| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win7: Abgesicherter Modus führt zum Neustart ab BenutzerauswahlWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.10.2015, 16:27
| #1 |
 |  Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl Hallo zusammen, ich habe ein Problem mit meinem Abgesicherten Modus. Sobald ich den Abgesicherten Modus starte und in den Bildschirm der Benutzerauswahl komme dauert es ein paar Sekunden und der PC startet von selbst neu. Einer der Benutzer ist mit einem kurzen, einfachen Passwort gesichert. Wenn man in den paar Sekunden bis zum Neustart den Benutzer anklickt und das Passwort eingibt, wird angezeigt, dass dieses falsch wäre. Das Passwort ist sowas Einfaches wie "12" - das kann ich nicht jedes Mal falsch eingegeben haben. Vielleicht noch nützliche Hintergrundinfos: Ich habe den abgesicherten Modus seit Ewigkeiten nicht mehr genutzt. Das Problem ist nur erkannt worden, weil ich eine neue Version von Kaspersky Internet Security aufspielen wollte. Ich habe die 2015er Version deinstalliert, neu gestartet und wollte die 2016er installieren. Diese Installation hängt sich aber bei "5 Sekunden verbleibend" auf. D.h. der PC läuft noch, aber die Installation kommt nicht weiter voran - auch nach einer Stunde Wartezeit. Nach der Internet-Recherche wurde auf der Kaspersky-Seite geraten, ein Kaspersky-Entfernungstool im Abgesicherten Modus zu starten und dann die neue Version zu installieren. Nur diesen kann ich wie gesagt nicht starten. Mein System habe ich vor ca. 2,5-3 Jahren aufgesetzt. Ich hatte mal ein Problem mit einem GVU Trojaner und habe den mit meinem Halbwissen und (ich glaube) mit einer Boot-CD und Malwarebytes Anti-Malware in den Griff bekommen. Dazu sei aber gesagt, dass ich mir nicht mehr 100% sicher bin, ob das dieser PC war, oder der vorherige. Das ist leider ein bißchen zu lange her... Bezüglich des aktuellen Problems habe ich nur Malwarebytes Anti-Malware laufen lassen. Kritische Elemente gab es keine, Log siehe unten. Nachträglicher Edit: Da ich die 2015er Kaspersky-Version deinstalliert habe, ist momentan kein Virenscanner aktiv Der Letzte vollständige Systemscan davon war ca. 5-6 Monate alt und hatte keinen Befund. Die Comodo Firewall hatte ich ganz vergessen und erst in den Logs ist die mir wieder aufgefallen. Seitdem ich Kaspersky 2015 hatte war diese nicht mehr im Autostart und daher standardmäßig deaktiviert. Weiterhin habe ich die Anleitung im Forum befolgt: - Defogger genutzt, Fehlermeldung gab es keine - Systemscan mit FRST FRST.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
durchgeführt von Mario (Administrator) auf WAKGOD (28-10-2015 15:38:08)
Gestartet von D:\Users\Mario\downloads
Geladene Profile: Mario (Verfügbare Profile: Mario & Lernen)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files\aquasuite\AquaComputerService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(devolo AG) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Autodesk, Inc.) D:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(CMedia) C:\Program Files\ASUS Xonar D2X Audio\Customapp\AsusAudioCenter.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Spotify Ltd) C:\Users\Mario\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
(Advanced Micro Devices Inc.) D:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
(Spotify Ltd) C:\Users\Mario\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Advanced Micro Devices Inc.) D:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-17] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5120144 2012-05-23] (VIA)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2010-01-18] (CANON INC.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [ApplePhotoStreams] => D:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Spotify Web Helper] => C:\Users\Mario\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030912 2015-10-22] (Spotify Ltd)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Spotify] => C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe [7736128 2015-10-22] (Spotify Ltd)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\MountPoints2: {51026f4a-6261-11e2-9e27-806e6f6e6963} - E:\Run.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2014-10-01]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-08-20]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
GroupPolicyScripts: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0B52BEBB-7563-41E0-B641-7EB5A06869B3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1B8A7188-20ED-4D44-8C47-45B185A97B35}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{F3E5FAE6-6066-4660-9FD6-542222576451}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-10-27] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-09-17] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-09-17] (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-18] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-18] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2508083331-1529705533-2935304339-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Mario\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2508083331-1529705533-2935304339-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-07] ()
FF SearchPlugin: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\searchplugins\youtube-videosuche.xml [2015-05-29]
FF Extension: Video DownloadHelper - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-08-18]
FF Extension: Adblock Plus - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-09-30] [ist nicht signiert]
StartMenuInternet: FIREFOX.EXE - d:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-03-25]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Aqua Computer Service; C:\Program Files\aquasuite\AquaComputerService.exe [536064 2013-03-27] (Aqua Computer GmbH & Co. KG) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-25] (Comodo Security Solutions, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
R2 DevoloNetworkService; D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-12-05] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-08-17] (Futuremark)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 mitsijm2012; D:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-07] (Autodesk, Inc.)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-05] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AIDA64Driver; D:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [30624 2012-10-28] ()
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-09-03] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-01-20] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2013-12-05] (Paragon Software Group)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [931000 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 VUSB3HUB; system32\DRIVERS\ViaHub3.sys [X]
S3 xhcdrv; system32\DRIVERS\xhcdrv.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-28 15:37 - 2015-10-28 15:38 - 00000000 ____D C:\FRST
2015-10-28 15:19 - 2015-10-28 15:19 - 00000000 _____ C:\Users\Mario\defogger_reenable
2015-10-28 14:50 - 2015-10-28 14:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-28 14:50 - 2015-10-28 14:50 - 00000790 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-28 14:50 - 2015-10-28 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-28 14:50 - 2015-10-28 14:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-28 14:50 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-28 14:50 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-28 14:50 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-28 13:35 - 2015-10-28 13:35 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-28 13:35 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-28 13:35 - 2015-06-30 01:05 - 00931000 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-10-28 13:35 - 2015-06-30 01:05 - 00171192 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-10-28 12:47 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-28 12:46 - 2015-10-28 14:59 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-28 12:46 - 2015-10-28 13:35 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-24 19:52 - 2015-10-24 19:52 - 00000000 _____ C:\Windows\SysWOW64\OCL91BD.tmp
2015-10-24 19:51 - 2015-10-24 19:51 - 00000000 _____ C:\Windows\SysWOW64\OCL4285.tmp
2015-10-18 19:40 - 2015-10-18 19:40 - 00000000 ____D C:\ProgramData\Stardock
2015-10-16 10:18 - 2015-10-16 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-15 14:23 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 14:23 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 14:23 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-13 19:29 - 2015-10-13 19:29 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Citizen Launcher
2015-10-13 18:51 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-13 18:51 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-13 18:51 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 18:51 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-13 18:51 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 18:51 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-13 18:51 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-13 18:51 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-13 18:51 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-13 18:51 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-13 18:51 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-13 18:51 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-13 18:51 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 18:51 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-13 18:51 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-13 18:51 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 18:51 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-13 18:51 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-13 18:51 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-13 18:51 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-13 18:51 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-13 18:51 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-13 18:51 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-13 18:51 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-13 18:51 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-13 18:51 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-13 18:51 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-13 18:51 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-13 18:51 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-13 18:51 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-13 18:51 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-13 18:51 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-13 18:51 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-13 18:51 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-13 18:51 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-13 18:51 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-13 18:51 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 18:51 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-13 18:51 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-13 18:51 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-13 18:51 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-13 18:51 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-13 18:51 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-13 18:51 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-13 18:51 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-13 18:51 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-13 18:51 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-13 18:51 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-13 18:51 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-13 18:51 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-13 18:51 