amdide - ok
12:01:01.0756 0x07b8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:01:01.0771 0x07b8  AmdK8 - ok
12:01:01.0787 0x07b8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:01:01.0818 0x07b8  AmdPPM - ok
12:01:01.0849 0x07b8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:01:01.0865 0x07b8  amdsata - ok
12:01:01.0881 0x07b8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:01:01.0896 0x07b8  amdsbs - ok
12:01:01.0912 0x07b8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:01:01.0912 0x07b8  amdxata - ok
12:01:01.0943 0x07b8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:01:01.0990 0x07b8  AppID - ok
12:01:01.0990 0x07b8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:01:02.0037 0x07b8  AppIDSvc - ok
12:01:02.0068 0x07b8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:01:02.0130 0x07b8  Appinfo - ok
12:01:02.0161 0x07b8  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:01:02.0208 0x07b8  AppMgmt - ok
12:01:02.0224 0x07b8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:01:02.0255 0x07b8  arc - ok
12:01:02.0271 0x07b8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:01:02.0271 0x07b8  arcsas - ok
12:01:02.0302 0x07b8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:01:02.0364 0x07b8  AsyncMac - ok
12:01:02.0380 0x07b8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:01:02.0395 0x07b8  atapi - ok
12:01:02.0442 0x07b8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:01:02.0505 0x07b8  AudioEndpointBuilder - ok
12:01:02.0536 0x07b8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:01:02.0567 0x07b8  AudioSrv - ok
12:01:02.0645 0x07b8  [ 1CA348E62B9A62444573FEB12AF5F1B2, 08576A4291BC2D56C12170C9D8622ABF3684D5A2B6C75BE792F2B02B97065655 ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
12:01:02.0692 0x07b8  AVP - ok
12:01:02.0723 0x07b8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:01:02.0832 0x07b8  AxInstSV - ok
12:01:02.0848 0x07b8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:01:02.0910 0x07b8  b06bdrv - ok
12:01:02.0941 0x07b8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:01:02.0973 0x07b8  b57nd60a - ok
12:01:03.0004 0x07b8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:01:03.0051 0x07b8  BDESVC - ok
12:01:03.0051 0x07b8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:01:03.0097 0x07b8  Beep - ok
12:01:03.0191 0x07b8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:01:03.0238 0x07b8  BFE - ok
12:01:03.0316 0x07b8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:01:03.0378 0x07b8  BITS - ok
12:01:03.0409 0x07b8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:01:03.0425 0x07b8  blbdrive - ok
12:01:03.0456 0x07b8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:01:03.0503 0x07b8  bowser - ok
12:01:03.0534 0x07b8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:01:03.0565 0x07b8  BrFiltLo - ok
12:01:03.0565 0x07b8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:01:03.0581 0x07b8  BrFiltUp - ok
12:01:03.0612 0x07b8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:01:03.0628 0x07b8  Browser - ok
12:01:03.0643 0x07b8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:01:03.0690 0x07b8  Brserid - ok
12:01:03.0690 0x07b8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:01:03.0721 0x07b8  BrSerWdm - ok
12:01:03.0721 0x07b8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:01:03.0737 0x07b8  BrUsbMdm - ok
12:01:03.0737 0x07b8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:01:03.0753 0x07b8  BrUsbSer - ok
12:01:03.0768 0x07b8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:01:03.0784 0x07b8  BTHMODEM - ok
12:01:03.0815 0x07b8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:01:03.0846 0x07b8  bthserv - ok
12:01:03.0877 0x07b8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:01:03.0924 0x07b8  cdfs - ok
12:01:03.0971 0x07b8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
12:01:04.0002 0x07b8  cdrom - ok
12:01:04.0033 0x07b8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:01:04.0096 0x07b8  CertPropSvc - ok
12:01:04.0096 0x07b8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:01:04.0127 0x07b8  circlass - ok
12:01:04.0143 0x07b8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:01:04.0174 0x07b8  CLFS - ok
12:01:04.0221 0x07b8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:01:04.0267 0x07b8  clr_optimization_v2.0.50727_32 - ok
12:01:04.0314 0x07b8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:01:04.0345 0x07b8  clr_optimization_v2.0.50727_64 - ok
12:01:04.0408 0x07b8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:01:04.0455 0x07b8  clr_optimization_v4.0.30319_32 - ok
12:01:04.0470 0x07b8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:01:04.0486 0x07b8  clr_optimization_v4.0.30319_64 - ok
12:01:04.0501 0x07b8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:01:04.0517 0x07b8  CmBatt - ok
12:01:04.0533 0x07b8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:01:04.0548 0x07b8  cmdide - ok
12:01:04.0579 0x07b8  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
12:01:04.0611 0x07b8  CNG - ok
12:01:04.0611 0x07b8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:01:04.0626 0x07b8  Compbatt - ok
12:01:04.0642 0x07b8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:01:04.0673 0x07b8  CompositeBus - ok
12:01:04.0689 0x07b8  COMSysApp - ok
12:01:04.0704 0x07b8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:01:04.0704 0x07b8  crcdisk - ok
12:01:04.0735 0x07b8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:01:04.0829 0x07b8  CryptSvc - ok
12:01:04.0891 0x07b8  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:01:04.0923 0x07b8  CSC - ok
12:01:04.0969 0x07b8  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:01:05.0016 0x07b8  CscService - ok
12:01:05.0032 0x07b8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:01:05.0079 0x07b8  DcomLaunch - ok
12:01:05.0110 0x07b8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:01:05.0172 0x07b8  defragsvc - ok
12:01:05.0203 0x07b8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:01:05.0235 0x07b8  DfsC - ok
12:01:05.0266 0x07b8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:01:05.0297 0x07b8  Dhcp - ok
12:01:05.0328 0x07b8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:01:05.0359 0x07b8  discache - ok
12:01:05.0391 0x07b8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:01:05.0406 0x07b8  Disk - ok
12:01:05.0437 0x07b8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:01:05.0484 0x07b8  Dnscache - ok
12:01:05.0515 0x07b8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:01:05.0593 0x07b8  dot3svc - ok
12:01:05.0625 0x07b8  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
12:01:05.0671 0x07b8  Dot4 - ok
12:01:05.0687 0x07b8  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
12:01:05.0718 0x07b8  Dot4Print - ok
12:01:05.0718 0x07b8  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
12:01:05.0749 0x07b8  dot4usb - ok
12:01:05.0765 0x07b8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:01:05.0812 0x07b8  DPS - ok
12:01:05.0843 0x07b8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:01:05.0890 0x07b8  drmkaud - ok
12:01:05.0952 0x07b8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:01:05.0999 0x07b8  DXGKrnl - ok
12:01:06.0015 0x07b8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:01:06.0093 0x07b8  EapHost - ok
12:01:06.0186 0x07b8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:01:06.0311 0x07b8  ebdrv - ok
12:01:06.0342 0x07b8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
12:01:06.0373 0x07b8  EFS - ok
12:01:06.0451 0x07b8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:01:06.0514 0x07b8  ehRecvr - ok
12:01:06.0529 0x07b8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:01:06.0561 0x07b8  ehSched - ok
12:01:06.0592 0x07b8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:01:06.0623 0x07b8  elxstor - ok
12:01:06.0654 0x07b8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:01:06.0685 0x07b8  ErrDev - ok
12:01:06.0748 0x07b8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:01:06.0826 0x07b8  EventSystem - ok
12:01:06.0841 0x07b8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:01:06.0888 0x07b8  exfat - ok
12:01:06.0904 0x07b8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:01:06.0935 0x07b8  fastfat - ok
12:01:06.0982 0x07b8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:01:07.0029 0x07b8  Fax - ok
12:01:07.0060 0x07b8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:01:07.0075 0x07b8  fdc - ok
12:01:07.0075 0x07b8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:01:07.0122 0x07b8  fdPHost - ok
12:01:07.0122 0x07b8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:01:07.0169 0x07b8  FDResPub - ok
12:01:07.0185 0x07b8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:01:07.0185 0x07b8  FileInfo - ok
12:01:07.0200 0x07b8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:01:07.0231 0x07b8  Filetrace - ok
12:01:07.0247 0x07b8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:01:07.0263 0x07b8  flpydisk - ok
12:01:07.0294 0x07b8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:01:07.0325 0x07b8  FltMgr - ok
12:01:07.0387 0x07b8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:01:07.0434 0x07b8  FontCache - ok
12:01:07.0481 0x07b8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:01:07.0512 0x07b8  FontCache3.0.0.0 - ok
12:01:07.0512 0x07b8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:01:07.0543 0x07b8  FsDepends - ok
12:01:07.0559 0x07b8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:01:07.0575 0x07b8  Fs_Rec - ok
12:01:07.0621 0x07b8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:01:07.0684 0x07b8  fvevol - ok
12:01:07.0715 0x07b8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:01:07.0777 0x07b8  gagp30kx - ok
12:01:07.0824 0x07b8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:01:07.0887 0x07b8  gpsvc - ok
12:01:07.0996 0x07b8  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:01:08.0027 0x07b8  gupdate - ok
12:01:08.0058 0x07b8  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:01:08.0074 0x07b8  gupdatem - ok
12:01:08.0121 0x07b8  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:01:08.0152 0x07b8  gusvc - ok
12:01:08.0152 0x07b8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:01:08.0183 0x07b8  hcw85cir - ok
12:01:08.0214 0x07b8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:01:08.0261 0x07b8  HdAudAddService - ok
12:01:08.0277 0x07b8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:01:08.0292 0x07b8  HDAudBus - ok
12:01:08.0308 0x07b8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:01:08.0323 0x07b8  HidBatt - ok
12:01:08.0339 0x07b8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:01:08.0355 0x07b8  HidBth - ok
12:01:08.0370 0x07b8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:01:08.0386 0x07b8  HidIr - ok
12:01:08.0401 0x07b8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:01:08.0433 0x07b8  hidserv - ok
12:01:08.0479 0x07b8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
12:01:08.0495 0x07b8  HidUsb - ok
12:01:08.0526 0x07b8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:01:08.0589 0x07b8  hkmsvc - ok
12:01:08.0604 0x07b8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:01:08.0635 0x07b8  HomeGroupListener - ok
12:01:08.0667 0x07b8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:01:08.0698 0x07b8  HomeGroupProvider - ok
12:01:08.0823 0x07b8  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:01:08.0869 0x07b8  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
12:01:08.0869 0x07b8  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
12:01:08.0901 0x07b8  [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:01:08.0932 0x07b8  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
12:01:08.0932 0x07b8  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
12:01:08.0963 0x07b8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:01:08.0979 0x07b8  HpSAMD - ok
12:01:09.0041 0x07b8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:01:09.0135 0x07b8  HTTP - ok
12:01:09.0150 0x07b8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:01:09.0166 0x07b8  hwpolicy - ok
12:01:09.0197 0x07b8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:01:09.0213 0x07b8  i8042prt - ok
12:01:09.0244 0x07b8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:01:09.0275 0x07b8  iaStorV - ok
12:01:09.0337 0x07b8  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:01:09.0369 0x07b8  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:01:09.0369 0x07b8  IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:01:09.0462 0x07b8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:01:09.0509 0x07b8  idsvc - ok
12:01:09.0540 0x07b8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:01:09.0571 0x07b8  iirsp - ok
12:01:09.0603 0x07b8  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:01:09.0681 0x07b8  IKEEXT - ok
12:01:09.0696 0x07b8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:01:09.0712 0x07b8  intelide - ok
12:01:09.0743 0x07b8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:01:09.0759 0x07b8  intelppm - ok
12:01:09.0790 0x07b8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:01:09.0821 0x07b8  IPBusEnum - ok
12:01:09.0852 0x07b8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:01:09.0883 0x07b8  IpFilterDriver - ok
12:01:09.0930 0x07b8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:01:09.0961 0x07b8  iphlpsvc - ok
12:01:09.0993 0x07b8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:01:10.0008 0x07b8  IPMIDRV - ok
12:01:10.0024 0x07b8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:01:10.0071 0x07b8  IPNAT - ok
12:01:10.0086 0x07b8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:01:10.0102 0x07b8  IRENUM - ok
12:01:10.0117 0x07b8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:01:10.0117 0x07b8  isapnp - ok
12:01:10.0164 0x07b8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:01:10.0180 0x07b8  iScsiPrt - ok
12:01:10.0195 0x07b8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
12:01:10.0211 0x07b8  kbdclass - ok
12:01:10.0242 0x07b8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:01:10.0258 0x07b8  kbdhid - ok
12:01:10.0273 0x07b8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
12:01:10.0289 0x07b8  KeyIso - ok
12:01:10.0320 0x07b8  [ AE1589B6BF163797514CD90924361E29, 1E74F5BBEEEE7AC4B3604C4993946C680164CF796120F262D9F00D737BF54B4B ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
12:01:10.0336 0x07b8  kl1 - ok
12:01:10.0336 0x07b8  [ 3B11E0C94599AADC172F977A3D4B2B33, 49B94A898BC1487AFEC174A84C4D605A79188A20C5DDED7D8E6565F219A52658 ] KLBG            C:\Windows\system32\DRIVERS\klbg.sys
12:01:10.0351 0x07b8  KLBG - ok
12:01:10.0367 0x07b8  [ E692707F4E1BB2240B232D911AE4C5C5, 8165C1FA32D56DADBC7F38D195AB76C1CC51F412959C25734C7BEE0946D68A8F ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
12:01:10.0383 0x07b8  KLIF - ok
12:01:10.0414 0x07b8  [ 3D217D7D89A4BA705D4CA14268D7D7B2, 5B74C8DA62507933425062010537A9601CD7D5EABD8D5084481A7346B04FE4B6 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
12:01:10.0414 0x07b8  KLIM6 - ok
12:01:10.0429 0x07b8  [ 0BD3E79BE9F60418D20315D50BDBBA86, 18726059CD0975767ADC87B59307F807A2C5082E6305FF64884E4D77D51F00BF ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
12:01:10.0445 0x07b8  klmouflt - ok
12:01:10.0461 0x07b8  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:01:10.0476 0x07b8  KSecDD - ok
12:01:10.0507 0x07b8  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:01:10.0523 0x07b8  KSecPkg - ok
12:01:10.0523 0x07b8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:01:10.0570 0x07b8  ksthunk - ok
12:01:10.0601 0x07b8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:01:10.0648 0x07b8  KtmRm - ok
12:01:10.0679 0x07b8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:01:10.0726 0x07b8  LanmanServer - ok
12:01:10.0757 0x07b8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:01:10.0788 0x07b8  LanmanWorkstation - ok
12:01:10.0804 0x07b8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:01:10.0835 0x07b8  lltdio - ok
12:01:10.0851 0x07b8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:01:10.0913 0x07b8  lltdsvc - ok
12:01:10.0929 0x07b8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:01:10.0960 0x07b8  lmhosts - ok
12:01:10.0975 0x07b8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:01:10.0991 0x07b8  LSI_FC - ok
12:01:11.0007 0x07b8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:01:11.0022 0x07b8  LSI_SAS - ok
12:01:11.0038 0x07b8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:01:11.0053 0x07b8  LSI_SAS2 - ok
12:01:11.0053 0x07b8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:01:11.0069 0x07b8  LSI_SCSI - ok
12:01:11.0085 0x07b8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:01:11.0131 0x07b8  luafv - ok
12:01:11.0147 0x07b8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:01:11.0178 0x07b8  Mcx2Svc - ok
12:01:11.0209 0x07b8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:01:11.0209 0x07b8  megasas - ok
12:01:11.0225 0x07b8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:01:11.0256 0x07b8  MegaSR - ok