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-13 18:51 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-13 18:51 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-13 18:51 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 18:51 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-13 18:51 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-13 18:51 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-13 18:51 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 18:51 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-13 18:51 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-13 18:51 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-13 18:50 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-13 18:50 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-13 18:50 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 18:50 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 18:50 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-13 18:50 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-13 18:50 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-13 18:50 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-13 18:50 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-13 18:50 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-13 18:50 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-13 18:50 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-13 18:50 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-13 18:50 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-13 18:50 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-13 18:50 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-13 18:50 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-13 18:50 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-13 18:50 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-13 18:50 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-13 18:50 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-13 18:50 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-13 18:50 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-13 18:50 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-13 18:50 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-13 18:50 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-13 18:50 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-13 18:50 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-13 18:50 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-13 18:50 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-13 18:50 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-13 18:50 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-13 18:50 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-13 18:50 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-13 18:50 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-13 18:50 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-13 18:50 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-13 18:50 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-12 19:25 - 2015-10-12 19:25 - 00000000 ____D C:\Users\Mario\AppData\Roaming\7DaysToDie
2015-09-30 14:00 - 2015-09-30 14:00 - 00000930 _____ C:\Users\Public\Desktop\MATLAB R2010a Student.lnk
2015-09-30 14:00 - 2015-09-30 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2015-09-30 11:17 - 2015-09-30 11:33 - 00000000 ____D C:\Users\Mario\AppData\Roaming\PDF Architect 3
2015-09-30 11:17 - 2015-09-30 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 3
2015-09-30 11:17 - 2015-09-30 11:17 - 00000000 ____D C:\Program Files (x86)\PDF Architect 3
2015-09-30 11:16 - 2015-09-30 11:17 - 00000000 ____D C:\Program Files\PDFCreator
2015-09-30 11:16 - 2015-09-30 11:16 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-09-30 11:16 - 2015-09-30 11:16 - 00000836 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2015-09-30 11:16 - 2015-09-30 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-09-30 11:00 - 2015-09-30 11:06 - 00000000 ____D C:\Program Files (x86)\RegCleaner
2015-09-30 10:58 - 2015-09-30 11:00 - 00000962 _____ C:\Users\Mario\Desktop\RegCleaner.lnk
2015-09-30 10:58 - 2015-09-30 11:00 - 00000962 _____ C:\Users\Lernen\Desktop\RegCleaner.lnk
2015-09-30 10:58 - 2015-09-30 10:58 - 00003124 _____ C:\Windows\System32\Tasks\{2E792ADF-5189-427D-B92B-4AF2670A9F4B}
2015-09-30 10:38 - 2015-09-30 11:19 - 00000000 ____D C:\Users\Mario\AppData\Local\PDFCreator
2015-09-30 10:31 - 2015-09-30 10:31 - 00000000 ____D C:\Users\Mario\AppData\Roaming\PDF Architect
2015-09-30 10:30 - 2015-09-30 10:30 - 00000000 ____D C:\ProgramData\PDF Architect 3
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-28 15:30 - 2015-04-08 19:26 - 00000000 ____D C:\Users\Mario\AppData\Local\Spotify
2015-10-28 15:22 - 2013-01-21 10:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-28 15:19 - 2013-01-19 18:59 - 00000000 ____D C:\Users\Mario
2015-10-28 15:18 - 2015-06-18 16:12 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-28 15:17 - 2009-07-14 05:45 - 00027168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-28 15:17 - 2009-07-14 05:45 - 00027168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-28 15:15 - 2015-04-08 19:24 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Spotify
2015-10-28 15:15 - 2011-04-12 08:43 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-10-28 15:15 - 2011-04-12 08:43 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-10-28 15:15 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-28 15:14 - 2013-01-22 15:47 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6D29F55A-55FE-4567-AD7B-56A549E15B84}
2015-10-28 15:13 - 2013-01-19 18:58 - 01817405 _____ C:\Windows\WindowsUpdate.log
2015-10-28 15:10 - 2015-06-18 16:12 - 00000000 ____D C:\Users\Mario\AppData\Local\Dropbox
2015-10-28 15:10 - 2015-01-17 14:31 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Raptr
2015-10-28 15:09 - 2015-06-18 16:12 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-28 15:09 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-28 15:09 - 2009-07-14 05:51 - 00151505 _____ C:\Windows\setupact.log
2015-10-28 14:59 - 2010-11-21 04:47 - 00835324 _____ C:\Windows\PFRO.log
2015-10-28 14:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Web
2015-10-28 13:34 - 2013-01-20 13:49 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-10-28 13:34 - 2013-01-20 13:49 - 00003877 _____ C:\Windows\LkmdfCoInst.log
2015-10-28 12:41 - 2015-08-13 13:31 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-27 19:43 - 2013-01-21 12:55 - 00000000 ____D C:\Users\Mario\AppData\Roaming\vlc
2015-10-27 14:08 - 2015-08-18 11:02 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-24 19:52 - 2014-12-23 20:10 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-10-21 21:48 - 2013-01-20 11:43 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-21 15:09 - 2015-08-27 12:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-18 19:40 - 2013-01-21 10:57 - 00665776 _____ C:\Windows\DirectX.log
2015-10-17 14:22 - 2013-01-21 10:21 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 14:22 - 2013-01-21 10:21 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 14:22 - 2013-01-21 10:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 12:36 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-10-16 10:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-16 10:18 - 2015-06-18 16:12 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-15 19:59 - 2014-12-11 18:12 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 19:59 - 2014-05-06 21:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 18:20 - 2014-12-26 16:36 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-13 21:54 - 2013-08-13 21:07 - 00000000 ____D C:\Windows\system32\MRT
2015-10-13 21:54 - 2013-02-20 19:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 21:51 - 2013-01-23 18:59 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-13 19:29 - 2015-09-01 15:58 - 00000760 _____ C:\Users\Mario\Desktop\Star Citizen Launcher.lnk
2015-10-13 19:29 - 2015-09-01 15:58 - 00000760 _____ C:\Users\Lernen\Desktop\Star Citizen Launcher.lnk
2015-10-12 10:36 - 2015-01-17 14:31 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-10-11 18:45 - 2013-07-14 13:52 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Might & Magic Heroes VI
2015-10-09 15:11 - 2015-04-04 15:51 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 11:31 - 2015-04-04 15:51 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-03 15:13 - 2015-06-30 10:03 - 00000000 ____D C:\Users\Mario\AppData\Local\Curious Expedition
2015-09-30 19:22 - 2013-06-22 17:25 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Canon
2015-09-30 12:40 - 2013-02-20 19:57 - 00000000 ____D C:\Users\Mario\AppData\Local\Microsoft Help
2015-09-30 10:31 - 2013-06-28 14:02 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2015-09-28 17:48 - 2015-01-17 14:34 - 00003973 _____ C:\Users\Mario\AppData\Roaming\LTspiceIV.ini
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-03-29 13:09 - 2013-03-29 13:09 - 4126720 _____ () C:\Program Files (x86)\GUT3A83.tmp
2015-01-17 14:34 - 2015-09-28 17:48 - 0003973 _____ () C:\Users\Mario\AppData\Roaming\LTspiceIV.ini
2014-11-28 19:39 - 2014-11-28 19:39 - 0000017 _____ () C:\Users\Mario\AppData\Local\resmon.resmoncfg
2015-02-11 17:30 - 2015-02-11 17:30 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-07-08 17:37 - 2013-07-08 17:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Mario\AppData\Local\Temp\AcDeltree.exe
C:\Users\Mario\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv0ohh1.dll
C:\Users\Mario\AppData\Local\Temp\ose00000.exe
C:\Users\Mario\AppData\Local\Temp\proxy_vole6365954364804184686.dll
C:\Users\Mario\AppData\Local\Temp\raptrpatch.exe
C:\Users\Mario\AppData\Local\Temp\raptr_stub.exe
C:\Users\Mario\AppData\Local\Temp\tmp6A4.exe
C:\Users\Mario\AppData\Local\Temp\_is6518.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-21 20:04
==================== Ende von FRST.txt ============================
Weitere Logs in den nachfolgenden Posts, da ich die Zeichenanzahl überschreite Geändert von Arktin (28.10.2015 um 16:51 Uhr) Grund: Zusatzinfo |
|
28.10.2015, 16:33
| #2 |
| | Weitere Logs Addition.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
durchgeführt von Mario (2015-10-28 15:38:22)
Gestartet von D:\Users\Mario\downloads
Windows 7 Ultimate Service Pack 1 (X64) (2013-01-19 17:58:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2508083331-1529705533-2935304339-500 - Administrator - Disabled)
Gast (S-1-5-21-2508083331-1529705533-2935304339-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2508083331-1529705533-2935304339-1004 - Limited - Enabled)
Lernen (S-1-5-21-2508083331-1529705533-2935304339-1003 - Administrator - Enabled) => C:\Users\Lernen
Mario (S-1-5-21-2508083331-1529705533-2935304339-1000 - Administrator - Enabled) => C:\Users\Mario
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.25 - GIGABYTE)
3DMark (HKLM-x32\...\Steam App 223850) (Version: - Futuremark)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20071 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
Akamai NetSession Interface (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version: - Remedy Entertainment)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aquasuite (HKLM-x32\...\aquasuite5) (Version: - Aqua Computer GmbH & Co. KG)
ASUS Xonar D2X Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (HKLM\...\{B46DECD1-1664-4EF1-0000-22D71E81877C}) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (HKLM\...\Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul) (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Deutsch (HKLM\...\Autodesk Inventor Professional 2012) (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Deutsch (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Vault 2012 (Client) (HKLM-x32\...\Autodesk Vault 2012 (Client)) (Version: 16.0.56.200 - Autodesk, Inc.)
Autodesk Vault 2012 (Client) (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
Autodesk Vault 2012 (Client) German Language Pack (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Automation - The Car Company Tycoon Game (HKLM-x32\...\Steam App 293760) (Version: - Camshaft Software)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
cadvilla basic plus 5 (HKLM\...\{BE7D95B0-6BB8-4381-820F-4673D20C84F5}_is1) (Version: 5.0.0.2 - Trixl GmbH)
cadvilla Tutorial Version 1.0 (HKLM-x32\...\{C62795BE-D29B-4232-9F94-BCB542D122F0}_is1) (Version: 1.0 - Trixl GmbH)
calibre 64bit (HKLM\...\{1C757A31-7FAE-43EA-99C4-672222534BC2}) (Version: 1.7.0 - Kovid Goyal)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon MP620 series Benutzerregistrierung (HKLM-x32\...\Canon MP620 series Benutzerregistrierung) (Version: - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Die Gilde 2 - Gold Edition (HKLM-x32\...\Die Gilde 2 - Gold Edition) (Version: V 1.20 - JoWood)
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version: - Codemasters Racing Studio)
dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden
DRAGON BALL XENOVERSE (HKLM-x32\...\Steam App 323470) (Version: - DIMPS)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
DWG TrueView 2012 (HKLM\...\DWG TrueView 2012) (Version: 18.2.51.0 - Autodesk)
DWG TrueView 2012 (Version: 18.2.51.0 - Autodesk) Hidden
Easy Tune 6 B12.0626.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.0626.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Eco Materials Adviser (x64) (HKLM\...\{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}) (Version: 1.32.0.0 - Granta Design Limited)
Elite Dangerous Launcher version 0.4.1765.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.1765.0 - Frontier Developments)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version: - AMPLITUDE Studios)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Futuremark SystemInfo (HKLM-x32\...\{185D7B00-8600-4716-A619-D8CBE689974B}) (Version: 4.40.560.0 - Futuremark)
Galactic Civilizations II: Ultimate Edition (HKLM-x32\...\Steam App 202200) (Version: - Stardock Entertainment)
GeekBuddy (HKLM-x32\...\{87A5B227-81F8-4E51-86CA-39E89CB33B16}) (Version: 4.18.121 - Comodo Security Solutions Inc)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version: - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackup Viewer 2.00 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version: - iMacTools)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
Kingdoms of Amalur: Reckoning™ (HKLM-x32\...\Steam App 102500) (Version: - Big Huge Games)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version: - Team Bondi)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
LTspice IV (HKLM-x32\...\LTspice IV) (Version: - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1010 - Marvell)
MATLAB Student R2010a (HKLM-x32\...\MatlabR2010a) (Version: 7.10 - The MathWorks, Inc.)
Medieval Engineers (HKLM-x32\...\Steam App 333950) (Version: - Keen Software House)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft OneNote 2013 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Might & Magic ® Heroes ® VI (HKLM-x32\...\Steam App 48220) (Version: - Blackhole)
Mozilla Firefox 18.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 18.0 (x86 de)) (Version: 18.0 - Mozilla)
Mozilla Firefox 41.0.2 (x86 de) (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.241 - Logitech)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Recuva (HKLM\...\Recuva) (Version: 1.45 - Piriform)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.9 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 3.9 - Saal Digital Fotoservice GmbH) Hidden
Schnell-Deinstallations-Tool für Autodesk Inventor 2012 (HKLM\...\{D25FF5C1-1664-469A-9794-69309387C193}) (Version: 16.0.16000.0000 - Autodesk)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - Keen Software House)
Spotify (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Star Citizen Launcher (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version: - Star Gem Inc.)
Star Conflict Launcher 1.0.1.18 (HKLM-x32\...\StarConflictLauncher_is1) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.11.26825 - Blizzard Entertainment)
Startopia (HKLM-x32\...\Steam App 243040) (Version: - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Curious Expedition (HKLM-x32\...\Steam App 358130) (Version: - )
The Swapper (HKLM-x32\...\Steam App 231160) (Version: - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
TriDef 3D 6.5 (HKLM-x32\...\essentials-bundle) (Version: 6.5 - Dynamic Digital Depth Australia Pty Ltd)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{17A14094-F274-44E2-B54B-FC0E966AE5C7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\LUxClientSink.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2D5C6B27-86B3-4E81-9F8B-9C68887F5BE6}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\LUxUIMgr.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{714D325C-E9CE-44ab-A72A-36BB410BA19B}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\FEAFilesHandler.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C0E7110B-2136-11D4-8DD0-0010B541CAA8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorMarshal.Dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Program Files\Autodesk\AutoCAD 2014\de-DE\acadficn.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E6E92821-2731-4AA3-B919-D2BC514FEC64}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridgePS.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei
==================== Wiederherstellungspunkte =========================
18-10-2015 19:39:54 DirectX wurde installiert
21-10-2015 14:58:29 Windows Update
21-10-2015 21:48:04 Windows Update
27-10-2015 14:01:55 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {08B318D3-C1ED-4538-AC5E-BDF42A176481} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {0E274B58-D602-43B4-9684-33C2B4DB7AFC} - System32\Tasks\{ECF3DAD0-1AFD-46C1-B41C-AD08FBD55565} => pcalua.exe -a "D:\Program Files (x86)\TriDef 3D\TriDef\Common\TriDef3DDisplaySetup.exe" -d "d:\Program Files (x86)\TriDef 3D\TriDef\Common"
Task: {127B0FB4-4A66-41CB-BD24-71F99EF10A89} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {31992ED4-BD66-4F82-848C-58275783197B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {3A3463E1-7D8D-4D3D-A165-0F6099783F5C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {7D01C1F8-8D0D-4097-8665-02EA9B625E21} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {7DF2D8CB-4288-4EF4-9EE7-6772106312AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {804CF0D1-F89A-4360-8160-1E38B5F777DF} - System32\Tasks\{4937B928-1F70-4E4D-9F90-30B19BFFD7FA} => pcalua.exe -a D:\Users\Mario\downloads\msicuu2.exe -d D:\Users\Mario\downloads
Task: {9C5CEEF5-980D-433B-937D-0563DAFDF9AB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {A7165FDA-6E77-40CD-A8EE-F4F316786142} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BC6FE798-7549-49F7-8DEC-7DB66AAFFE44} - System32\Tasks\{D6A16315-8AA0-4394-9949-62E4B972B07F} => pcalua.exe -a "F:\Spiele für Lan\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "F:\Spiele für Lan\Call of Duty 4 - Modern Warfare"
Task: {EDFE630F-5211-4DDA-80D6-5BFF684773B3} - System32\Tasks\{2E792ADF-5189-427D-B92B-4AF2670A9F4B} => pcalua.exe -a D:\Users\Mario\downloads\RegCleaner.exe -d D:\Users\Mario\downloads
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-18 11:02 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-05 00:16 - 2013-10-05 00:16 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-01-31 17:02 - 2011-04-19 14:56 - 00143360 ____N () C:\Program Files\ASUS Xonar D2X Audio\Customapp\VmixP8.dll
2013-03-12 17:10 - 2015-10-05 17:18 - 00778752 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 20:37 - 2015-07-03 17:12 - 04962816 _____ () D:\Program Files (x86)\Steam\v8.dll
2015-01-20 20:37 - 2015-07-03 17:12 - 01556992 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 20:37 - 2015-07-03 17:12 - 01187840 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2014-05-23 15:54 - 2015-10-14 21:56 - 02423376 _____ () D:\Program Files (x86)\Steam\video.dll
2014-08-30 13:32 - 2015-09-24 01:33 - 02549248 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 13:32 - 2015-09-24 01:33 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 13:32 - 2015-09-24 01:33 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 13:32 - 2015-09-24 01:33 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-30 13:32 - 2015-09-24 01:33 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2013-01-18 19:30 - 2015-10-14 21:56 - 00705104 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 15:28 - 2015-10-09 19:13 - 00193024 _____ () D:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-05-15 15:27 - 2015-05-15 15:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-08 19:26 - 2015-10-22 21:57 - 50678592 _____ () C:\Users\Mario\AppData\Roaming\Spotify\libcef.dll
2015-08-18 11:02 - 2015-08-18 11:02 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-10-28 15:10 - 2015-10-28 15:10 - 00071168 _____ () c:\users\mario\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv0ohh1.dll
2015-06-18 16:14 - 2015-09-24 00:07 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-18 16:14 - 2015-09-24 00:07 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-29 13:14 - 2015-09-24 00:07 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-18 16:14 - 2015-09-24 00:07 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2014-09-25 06:04 - 2014-09-25 06:04 - 00976080 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtNetwork4.dll
2014-09-25 06:04 - 2014-09-25 06:04 - 02254544 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtCore4.dll
2014-09-25 06:04 - 2014-09-25 06:04 - 08024784 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtGui4.dll
2014-09-25 06:04 - 2014-09-25 06:04 - 00032976 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\imageformats\qgif4.dll
2014-09-25 06:04 - 2014-09-25 06:04 - 01299664 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtScript4.dll
2015-04-08 19:26 - 2015-10-22 21:57 - 01880896 _____ () C:\Users\Mario\AppData\Roaming\Spotify\libglesv2.dll