12:01:11.0287 0x07b8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:01:11.0319 0x07b8  MMCSS - ok
12:01:11.0319 0x07b8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:01:11.0365 0x07b8  Modem - ok
12:01:11.0381 0x07b8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:01:11.0397 0x07b8  monitor - ok
12:01:11.0428 0x07b8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
12:01:11.0459 0x07b8  mouclass - ok
12:01:11.0490 0x07b8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:01:11.0521 0x07b8  mouhid - ok
12:01:11.0553 0x07b8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:01:11.0568 0x07b8  mountmgr - ok
12:01:11.0599 0x07b8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:01:11.0615 0x07b8  mpio - ok
12:01:11.0615 0x07b8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:01:11.0662 0x07b8  mpsdrv - ok
12:01:11.0693 0x07b8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:01:11.0771 0x07b8  MpsSvc - ok
12:01:11.0787 0x07b8  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:01:11.0818 0x07b8  MRxDAV - ok
12:01:11.0849 0x07b8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:01:11.0865 0x07b8  mrxsmb - ok
12:01:11.0896 0x07b8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:01:11.0943 0x07b8  mrxsmb10 - ok
12:01:11.0958 0x07b8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:01:11.0974 0x07b8  mrxsmb20 - ok
12:01:12.0005 0x07b8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:01:12.0021 0x07b8  msahci - ok
12:01:12.0036 0x07b8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:01:12.0052 0x07b8  msdsm - ok
12:01:12.0052 0x07b8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:01:12.0083 0x07b8  MSDTC - ok
12:01:12.0114 0x07b8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:01:12.0145 0x07b8  Msfs - ok
12:01:12.0145 0x07b8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:01:12.0177 0x07b8  mshidkmdf - ok
12:01:12.0208 0x07b8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:01:12.0239 0x07b8  msisadrv - ok
12:01:12.0270 0x07b8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:01:12.0317 0x07b8  MSiSCSI - ok
12:01:12.0333 0x07b8  msiserver - ok
12:01:12.0333 0x07b8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:01:12.0364 0x07b8  MSKSSRV - ok
12:01:12.0379 0x07b8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:01:12.0426 0x07b8  MSPCLOCK - ok
12:01:12.0442 0x07b8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:01:12.0473 0x07b8  MSPQM - ok
12:01:12.0520 0x07b8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:01:12.0535 0x07b8  MsRPC - ok
12:01:12.0567 0x07b8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:01:12.0567 0x07b8  mssmbios - ok
12:01:12.0582 0x07b8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:01:12.0613 0x07b8  MSTEE - ok
12:01:12.0629 0x07b8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:01:12.0645 0x07b8  MTConfig - ok
12:01:12.0660 0x07b8  [ 6936198F2CC25B39CF5262436C80DF46, 20205040A5E0AFE5F94AC226D2DD8BF89029F62C7E7AF6D4B048D3D4D5827A8F ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
12:01:12.0676 0x07b8  MTsensor - ok
12:01:12.0691 0x07b8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:01:12.0707 0x07b8  Mup - ok
12:01:12.0738 0x07b8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:01:12.0801 0x07b8  napagent - ok
12:01:12.0832 0x07b8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:01:12.0879 0x07b8  NativeWifiP - ok
12:01:12.0925 0x07b8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:01:12.0972 0x07b8  NDIS - ok
12:01:12.0988 0x07b8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:01:13.0003 0x07b8  NdisCap - ok
12:01:13.0019 0x07b8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:01:13.0050 0x07b8  NdisTapi - ok
12:01:13.0081 0x07b8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:01:13.0144 0x07b8  Ndisuio - ok
12:01:13.0175 0x07b8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:01:13.0237 0x07b8  NdisWan - ok
12:01:13.0269 0x07b8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:01:13.0300 0x07b8  NDProxy - ok
12:01:13.0347 0x07b8  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:01:13.0362 0x07b8  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:01:13.0362 0x07b8  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:01:13.0378 0x07b8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:01:13.0456 0x07b8  NetBIOS - ok
12:01:13.0487 0x07b8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:01:13.0518 0x07b8  NetBT - ok
12:01:13.0518 0x07b8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
12:01:13.0534 0x07b8  Netlogon - ok
12:01:13.0565 0x07b8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:01:13.0612 0x07b8  Netman - ok
12:01:13.0643 0x07b8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:01:13.0690 0x07b8  netprofm - ok
12:01:13.0846 0x07b8  [ C088056DFBA2B3A6955EA596EE5CC507, C8599DE42AAD73843BD1F92AA85741CAFE1FCF1B7E8B72EFD5D3830508466CCC ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
12:01:13.0893 0x07b8  netr28ux - ok
12:01:13.0924 0x07b8  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:01:13.0924 0x07b8  NetTcpPortSharing - ok
12:01:13.0971 0x07b8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:01:13.0971 0x07b8  nfrd960 - ok
12:01:14.0002 0x07b8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:01:14.0033 0x07b8  NlaSvc - ok
12:01:14.0049 0x07b8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:01:14.0080 0x07b8  Npfs - ok
12:01:14.0080 0x07b8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:01:14.0127 0x07b8  nsi - ok
12:01:14.0127 0x07b8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:01:14.0158 0x07b8  nsiproxy - ok
12:01:14.0251 0x07b8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:01:14.0298 0x07b8  Ntfs - ok
12:01:14.0298 0x07b8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:01:14.0329 0x07b8  Null - ok
12:01:14.0673 0x07b8  [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:01:15.0031 0x07b8  nvlddmkm - ok
12:01:15.0078 0x07b8  [ 909EEDCBD365BB81027D8E742E6B3416, 6C346C7B0E26A12BB0F56918E5324BC8C1024FEEE5952BFEB02DB2BC47182B61 ] NVNET           C:\Windows\system32\DRIVERS\nvmf6264.sys
12:01:15.0109 0x07b8  NVNET - ok
12:01:15.0125 0x07b8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:01:15.0141 0x07b8  nvraid - ok
12:01:15.0156 0x07b8  [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
12:01:15.0172 0x07b8  nvsmu - ok
12:01:15.0203 0x07b8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:01:15.0219 0x07b8  nvstor - ok
12:01:15.0312 0x07b8  [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:01:15.0343 0x07b8  nvsvc - ok
12:01:15.0406 0x07b8  [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:01:15.0468 0x07b8  nvUpdatusService - ok
12:01:15.0499 0x07b8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:01:15.0515 0x07b8  nv_agp - ok
12:01:15.0546 0x07b8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:01:15.0562 0x07b8  ohci1394 - ok
12:01:15.0593 0x07b8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:01:15.0640 0x07b8  p2pimsvc - ok
12:01:15.0655 0x07b8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:01:15.0687 0x07b8  p2psvc - ok
12:01:15.0718 0x07b8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:01:15.0733 0x07b8  Parport - ok
12:01:15.0765 0x07b8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:01:15.0796 0x07b8  partmgr - ok
12:01:15.0811 0x07b8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:01:15.0843 0x07b8  PcaSvc - ok
12:01:15.0874 0x07b8  [ 81B5E63131090879AD6EF9F32109B88D, 581680BFE9B2BACBD5E55D807EFB17C69488AE3F5C61358B0955E1494FD3514E ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
12:01:15.0889 0x07b8  pccsmcfd - ok
12:01:15.0921 0x07b8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:01:15.0936 0x07b8  pci - ok
12:01:15.0952 0x07b8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:01:15.0967 0x07b8  pciide - ok
12:01:15.0983 0x07b8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:01:15.0999 0x07b8  pcmcia - ok
12:01:16.0014 0x07b8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:01:16.0030 0x07b8  pcw - ok
12:01:16.0045 0x07b8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:01:16.0123 0x07b8  PEAUTH - ok
12:01:16.0170 0x07b8  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:01:16.0248 0x07b8  PeerDistSvc - ok
12:01:16.0311 0x07b8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:01:16.0357 0x07b8  PerfHost - ok
12:01:16.0435 0x07b8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:01:16.0529 0x07b8  pla - ok
12:01:16.0576 0x07b8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:01:16.0607 0x07b8  PlugPlay - ok
12:01:16.0654 0x07b8  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:01:16.0685 0x07b8  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:01:16.0685 0x07b8  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:01:16.0685 0x07b8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:01:16.0716 0x07b8  PNRPAutoReg - ok
12:01:16.0732 0x07b8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:01:16.0763 0x07b8  PNRPsvc - ok
12:01:16.0779 0x07b8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:01:16.0841 0x07b8  PolicyAgent - ok
12:01:16.0857 0x07b8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:01:16.0903 0x07b8  Power - ok
12:01:16.0919 0x07b8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:01:16.0950 0x07b8  PptpMiniport - ok
12:01:16.0981 0x07b8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:01:17.0013 0x07b8  Processor - ok
12:01:17.0059 0x07b8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:01:17.0106 0x07b8  ProfSvc - ok
12:01:17.0122 0x07b8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
12:01:17.0137 0x07b8  ProtectedStorage - ok
12:01:17.0169 0x07b8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:01:17.0247 0x07b8  Psched - ok
12:01:17.0340 0x07b8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:01:17.0434 0x07b8  ql2300 - ok
12:01:17.0449 0x07b8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:01:17.0465 0x07b8  ql40xx - ok
12:01:17.0481 0x07b8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:01:17.0512 0x07b8  QWAVE - ok
12:01:17.0527 0x07b8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:01:17.0559 0x07b8  QWAVEdrv - ok
12:01:17.0574 0x07b8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:01:17.0605 0x07b8  RasAcd - ok
12:01:17.0637 0x07b8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:01:17.0668 0x07b8  RasAgileVpn - ok
12:01:17.0668 0x07b8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:01:17.0699 0x07b8  RasAuto - ok
12:01:17.0730 0x07b8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:01:17.0777 0x07b8  Rasl2tp - ok
12:01:17.0808 0x07b8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:01:17.0855 0x07b8  RasMan - ok
12:01:17.0871 0x07b8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:01:17.0917 0x07b8  RasPppoe - ok
12:01:17.0933 0x07b8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:01:17.0964 0x07b8  RasSstp - ok
12:01:17.0995 0x07b8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:01:18.0073 0x07b8  rdbss - ok
12:01:18.0089 0x07b8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:01:18.0105 0x07b8  rdpbus - ok
12:01:18.0120 0x07b8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:01:18.0136 0x07b8  RDPCDD - ok
12:01:18.0167 0x07b8  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:01:18.0198 0x07b8  RDPDR - ok
12:01:18.0214 0x07b8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:01:18.0245 0x07b8  RDPENCDD - ok
12:01:18.0261 0x07b8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:01:18.0276 0x07b8  RDPREFMP - ok
12:01:18.0307 0x07b8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:01:18.0354 0x07b8  RDPWD - ok
12:01:18.0385 0x07b8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:01:18.0385 0x07b8  rdyboost - ok
12:01:18.0417 0x07b8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:01:18.0448 0x07b8  RemoteAccess - ok
12:01:18.0463 0x07b8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:01:18.0510 0x07b8  RemoteRegistry - ok
12:01:18.0526 0x07b8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:01:18.0557 0x07b8  RpcEptMapper - ok
12:01:18.0573 0x07b8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:01:18.0604 0x07b8  RpcLocator - ok
12:01:18.0666 0x07b8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:01:18.0713 0x07b8  RpcSs - ok
12:01:18.0729 0x07b8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:01:18.0775 0x07b8  rspndr - ok
12:01:18.0838 0x07b8  [ 6C90231046FB9FC4123C42179832817F, 68161EC19787C074B9B3B3426E744FBDD637E8A72ABB51436ED83DD1554A68C6 ] s117bus         C:\Windows\system32\DRIVERS\s117bus.sys
12:01:18.0853 0x07b8  s117bus - ok
12:01:18.0869 0x07b8  [ 3279341C90EF8F226AF77623039F4495, DAE52030277454601A401DBCE8ABACB9952362968C2C1D848AD594DC7CBB478D ] s117mdfl        C:\Windows\system32\DRIVERS\s117mdfl.sys
12:01:18.0885 0x07b8  s117mdfl - ok
12:01:18.0900 0x07b8  [ 73E331F555279E753B312675DDAF4516, 07592A944057B613E5BC19BE459F221423A16E792A3B0421DABE6D74A414C147 ] s117mdm         C:\Windows\system32\DRIVERS\s117mdm.sys
12:01:18.0916 0x07b8  s117mdm - ok
12:01:18.0931 0x07b8  [ D420731FD2880F0F40F20771EFAAD671, 6CFE6B5FD22530A6BD55BC0E7C1BB4A3701D51F36613FAB07BB1E361C1B0A7A1 ] s117mgmt        C:\Windows\system32\DRIVERS\s117mgmt.sys
12:01:18.0947 0x07b8  s117mgmt - ok
12:01:18.0978 0x07b8  [ 98236CA5A9A77D0983AC3F6D6527C796, D27C1C123CC4FCDF2EC54C12EE1A60FBCA9252EDA3D5635A45C2CDAF5763AE9E ] s117nd5         C:\Windows\system32\DRIVERS\s117nd5.sys
12:01:18.0994 0x07b8  s117nd5 - ok
12:01:19.0009 0x07b8  [ 1DD613909477AE298C98E86617EC356B, FA848B6BFB0C5313BB9AC37B0196D2B49F4AE0E8906C92624F10E602614654D3 ] s117obex        C:\Windows\system32\DRIVERS\s117obex.sys
12:01:19.0025 0x07b8  s117obex - ok
12:01:19.0056 0x07b8  [ 9A22DF5FE9B6BE279D820776A6ADB56F, 77790E331C7C10850B40EBE8FD99A536BB467935832D895D082639DAA3A86E6A ] s117unic        C:\Windows\system32\DRIVERS\s117unic.sys
12:01:19.0072 0x07b8  s117unic - ok
12:01:19.0087 0x07b8  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:01:19.0103 0x07b8  s3cap - ok
12:01:19.0150 0x07b8  [ 2C67136609D17B2A8FF07E171B467139, 39C07C388AE05B25C632D5115742F0BF69EB5391A9DA82D296C3F9F5F9686F6F ] SaiH0763        C:\Windows\system32\DRIVERS\SaiH0763.sys
12:01:19.0181 0x07b8  SaiH0763 - ok
12:01:19.0212 0x07b8  [ 231A3700154B1A49C2F05CB0DA4B2747, 32BEA02B276D6894EF39BCB7D827456AC3787AD8D8AC3C6FEC89CA03BA7A5DD3 ] SaiH0BAC        C:\Windows\system32\DRIVERS\SaiH0BAC.sys
12:01:19.0243 0x07b8  SaiH0BAC - ok
12:01:19.0243 0x07b8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
12:01:19.0259 0x07b8  SamSs - ok
12:01:19.0290 0x07b8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:01:19.0306 0x07b8  sbp2port - ok
12:01:19.0321 0x07b8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:01:19.0353 0x07b8  SCardSvr - ok
12:01:19.0384 0x07b8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:01:19.0415 0x07b8  scfilter - ok
12:01:19.0477 0x07b8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:01:19.0540 0x07b8  Schedule - ok
12:01:19.0571 0x07b8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:01:19.0602 0x07b8  SCPolicySvc - ok
12:01:19.0633 0x07b8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:01:19.0665 0x07b8  SDRSVC - ok
12:01:19.0696 0x07b8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:01:19.0727 0x07b8  secdrv - ok
12:01:19.0758 0x07b8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:01:19.0789 0x07b8  seclogon - ok
12:01:19.0821 0x07b8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:01:19.0867 0x07b8  SENS - ok
12:01:19.0883 0x07b8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:01:19.0977 0x07b8  SensrSvc - ok
12:01:20.0008 0x07b8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:01:20.0023 0x07b8  Serenum - ok
12:01:20.0039 0x07b8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:01:20.0055 0x07b8  Serial - ok
12:01:20.0086 0x07b8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:01:20.0101 0x07b8  sermouse - ok
12:01:20.0164 0x07b8  [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
12:01:20.0195 0x07b8  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
12:01:20.0195 0x07b8  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
12:01:20.0242 0x07b8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:01:20.0289 0x07b8  SessionEnv - ok
12:01:20.0320 0x07b8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:01:20.0335 0x07b8  sffdisk - ok
12:01:20.0351 0x07b8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:01:20.0367 0x07b8  sffp_mmc - ok
12:01:20.0382 0x07b8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:01:20.0398 0x07b8  sffp_sd - ok
12:01:20.0413 0x07b8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:01:20.0429 0x07b8  sfloppy - ok
12:01:20.0460 0x07b8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:01:20.0507 0x07b8  SharedAccess - ok
12:01:20.0554 0x07b8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:01:20.0585 0x07b8  ShellHWDetection - ok
12:01:20.0601 0x07b8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:01:20.0616 0x07b8  SiSRaid2 - ok
12:01:20.0647 0x07b8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:01:20.0663 0x07b8  SiSRaid4 - ok