2015-04-08 19:26 - 2015-10-22 21:57 - 00081216 _____ () C:\Users\Mario\AppData\Roaming\Spotify\libegl.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 01:37 - 2014-08-14 01:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 01:37 - 2014-08-14 01:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2015-06-27 00:09 - 2015-06-27 00:09 - 00271872 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2015-10-01 22:39 - 2015-10-01 22:39 - 02607872 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2013-01-18 19:30 - 2015-10-08 23:20 - 45010208 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-17 20:00 - 2014-10-17 20:00 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-01-20 11:02 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-09-02 10:29 - 2013-09-16 11:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-31 20:35 - 2014-03-31 20:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ADSK DLMSession => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Mario\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Mario\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: gbrspcontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{965F110C-420A-4BB4-A706-523D6FC60BBC}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B789D5C8-BD03-43D5-B714-4833E528D623}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{00780DA0-577B-4DE8-A200-95DD3C1C9343}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{83E8AE4A-763B-4291-9A7B-2A968EA4BB57}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2DCFE65-3DB0-4320-88EE-C23BD24BB240}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ACA4E8FB-5D1E-48C3-A6E9-4FAA7FAC4989}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{73BAD040-D1D7-4685-9A19-EA2DE2D01F4E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A877C44B-2DD7-4663-853E-EA25059B6B33}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2BD3554F-4CD2-4EC8-BDF0-34D6EAB0A071}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{CF1DCAFB-EE5C-455A-B1AE-8A067ABEC4AE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{B76671E1-F9A0-4E10-8A71-926B2B725945}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{2C31BC53-9B0C-4923-93CD-134B2DDE73AD}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{F643CEA5-BA54-4214-88DE-727888D25D37}] => (Allow) D:\Program Files (x86)\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{E902DC53-990E-4F2A-B3DF-375B5DEAAEDC}] => (Allow) D:\Program Files (x86)\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{D50989DF-D2CB-492B-A02E-A110DE8FC546}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{BE381255-FE92-493C-95DE-BFA655C2C308}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{615144B6-3D45-41A6-B5AF-A2CF401E5545}] => (Allow) D:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{E0C74655-91E6-42AD-894C-952C91238E74}] => (Allow) D:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{2DF3094F-ADC5-4E83-802E-3AE6C815DDBF}] => (Allow) C:\Users\Mario\AppData\Local\Temp\pftD5A.tmp\fsetup.exe
FirewallRules: [{238A8B6A-42EF-42D9-BBE3-872D42343BEC}] => (Allow) C:\Users\Mario\AppData\Local\Temp\pftD5A.tmp\fsetup.exe
FirewallRules: [{10C6CD12-0C8B-470F-8015-0EACBC1D973B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{1DE769BD-2DF1-4E73-8065-AB8CD2984097}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{6B1EEDF5-314F-4269-AE46-6A0DFEA0456C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{975795EB-9BDD-4552-986E-C22896830E73}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{11CC7E6E-CEC7-4BD5-9524-71A0551FC455}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{FF94FF4C-B86C-41E7-A434-F3A2C23BD9C0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{3A8D263E-8B23-4D6D-BA6E-3DE7E4D967CC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{ED4DDCF9-270B-4F78-95BB-689B0CC27DCB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{F5C0EDC3-DFDE-49BD-9D83-06FE78419BBB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{92E874AE-643D-4483-9CBE-BC78BF2F3D36}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{A151D699-5218-4B1E-8606-31320E0BA7F3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{B1CACD10-52EF-4571-8502-5E38B0959231}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{6EBD9D7A-21F5-4D59-BBD7-876AE98D7EFD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DiRT 3\dirt3.exe
FirewallRules: [{EEF5F05A-AC21-4252-B7FE-87D9742202E0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DiRT 3\dirt3.exe
FirewallRules: [{5FD004C9-ABEE-4101-8519-5D6C99415D76}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{B239C9D3-50D2-4DE9-9D79-1717B8392A10}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{037D0F96-F690-4044-92F2-E38D98906706}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{D2C9EDF3-A584-4344-AD10-44B766C4AECC}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{F47C36C7-1598-45BB-AC9C-35400AB7E9EE}] => (Allow) D:\Alt D\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{E2098DA8-CC0A-4D33-A6AF-45CF25883389}] => (Allow) D:\Alt D\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{CE7547CC-63C4-4300-9EDC-95A1FADB3788}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{1E1700B2-922C-428D-9F37-4FA75BAA39AA}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{7AF04FF3-55E1-4D41-8B55-9E1890C5CDBA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{3497FFE5-1A21-4BB8-8ADE-A881372781AC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{8B4224D1-8D3A-4056-80B2-522D02E20706}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{9887F9FA-F739-4098-BAA4-274D87B70473}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{ED6DF60F-B67F-4654-AAA8-4B375E2164BF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{4E93F34C-78BA-4E2A-863D-E7BFF2FB3345}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{D928C4C0-A916-4AAC-B1E8-51BAD62546D4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{7EE7FFB3-5B37-4E11-93D6-CA9CA5D4CBC0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{65CD7FB6-2D40-4BF4-BCC4-70B2CF364988}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{B2D21727-AA57-49E9-88A6-F36FD975DE6C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{FC43DFF8-1713-4D45-80DA-50BB75C64EBD}] => (Allow) D:\Program Files (x86)\Origin\FIFA Manager 14\Manager14.exe
FirewallRules: [{EC997D54-7C0C-4E26-8ADC-B4E04493E851}] => (Allow) D:\Program Files (x86)\Origin\FIFA Manager 14\Manager14.exe
FirewallRules: [{73476562-5129-4D52-A934-0D71AC2862C7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{29E75F0E-0EB7-4B71-9F24-75C1D4643F7F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [TCP Query User{6D3F7DFD-178A-406F-AD2E-0B0EF247F96E}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Block) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{5BDF3BC9-ED72-4897-8C9B-D567A1285ED0}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Block) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{759F2E21-CB81-46E4-AC9D-4346474E59C3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{A264AAC2-52C6-4CB0-AA82-5E13D5B3F770}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{FE6CB7BE-23BC-45F2-A023-CB2BDDC1555E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{827F2D62-A790-4C9F-B654-6FDFEAE8C320}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{F92D3616-E596-45FB-890F-EF760A6CEE9C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{5F2BEE00-109F-4602-B7AB-95E53859552A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [TCP Query User{C8AB7109-039F-41E9-825B-D2104D1CAF19}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{171F1388-F727-4BFC-B5BC-35C45ABDF466}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{882D3BFB-CD02-4FD1-8E34-C49F1371E416}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{1C3C6EAB-ECBD-487F-B2A4-BEA8F1CFB187}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{3821A5D5-0A44-49F0-9419-4FC79FDED117}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{29872FA9-284E-4BF9-AE32-ED2B90F50D1C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{947B1178-5F2A-421A-85FD-5D751D6DF9A4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{C4E42559-9FFD-4C5D-ACBF-F32D794AC123}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{FA06CB50-3CD1-47EE-81C9-FE7A6F1FF5EB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{FDC95ECA-EE54-48F0-8787-EA2F6BB7129D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{A2BE1020-2694-4D46-8369-7727CBB68B56}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7E2186D6-000B-44C6-B71C-8C9A257A8442}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{0C1113FB-04F8-4AE2-B518-6E97C577B84D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{DA1F2C81-CEF2-4F79-8536-01131133C031}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{4BA04CD1-368E-461E-A1AE-0094E42CB6EA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{D4556F2F-72CF-4344-A42A-5A130B8B6C5B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{3A1F0628-B2DB-42AF-8B5A-4E279BF7DED9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{C9A2B82F-DE1C-453D-B49E-4A499BBE3934}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{CB92E315-4D46-41DF-BCBA-1480085DD941}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Swapper\TheSwapper.exe
FirewallRules: [{DE64F4B6-96DC-4C95-BADE-968DFF200C55}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Swapper\TheSwapper.exe
FirewallRules: [{17E3568F-6302-455B-A538-4F0D0A507753}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{D4FC8FB6-F28A-4202-AFEE-53D858103120}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{B69283DC-9C37-4E91-8D26-CEB6A0681F07}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Galactic Civilizations II - Ultimate Edition\Twilight\GC2TwilightOfTheArnor.exe
FirewallRules: [{43FCA703-B52B-4E8F-9DE6-059582A39FCB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Galactic Civilizations II - Ultimate Edition\Twilight\GC2TwilightOfTheArnor.exe
FirewallRules: [{1FF871DC-18DF-4FBB-A1CB-49AB28701B82}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{CF1B2E55-5202-4A39-8AE9-6AE46D573345}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{54FE59E1-9103-43EA-9C46-E07323457987}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{1C639D60-B663-4F39-B4E0-17F654262FBE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{1CFF44AF-D38F-4C78-8527-EAAE8F432DFD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{71CEAE73-30D4-4CBC-ABDB-E4FC09CD188F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{DBBD6CF8-E3BE-4D0F-8D4D-3FB98EF99CAF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{0AA5A1F0-BD01-4FFA-B959-C88A317E84E8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{F27784D8-47CA-44FE-87CA-F2F1576DB70F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{C98905A5-D9B9-410B-842D-D6890AAD9E26}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{AA210F4E-DF56-4C0D-ACF5-8925EF72CC6B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{47C33655-31DE-44EA-8B55-A1A2516117A3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{E0B0954C-159B-4C08-B9E3-DD6BA1FEDF7D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{235EE3C3-03B6-4D9B-893B-BCECA33AE19B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{9D22DAE1-C78D-4653-B6FC-66EE1B29DF1C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{7D04F1D6-B4B8-453B-A943-5C1593891D0B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{8B4503BD-B1C4-4D81-89D8-0A6F64BE73FB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{FDDF32DF-7D1A-4FE7-96BE-32D42264BA0F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{84E79338-CCE9-4188-A10D-29157E1E2D17}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF02C93D-2C46-4B37-B962-19C384EFA103}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4093C914-3DB5-4D9D-B031-511890105978}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{381ADD66-D099-4C9B-8D72-EDE6A20F6C93}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{D459F41E-0222-4801-AB26-B1AD23C8B280}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{CC601224-2620-4A8B-A97F-14EDBF23819D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{7C704CCB-D2D7-4EEB-91BC-2D7F939950E0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{07DA511F-A879-40D4-8210-875DDC636D98}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{B20656FC-4A61-41DB-A531-94F54783756B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{6619F624-5F3E-4E80-AD42-545272D81329}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{0936A2F7-D3A3-4E2B-A0ED-0F33B52EB512}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{A774F7CA-FC0D-47FF-909E-59ECB45D2851}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{C9F87D21-6E00-4062-80C0-DAF0FD5640EC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Godus\windows\godus.exe
FirewallRules: [{3D1B9255-57D4-461B-9D22-D1471755E308}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Godus\windows\godus.exe
FirewallRules: [{8D27AD06-0868-4688-A6B2-B51F5BC6D4CE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{4228A036-11D7-4BB8-8FCA-9271312F0895}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{5C04C660-20C1-49C0-B4A9-192860CA45A8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{E5477090-605F-4FF8-BD5D-3DED100C98BE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B3E43AF9-533C-4F86-91CC-35625F6BE444}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{5D93F297-1DDD-465F-ABFE-8D39128B2693}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{8CA85D9C-C006-4ECE-9808-2D29EC2472F2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{4C564B59-BAD6-4B06-B975-29D2F05EF243}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{7197C9C5-9CCF-4380-95FD-1E8CBB5C6611}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{01590297-4C7F-413D-92DB-2A47C434E028}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{CE039751-19F0-4428-B7F5-C83DD8A2FB94}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{A6DDD054-18A6-439F-A60A-616E8D1642DD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{ED9A5189-DF33-4BA9-A490-898C1A5BA7F6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{0C9BADB8-F037-4F09-A4A0-9408C6D11667}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{1EFCBD7B-CDB5-47E0-B936-A50E4535B880}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{49094478-BCB4-4C30-9E49-011A22E44791}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{5F71D05D-0E04-4CA3-B6A2-F41C3D6F715C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{B1F57978-828B-4EE4-AA13-D6BF0E33846E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [TCP Query User{92C1F3DB-5222-4C52-929A-C93582778AF6}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2997A13E-DDD7-4A5F-B11A-398848D5EBF1}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BB34A2C2-72CD-4A4C-BBAA-1CBB1811A6E4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{C5351D06-B0ED-4F2A-9CC6-0B3FBC9A1BF9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{F02664CB-D9FD-4110-A4B4-D44A491BB3E6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{20D3098E-6A12-4D13-BC8E-CE7083E79863}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{91CC3A78-75DD-4CA0-A280-B5530D3BD5A1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Curious Expedition\nw.exe
FirewallRules: [{E301BF3A-364A-4B44-810E-179DE09C8918}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Curious Expedition\nw.exe
FirewallRules: [{A76CF13A-DF1A-4F27-86A3-47861F64AC06}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{EBF72FAF-CA77-440B-B764-F7E62C73F40C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{C782509E-96AF-45E4-B73E-DE8711607348}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{D506091C-508A-4AD9-853F-6561717B110F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{0ADC0B6A-3CD0-4E69-A6B3-F06E56C334E3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II\GuildII.exe
FirewallRules: [{8970025C-2E16-4258-8340-1B63FAEEAD60}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II\GuildII.exe
FirewallRules: [{D40896D7-B9A1-48A3-9ED8-3506AEA9EF14}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{93D5BDE9-C894-4A45-85AF-9BCCC25DCEA8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{12EF3CB6-8AD8-43FB-BBF2-0F099E79241E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{445DCB15-C78B-41BD-9ED1-18AEE923759F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{50AFAF84-361C-4C08-B15F-5D9BF04E2218}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Startopia\startopia.exe
FirewallRules: [{7421C5EB-E854-40AE-9BBD-2272689F6252}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Startopia\startopia.exe
FirewallRules: [{EF008559-261D-42B3-BB85-2EB84E7EAD31}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{C40176B6-31D1-4C04-8493-607766BBA6EF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{E23D771E-DDEF-4909-92CD-C2FBDBCE4651}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{3EA6C4A0-023F-4C1B-BB38-C71530B6A4FA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{DAE989FB-6A91-4AAA-B155-9E4FCA45E9A6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{A4810FB3-3F25-46AB-B823-DF5C43C983D5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{D1225A65-5001-4772-9907-A112DD061934}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{D6453AE3-D6D4-4A87-BD10-2939712CB073}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{09902A01-1461-49B5-B819-CCB1EE9EF85C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{AD6EC883-8EEC-4FD8-8991-EF6FD969AE05}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{D5C8C7F4-F71A-4EB6-A966-6969532EACBC}] => (Allow) D:\Program Files (x86)\BattleNet\Battle.net\Battle.net.exe
FirewallRules: [{0992C7DB-857C-43A9-9E25-348506338EEB}] => (Allow) D:\Program Files (x86)\BattleNet\Battle.net\Battle.net.exe
FirewallRules: [{634E3C0B-9271-450E-A53C-50425C5EB0BA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{95A7FBB1-1E81-44CF-9A08-076CF6A3E16A}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{2974D597-073A-4F4B-B5B7-3FFB95D9E450}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{B674311E-17DB-458E-9CE0-048ECADC5B1F}] => (Allow) C:\Users\Mario\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{EFC31C88-F374-45C5-BCC9-01A60A414DE0}D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe] => (Allow) D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe
FirewallRules: [UDP Query User{DAA27DAD-AA07-4DBE-8E02-CAD1934207A3}D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe] => (Allow) D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe
FirewallRules: [{766FE798-8AB6-4D1B-90A0-D6E8CFA21A8E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{43CC7273-0E98-4D0D-ABA1-29FFBC4F0F4C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{C15D9151-6047-40D4-AF2F-02B24FFF3BF1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{7E2B5519-AA68-417C-97A8-DE4A973B5CF6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{0BB7039B-A1D4-40B2-AB34-4DC4D04D9CA3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5C9856C4-6E45-4194-9735-7F3D23FD8E97}] => (Allow) LPort=2869
FirewallRules: [{D72B930C-88BB-4FDF-B074-B1D29D9C0B17}] => (Allow) LPort=1900
FirewallRules: [{BEDC4523-6F08-4543-8160-8AE8FD01614E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{3C0ACA69-928B-402B-B610-EBE8F264DAF9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{455CBFE4-DC85-45CE-AF60-D521D2A349F0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{0B5CFA37-7488-434B-86E1-7572C9D8B094}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{0B4AE6B6-6A7C-4A37-8347-48969AFDB17B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{97CCF153-C52A-42A5-B650-09BA1D7A3398}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{19A28B81-EE4B-4760-BE5D-AD0082AA6D1D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DAB135F4-5948-445D-9AA6-39AEC2FC07D5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4356867B-75D5-4E91-92E1-47FC55225FCF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{235135FB-C6BA-4936-983B-23272E7574C9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{4C5AA192-30AD-4E9B-A8C7-22A79B2E7BE9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [TCP Query User{FDF54BB0-5126-4D1E-B9F5-E8B8C9E3CB32}C:\users\mario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mario\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DAEF1DBD-5D05-4690-83F4-30062D6C5D1F}C:\users\mario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mario\appdata\roaming\spotify\spotify.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [d:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/28/2015 03:09:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 02:59:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 01:35:39 PM) (Source: MsiInstaller) (EventID: 10005) (User: WakGod)
Description: Programm: Kaspersky Internet Security -- Fehler 29005. <<29005>>InstallDir=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\
Error: (10/28/2015 01:33:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 01:31:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 01:19:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 01:13:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 01:12:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 01:08:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 01:07:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (10/28/2015 03:10:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
CFRMD
Error: (10/28/2015 03:09:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 28.10.2015 um 15:09:15 unerwartet heruntergefahren.