12:01:20.0679 0x07b8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:01:20.0710 0x07b8  Smb - ok
12:01:20.0741 0x07b8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:01:20.0757 0x07b8  SNMPTRAP - ok
12:01:20.0757 0x07b8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:01:20.0772 0x07b8  spldr - ok
12:01:20.0819 0x07b8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:01:20.0850 0x07b8  Spooler - ok
12:01:20.0991 0x07b8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:01:21.0115 0x07b8  sppsvc - ok
12:01:21.0131 0x07b8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:01:21.0178 0x07b8  sppuinotify - ok
12:01:21.0193 0x07b8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:01:21.0240 0x07b8  srv - ok
12:01:21.0256 0x07b8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:01:21.0287 0x07b8  srv2 - ok
12:01:21.0303 0x07b8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:01:21.0334 0x07b8  srvnet - ok
12:01:21.0349 0x07b8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:01:21.0396 0x07b8  SSDPSRV - ok
12:01:21.0412 0x07b8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:01:21.0443 0x07b8  SstpSvc - ok
12:01:21.0537 0x07b8  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:01:21.0583 0x07b8  Stereo Service - ok
12:01:21.0615 0x07b8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:01:21.0630 0x07b8  stexstor - ok
12:01:21.0693 0x07b8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:01:21.0755 0x07b8  stisvc - ok
12:01:21.0786 0x07b8  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:01:21.0817 0x07b8  storflt - ok
12:01:21.0833 0x07b8  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
12:01:21.0864 0x07b8  StorSvc - ok
12:01:21.0880 0x07b8  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:01:21.0895 0x07b8  storvsc - ok
12:01:21.0911 0x07b8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:01:21.0927 0x07b8  swenum - ok
12:01:21.0958 0x07b8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:01:22.0020 0x07b8  swprv - ok
12:01:22.0129 0x07b8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:01:22.0207 0x07b8  SysMain - ok
12:01:22.0223 0x07b8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:01:22.0254 0x07b8  TabletInputService - ok
12:01:22.0285 0x07b8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:01:22.0332 0x07b8  TapiSrv - ok
12:01:22.0348 0x07b8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:01:22.0395 0x07b8  TBS - ok
12:01:22.0488 0x07b8  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:01:22.0566 0x07b8  Tcpip - ok
12:01:22.0629 0x07b8  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:01:22.0675 0x07b8  TCPIP6 - ok
12:01:22.0691 0x07b8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:01:22.0722 0x07b8  tcpipreg - ok
12:01:22.0753 0x07b8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:01:22.0785 0x07b8  TDPIPE - ok
12:01:22.0816 0x07b8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:01:22.0831 0x07b8  TDTCP - ok
12:01:22.0863 0x07b8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:01:22.0925 0x07b8  tdx - ok
12:01:22.0941 0x07b8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:01:22.0956 0x07b8  TermDD - ok
12:01:23.0003 0x07b8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:01:23.0050 0x07b8  TermService - ok
12:01:23.0097 0x07b8  [ CE4B6956E4E12492715A53076E58761F, 0D12934B8F7D18F5785A3EAEDEC2CBD1C3627F7D73C73E9329C73A3B99990D36 ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
12:01:23.0097 0x07b8  TFsExDisk - ok
12:01:23.0128 0x07b8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:01:23.0143 0x07b8  Themes - ok
12:01:23.0159 0x07b8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:01:23.0190 0x07b8  THREADORDER - ok
12:01:23.0206 0x07b8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:01:23.0253 0x07b8  TrkWks - ok
12:01:23.0299 0x07b8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:01:23.0377 0x07b8  TrustedInstaller - ok
12:01:23.0393 0x07b8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:01:23.0424 0x07b8  tssecsrv - ok
12:01:23.0455 0x07b8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:01:23.0487 0x07b8  TsUsbFlt - ok
12:01:23.0533 0x07b8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:01:23.0596 0x07b8  tunnel - ok
12:01:23.0627 0x07b8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:01:23.0643 0x07b8  uagp35 - ok
12:01:23.0674 0x07b8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:01:23.0721 0x07b8  udfs - ok
12:01:23.0736 0x07b8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:01:23.0752 0x07b8  UI0Detect - ok
12:01:23.0767 0x07b8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:01:23.0783 0x07b8  uliagpkx - ok
12:01:23.0814 0x07b8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
12:01:23.0845 0x07b8  umbus - ok
12:01:23.0861 0x07b8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:01:23.0877 0x07b8  UmPass - ok
12:01:23.0908 0x07b8  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:01:23.0955 0x07b8  UmRdpService - ok
12:01:23.0970 0x07b8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:01:24.0017 0x07b8  upnphost - ok
12:01:24.0048 0x07b8  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:01:24.0079 0x07b8  usbccgp - ok
12:01:24.0111 0x07b8  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:01:24.0126 0x07b8  usbcir - ok
12:01:24.0142 0x07b8  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:01:24.0157 0x07b8  usbehci - ok
12:01:24.0189 0x07b8  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:01:24.0220 0x07b8  usbhub - ok
12:01:24.0235 0x07b8  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:01:24.0267 0x07b8  usbohci - ok
12:01:24.0282 0x07b8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:01:24.0298 0x07b8  usbprint - ok
12:01:24.0329 0x07b8  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:01:24.0345 0x07b8  usbscan - ok
12:01:24.0360 0x07b8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:01:24.0376 0x07b8  USBSTOR - ok
12:01:24.0391 0x07b8  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:01:24.0407 0x07b8  usbuhci - ok
12:01:24.0423 0x07b8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:01:24.0469 0x07b8  UxSms - ok
12:01:24.0485 0x07b8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
12:01:24.0501 0x07b8  VaultSvc - ok
12:01:24.0516 0x07b8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:01:24.0516 0x07b8  vdrvroot - ok
12:01:24.0563 0x07b8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:01:24.0610 0x07b8  vds - ok
12:01:24.0641 0x07b8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:01:24.0657 0x07b8  vga - ok
12:01:24.0657 0x07b8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:01:24.0688 0x07b8  VgaSave - ok
12:01:24.0719 0x07b8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:01:24.0735 0x07b8  vhdmp - ok
12:01:24.0750 0x07b8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:01:24.0766 0x07b8  viaide - ok
12:01:24.0781 0x07b8  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:01:24.0797 0x07b8  vmbus - ok
12:01:24.0828 0x07b8  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:01:24.0875 0x07b8  VMBusHID - ok
12:01:24.0891 0x07b8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:01:24.0906 0x07b8  volmgr - ok
12:01:24.0937 0x07b8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:01:24.0969 0x07b8  volmgrx - ok
12:01:25.0000 0x07b8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:01:25.0015 0x07b8  volsnap - ok
12:01:25.0047 0x07b8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:01:25.0062 0x07b8  vsmraid - ok
12:01:25.0125 0x07b8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:01:25.0218 0x07b8  VSS - ok
12:01:25.0234 0x07b8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:01:25.0249 0x07b8  vwifibus - ok
12:01:25.0265 0x07b8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:01:25.0296 0x07b8  vwififlt - ok
12:01:25.0327 0x07b8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:01:25.0374 0x07b8  W32Time - ok
12:01:25.0405 0x07b8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:01:25.0452 0x07b8  WacomPen - ok
12:01:25.0483 0x07b8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:01:25.0546 0x07b8  WANARP - ok
12:01:25.0546 0x07b8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:01:25.0577 0x07b8  Wanarpv6 - ok
12:01:25.0671 0x07b8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:01:25.0749 0x07b8  wbengine - ok
12:01:25.0764 0x07b8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:01:25.0780 0x07b8  WbioSrvc - ok
12:01:25.0811 0x07b8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:01:25.0858 0x07b8  wcncsvc - ok
12:01:25.0873 0x07b8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:01:25.0936 0x07b8  WcsPlugInService - ok
12:01:25.0951 0x07b8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:01:26.0014 0x07b8  Wd - ok
12:01:26.0076 0x07b8  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:01:26.0139 0x07b8  Wdf01000 - ok
12:01:26.0139 0x07b8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:01:26.0201 0x07b8  WdiServiceHost - ok
12:01:26.0201 0x07b8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:01:26.0217 0x07b8  WdiSystemHost - ok
12:01:26.0248 0x07b8  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
12:01:26.0279 0x07b8  WebClient - ok
12:01:26.0310 0x07b8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:01:26.0388 0x07b8  Wecsvc - ok
12:01:26.0388 0x07b8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:01:26.0419 0x07b8  wercplsupport - ok
12:01:26.0451 0x07b8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:01:26.0513 0x07b8  WerSvc - ok
12:01:26.0560 0x07b8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:01:26.0607 0x07b8  WfpLwf - ok
12:01:26.0622 0x07b8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:01:26.0638 0x07b8  WIMMount - ok
12:01:26.0653 0x07b8  WinDefend - ok
12:01:26.0653 0x07b8  WinHttpAutoProxySvc - ok
12:01:26.0700 0x07b8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:01:26.0731 0x07b8  Winmgmt - ok
12:01:26.0841 0x07b8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:01:26.0934 0x07b8  WinRM - ok
12:01:26.0997 0x07b8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:01:27.0028 0x07b8  WinUsb - ok
12:01:27.0059 0x07b8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:01:27.0106 0x07b8  Wlansvc - ok
12:01:27.0137 0x07b8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:01:27.0168 0x07b8  WmiAcpi - ok
12:01:27.0199 0x07b8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:01:27.0231 0x07b8  wmiApSrv - ok
12:01:27.0246 0x07b8  WMPNetworkSvc - ok
12:01:27.0262 0x07b8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:01:27.0277 0x07b8  WPCSvc - ok
12:01:27.0324 0x07b8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:01:27.0340 0x07b8  WPDBusEnum - ok
12:01:27.0355 0x07b8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:01:27.0402 0x07b8  ws2ifsl - ok
12:01:27.0402 0x07b8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:01:27.0433 0x07b8  wscsvc - ok
12:01:27.0449 0x07b8  WSearch - ok
12:01:27.0574 0x07b8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:01:27.0652 0x07b8  wuauserv - ok
12:01:27.0683 0x07b8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:01:27.0714 0x07b8  WudfPf - ok
12:01:27.0730 0x07b8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:01:27.0761 0x07b8  WUDFRd - ok
12:01:27.0792 0x07b8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:01:27.0808 0x07b8  wudfsvc - ok
12:01:27.0839 0x07b8  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:01:27.0917 0x07b8  WwanSvc - ok
12:01:27.0948 0x07b8  ================ Scan global ===============================
12:01:27.0964 0x07b8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:01:27.0995 0x07b8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:01:28.0026 0x07b8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:01:28.0057 0x07b8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:01:28.0073 0x07b8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:01:28.0104 0x07b8  [ Global ] - ok
12:01:28.0104 0x07b8  ================ Scan MBR ==================================
12:01:28.0104 0x07b8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:01:28.0338 0x07b8  \Device\Harddisk0\DR0 - ok
12:01:28.0338 0x07b8  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR1
12:01:28.0416 0x07b8  \Device\Harddisk1\DR1 - ok
12:01:28.0416 0x07b8  ================ Scan VBR ==================================
12:01:28.0416 0x07b8  [ B8FE1451F3C2C39E18591D02B9597AA8 ] \Device\Harddisk0\DR0\Partition1
12:01:28.0416 0x07b8  \Device\Harddisk0\DR0\Partition1 - ok
12:01:28.0432 0x07b8  [ C69A58A64D81410C99F80D6A3143C185 ] \Device\Harddisk1\DR1\Partition1
12:01:28.0432 0x07b8  \Device\Harddisk1\DR1\Partition1 - ok
12:01:28.0432 0x07b8  ================ Scan generic autorun ======================
12:01:28.0494 0x07b8  [ 1CA348E62B9A62444573FEB12AF5F1B2, 08576A4291BC2D56C12170C9D8622ABF3684D5A2B6C75BE792F2B02B97065655 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
12:01:28.0525 0x07b8  AVP - ok
12:01:28.0557 0x07b8  [ 5CA1626C5FC942EDE31F2FF31E9632E2, 270A528B310CDC82E4246259967FE9E38BCAB8BE84B272A1991258C6ACCB55B5 ] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
12:01:28.0572 0x07b8  SSBkgdUpdate - ok
12:01:28.0635 0x07b8  [ 8A6ECE22270BD9D4CFD4553E26B5C69A, 5718B0E7ECF55A81EC5E8E6C8B4835F8DB99C3DA54F9A5E6AF86AC5C4EEC2D4A ] C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
12:01:28.0666 0x07b8  OpwareSE4 - ok
12:01:28.0697 0x07b8  [ E0D6538B62C79FCBF0B27F95FAF3208B, 0FA65F63194743B9ADD34D55555D524015E780A12C8F4AA83EF57D8139A4DCFD ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:01:28.0713 0x07b8  SunJavaUpdateSched - ok
12:01:28.0775 0x07b8  [ 21293443961A4E2597453EE7A9347F22, FDA88181C975C251E56D5A38E5473F45B9CB4E1258A6E93320D34D656AB1E6ED ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
12:01:28.0806 0x07b8  HP Software Update - ok
12:01:28.0837 0x07b8  RegUse - ok
12:01:28.0915 0x07b8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:01:28.0978 0x07b8  Sidebar - ok
12:01:29.0009 0x07b8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:01:29.0025 0x07b8  mctadmin - ok
12:01:29.0071 0x07b8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:01:29.0103 0x07b8  Sidebar - ok
12:01:29.0103 0x07b8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:01:29.0118 0x07b8  mctadmin - ok
12:01:29.0165 0x07b8  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
12:01:29.0196 0x07b8  swg - ok
12:01:29.0243 0x07b8  [ 64584E925516568C2F6ACF337991E9BC, 4B5005B95D056D54613F0DF7F8E7F8184EEA6977F1A090A27B7797612C14DEDB ] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
12:01:29.0290 0x07b8  AutoStartNPSAgent - detected UnsignedFile.Multi.Generic ( 1 )
12:01:29.0290 0x07b8  AutoStartNPSAgent ( UnsignedFile.Multi.Generic ) - warning
12:01:29.0290 0x07b8  Force sending object to P2P due to detect: C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
12:01:29.0290 0x07b8  Object send P2P result: false
12:01:29.0305 0x07b8  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
12:01:29.0337 0x07b8  swg - ok
12:01:29.0383 0x07b8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:01:29.0415 0x07b8  Sidebar - ok
12:01:29.0430 0x07b8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:01:29.0446 0x07b8  mctadmin - ok
12:01:29.0461 0x07b8  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\wmiav.exe ( 9.0.0.463 ), 0x40010 ( disabled : outofdate )
12:01:29.0461 0x07b8  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\wmifw.exe ( 9.0.0.463 ), 0x40010 ( disabled )
12:01:29.0461 0x07b8  Win FW state via NFP2: enabled ( trusted )
12:01:29.0461 0x07b8  ============================================================
12:01:29.0461 0x07b8  Scan finished
12:01:29.0461 0x07b8  ============================================================
12:01:29.0477 0x0bdc  Detected object count: 8
12:01:29.0477 0x0bdc  Actual detected object count: 8
12:02:15.0263 0x0bdc  acedrv07 ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:15.0263 0x0bdc  acedrv07 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:02:15.0279 0x0bdc  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:15.0279 0x0bdc  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:02:15.0279 0x0bdc  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:15.0279 0x0bdc  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:02:15.0279 0x0bdc  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:15.0279 0x0bdc  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:02:15.0279 0x0bdc  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:15.0279 0x0bdc  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:02:15.0279 0x0bdc  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:15.0279 0x0bdc  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:02:15.0279 0x0bdc  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:15.0279 0x0bdc  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:02:15.0279 0x0bdc  AutoStartNPSAgent ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:15.0279 0x0bdc  AutoStartNPSAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:02:24.0717 0x0f90  Deinitialize success