Error: (10/28/2015 03:00:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
CFRMD
Error: (10/28/2015 01:34:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
CFRMD
Error: (10/28/2015 01:32:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
CFRMD
Error: (10/28/2015 01:31:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 28.10.2015 um 13:31:15 unerwartet heruntergefahren.
Error: (10/28/2015 01:19:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
CFRMD
Error: (10/28/2015 01:14:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
CFRMD
Error: (10/28/2015 01:13:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 28.10.2015 um 13:13:15 unerwartet heruntergefahren.
Error: (10/28/2015 01:13:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Arbeitsstationsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
CodeIntegrity:
===================================
Date: 2015-05-25 12:21:06.199
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 17:26:48.911
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 17:26:48.906
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-17 06:28:58.487
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 16:39:38.578
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 16:39:38.575
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 16:34:46.774
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 16:34:46.722
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 16:30:55.667
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-11 18:31:00.124
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 16346.1 MB
Verfügbarer physikalischer RAM: 12632.66 MB
Summe virtueller Speicher: 32690.4 MB
Verfügbarer virtueller Speicher: 28592.38 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:21.66 GB) NTFS
Drive d: (Müllhalde) (Fixed) (Total:1863.01 GB) (Free:416.02 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: E389A575)
Partition 1: (Active) - (Size=100 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C052AFF8)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
28.10.2015, 16:39
| #3 |
| | Weitere Logs Gmer.txt
__________________Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-10-28 16:05:11
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 M4-CT128 rev.000F 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\Mario\AppData\Local\Temp\uwldqpod.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 00000000729517fa 2 bytes CALL 75b711a9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 0000000072951860 2 bytes CALL 75b711a9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 0000000072951942 2 bytes JMP 75c97089 C:\Windows\syswow64\WS2_32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 000000007295194d 2 bytes JMP 75c9cba6 C:\Windows\syswow64\WS2_32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExW + 17 0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!EnumProcessModules + 17 0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 17 0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 42 000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!EnumDeviceDrivers + 17 00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameA + 17 00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!QueryWorkingSetEx + 17 000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameW + 17 0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameW + 17 000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!EnumProcesses + 17 0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetProcessMemoryInfo + 17 000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetPerformanceInfo + 17 0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!QueryWorkingSet + 17 000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameA + 17 00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExA + 17 00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 20 00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 31 00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [1248:5848] 000007fee20a9688
---- Processes - GMER 2.1 ----
Library c:\users\mario\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv0ohh1.dll (*** suspicious ***) @ C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4276](2015-10-28 14:10:11) 0000000067ec0000
---- EOF - GMER 2.1 ----
Anti-Malware Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 28.10.2015 Suchlaufzeit: 14:50 Protokolldatei: MalwarebytesAntiMalware.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.10.28.03 Rootkit-Datenbank: v2015.10.23.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Mario Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 468996 Abgelaufene Zeit: 5 Min., 43 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 PUP.Optional.InstallCore, HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\SOFTWARE\InstallCore, In Quarantäne, [c78cb4a8dcafdb5b48d35e0b9e65916f], PUP.Optional.Trovi, HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [1a39bca093f800365267256322e1d828], Registrierungswerte: 3 PUP.Optional.Trovi, HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333004&octid=EB_ORIGINAL_CTID&ISID=B8B249D6-5D2F-4965-94D3-7787834984CF&SearchSource=58&CUI=&UM=8&UP=SP0EAACCEC-65EF-425E-BBB1-5EAD840049B7&D=081615&q={searchTerms}&SSPV=&SSPV=, In Quarantäne, [db783428008bf046d3e5ee9af40fa55b] PUP.Optional.Conduit, HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}&SSPV=&SSPV=, In Quarantäne, [9bb85a02cac10135b4e51343c2411ce4] PUP.Optional.Trovi, HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DisplayName, Trovi, In Quarantäne, [242f96c6f7947cbaf5c3ddab788b29d7] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 3 PUP.Optional.OpenCandy, C:\Users\Mario\AppData\Roaming\OpenCandy, In Quarantäne, [66ed312bc8c3b5818a1ff2497191e020], PUP.Optional.OpenCandy, C:\Users\Mario\AppData\Roaming\OpenCandy\F4FED44496C8480C8FF212AD45D34268, In Quarantäne, [66ed312bc8c3b5818a1ff2497191e020], PUP.Optional.OpenCandy, C:\Users\Mario\AppData\Roaming\OpenCandy\OpenCandy_B449523B83C343A6A364A123184B9A32, In Quarantäne, [66ed312bc8c3b5818a1ff2497191e020], Dateien: 2 PUP.Optional.OpenCandy, C:\Users\Mario\AppData\Roaming\OpenCandy\F4FED44496C8480C8FF212AD45D34268\TuneUpUtilities2013-2200218_de-DE.exe, In Quarantäne, [66ed312bc8c3b5818a1ff2497191e020], PUP.Optional.OpenCandy, C:\Users\Mario\AppData\Roaming\OpenCandy\OpenCandy_B449523B83C343A6A364A123184B9A32\LenovoSHAREit722.exe, In Quarantäne, [66ed312bc8c3b5818a1ff2497191e020], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Ich hoffe ihr könnt mir hier weiterhelfen  |
|
31.10.2015, 13:14
| #4 |
| /// the machine /// TB-Ausbilder    | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.10.2015, 15:52
| #5 |
| | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl Hallo,, danke für die Antwort. Die Logs: mbar: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.10.31.03
rootkit: v2015.10.28.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18059
Mario :: WAKGOD [administrator]
31.10.2015 15:26:43
mbar-log-2015-10-31 (15-26-43).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 472215
Time elapsed: 15 minute(s), 46 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 15:46:38.0791 0x1cdc TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:46:41.0677 0x1cdc ============================================================
15:46:41.0677 0x1cdc Current date / time: 2015/10/31 15:46:41.0677
15:46:41.0677 0x1cdc SystemInfo:
15:46:41.0677 0x1cdc
15:46:41.0677 0x1cdc OS Version: 6.1.7601 ServicePack: 1.0
15:46:41.0677 0x1cdc Product type: Workstation
15:46:41.0677 0x1cdc ComputerName: WAKGOD
15:46:41.0677 0x1cdc UserName: Mario
15:46:41.0677 0x1cdc Windows directory: C:\Windows
15:46:41.0677 0x1cdc System windows directory: C:\Windows
15:46:41.0677 0x1cdc Running under WOW64
15:46:41.0677 0x1cdc Processor architecture: Intel x64
15:46:41.0677 0x1cdc Number of processors: 8
15:46:41.0677 0x1cdc Page size: 0x1000
15:46:41.0677 0x1cdc Boot type: Normal boot
15:46:41.0677 0x1cdc ============================================================