schrauber · 25.10.2015, 05:54

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Flick · 26.10.2015, 07:55

Hallo schrauber,

anbei der CombofixLog:

Code:

ATTFilter

ComboFix 15-10-26.01 - Stefan 26.10.2015   8:51.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8191.6546 [GMT 1:00]
ausgeführt von:: c:\users\Stefan\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {AE1D740B-8F0F-D137-211D-873D44B3F4AE}
FW: Kaspersky Internet Security *Disabled* {9626F52E-C560-D06F-0A42-2E08BA60B3D5}
SP: Kaspersky Internet Security *Disabled/Updated* {157C95EF-A935-DEB9-1BAD-BC4F3F34BE13}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-09-26 bis 2015-10-26  ))))))))))))))))))))))))))))))
.
.
2015-10-26 07:55 . 2015-10-26 07:55	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2015-10-26 07:55 . 2015-10-26 07:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-10-26 07:55 . 2015-10-26 07:55	--------	d-----w-	c:\users\Tanja\AppData\Local\temp
2015-10-26 07:41 . 2015-10-26 07:41	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{EA467762-05AE-4900-AF3B-99036906FA4E}\offreg.dll
2015-10-24 08:54 . 2015-10-24 08:54	--------	d-----w-	c:\programdata\Malwarebytes
2015-10-24 08:54 . 2015-10-26 07:37	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-10-24 08:54 . 2015-10-24 09:42	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-24 08:50 . 2015-10-24 09:40	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-10-23 20:43 . 2015-10-23 20:44	--------	d-----w-	C:\FRST
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
"{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}"= "c:\program files (x86)\WiseConvert\prxtbWis0.dll" [2011-05-09 176936]
"{78e516ef-11de-47a1-8364-a99b917ec5ee}"= "c:\program files (x86)\FileConverter_1.3\prxtbFile.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]
.
[HKEY_CLASSES_ROOT\clsid\{78e516ef-11de-47a1-8364-a99b917ec5ee}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{78e516ef-11de-47a1-8364-a99b917ec5ee}]
2011-05-09 09:49	176936	----a-w-	c:\program files (x86)\FileConverter_1.3\prxtbFile.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-23 19:20	1515688	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]
2011-05-09 08:49	176936	----a-w-	c:\program files (x86)\WiseConvert\prxtbWis0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
"{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}"= "c:\program files (x86)\WiseConvert\prxtbWis0.dll" [2011-05-09 176936]
"{78e516ef-11de-47a1-8364-a99b917ec5ee}"= "c:\program files (x86)\FileConverter_1.3\prxtbFile.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]
.
[HKEY_CLASSES_ROOT\clsid\{78e516ef-11de-47a1-8364-a99b917ec5ee}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-25 39408]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-05-14 102400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-07-03 303376]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-08-23 887976]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-02 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
W541U V2.0.lnk - c:\program files (x86)\Tenda\W541U V2.0\UI.exe [2010-1-17 2273280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 SaiH0763;SaiH0763;c:\windows\system32\DRIVERS\SaiH0763.sys;c:\windows\SYSNATIVE\DRIVERS\SaiH0763.sys [x]
R3 SaiH0BAC;SaiH0BAC;c:\windows\system32\DRIVERS\SaiH0BAC.sys;c:\windows\SYSNATIVE\DRIVERS\SaiH0BAC.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\DRIVERS\klbg.sys;c:\windows\SYSNATIVE\DRIVERS\klbg.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2015-10-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-04 08:43]
.
2015-10-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01 08:26]
.
2015-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01 08:26]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-NPSStartup - (no file)
Wow6432Node-HKLM-Run-RegUse - c:\program files (x86)\RegUse\RegUse.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
c:\users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe
c:\users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
WebBrowser-{78E516EF-11DE-47A1-8364-A99B917EC5EE} - (no file)
AddRemove-BattlEye for A2 - c:\program files (x86)\Bohemia Interactive\ArmA 2BattlEye\UnInstallBE.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-10-26  08:57:36
ComboFix-quarantined-files.txt  2015-10-26 07:57
.
Vor Suchlauf: 18 Verzeichnis(se), 387.882.479.616 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 389.040.521.216 Bytes frei
.
- - End Of File - - BD8E13BA7D3533D34044C784385B0BEF
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 26.10.2015, 19:08

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Flick · 26.10.2015, 20:36

Guten Abend,

MBAM:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 26.10.2015
Suchlaufzeit: 19:47
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.10.26.05
Rootkit-Datenbank: v2015.10.23.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Stefan

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 412500
Abgelaufene Zeit: 11 Min., 26 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 9
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll, Löschen bei Neustart, [cbc272e9ec9f5dd96c4d06bd669aa65a], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\WiseConvert\prxtbWis2.dll, Löschen bei Neustart, [107d8dce0e7dde586d4c5d66da264db3], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\WiseConvert\ldrtbWis2.dll, Löschen bei Neustart, [0b82da818efd3ff79920af141de3629e], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\WiseConvert\tbWis2.dll, Löschen bei Neustart, [6e1fc992cdbe9e9819a0962d6f91fb05], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\WiseConvert\hktbWis2.dll, Löschen bei Neustart, [1b72b8a3810a58defebb467d5da3c63a], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\prxtbFil0.dll, Löschen bei Neustart, [bcd1ce8d5932ef4720996b5807f958a8], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ldrtbFil0.dll, Löschen bei Neustart, [6a23b3a8bfccd165d0e9487bcc34926e], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\tbFil0.dll, Löschen bei Neustart, [d3baf06b414a7eb82b8e8241728e6f91], 
PUP.Optional.ConduitTB.Gen, C:\Users\Stefan\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll, Löschen bei Neustart, [0984aead810aa0961ea4480cf310e818], 

Registrierungsschlüssel: 40
PUP.Optional.FileConverter, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{78E516EF-11DE-47A1-8364-A99B917EC5EE}, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{153D7D79-706C-443D-BA98-41CA86982C9D}, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\CLASSES\Toolbar.CT3241949, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT3241949, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar.CT3241949, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{153D7D79-706C-443D-BA98-41CA86982C9D}, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{153D7D79-706C-443D-BA98-41CA86982C9D}, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{153D7D79-706C-443D-BA98-41CA86982C9D}, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{78E516EF-11DE-47A1-8364-A99B917EC5EE}, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{78E516EF-11DE-47A1-8364-A99B917EC5EE}, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{78E516EF-11DE-47A1-8364-A99B917EC5EE}, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{78E516EF-11DE-47A1-8364-A99B917EC5EE}, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\Toolbar.CT3196716, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT3196716, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar.CT3196716, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}, In Quarantäne, [d0bdf467ee9ddf57d3f0cc88758e0df3], 
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}, In Quarantäne, [d0bdf467ee9ddf57d3f0cc88758e0df3], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\WOW6432NODE\FileConverter_1.3, In Quarantäne, [c3ca2a316f1c043201e2085625de21df], 
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0974698-3307-475F-8135-36CFF753BA3A}, In Quarantäne, [e5a8510ad3b84ee808bd9fb531d27090], 
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E692F807-0A33-43FB-8432-3F8D5C0D981E}, In Quarantäne, [6e1f07549fecf640467f88ccad5643bd], 
PUP.Optional.FileConverter, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\FileConverter_1.3, In Quarantäne, [305df96214778bab1bc7e07eb74cdb25], 
PUP.Optional.Conduit, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\Tbccint_HKLM, In Quarantäne, [206d68f3ccbff83e3c7561f3ab58bd43], 
PUP.Optional.Conduit, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, In Quarantäne, [c1ccee6dfb90d165752ff460ca39629e], 
PUP.Optional.FileConverter, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\APPDATALOW\SOFTWARE\FileConverter_1.3, In Quarantäne, [8ffebf9cd7b4c37312cfbca2fc0707f9], 
PUP.Optional.PriceGong, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, In Quarantäne, [127b96c573182b0b11f7afc854afdf21], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E1690CE-27A2-492B-A960-1E58C4D2F22B}, In Quarantäne, [5637ff5c9cef072fdee685cf31d29070], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8660BA7F-7742-4295-AD09-0C147B83538B}, In Quarantäne, [434a89d2791284b2289c93c1f90a0cf4], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0974698-3307-475F-8135-36CFF753BA3A}, In Quarantäne, [b3dabaa16d1e0432daea1a3aa95a8c74], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E692F807-0A33-43FB-8432-3F8D5C0D981E}, In Quarantäne, [c7c6be9d1675c86e9034ea6a5ca7dd23], 
PUP.Optional.Conduit, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{911B82DB-7F9B-4F90-B2E9-E054B1946710}, In Quarantäne, [731a80dbb7d40e28bded0054e61df20e], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FileConverter_1.3 Toolbar, In Quarantäne, [7e0f0e4d632890a6ff9e2a2911f121df], 

Registrierungswerte: 26
PUP.Optional.FileConverter, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{78E516EF-11DE-47A1-8364-A99B917EC5EE}, ï åxÞ ¡Gƒd©›‘~Åî, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82]
PUP.Optional.FileConverter, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{78E516EF-11DE-47A1-8364-A99B917EC5EE}, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{78E516EF-11DE-47A1-8364-A99B917EC5EE}, FileConverter 1.3 Toolbar, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82]
PUP.Optional.FileConverter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{78E516EF-11DE-47A1-8364-A99B917EC5EE}, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.MindSpark, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, ø˜Øëöü”F¼;ê¼rqî±, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84]
PUP.Optional.MindSpark, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, WiseConvert Toolbar, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.MindSpark, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, In Quarantäne, [eca165f68b007db98076839dfc06936d], 
PUP.Optional.FileConverter, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{78E516EF-11DE-47A1-8364-A99B917EC5EE}, In Quarantäne, [cebf74e7e6a544f2efd879a407fb5fa1], 
PUP.Optional.MindSpark, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}, In Quarantäne, [454833283754cb6bd3239f81669cc040], 
PUP.Optional.FileConverter, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{78e516ef-11de-47a1-8364-a99b917ec5ee}, In Quarantäne, [563727342f5ca492be094bd20bf720e0], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}, In Quarantäne, [1479adae414a3501df17d848a35fd32d], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{78e516ef-11de-47a1-8364-a99b917ec5ee}, In Quarantäne, [2f5ec398fe8dcf679d2ada43f2104eb2], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}, In Quarantäne, [e2ab2f2c55366ec876807ca4ed150cf4], 
PUP.Optional.FileConverter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{78e516ef-11de-47a1-8364-a99b917ec5ee}, In Quarantäne, [92fbe17aa4e7c3736a5de23be9196a96], 
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0974698-3307-475F-8135-36CFF753BA3A}|AppPath, C:\Users\Stefan\AppData\Local\Conduit\CT3241949, In Quarantäne, [e5a8510ad3b84ee808bd9fb531d27090]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E692F807-0A33-43FB-8432-3F8D5C0D981E}|AppPath, C:\Users\Stefan\AppData\Local\Conduit\CT3196716, In Quarantäne, [6e1f07549fecf640467f88ccad5643bd]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E1690CE-27A2-492B-A960-1E58C4D2F22B}|AppPath, C:\Users\Stefan\AppData\Local\Conduit\CT3241949, In Quarantäne, [5637ff5c9cef072fdee685cf31d29070]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8660BA7F-7742-4295-AD09-0C147B83538B}|AppPath, C:\Users\Stefan\AppData\Local\Conduit\CT3196716, In Quarantäne, [434a89d2791284b2289c93c1f90a0cf4]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0974698-3307-475F-8135-36CFF753BA3A}|AppPath, C:\Users\Stefan\AppData\Local\Conduit\CT3241949, In Quarantäne, [b3dabaa16d1e0432daea1a3aa95a8c74]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E692F807-0A33-43FB-8432-3F8D5C0D981E}|AppPath, C:\Users\Stefan\AppData\Local\Conduit\CT3196716, In Quarantäne, [c7c6be9d1675c86e9034ea6a5ca7dd23]
PUP.Optional.Conduit, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{911B82DB-7F9B-4F90-B2E9-E054B1946710}|URL, hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949, In Quarantäne, [731a80dbb7d40e28bded0054e61df20e]
PUP.Optional.Conduit, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{911B82DB-7F9B-4F90-B2E9-E054B1946710}|FaviconURL, hxxp://search.conduit.com/favicon.ico, In Quarantäne, [ee9fd08b494293a338727bd97f84ac54]
PUP.Optional.Conduit, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{911B82DB-7F9B-4F90-B2E9-E054B1946710}|SuggestionsURL_JSON, hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, In Quarantäne, [05880952e8a3082e2981cd87b64d768a]
PUP.Optional.Conduit, HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BackgroundContainerV2, "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Stefan\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun, In Quarantäne, [4a43db80444782b403b40e65c04239c7]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 54
PUP.Optional.ConduitTB.Gen, C:\Users\Stefan\AppData\Local\Conduit\CT3196716, In Quarantäne, [0984aead810aa0961ea4480cf310e818], 
PUP.Optional.ConduitTB.Gen, C:\Users\Stefan\AppData\Local\Conduit, Löschen bei Neustart, [0984aead810aa0961ea4480cf310e818], 
PUP.Optional.ConduitTB.Gen, C:\Users\Stefan\AppData\Local\Conduit\BackgroundContainer, Löschen bei Neustart, [0984aead810aa0961ea4480cf310e818], 
PUP.Optional.ConduitTB.Gen, C:\Users\Stefan\AppData\Local\Conduit\Community Alerts, In Quarantäne, [0984aead810aa0961ea4480cf310e818], 
PUP.Optional.ConduitTB.Gen, C:\Users\Stefan\AppData\Local\Conduit\CT3241949, In Quarantäne, [0984aead810aa0961ea4480cf310e818], 
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Conduit\Community Alerts, In Quarantäne, [d0bdf467ee9ddf57d3f0cc88758e0df3], 
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Conduit, In Quarantäne, [d0bdf467ee9ddf57d3f0cc88758e0df3], 
PUP.Optional.FileConverter, C:\Program Files (x86)\FileConverter_1.3, In Quarantäne, [7e0f0e4d632890a6ff9e2a2911f121df], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\Local\Temp\FileConverter_1.3, In Quarantäne, [d2bb64f7ec9f75c109954d06a85a728e], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3, Löschen bei Neustart, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Logs, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons, Löschen bei Neustart, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\AddedAppDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\DefualtImages, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\DetectedAppDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\EngineFirstTimeDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\NewSearchProtectorDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\NewSearchProtectorDialog\images, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorBubbleDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorBubbleDialog\images, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorDialog\Images, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorRetakeoverDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorRetakeoverDialog\Images, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\images, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarUntrustedAppsApprovalDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\UninstallDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\UntrustedAddedAppDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\UntrustedAppApprovalDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\UntrustedAppPendingDialog, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\EmailNotifier, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ExternalComponent, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\MyStuffApps, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\plugins, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\RadioPlayer, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\AppsMetaData, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\DynamicDialogs, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarHiddenLogin, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarHiddenSettings, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarLogin, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarSettings, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_de, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_de\ToolbarTranslation, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\SearchInNewTab, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\UserDefinedItems, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 

Dateien: 258
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll, Löschen bei Neustart, [cbc272e9ec9f5dd96c4d06bd669aa65a], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\WiseConvert\prxtbWis2.dll, Löschen bei Neustart, [107d8dce0e7dde586d4c5d66da264db3], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\WiseConvert\ldrtbWis2.dll, Löschen bei Neustart, [0b82da818efd3ff79920af141de3629e], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\WiseConvert\tbWis2.dll, Löschen bei Neustart, [6e1fc992cdbe9e9819a0962d6f91fb05], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\WiseConvert\hktbWis2.dll, Löschen bei Neustart, [1b72b8a3810a58defebb467d5da3c63a], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\prxtbFil0.dll, Löschen bei Neustart, [bcd1ce8d5932ef4720996b5807f958a8], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ldrtbFil0.dll, Löschen bei Neustart, [6a23b3a8bfccd165d0e9487bcc34926e], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\tbFil0.dll, Löschen bei Neustart, [d3baf06b414a7eb82b8e8241728e6f91], 
PUP.Optional.FileConverter, C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll, In Quarantäne, [612c18435a313afcd2f57aa3f0127e82], 
PUP.Optional.MindSpark, C:\Program Files (x86)\WiseConvert\prxtbWis0.dll, In Quarantäne, [7e0fa8b3acdf7cbaa155c25ebf437c84], 
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\FileConverter_1.3\ldrtbFile.dll, In Quarantäne, [bcd139222962b08644790d457a8aae52], 
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\FileConverter_1.3\tbFile.dll, In Quarantäne, [1677d685890260d6c0fdb59d758f21df], 
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\WiseConvert\ldrtbWise.dll, In Quarantäne, [f598b5a66823af87a91489c93acadd23], 
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\WiseConvert\prxtbWise.dll, In Quarantäne, [2f5e65f6cebd37ff58656ae8768e6d93], 
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\WiseConvert\tbWise.dll, In Quarantäne, [602dd982a3e856e06e4f54fe51b347b9], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\Local\Temp\WiseConvert\nscE745.tbWis2.dll, In Quarantäne, [137a3b201675ad890cad764d718fab55], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\Local\Temp\FileConverter_1.3\nssE755.tbFil0.dll, In Quarantäne, [78150b50cbc036003e7b8c372cd4be42], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\Local\Conduit\Community Alerts\Aler0.dll, In Quarantäne, [98f5fa61cdbeee4852677a4940c0c937], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\Local\Conduit\Community Alerts\Alert.dll, In Quarantäne, [8706d487bad162d43f7a428124dcc040], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\Local\Conduit\CT3196716\WiseConvertAutoUpdateHelper.exe, In Quarantäne, [6726c695dfac14224079d5ee7f811ce4], 
PUP.Optional.ClientConnect, C:\Users\Stefan\AppData\Local\Conduit\CT3241949\FileConverter_1.3AutoUpdateHelper.exe, In Quarantäne, [0a83ee6dc3c8c76f5762f0d35fa1e21e], 
PUP.Optional.ConduitTB.Gen, C:\Users\Stefan\AppData\Local\Conduit\CT3196716\WiseConvertToolbarHelper.exe, In Quarantäne, [0984aead810aa0961ea4480cf310e818], 
PUP.Optional.ConduitTB.Gen, C:\Users\Stefan\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll, Löschen bei Neustart, [0984aead810aa0961ea4480cf310e818], 
PUP.Optional.ConduitTB.Gen, C:\Users\Stefan\AppData\Local\Conduit\CT3241949\FileConverter_1.3ToolbarHelper.exe, In Quarantäne, [0984aead810aa0961ea4480cf310e818], 
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll, In Quarantäne, [d0bdf467ee9ddf57d3f0cc88758e0df3], 
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Conduit\Community Alerts\Alert0.dll, In Quarantäne, [d0bdf467ee9ddf57d3f0cc88758e0df3], 
PUP.Optional.FileConverter, C:\Program Files (x86)\FileConverter_1.3\FileConverter_1.3ToolbarHelper.exe, In Quarantäne, [7e0f0e4d632890a6ff9e2a2911f121df], 
PUP.Optional.FileConverter, C:\Program Files (x86)\FileConverter_1.3\GottenAppsContextMenu.xml, In Quarantäne, [7e0f0e4d632890a6ff9e2a2911f121df], 
PUP.Optional.FileConverter, C:\Program Files (x86)\FileConverter_1.3\OtherAppsContextMenu.xml, In Quarantäne, [7e0f0e4d632890a6ff9e2a2911f121df], 
PUP.Optional.FileConverter, C:\Program Files (x86)\FileConverter_1.3\SharedAppsContextMenu.xml, In Quarantäne, [7e0f0e4d632890a6ff9e2a2911f121df], 
PUP.Optional.FileConverter, C:\Program Files (x86)\FileConverter_1.3\toolbar.cfg, In Quarantäne, [7e0f0e4d632890a6ff9e2a2911f121df], 
PUP.Optional.FileConverter, C:\Program Files (x86)\FileConverter_1.3\ToolbarContextMenu.xml, In Quarantäne, [7e0f0e4d632890a6ff9e2a2911f121df], 
PUP.Optional.FileConverter, C:\Program Files (x86)\FileConverter_1.3\uninstall.exe, In Quarantäne, [7e0f0e4d632890a6ff9e2a2911f121df], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\hk64tbFil0.dll, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\hk64tbFil2.dll, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\hktbFil0.dll, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\hktbFil2.dll, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ldrtbFil2.dll, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ldrtbFile.dll, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\tbFil1.dll, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\tbFil2.dll, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\tbFile.dll, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ThirdPartyComponents.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\toolbar.cfg, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_ClientImages_radio_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633590751044362500_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633590751926237500_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633590752453893750_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633590753577643750_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633629754211018750_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_Email_xml-10-Classic-633439771938243750_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_SearchActivationButton-go_but01_gif-General-633629754908675000_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_clock_ico.ico, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633590750635300000_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_MarketPlace_93_ce3_93951332-f9a7-4af7-af02-17ec3d749ce3_Appearance_634159521796627506_24x24_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___weather_conduit_com_images_weather_Default_drizzle_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_SearchEngines_dictionary_search_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_SearchEngines_ebay_search_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_SearchEngines_encyc_search_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_SearchEngines_shopping_search_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_images_SearchEngines_weather_icon_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_calculator_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_calculator_sci_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_calendar_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_calories_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_clothes_ico.ico, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_coins_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_datecalc_ico.ico, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_fileconverter_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_map_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_spellchecker_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_stopwatch_ico.ico, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_translator_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_unitconverter_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_widget_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_icons_worddef_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___oryte_com_content_todo_img_favicon_ico.ico, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___storage_conduit_com_18_320_CT3201318_Images_634688351076901355_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___tools_wiseconvert_com_images_menu_archive_icon_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___tools_wiseconvert_com_images_menu_audio_icon_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___tools_wiseconvert_com_images_menu_file_tools_icon_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___tools_wiseconvert_com_images_menu_flv_icon_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___tools_wiseconvert_com_images_menu_image_icon_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___tools_wiseconvert_com_images_menu_open_documents_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___tools_wiseconvert_com_images_menu_pdf_icon_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___tools_wiseconvert_com_images_menu_video_icon_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___tools_wiseconvert_com_images_menu_view_pdf_icon_png.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___weather_conduit_com_images_weather_Default_flurries_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___weather_conduit_com_images_weather_Default_hazy_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_night_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___weather_conduit_com_images_weather_Default_snow_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___weather_conduit_com_images_weather_Default_snow_shower_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_night_gif.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\RoundedCornersIE9.css, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\DialogsAPI.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\excanvas.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\generalDialogStyle.css, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\PIE.htc, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\RoundedCorners.css, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\settings.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\version.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\AddedAppDialog\app-added.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\AddedAppDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\DefualtImages\icon.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\DetectedAppDialog\app-2go.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\DetectedAppDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\EngineFirstTimeDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\EngineFirstTimeDialog\right-click.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\NewSearchProtectorDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\NewSearchProtectorDialog\SearchProtector.css, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\NewSearchProtectorDialog\SearchProtector.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\NewSearchProtectorDialog\images\ok-button.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\NewSearchProtectorDialog\images\separation-line.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\NewSearchProtectorDialog\images\warning.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorBubbleDialog\bubble.css, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorBubbleDialog\bubble.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorBubbleDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorBubbleDialog\images\information.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorDialog\SearchProtector.css, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorDialog\SearchProtector.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorDialog\Images\info.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorDialog\Images\ok-on.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorDialog\Images\ok.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorRetakeoverDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\images\divider.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\images\facebook.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\UntrustedAddedAppDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\UntrustedAppApprovalDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\UntrustedAppPendingDialog\main.html, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\EmailNotifier\AccountTypes.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\EmailNotifier\aol.com.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\EmailNotifier\comcast.net.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\EmailNotifier\google.com.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\EmailNotifier\hotmail.com.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\EmailNotifier\yahoo.com.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=de.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=de.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=de.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=de.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ExternalComponent\http___oryte_com_content_translate_xml_tools_xml.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\ExternalComponent\http___tools_wiseconvert_com_tools_xml.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\manifest.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGong_16.png, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\RadioPlayer\IP_Stations_Media_List.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\RadioPlayer\Predefined_Media_List.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\AppsMetaData\data.bck.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\AppsMetaData\data.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\DynamicDialogs\data.bck.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\DynamicDialogs\data.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarHiddenLogin\data.bck.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarHiddenLogin\data.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarHiddenSettings\data.bck.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarHiddenSettings\data.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarLogin\data.bck.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarLogin\data.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarSettings\data.bck.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_CT3241949\ToolbarSettings\data.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_de\ToolbarTranslation\data.bck.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\Repository\conduit_CT3241949_de\ToolbarTranslation\data.txt, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.FileConverter, C:\Users\Stefan\AppData\LocalLow\FileConverter_1.3\SearchInNewTab\SearchInNewTabContent.xml, In Quarantäne, [d2bb2932a9e2072f643b00539f63639d], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\h.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\1.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\15414.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\15833.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\16047.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\16525.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\1707.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\1728.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\17781.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\2229.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\2260.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\3640.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\371.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\4489.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\450.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\6489.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\a.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\b.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\c.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\d.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\e.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\f.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\g.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\hs_err_pid4588.log, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\i.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\j.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\k.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\l.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\m.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\n.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\o.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\p.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\q.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\r.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\s.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\t.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\u.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\v.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\w.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\wlu.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\x.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\y.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 
PUP.Optional.PriceGong, C:\Users\Stefan\AppData\LocalLow\PriceGong\Data\z.txt, In Quarantäne, [286560fbe5a6a59105d56df2ca38f20e], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

ADWCleaner:

Code:

ATTFilter

# AdwCleaner v5.015 - Bericht erstellt am 26/10/2015 um 20:14:46
# Aktualisiert am 26/10/2015 von Xplode
# Datenbank : 2015-10-26.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Stefan - STEFAN-PC
# Gestartet von : C:\Users\Stefan\Desktop\AdwCleaner_5.015.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\Ask.com
[-] Ordner Gelöscht : C:\Program Files (x86)\wiseconvert
[-] Ordner Gelöscht : C:\Program Files (x86)\Yahoo!\Companion
[-] Ordner Gelöscht : C:\ProgramData\Yahoo! Companion
[-] Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Temp\wiseconvert
[-] Ordner Gelöscht : C:\Users\Stefan\AppData\LocalLow\AskToolbar
[-] Ordner Gelöscht : C:\Users\Stefan\AppData\LocalLow\Conduit
[-] Ordner Gelöscht : C:\Users\Stefan\AppData\LocalLow\HPAppData
[-] Ordner Gelöscht : C:\Users\Stefan\AppData\LocalLow\wiseconvert
[-] Ordner Gelöscht : C:\Users\Stefan\AppData\Roaming\Yahoo!\Companion
[-] Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[-] Task Gelöscht : Scheduled Update for Ask Toolbar

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Schlüssel Gelöscht : HKCU\Software\APN
[-] Schlüssel Gelöscht : HKCU\Software\Ask.com
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\APN
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\AskToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\APN
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Ask.com
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Conduit
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Yahoo\Companion
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Yahoo\YFriendsBar
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Software\AppDataLow\Software\AskToolbar
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Software\AppDataLow\Software\Conduit
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Software\AppDataLow\Software\BackgroundContainerV2
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DB84A3A6-BC07-4951-AA8D-06DF936881AC}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DB84A3A6-BC07-4951-AA8D-06DF936881AC}

***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [11940 Bytes] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 7 Professional x64
Ran by Stefan on 26.10.2015 at 20:18:58,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.10.2015 at 20:21:00,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Flick · 26.10.2015, 20:37