15:46:41.0716 0x1cdc KLMD registered as C:\Windows\system32\drivers\08834096.sys
15:46:41.0768 0x1cdc System UUID: {C317D38B-165C-E69A-9FE2-8E3A51FCF591}
15:46:41.0947 0x1cdc Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:46:41.0987 0x1cdc Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:46:41.0991 0x1cdc ============================================================
15:46:41.0991 0x1cdc \Device\Harddisk0\DR0:
15:46:41.0991 0x1cdc MBR partitions:
15:46:41.0991 0x1cdc \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0x32000
15:46:41.0991 0x1cdc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
15:46:41.0991 0x1cdc \Device\Harddisk1\DR1:
15:46:41.0991 0x1cdc MBR partitions:
15:46:41.0991 0x1cdc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
15:46:41.0992 0x1cdc ============================================================
15:46:41.0993 0x1cdc C: <-> \Device\Harddisk0\DR0\Partition2
15:46:42.0015 0x1cdc D: <-> \Device\Harddisk1\DR1\Partition1
15:46:42.0015 0x1cdc ============================================================
15:46:42.0015 0x1cdc Initialize success
15:46:42.0015 0x1cdc ============================================================
15:47:47.0435 0x1e94 ============================================================
15:47:47.0435 0x1e94 Scan started
15:47:47.0435 0x1e94 Mode: Manual; SigCheck; TDLFS;
15:47:47.0435 0x1e94 ============================================================
15:47:47.0435 0x1e94 KSN ping started
15:47:49.0857 0x1e94 KSN ping finished: true
15:47:51.0090 0x1e94 ================ Scan system memory ========================
15:47:51.0090 0x1e94 System memory - ok
15:47:51.0090 0x1e94 ================ Scan services =============================
15:47:51.0119 0x1e94 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:47:51.0149 0x1e94 1394ohci - ok
15:47:51.0158 0x1e94 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:47:51.0169 0x1e94 ACPI - ok
15:47:51.0171 0x1e94 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:47:51.0179 0x1e94 AcpiPmi - ok
15:47:51.0184 0x1e94 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:47:51.0190 0x1e94 AdobeARMservice - ok
15:47:51.0210 0x1e94 [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:47:51.0219 0x1e94 AdobeFlashPlayerUpdateSvc - ok
15:47:51.0228 0x1e94 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:47:51.0241 0x1e94 adp94xx - ok
15:47:51.0248 0x1e94 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:47:51.0259 0x1e94 adpahci - ok
15:47:51.0263 0x1e94 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:47:51.0271 0x1e94 adpu320 - ok
15:47:51.0275 0x1e94 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:47:51.0282 0x1e94 AeLookupSvc - ok
15:47:51.0291 0x1e94 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
15:47:51.0304 0x1e94 AFD - ok
15:47:51.0308 0x1e94 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:47:51.0314 0x1e94 agp440 - ok
15:47:51.0346 0x1e94 [ 0E64D7144478027F427F601D9D569EC9, 1D29F64152F8F6D368DCAA597EC7BB8E14CC1C7D4EF1FFF0A4387271DB4373A7 ] AIDA64Driver D:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64
15:47:51.0354 0x1e94 AIDA64Driver - ok
15:47:51.0357 0x1e94 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:47:51.0365 0x1e94 ALG - ok
15:47:51.0368 0x1e94 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:47:51.0373 0x1e94 aliide - ok
15:47:51.0379 0x1e94 [ 606C8F129FE18D6E3EA2FD542D43D72D, 1BDB9B1C3C8345429FFF25189DCA16F4174F29B5C5DFD5AEB5C277CD4E6EBCA8 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:47:51.0392 0x1e94 AMD External Events Utility - ok
15:47:51.0394 0x1e94 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:47:51.0399 0x1e94 amdide - ok
15:47:51.0402 0x1e94 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:47:51.0409 0x1e94 AmdK8 - ok
15:47:51.0412 0x1e94 amdkmdag - ok
15:47:51.0422 0x1e94 [ C0C27A1094F6EA978FB2CAACFDE0E594, 9B481D55ED3D55A975CB1EB32DD0DB9AD032D592585A5799F81918EFB7843AAE ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:47:51.0441 0x1e94 amdkmdap - ok
15:47:51.0444 0x1e94 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:47:51.0452 0x1e94 AmdPPM - ok
15:47:51.0455 0x1e94 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:47:51.0462 0x1e94 amdsata - ok
15:47:51.0467 0x1e94 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:47:51.0475 0x1e94 amdsbs - ok
15:47:51.0477 0x1e94 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:47:51.0483 0x1e94 amdxata - ok
15:47:51.0485 0x1e94 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
15:47:51.0493 0x1e94 AppID - ok
15:47:51.0495 0x1e94 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:47:51.0502 0x1e94 AppIDSvc - ok
15:47:51.0505 0x1e94 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
15:47:51.0512 0x1e94 Appinfo - ok
15:47:51.0517 0x1e94 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:47:51.0522 0x1e94 Apple Mobile Device Service - ok
15:47:51.0524 0x1e94 [ BA957E7ACD2B44FA3B01FAA64F6A9060, 24824B5B50A0F4BD1E41C2A68682E072387E6E4743538A1C72B261430F743597 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
15:47:51.0530 0x1e94 AppleCharger - ok
15:47:51.0532 0x1e94 [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
15:47:51.0538 0x1e94 AppleChargerSrv - ok
15:47:51.0543 0x1e94 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
15:47:51.0551 0x1e94 AppMgmt - ok
15:47:51.0562 0x1e94 [ CC0DC15E4D13E3A886D3C2D37EB33BCD, ABEAB456D91B0CAF5F9E80621ED5A2B6B51D59F9C00B92C21B96D2E528948059 ] Aqua Computer Service C:\Program Files\aquasuite\AquaComputerService.exe
15:47:51.0572 0x1e94 Aqua Computer Service - detected UnsignedFile.Multi.Generic ( 1 )
15:47:54.0066 0x1e94 Aqua Computer Service ( UnsignedFile.Multi.Generic ) - warning
15:47:56.0453 0x1e94 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:47:56.0460 0x1e94 arc - ok
15:47:56.0463 0x1e94 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:47:56.0470 0x1e94 arcsas - ok
15:47:56.0481 0x1e94 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:47:56.0490 0x1e94 aspnet_state - ok
15:47:56.0492 0x1e94 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:47:56.0510 0x1e94 AsyncMac - ok
15:47:56.0512 0x1e94 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:47:56.0518 0x1e94 atapi - ok
15:47:56.0522 0x1e94 [ F270AFC3848C54C67E3BFB892CE9B9C6, BF5F087D2677E8D75DB34335B54496A3C3AFBCE5A019C52B9EB2B1D19A0803B1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:47:56.0529 0x1e94 AtiHDAudioService - ok
15:47:56.0540 0x1e94 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:47:56.0558 0x1e94 AudioEndpointBuilder - ok
15:47:56.0568 0x1e94 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:47:56.0583 0x1e94 AudioSrv - ok
15:47:56.0588 0x1e94 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:47:56.0598 0x1e94 AxInstSV - ok
15:47:56.0607 0x1e94 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:47:56.0620 0x1e94 b06bdrv - ok
15:47:56.0626 0x1e94 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:47:56.0637 0x1e94 b57nd60a - ok
15:47:56.0642 0x1e94 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:47:56.0650 0x1e94 BDESVC - ok
15:47:56.0651 0x1e94 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:47:56.0668 0x1e94 Beep - ok
15:47:56.0680 0x1e94 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:47:56.0698 0x1e94 BFE - ok
15:47:56.0712 0x1e94 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:47:56.0743 0x1e94 BITS - ok
15:47:56.0746 0x1e94 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:47:56.0753 0x1e94 blbdrive - ok
15:47:56.0761 0x1e94 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:47:56.0770 0x1e94 Bonjour Service - ok
15:47:56.0774 0x1e94 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:47:56.0781 0x1e94 bowser - ok
15:47:56.0783 0x1e94 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:47:56.0791 0x1e94 BrFiltLo - ok
15:47:56.0793 0x1e94 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:47:56.0800 0x1e94 BrFiltUp - ok