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015 01
durchgeführt von Stefan (Administrator) auf STEFAN-PC (26-10-2015 20:23:09)
Gestartet von C:\Users\Stefan\Desktop
Geladene Profile: Stefan (Verfügbare Profile: Stefan & Tanja & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (ScanSoft, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-25] (Google Inc.)
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2011-05-14] (Samsung Electronics Co., Ltd.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-03-07]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\W541U V2.0.lnk [2010-01-17]
ShortcutTarget: W541U V2.0.lnk -> C:\Program Files (x86)\Tenda\W541U V2.0\UI.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{747A4846-2CC7-4780-AA49-8888A483221A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F89DAE3E-AA94-4654-9A79-5482F462808E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-26] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-09-22] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-10-26] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-26] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-10-26] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-09-22] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-10-26] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-29] (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-09-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-09-22] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-10-26] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-10-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-26] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-07] [ist nicht signiert]
FF HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2011-03-31] () [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-05] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [15680 2006-10-31] ()
S3 SaiH0763; C:\Windows\System32\DRIVERS\SaiH0763.sys [176640 2007-07-18] (Saitek)
S3 SaiH0BAC; C:\Windows\System32\DRIVERS\SaiH0BAC.sys [176128 2007-07-02] (Saitek)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-26 20:23 - 2015-10-26 20:23 - 00014254 _____ C:\Users\Stefan\Desktop\FRST.txt
2015-10-26 20:21 - 2015-10-26 20:21 - 00000999 _____ C:\Users\Stefan\Desktop\JRT.txt
2015-10-26 20:18 - 2015-10-26 20:18 - 00012148 _____ C:\Users\Stefan\Desktop\AdwCleaner[C1].txt
2015-10-26 20:12 - 2015-10-26 20:14 - 00000000 ____D C:\AdwCleaner
2015-10-26 19:57 - 2015-10-26 19:57 - 01798976 _____ (Malwarebytes) C:\Users\Stefan\Desktop\JRT.exe
2015-10-26 19:52 - 2015-10-26 19:52 - 01694208 _____ C:\Users\Stefan\Desktop\AdwCleaner_5.015.exe
2015-10-26 19:45 - 2015-10-26 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-26 19:45 - 2015-10-26 19:45 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-26 19:45 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-26 19:45 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-26 19:44 - 2015-10-26 19:41 - 22908888 _____ (Malwarebytes ) C:\Users\Stefan\Desktop\mbam-setup-2.2.0.1024.exe
2015-10-26 19:34 - 2015-10-26 19:42 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-26 19:34 - 2015-10-26 19:34 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-26 19:34 - 2015-10-26 19:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-26 19:34 - 2015-10-26 19:34 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-26 13:10 - 2015-01-09 00:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-10-26 13:10 - 2015-01-09 00:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-10-26 13:01 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-26 13:01 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-26 11:47 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-10-26 11:47 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-10-26 11:44 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-10-26 11:44 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-10-26 11:44 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-10-26 11:44 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-10-26 11:44 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-10-26 11:44 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-10-26 11:44 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-10-26 11:44 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-10-26 11:37 - 2015-09-18 00:48 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-26 11:37 - 2015-09-18 00:48 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-26 11:37 - 2015-09-18 00:48 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-26 11:37 - 2015-09-18 00:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-26 11:37 - 2015-09-18 00:47 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-26 11:37 - 2015-09-18 00:47 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-26 11:37 - 2015-09-18 00:47 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-26 11:37 - 2015-09-18 00:46 - 15416320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-26 11:37 - 2015-09-18 00:46 - 03960832 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-26 11:37 - 2015-09-18 00:46 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-26 11:37 - 2015-09-18 00:46 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-26 11:37 - 2015-09-18 00:46 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-26 11:37 - 2015-09-18 00:46 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-26 11:37 - 2015-09-18 00:46 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-26 11:37 - 2015-09-18 00:46 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-26 11:37 - 2015-09-18 00:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-26 11:37 - 2015-09-18 00:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-26 11:37 - 2015-09-18 00:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-26 11:37 - 2015-09-17 21:44 - 14290944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-26 11:37 - 2015-09-17 21:44 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-26 11:37 - 2015-09-17 21:44 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-26 11:37 - 2015-09-17 21:44 - 00525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-26 11:37 - 2015-09-17 21:44 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-26 11:37 - 2015-09-17 21:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-26 11:37 - 2015-09-17 21:44 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-26 11:37 - 2015-09-17 21:43 - 13775360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-26 11:37 - 2015-09-17 21:43 - 02866176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-26 11:37 - 2015-09-17 21:43 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-26 11:37 - 2015-09-17 21:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-26 11:37 - 2015-09-17 21:43 - 00715264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-26 11:37 - 2015-09-17 21:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-26 11:37 - 2015-09-17 21:43 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-26 11:37 - 2015-09-17 21:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-26 11:37 - 2015-09-17 21:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-26 11:37 - 2015-09-17 21:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-26 11:37 - 2015-09-17 21:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-26 11:37 - 2015-09-17 21:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-26 11:37 - 2015-09-17 19:58 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-26 11:37 - 2015-09-17 19:58 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-26 11:37 - 2015-09-17 19:31 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-26 11:37 - 2015-09-17 19:27 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-26 11:36 - 2015-09-18 00:47 - 19280896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-26 11:36 - 2015-09-18 00:46 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-26 11:36 - 2015-09-18 00:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-10-26 11:36 - 2015-09-17 21:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-10-26 11:36 - 2015-09-17 19:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-10-26 11:36 - 2015-09-17 19:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-10-26 11:34 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-10-26 11:34 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-10-26 11:33 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-10-26 11:33 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-10-26 11:33 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-10-26 11:28 - 2015-08-05 18:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-26 11:28 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-26 11:28 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-10-26 11:28 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-26 11:28 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-10-26 11:28 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-10-26 11:28 - 2015-04-29 19:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-10-26 11:28 - 2015-04-29 19:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-10-26 11:28 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-10-26 11:28 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-10-26 11:28 - 2015-04-29 19:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-10-26 11:28 - 2015-04-29 19:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-10-26 11:28 - 2015-04-29 19:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-10-26 11:28 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-10-26 11:28 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-10-26 11:28 - 2015-04-29 19:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-10-26 11:28 - 2015-04-18 04:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-10-26 11:28 - 2015-04-18 03:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-10-26 11:28 - 2015-04-13 04:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-10-26 11:28 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-10-26 11:28 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-10-26 11:26 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-26 11:26 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-26 11:26 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-26 11:26 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-26 11:26 - 2015-07-10 18:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-26 11:26 - 2015-07-10 18:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-10-26 11:26 - 2015-07-10 18:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-10-26 11:26 - 2015-07-10 18:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-10-26 11:26 - 2015-07-10 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-10-26 11:26 - 2015-07-10 18:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-10-26 11:26 - 2015-05-25 19:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-10-26 11:26 - 2015-05-25 19:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-10-26 11:26 - 2015-05-25 19:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-10-26 11:26 - 2015-05-25 19:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-10-26 11:26 - 2015-05-25 19:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-10-26 11:26 - 2015-05-25 19:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-10-26 11:26 - 2015-05-25 19:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-10-26 11:26 - 2015-05-25 19:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-10-26 11:26 - 2015-05-25 19:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-10-26 11:26 - 2015-05-25 19:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-10-26 11:26 - 2015-05-25 19:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-10-26 11:26 - 2015-05-25 19:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-10-26 11:24 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-10-26 11:24 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-10-26 11:22 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-10-26 11:22 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-10-26 11:22 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-10-26 11:22 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-10-26 11:22 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-10-26 11:22 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-10-26 11:22 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-10-26 11:22 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-10-26 11:22 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-10-26 11:22 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-10-26 11:22 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-10-26 11:22 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-10-26 11:22 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-10-26 11:16 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-10-26 11:15 - 2015-07-15 04:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-26 11:15 - 2015-07-15 03:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-10-26 11:15 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-10-26 11:15 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-10-26 11:15 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-10-26 11:15 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-10-26 11:15 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-10-26 11:15 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-26 11:15 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-10-26 11:15 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-10-26 11:15 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-10-26 11:15 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-10-26 11:14 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-26 11:13 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-26 11:13 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-26 11:13 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-26 11:13 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-26 11:13 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-26 11:13 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-26 11:13 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-26 11:13 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-26 11:13 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-26 11:13 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-10-26 11:13 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-10-26 11:13 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-10-26 11:13 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-26 11:13 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-10-26 11:13 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-10-26 11:13 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-10-26 11:13 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-10-26 11:12 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-26 11:12 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-26 11:12 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-26 11:12 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-26 11:12 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-26 11:12 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-26 11:12 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-26 11:12 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-26 11:12 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-26 11:12 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-26 11:12 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-26 11:12 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-26 11:12 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-26 11:12 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-26 11:12 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-26 11:12 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-26 11:12 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-26 11:12 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-26 11:12 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-26 11:12 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-26 11:12 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-26 11:12 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-26 11:12 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-26 11:12 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-26 11:12 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-26 11:12 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-26 11:12 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-26 11:12 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-26 11:12 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-26 11:12 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-26 11:12 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-26 11:12 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-26 11:12 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-26 11:12 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-26 11:12 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-26 11:12 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-26 11:12 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-26 11:12 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-26 11:12 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-26 11:12 - 2015-01-29 04:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-10-26 11:12 - 2015-01-29 04:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-10-26 11:11 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-26 11:11 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-10-26 11:11 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-10-26 11:11 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-10-26 11:10 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-26 11:10 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-26 11:10 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-26 11:10 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-26 11:10 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-26 11:10 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-26 11:10 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-26 11:10 - 2015-06-17 18:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-10-26 11:10 - 2015-06-17 18:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-10-26 11:10 - 2015-06-03 21:16 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-10-26 11:10 - 2015-06-03 21:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-10-26 11:10 - 2015-04-24 19:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-10-26 11:10 - 2015-04-24 18:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-10-26 11:10 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-10-26 11:10 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-10-26 11:09 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-26 11:09 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-26 11:09 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-26 11:09 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-26 11:09 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-26 11:09 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-26 11:09 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-26 11:09 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-26 11:09 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-26 11:09 - 2015-07-04 19:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-10-26 11:09 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-10-26 11:09 - 2015-06-03 21:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-10-26 11:09 - 2015-06-03 21:16 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-26 11:09 - 2015-06-03 21:16 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-26 11:09 - 2015-04-27 20:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-10-26 11:09 - 2015-04-27 20:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-10-26 11:09 - 2015-04-27 20:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-10-26 11:09 - 2015-04-27 20:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-10-26 11:09 - 2015-04-27 20:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-10-26 11:09 - 2015-04-27 20:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-10-26 11:09 - 2015-04-27 20:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-10-26 11:09 - 2015-04-27 20:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-10-26 11:09 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-10-26 11:08 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-26 11:08 - 2015-06-15 22:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-10-26 11:08 - 2015-06-15 22:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-10-26 11:08 - 2015-06-15 22:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-10-26 11:08 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-10-26 11:08 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-10-26 11:08 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-10-26 11:08 - 2015-06-15 22:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-10-26 11:08 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-10-26 11:08 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-10-26 11:08 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-10-26 11:08 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-10-26 11:08 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-10-26 11:08 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-10-26 11:08 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-10-26 11:08 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-10-26 11:08 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-10-26 11:07 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-26 11:07 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-26 11:07 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-26 11:07 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-10-26 11:07 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-10-26 11:07 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-10-26 11:07 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-10-26 11:07 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-26 11:07 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-26 11:07 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-10-26 11:07 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-10-26 11:07 - 2015-06-03 21:17 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-10-26 11:05 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-26 11:05 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-26 11:05 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-10-26 11:05 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-10-26 11:05 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-10-26 11:05 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-26 11:00 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-26 11:00 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-26 11:00 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-26 11:00 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-10-26 11:00 - 2015-04-11 04:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-10-26 11:00 - 2015-02-25 04:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-10-26 11:00 - 2015-02-18 08:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-10-26 11:00 - 2015-02-18 08:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-10-26 11:00 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-10-26 11:00 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-10-26 10:59 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-26 10:59 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-26 10:59 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-10-26 10:59 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-26 10:59 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-10-26 10:59 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-10-26 10:59 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-10-26 10:59 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-10-26 10:59 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-10-26 10:59 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-10-26 10:59 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-10-26 10:59 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-10-26 10:59 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-10-26 10:59 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-10-26 10:59 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-10-26 10:59 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-10-26 10:59 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-10-26 10:59 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-10-26 10:59 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-10-26 10:59 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-10-26 10:59 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-10-26 10:59 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-10-26 10:59 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-10-26 10:59 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-10-26 10:59 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-10-26 10:59 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-10-26 10:59 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-10-26 10:59 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-10-26 10:59 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-10-26 10:59 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-10-26 10:59 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-10-26 10:58 - 2015-03-04 05:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-10-26 10:58 - 2015-03-04 05:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-10-26 10:58 - 2015-03-04 05:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-10-26 10:58 - 2015-03-04 05:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-10-26 10:58 - 2015-03-04 05:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-10-26 10:58 - 2015-03-04 05:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-10-26 10:58 - 2015-03-04 05:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-10-26 10:58 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-10-26 10:58 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-10-26 10:58 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-10-26 10:58 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-10-26 10:58 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-10-26 10:58 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-10-26 10:58 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-10-26 10:58 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-10-26 10:58 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-10-26 10:58 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-10-26 10:57 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-10-26 10:57 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-10-26 10:57 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-10-26 10:55 - 2015-03-04 05:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-10-26 10:55 - 2015-03-04 05:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-10-26 10:55 - 2015-03-04 05:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-10-26 10:53 - 2015-09-02 04:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-10-26 10:53 - 2015-09-02 04:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-26 10:53 - 2015-09-02 04:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-10-26 10:53 - 2015-09-02 04:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-10-26 10:53 - 2015-09-02 03:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-10-26 10:53 - 2015-09-02 03:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-10-26 10:53 - 2015-09-02 03:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-10-26 10:53 - 2015-09-02 03:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-10-26 10:53 - 2015-09-02 02:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-26 10:53 - 2015-09-02 02:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-26 10:53 - 2015-09-02 02:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-10-26 10:52 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-10-26 10:52 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-10-26 10:42 - 2015-10-26 19:46 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\HpUpdate
2015-10-26 10:42 - 2015-10-26 10:42 - 00000000 ____D C:\Windows\Hewlett-Packard
2015-10-26 10:20 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-10-26 10:18 - 2015-10-26 10:18 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-10-26 10:18 - 2015-10-26 10:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-26 10:17 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-10-26 10:17 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2015-10-26 10:17 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-10-26 10:17 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-10-26 10:02 - 2015-10-26 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-26 09:55 - 2015-10-26 09:55 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-26 09:50 - 2015-10-26 19:45 - 00000872 _____ C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_prof
2015-10-26 09:45 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-10-26 09:45 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-10-26 09:45 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-10-26 09:45 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-10-26 09:45 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-10-26 09:45 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-10-26 09:45 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-10-26 09:45 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-10-26 09:45 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-10-26 09:44 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-10-26 09:44 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-10-26 09:44 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-10-26 09:44 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-10-26 09:43 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-10-26 09:43 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-10-26 09:43 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-10-26 09:43 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-10-26 09:43 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-10-26 09:43 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-10-26 09:43 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-10-26 09:43 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-10-26 09:43 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-10-26 09:43 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-10-26 09:43 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-10-26 09:43 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-10-26 09:43 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-10-26 09:43 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-10-26 09:43 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-10-26 09:43 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-10-26 09:43 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-10-26 09:43 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-10-26 09:43 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-10-26 09:43 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-10-26 09:43 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-10-26 09:43 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-10-26 09:43 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-10-26 09:42 - 2015-10-26 09:42 - 00003502 _____ C:\Windows\SysWOW64\jupdate-1.6.0_20-b02.log
2015-10-26 09:42 - 2010-04-12 17:29 - 00411368 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2015-10-26 09:42 - 2010-04-12 17:29 - 00153376 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2015-10-26 09:42 - 2010-04-12 17:29 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2015-10-26 09:42 - 2010-04-12 17:29 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2015-10-26 09:37 - 2015-10-26 20:22 - 00000000 ____D C:\Users\Stefan\Desktop\PC_Neu
2015-10-26 09:36 - 2015-10-26 09:37 - 00000000 ____D C:\Users\Stefan\Desktop\Aufräumen
2015-10-26 09:36 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-26 09:36 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-26 09:36 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-10-26 09:36 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-10-26 09:36 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-10-26 09:36 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-10-26 09:36 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-10-26 09:36 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-10-26 09:36 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-10-26 09:36 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-10-26 09:25 - 2015-10-26 09:27 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-26 09:25 - 2015-10-26 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-26 09:25 - 2015-10-26 09:25 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Avira
2015-10-26 09:24 - 2015-10-26 09:25 - 00000000 ____D C:\ProgramData\Avira
2015-10-26 09:24 - 2015-10-26 09:25 - 00000000 ____D C:\Program Files (x86)\Avira
2015-10-26 09:24 - 2015-10-05 15:51 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-10-26 09:24 - 2015-10-05 15:51 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-10-26 09:24 - 2015-10-05 15:51 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-10-26 09:24 - 2015-10-05 15:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-10-26 08:57 - 2015-10-26 08:57 - 00014886 _____ C:\ComboFix.txt
2015-10-26 08:49 - 2015-10-26 08:57 - 00000000 ____D C:\Qoobox
2015-10-26 08:49 - 2015-10-26 08:56 - 00000000 ____D C:\Windows\erdnt
2015-10-26 08:49 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-26 08:49 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-26 08:49 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-26 08:49 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-26 08:49 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-26 08:49 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-26 08:49 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-26 08:49 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-24 09:54 - 2015-10-26 19:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-24 09:54 - 2015-10-26 19:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-24 09:54 - 2015-10-26 08:37 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-24 09:50 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-23 21:43 - 2015-10-26 20:23 - 00000000 ____D C:\FRST
2015-10-23 21:43 - 2015-10-23 20:28 - 02196480 _____ (Farbar) C:\Users\Stefan\Desktop\FRST64.exe
2015-10-23 21:41 - 2015-10-23 21:41 - 00000000 _____ C:\Users\Stefan\defogger_reenable
2015-10-16 02:58 - 2015-10-16 02:58 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2015-10-16 02:58 - 2015-10-16 02:58 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-26 20:22 - 2009-07-14 18:58 - 14399734 _____ C:\Windows\system32\perfh007.dat
2015-10-26 20:22 - 2009-07-14 18:58 - 04443022 _____ C:\Windows\system32\perfc007.dat
2015-10-26 20:22 - 2009-07-14 06:13 - 00005222 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-26 20:21 - 2010-01-17 08:08 - 01537573 _____ C:\Windows\WindowsUpdate.log
2015-10-26 20:19 - 2010-02-01 09:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-26 20:19 - 2009-07-14 05:45 - 00014960 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-26 20:19 - 2009-07-14 05:45 - 00014960 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-26 20:18 - 2010-02-01 09:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-26 20:16 - 2010-01-17 09:50 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-26 20:16 - 2010-01-12 16:27 - 00290894 _____ C:\Windows\PFRO.log
2015-10-26 20:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-26 20:16 - 2009-07-14 05:51 - 00115360 _____ C:\Windows\setupact.log
2015-10-26 20:14 - 2011-03-07 12:21 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Yahoo!
2015-10-26 20:14 - 2011-03-07 12:21 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-10-26 20:13 - 2010-02-01 09:26 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-26 20:13 - 2010-02-01 09:26 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-26 20:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\L2Schemas
2015-10-26 19:45 - 2010-01-27 16:18 - 00000898 _____ C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_sta
2015-10-26 19:44 - 2010-01-17 08:26 - 00119216 _____ C:\Users\Stefan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-26 19:43 - 2013-04-04 09:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-26 19:38 - 2009-07-14 05:45 - 00466576 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-26 19:35 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-26 19:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-10-26 19:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2015-10-26 19:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-10-26 19:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-10-26 19:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2015-10-26 13:15 - 2013-08-19 08:55 - 00000000 ____D C:\Windows\system32\MRT
2015-10-26 10:43 - 2011-03-07 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-10-26 10:42 - 2011-03-07 12:17 - 00000000 ____D C:\Program Files (x86)\HP
2015-10-26 10:18 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-26 09:57 - 2010-01-17 10:01 - 00001001 _____ C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_wsc
2015-10-26 09:42 - 2010-02-26 01:48 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-26 09:37 - 2013-04-04 09:53 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-26 09:37 - 2013-04-04 09:53 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-26 09:37 - 2013-04-04 09:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-26 09:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-26 08:56 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-10-24 10:09 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\addins
2015-10-23 21:41 - 2010-01-17 08:16 - 00000000 ____D C:\Users\Stefan
2015-10-23 21:03 - 2013-04-27 14:35 - 00000004 _____ C:\Users\Stefan\AppData\Roaming\skype.ini
2015-10-23 20:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-02 12:09 - 2010-01-17 09:09 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-04-27 14:35 - 2015-10-23 21:03 - 0000004 _____ () C:\Users\Stefan\AppData\Roaming\skype.ini
2010-02-25 19:11 - 2010-02-25 19:11 - 0007605 _____ () C:\Users\Stefan\AppData\Local\Resmon.ResmonCfg
2015-10-26 09:50 - 2015-10-26 19:45 - 0000872 _____ () C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_prof
2010-01-27 16:18 - 2015-10-26 19:45 - 0000898 _____ () C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_sta
2010-01-17 10:01 - 2015-10-26 09:57 - 0001001 _____ () C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_wsc
2011-03-07 12:16 - 2011-03-07 12:34 - 0000777 _____ () C:\ProgramData\hpzinstall.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Stefan\AppData\Roaming\skype.ini


Einige Dateien in TEMP:
====================
C:\Users\Stefan\AppData\Local\Temp\avgnt.exe
C:\Users\Stefan\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Stefan\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Stefan\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-23 20:01

==================== Ende von FRST.txt ============================

schrauber · 27.10.2015, 19:41

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Flick · 28.10.2015, 10:23

Hallo schrauber,
hier erstmal die LogFiles.
ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9165411443e5444288aa8fa447bf05b7
# end=init
# utc_time=2015-10-28 07:01:17
# local_time=2015-10-28 08:01:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26447
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9165411443e5444288aa8fa447bf05b7
# end=updated
# utc_time=2015-10-28 07:06:45
# local_time=2015-10-28 08:06:45 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=9165411443e5444288aa8fa447bf05b7
# engine=26447
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-28 08:30:10
# local_time=2015-10-28 09:30:10 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 174663 197650860 0 0
# scanned=350209
# found=11
# cleaned=0
# scan_time=5004
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\wiseconvert\WiseConvertToolbarHelper.exe.vir"
sh=2EE0AAF575D86EF5A93B01C7EC03EBF926CA4147 ft=1 fh=d82e726e69eec8ce vn="Win64/Toolbar.Conduit.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Stefan\AppData\LocalLow\wiseconvert\hk64tbWis0.dll.vir"
sh=37FDC039C02562267559D42D94DDB64B692FD091 ft=1 fh=7aeecd1bb81f6a22 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Stefan\AppData\LocalLow\wiseconvert\hk64tbWis2.dll.vir"
sh=D4FEA02B7EEC13FA4944AA276F160B1FCE078AB3 ft=1 fh=901bf430c96d23b4 vn="Win32/Toolbar.Conduit.W evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Stefan\AppData\LocalLow\wiseconvert\hktbWis0.dll.vir"
sh=BCAA26922FC5A4BB3E9FEA7D29C525BB33D16572 ft=1 fh=e670698edca7a71b vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Stefan\AppData\LocalLow\wiseconvert\ldrtbWis0.dll.vir"
sh=0460B794834ED78BE69BA5EB9C0E6211EBEAD9B6 ft=1 fh=0f8145e534b0e78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Stefan\AppData\LocalLow\wiseconvert\ldrtbWise.dll.vir"
sh=31E93E104678E9814A5E5D43A73387819E6282E5 ft=1 fh=b31cd14a0801e57c vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Stefan\AppData\LocalLow\wiseconvert\tbWis0.dll.vir"
sh=594E0844207ADD0DBD163E1AFB7696BAA25CB961 ft=1 fh=b78030dcfe359240 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Stefan\AppData\LocalLow\wiseconvert\tbWis1.dll.vir"
sh=8CA209A796CAB152BC9907BCEF283C221AC5F058 ft=1 fh=16efebacbcd5a9c9 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Stefan\AppData\LocalLow\wiseconvert\tbWise.dll.vir"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Stefan\AppData\LocalLow\wiseconvert\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir"
sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UM1RVIK\TBUpdaterLogic[1].dll"

Checkup:

Code:

ATTFilter

 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64   
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 20  
 Java version 32-bit out of Date! 
 Adobe Reader 9 Adobe Reader out of Date! 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Avira Antivirus sched.exe  
 Avira Antivirus avshadow.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
durchgeführt von Stefan (Administrator) auf STEFAN-PC (28-10-2015 09:44:02)
Gestartet von C:\Users\Stefan\Desktop\PC_Neu
Geladene Profile: Stefan (Verfügbare Profile: Stefan & Tanja & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\Tenda\W541U V2.0\UI.exe
(ScanSoft, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (ScanSoft, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-25] (Google Inc.)
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2011-05-14] (Samsung Electronics Co., Ltd.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-03-07]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\W541U V2.0.lnk [2010-01-17]
ShortcutTarget: W541U V2.0.lnk -> C:\Program Files (x86)\Tenda\W541U V2.0\UI.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{747A4846-2CC7-4780-AA49-8888A483221A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F89DAE3E-AA94-4654-9A79-5482F462808E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-26] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-28] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-10-26] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-26] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-10-26] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-28] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-10-26] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-29] (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-1742209556-1427280422-2840370602-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-28] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-10-26] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-10-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-26] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-07] [ist nicht signiert]
FF HKU\S-1-5-21-1742209556-1427280422-2840370602-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2011-03-31] () [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-05] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [15680 2006-10-31] ()
S3 SaiH0763; C:\Windows\System32\DRIVERS\SaiH0763.sys [176640 2007-07-18] (Saitek)
S3 SaiH0BAC; C:\Windows\System32\DRIVERS\SaiH0BAC.sys [176128 2007-07-02] (Saitek)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-28 09:43 - 2015-10-28 09:43 - 00000824 _____ C:\Users\Stefan\Desktop\checkup.txt
2015-10-28 07:59 - 2015-10-28 07:59 - 00852720 _____ C:\Users\Stefan\Desktop\SecurityCheck.exe
2015-10-28 07:58 - 2015-10-28 07:58 - 02870984 _____ (ESET) C:\Users\Stefan\Desktop\esetsmartinstaller_deu.exe
2015-10-26 20:50 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-10-26 20:46 - 2015-10-26 20:46 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-26 20:46 - 2015-10-26 20:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-26 20:46 - 2015-10-26 20:46 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-26 20:46 - 2015-10-26 20:46 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-26 20:46 - 2015-10-26 20:46 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-10-26 20:46 - 2015-10-26 20:46 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-10-26 20:46 - 2015-10-26 20:46 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-26 20:46 - 2015-10-26 20:46 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-26 20:46 - 2015-10-26 20:46 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-10-26 20:46 - 2015-10-26 20:46 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-10-26 20:46 - 2015-10-26 20:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-10-26 20:46 - 2015-10-26 20:46 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-10-26 20:46 - 2015-10-26 20:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-26 20:39 - 2015-10-26 20:50 - 00011200 _____ C:\Windows\IE11_main.log
2015-10-26 20:12 - 2015-10-26 20:14 - 00000000 ____D C:\AdwCleaner
2015-10-26 19:45 - 2015-10-26 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-26 19:45 - 2015-10-26 19:45 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-26 19:45 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-26 19:45 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-26 19:34 - 2015-10-26 19:42 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-26 19:34 - 2015-10-26 19:34 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-26 19:34 - 2015-10-26 19:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-26 19:34 - 2015-10-26 19:34 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-26 13:10 - 2015-01-09 00:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-10-26 13:10 - 2015-01-09 00:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-10-26 13:01 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-26 13:01 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-26 11:47 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-10-26 11:47 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-10-26 11:45 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-10-26 11:45 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-10-26 11:45 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-10-26 11:45 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-10-26 11:44 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-10-26 11:44 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-10-26 11:44 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-10-26 11:44 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-10-26 11:44 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-10-26 11:44 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-10-26 11:44 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-10-26 11:44 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-10-26 11:34 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-10-26 11:34 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-10-26 11:33 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-10-26 11:33 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-10-26 11:33 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-10-26 11:28 - 2015-08-05 18:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-26 11:28 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-26 11:28 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-10-26 11:28 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-26 11:28 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-10-26 11:28 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-10-26 11:28 - 2015-04-29 19:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-10-26 11:28 - 2015-04-29 19:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-10-26 11:28 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-10-26 11:28 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-10-26 11:28 - 2015-04-29 19:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-10-26 11:28 - 2015-04-29 19:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-10-26 11:28 - 2015-04-29 19:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-10-26 11:28 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-10-26 11:28 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-10-26 11:28 - 2015-04-29 19:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-10-26 11:28 - 2015-04-18 04:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-10-26 11:28 - 2015-04-18 03:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-10-26 11:28 - 2015-04-13 04:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-10-26 11:28 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-10-26 11:28 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-10-26 11:26 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-26 11:26 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-26 11:26 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-26 11:26 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-26 11:26 - 2015-07-10 18:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-26 11:26 - 2015-07-10 18:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-10-26 11:26 - 2015-07-10 18:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-10-26 11:26 - 2015-07-10 18:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-10-26 11:26 - 2015-07-10 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-10-26 11:26 - 2015-07-10 18:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-10-26 11:26 - 2015-05-25 19:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-10-26 11:26 - 2015-05-25 19:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-10-26 11:26 - 2015-05-25 19:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-10-26 11:26 - 2015-05-25 19:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-10-26 11:26 - 2015-05-25 19:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-10-26 11:26 - 2015-05-25 19:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-10-26 11:26 - 2015-05-25 19:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-10-26 11:26 - 2015-05-25 19:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-10-26 11:26 - 2015-05-25 19:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-10-26 11:26 - 2015-05-25 19:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-10-26 11:26 - 2015-05-25 19:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-10-26 11:26 - 2015-05-25 19:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-10-26 11:24 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-10-26 11:24 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-10-26 11:22 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-10-26 11:22 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-10-26 11:22 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-10-26 11:22 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-10-26 11:22 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-10-26 11:22 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-10-26 11:22 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-10-26 11:22 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-10-26 11:22 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-10-26 11:22 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-10-26 11:22 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-10-26 11:22 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-10-26 11:22 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-10-26 11:22 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-10-26 11:22 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-10-26 11:22 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-10-26 11:16 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-10-26 11:16 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-10-26 11:15 - 2015-07-15 04:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-26 11:15 - 2015-07-15 03:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-10-26 11:15 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-10-26 11:15 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-10-26 11:15 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-10-26 11:15 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-10-26 11:15 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-10-26 11:15 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-26 11:15 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-10-26 11:15 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-10-26 11:15 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-10-26 11:15 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-10-26 11:14 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-26 11:13 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-26 11:13 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-26 11:13 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-26 11:13 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-26 11:13 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-26 11:13 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-26 11:13 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-26 11:13 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-26 11:13 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-26 11:13 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-26 11:13 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-10-26 11:13 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-10-26 11:13 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-10-26 11:13 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-26 11:13 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-10-26 11:13 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-10-26 11:13 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-10-26 11:13 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-10-26 11:12 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-26 11:12 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-26 11:12 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-26 11:12 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-26 11:12 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-26 11:12 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-26 11:12 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-26 11:12 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-26 11:12 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-26 11:12 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-26 11:12 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-26 11:12 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-26 11:12 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-26 11:12 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-26 11:12 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-26 11:12 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-26 11:12 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-26 11:12 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-26 11:12 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-26 11:12 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-26 11:12 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-26 11:12 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-26 11:12 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-26 11:12 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-26 11:12 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-26 11:12 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-26 11:12 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-26 11:12 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-26 11:12 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-26 11:12 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-26 11:12 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-26 11:12 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-26 11:12 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-26 11:12 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-26 11:12 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-26 11:12 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-26 11:12 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-26 11:12 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-26 11:12 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-26 11:12 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-26 11:12 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-26 11:12 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-26 11:12 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-26 11:12 - 2015-01-29 04:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-10-26 11:12 - 2015-01-29 04:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-10-26 11:11 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-26 11:11 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-10-26 11:11 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-10-26 11:11 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-10-26 11:10 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-26 11:10 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-26 11:10 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-26 11:10 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-26 11:10 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-26 11:10 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-26 11:10 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-26 11:10 - 2015-06-17 18:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-10-26 11:10 - 2015-06-17 18:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-10-26 11:10 - 2015-06-03 21:16 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-10-26 11:10 - 2015-06-03 21:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-10-26 11:10 - 2015-04-24 19:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-10-26 11:10 - 2015-04-24 18:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-10-26 11:10 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-10-26 11:10 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-10-26 11:09 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-26 11:09 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-26 11:09 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-26 11:09 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-26 11:09 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-26 11:09 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-26 11:09 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-26 11:09 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-26 11:09 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-26 11:09 - 2015-07-04 19:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-10-26 11:09 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-10-26 11:09 - 2015-06-03 21:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-10-26 11:09 - 2015-06-03 21:16 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-26 11:09 - 2015-06-03 21:16 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-26 11:09 - 2015-04-27 20:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-10-26 11:09 - 2015-04-27 20:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-10-26 11:09 - 2015-04-27 20:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-10-26 11:09 - 2015-04-27 20:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-10-26 11:09 - 2015-04-27 20:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-10-26 11:09 - 2015-04-27 20:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-10-26 11:09 - 2015-04-27 20:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-10-26 11:09 - 2015-04-27 20:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-10-26 11:09 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-10-26 11:08 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-26 11:08 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-26 11:08 - 2015-06-15 22:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-10-26 11:08 - 2015-06-15 22:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-10-26 11:08 - 2015-06-15 22:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-10-26 11:08 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-10-26 11:08 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-10-26 11:08 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-10-26 11:08 - 2015-06-15 22:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-10-26 11:08 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-10-26 11:08 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-10-26 11:08 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-10-26 11:08 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-10-26 11:08 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-10-26 11:08 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-10-26 11:08 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-10-26 11:08 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-10-26 11:08 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-10-26 11:08 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-10-26 11:07 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-26 11:07 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-26 11:07 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-26 11:07 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-10-26 11:07 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-10-26 11:07 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-10-26 11:07 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-10-26 11:07 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-26 11:07 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-26 11:07 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-10-26 11:07 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-10-26 11:07 - 2015-06-03 21:17 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-10-26 11:05 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-26 11:05 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-26 11:05 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-10-26 11:05 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-10-26 11:05 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-10-26 11:05 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-26 11:00 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-26 11:00 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-26 11:00 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-26 11:00 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-10-26 11:00 - 2015-04-11 04:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-10-26 11:00 - 2015-02-25 04:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-10-26 11:00 - 2015-02-18 08:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-10-26 11:00 - 2015-02-18 08:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-10-26 11:00 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-10-26 11:00 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-10-26 10:59 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-26 10:59 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-26 10:59 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-10-26 10:59 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-26 10:59 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-10-26 10:59 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-10-26 10:59 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-10-26 10:59 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-10-26 10:59 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-10-26 10:59 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-10-26 10:59 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-10-26 10:59 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-10-26 10:59 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-10-26 10:59 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-10-26 10:59 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-10-26 10:59 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-10-26 10:59 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-10-26 10:59 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-10-26 10:59 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-10-26 10:59 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-10-26 10:59 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-10-26 10:59 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-10-26 10:59 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-10-26 10:59 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-10-26 10:59 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-10-26 10:59 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-10-26 10:59 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-10-26 10:59 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-10-26 10:59 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-10-26 10:59 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-10-26 10:59 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-10-26 10:58 - 2015-03-04 05:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-10-26 10:58 - 2015-03-04 05:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-10-26 10:58 - 2015-03-04 05:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-10-26 10:58 - 2015-03-04 05:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-10-26 10:58 - 2015-03-04 05:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-10-26 10:58 - 2015-03-04 05:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-10-26 10:58 - 2015-03-04 05:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-10-26 10:58 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-10-26 10:58 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-10-26 10:58 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-10-26 10:58 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-10-26 10:58 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-10-26 10:58 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-10-26 10:58 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-10-26 10:58 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-10-26 10:58 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-10-26 10:58 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-10-26 10:57 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-10-26 10:57 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-10-26 10:57 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-10-26 10:55 - 2015-03-04 05:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-10-26 10:55 - 2015-03-04 05:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-10-26 10:55 - 2015-03-04 05:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-10-26 10:53 - 2015-09-02 04:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-10-26 10:53 - 2015-09-02 04:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-26 10:53 - 2015-09-02 04:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-10-26 10:53 - 2015-09-02 04:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-10-26 10:53 - 2015-09-02 03:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-10-26 10:53 - 2015-09-02 03:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-10-26 10:53 - 2015-09-02 03:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-10-26 10:53 - 2015-09-02 03:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-10-26 10:53 - 2015-09-02 02:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-26 10:53 - 2015-09-02 02:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-26 10:53 - 2015-09-02 02:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-10-26 10:52 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-10-26 10:52 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-10-26 10:42 - 2015-10-26 19:46 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\HpUpdate
2015-10-26 10:42 - 2015-10-26 10:42 - 00000000 ____D C:\Windows\Hewlett-Packard
2015-10-26 10:20 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-10-26 10:18 - 2015-10-26 10:18 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-10-26 10:18 - 2015-10-26 10:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-26 10:17 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-10-26 10:17 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2015-10-26 10:17 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-10-26 10:17 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-10-26 10:02 - 2015-10-26 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-26 09:55 - 2015-10-26 09:55 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-26 09:50 - 2015-10-26 19:45 - 00000872 _____ C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_prof
2015-10-26 09:45 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-10-26 09:45 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-10-26 09:45 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-10-26 09:45 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-10-26 09:45 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-10-26 09:45 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-10-26 09:45 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-10-26 09:45 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-10-26 09:45 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-10-26 09:44 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-10-26 09:44 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-10-26 09:44 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-10-26 09:44 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-10-26 09:43 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-10-26 09:43 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-10-26 09:43 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-10-26 09:43 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-10-26 09:43 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-10-26 09:43 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-10-26 09:43 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-10-26 09:43 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-10-26 09:43 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-10-26 09:43 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-10-26 09:43 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-10-26 09:43 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-10-26 09:43 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-10-26 09:43 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-10-26 09:43 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-10-26 09:43 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-10-26 09:43 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-10-26 09:43 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-10-26 09:43 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-10-26 09:43 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-10-26 09:43 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-10-26 09:43 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-10-26 09:43 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-10-26 09:43 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-10-26 09:42 - 2015-10-26 09:42 - 00003502 _____ C:\Windows\SysWOW64\jupdate-1.6.0_20-b02.log
2015-10-26 09:42 - 2010-04-12 17:29 - 00411368 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2015-10-26 09:42 - 2010-04-12 17:29 - 00153376 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2015-10-26 09:42 - 2010-04-12 17:29 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2015-10-26 09:42 - 2010-04-12 17:29 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2015-10-26 09:37 - 2015-10-28 09:43 - 00000000 ____D C:\Users\Stefan\Desktop\PC_Neu
2015-10-26 09:36 - 2015-10-26 09:37 - 00000000 ____D C:\Users\Stefan\Desktop\Aufräumen
2015-10-26 09:36 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-26 09:36 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-26 09:36 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-10-26 09:36 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-10-26 09:36 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-10-26 09:36 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-10-26 09:36 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-10-26 09:36 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-10-26 09:36 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-10-26 09:36 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-10-26 09:25 - 2015-10-26 09:27 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-26 09:25 - 2015-10-26 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-26 09:25 - 2015-10-26 09:25 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Avira
2015-10-26 09:24 - 2015-10-26 09:25 - 00000000 ____D C:\ProgramData\Avira
2015-10-26 09:24 - 2015-10-26 09:25 - 00000000 ____D C:\Program Files (x86)\Avira
2015-10-26 09:24 - 2015-10-05 15:51 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-10-26 09:24 - 2015-10-05 15:51 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-10-26 09:24 - 2015-10-05 15:51 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-10-26 09:24 - 2015-10-05 15:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-10-26 08:57 - 2015-10-26 08:57 - 00014886 _____ C:\ComboFix.txt
2015-10-26 08:49 - 2015-10-26 08:57 - 00000000 ____D C:\Qoobox
2015-10-26 08:49 - 2015-10-26 08:56 - 00000000 ____D C:\Windows\erdnt
2015-10-26 08:49 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-26 08:49 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-26 08:49 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-26 08:49 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-26 08:49 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-26 08:49 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-26 08:49 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-26 08:49 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-24 09:54 - 2015-10-26 20:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-24 09:54 - 2015-10-26 19:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-24 09:54 - 2015-10-26 08:37 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-24 09:50 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-23 21:43 - 2015-10-28 09:44 - 00000000 ____D C:\FRST
2015-10-23 21:41 - 2015-10-23 21:41 - 00000000 _____ C:\Users\Stefan\defogger_reenable
2015-10-16 02:58 - 2015-10-16 02:58 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2015-10-16 02:58 - 2015-10-16 02:58 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-28 09:43 - 2013-04-04 09:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-28 09:18 - 2010-02-01 09:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-28 08:58 - 2010-02-01 09:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-28 08:56 - 2009-07-14 05:45 - 00014960 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-28 08:56 - 2009-07-14 05:45 - 00014960 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-28 08:44 - 2010-01-17 08:08 - 01692595 _____ C:\Windows\WindowsUpdate.log
2015-10-28 07:49 - 2009-07-14 18:58 - 14414444 _____ C:\Windows\system32\perfh007.dat
2015-10-28 07:49 - 2009-07-14 18:58 - 04447708 _____ C:\Windows\system32\perfc007.dat
2015-10-28 07:49 - 2009-07-14 06:13 - 00005222 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-28 07:46 - 2010-01-17 08:16 - 00001431 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-28 07:45 - 2010-01-17 09:50 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-28 07:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-28 07:45 - 2009-07-14 05:51 - 00115416 _____ C:\Windows\setupact.log
2015-10-28 07:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2015-10-28 07:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-10-26 20:16 - 2010-01-12 16:27 - 00290894 _____ C:\Windows\PFRO.log
2015-10-26 20:14 - 2011-03-07 12:21 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Yahoo!
2015-10-26 20:14 - 2011-03-07 12:21 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-10-26 20:13 - 2010-02-01 09:26 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-26 20:13 - 2010-02-01 09:26 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-26 20:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\L2Schemas
2015-10-26 19:45 - 2010-01-27 16:18 - 00000898 _____ C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_sta
2015-10-26 19:44 - 2010-01-17 08:26 - 00119216 _____ C:\Users\Stefan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-26 19:38 - 2009-07-14 05:45 - 00466576 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-26 19:35 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-26 19:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-10-26 19:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2015-10-26 19:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-10-26 19:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2015-10-26 13:15 - 2013-08-19 08:55 - 00000000 ____D C:\Windows\system32\MRT
2015-10-26 10:43 - 2011-03-07 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-10-26 10:42 - 2011-03-07 12:17 - 00000000 ____D C:\Program Files (x86)\HP
2015-10-26 10:18 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-26 09:57 - 2010-01-17 10:01 - 00001001 _____ C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_wsc
2015-10-26 09:42 - 2010-02-26 01:48 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-26 09:37 - 2013-04-04 09:53 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-26 09:37 - 2013-04-04 09:53 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-26 09:37 - 2013-04-04 09:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-26 09:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-26 08:56 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-10-24 10:09 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\addins
2015-10-23 21:41 - 2010-01-17 08:16 - 00000000 ____D C:\Users\Stefan
2015-10-23 21:03 - 2013-04-27 14:35 - 00000004 _____ C:\Users\Stefan\AppData\Roaming\skype.ini
2015-10-23 20:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-02 12:09 - 2010-01-17 09:09 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-04-27 14:35 - 2015-10-23 21:03 - 0000004 _____ () C:\Users\Stefan\AppData\Roaming\skype.ini
2010-02-25 19:11 - 2010-02-25 19:11 - 0007605 _____ () C:\Users\Stefan\AppData\Local\Resmon.ResmonCfg
2015-10-26 09:50 - 2015-10-26 19:45 - 0000872 _____ () C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_prof
2010-01-27 16:18 - 2015-10-26 19:45 - 0000898 _____ () C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_sta
2010-01-17 10:01 - 2015-10-26 09:57 - 0001001 _____ () C:\Users\Stefan\AppData\Local\RT2070_{F89DAE3E-AA94-4654-9A79-5482F462808E}_wsc
2011-03-07 12:16 - 2011-03-07 12:34 - 0000777 _____ () C:\ProgramData\hpzinstall.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Stefan\AppData\Roaming\skype.ini


Einige Dateien in TEMP:
====================
C:\Users\Stefan\AppData\Local\Temp\avgnt.exe
C:\Users\Stefan\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Stefan\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Stefan\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-23 20:01

==================== Ende von FRST.txt ============================

--- --- ---

Ich bin wirklich begeistert von diesem Forum und deiner kompetenten, schnellen Hilfe!
Mit euren detaillierten Anweisungen hat es fast schon Spaß gemacht, den PC wieder zum Laufen zu bringen.
Vielen Dank dafür!!

schrauber · 28.10.2015, 20:27

Java und Adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\Stefan\AppData\Roaming\skype.ini
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Flick · 29.10.2015, 17:25

Fixlog:

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
durchgeführt von Stefan (2015-10-29 16:55:18) Run:1
Gestartet von C:\Users\Stefan\Desktop
Geladene Profile: Stefan (Verfügbare Profile: Stefan & Tanja & UpdatusUser)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\Stefan\AppData\Roaming\skype.ini
Emptytemp:

*****************

C:\Users\Stefan\AppData\Roaming\skype.ini => erfolgreich verschoben
EmptyTemp: => 1.4 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 16:55:58 ====

schrauber · 30.10.2015, 18:04

fertig

30.10.2015, 18:04	#13
schrauber /// the machine /// TB-Ausbilder	Win 7: Weißer Bildschirm nach Hochfahren fertig __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Win 7: Weißer Bildschirm nach Hochfahren

Log-Analyse und Auswertung: Win 7: Weißer Bildschirm nach Hochfahren