15:47:56.0804 0x1e94 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:47:56.0812 0x1e94 Browser - ok
15:47:56.0818 0x1e94 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:47:56.0829 0x1e94 Brserid - ok
15:47:56.0832 0x1e94 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:47:56.0840 0x1e94 BrSerWdm - ok
15:47:56.0842 0x1e94 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:47:56.0850 0x1e94 BrUsbMdm - ok
15:47:56.0852 0x1e94 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:47:56.0859 0x1e94 BrUsbSer - ok
15:47:56.0862 0x1e94 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:47:56.0870 0x1e94 BTHMODEM - ok
15:47:56.0874 0x1e94 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:47:56.0893 0x1e94 bthserv - ok
15:47:56.0897 0x1e94 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:47:56.0915 0x1e94 cdfs - ok
15:47:56.0919 0x1e94 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:47:56.0927 0x1e94 cdrom - ok
15:47:56.0930 0x1e94 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:47:56.0948 0x1e94 CertPropSvc - ok
15:47:56.0950 0x1e94 CFRMD - ok
15:47:56.0953 0x1e94 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:47:56.0961 0x1e94 circlass - ok
15:47:56.0968 0x1e94 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
15:47:56.0979 0x1e94 CLFS - ok
15:47:57.0023 0x1e94 [ 9A5944952B122BBF68D0032EF440CFB5, D4046BA3F985A7F95F1A4A55B6F2976E292C861771CAC80CEC6DE4C82E8FDBB0 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
15:47:57.0063 0x1e94 ClickToRunSvc - ok
15:47:57.0069 0x1e94 [ 9A151FD0A9B64C5E9C07E71F6C731546, 0546F5F46F8CD46EA8B2CC5ED2CD650B65A320FF617FB9248D2F65093F40752E ] CLPSLauncher C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
15:47:57.0074 0x1e94 CLPSLauncher - ok
15:47:57.0080 0x1e94 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:47:57.0086 0x1e94 clr_optimization_v2.0.50727_32 - ok
15:47:57.0092 0x1e94 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:47:57.0100 0x1e94 clr_optimization_v2.0.50727_64 - ok
15:47:57.0109 0x1e94 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:47:57.0116 0x1e94 clr_optimization_v4.0.30319_32 - ok
15:47:57.0120 0x1e94 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:47:57.0131 0x1e94 clr_optimization_v4.0.30319_64 - ok
15:47:57.0134 0x1e94 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:47:57.0140 0x1e94 CmBatt - ok
15:47:57.0142 0x1e94 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:47:57.0148 0x1e94 cmdide - ok
15:47:57.0185 0x1e94 [ 0367F029425CBD5506E8DB2757FF3A8F, EABE6AE4CDB692717AD243D8AA9E11E7AEC0E566204C6873F7E6D24AA5593043 ] cmudaxp C:\Windows\system32\drivers\cmudaxp.sys
15:47:57.0232 0x1e94 cmudaxp - ok
15:47:57.0243 0x1e94 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
15:47:57.0259 0x1e94 CNG - ok
15:47:57.0261 0x1e94 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:47:57.0267 0x1e94 Compbatt - ok
15:47:57.0269 0x1e94 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:47:57.0278 0x1e94 CompositeBus - ok
15:47:57.0280 0x1e94 COMSysApp - ok
15:47:57.0282 0x1e94 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:47:57.0288 0x1e94 crcdisk - ok
15:47:57.0293 0x1e94 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:47:57.0302 0x1e94 CryptSvc - ok
15:47:57.0312 0x1e94 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
15:47:57.0326 0x1e94 CSC - ok
15:47:57.0338 0x1e94 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
15:47:57.0355 0x1e94 CscService - ok
15:47:57.0358 0x1e94 dbupdate - ok
15:47:57.0359 0x1e94 dbupdatem - ok
15:47:57.0369 0x1e94 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:47:57.0395 0x1e94 DcomLaunch - ok
15:47:57.0402 0x1e94 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:47:57.0424 0x1e94 defragsvc - ok
15:47:57.0551 0x1e94 [ 0B24043732807EE3AA25389356F4DE7C, 6A9A65B38968FF704C3938BEF5E6C1226447FF4F78997473B1694EA8D3D519DF ] DevoloNetworkService D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
15:47:57.0601 0x1e94 DevoloNetworkService - ok
15:47:57.0607 0x1e94 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:47:57.0625 0x1e94 DfsC - ok
15:47:57.0629 0x1e94 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
15:47:57.0636 0x1e94 dg_ssudbus - ok
15:47:57.0643 0x1e94 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:47:57.0654 0x1e94 Dhcp - ok
15:47:57.0676 0x1e94 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
15:47:57.0703 0x1e94 DiagTrack - ok
15:47:57.0706 0x1e94 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:47:57.0724 0x1e94 discache - ok
15:47:57.0727 0x1e94 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
15:47:57.0733 0x1e94 Disk - ok
15:47:57.0737 0x1e94 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:47:57.0744 0x1e94 dmvsc - ok
15:47:57.0749 0x1e94 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:47:57.0758 0x1e94 Dnscache - ok
15:47:57.0764 0x1e94 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:47:57.0785 0x1e94 dot3svc - ok
15:47:57.0789 0x1e94 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:47:57.0809 0x1e94 DPS - ok
15:47:57.0811 0x1e94 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:47:57.0817 0x1e94 drmkaud - ok
15:47:57.0832 0x1e94 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:47:57.0851 0x1e94 DXGKrnl - ok
15:47:57.0856 0x1e94 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:47:57.0875 0x1e94 EapHost - ok
15:47:57.0877 0x1e94 EasyAntiCheat - ok
15:47:57.0923 0x1e94 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:47:57.0981 0x1e94 ebdrv - ok
15:47:57.0985 0x1e94 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS C:\Windows\System32\lsass.exe
15:47:57.0991 0x1e94 EFS - ok
15:47:58.0004 0x1e94 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:47:58.0021 0x1e94 ehRecvr - ok
15:47:58.0025 0x1e94 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:47:58.0033 0x1e94 ehSched - ok
15:47:58.0042 0x1e94 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:47:58.0056 0x1e94 elxstor - ok
15:47:58.0058 0x1e94 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:47:58.0065 0x1e94 ErrDev - ok
15:47:58.0068 0x1e94 [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv C:\Windows\etdrv.sys
15:47:58.0073 0x1e94 etdrv - ok
15:47:58.0081 0x1e94 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:47:58.0105 0x1e94 EventSystem - ok
15:47:58.0110 0x1e94 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:47:58.0130 0x1e94 exfat - ok
15:47:58.0135 0x1e94 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:47:58.0155 0x1e94 fastfat - ok
15:47:58.0166 0x1e94 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:47:58.0183 0x1e94 Fax - ok
15:47:58.0186 0x1e94 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
15:47:58.0192 0x1e94 fdc - ok
15:47:58.0194 0x1e94 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:47:58.0212 0x1e94 fdPHost - ok
15:47:58.0214 0x1e94 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:47:58.0232 0x1e94 FDResPub - ok
15:47:58.0235 0x1e94 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:47:58.0241 0x1e94 FileInfo - ok
15:47:58.0244 0x1e94 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:47:58.0261 0x1e94 Filetrace - ok
15:47:58.0283 0x1e94 [ ECC329F6104EE208C24C4A8C1B4A9D14, E120DAAB58C4083577A8445230DBB841984818188BFD0609576BC704C836DF3F ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:47:58.0310 0x1e94 FlexNet Licensing Service 64 - ok
15:47:58.0313 0x1e94 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:47:58.0320 0x1e94 flpydisk - ok
15:47:58.0326 0x1e94 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:47:58.0335 0x1e94 FltMgr - ok
15:47:58.0353 0x1e94 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
15:47:58.0377 0x1e94 FontCache - ok
15:47:58.0381 0x1e94 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:47:58.0386 0x1e94 FontCache3.0.0.0 - ok
15:47:58.0389 0x1e94 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:47:58.0394 0x1e94 FsDepends - ok
15:47:58.0397 0x1e94 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:47:58.0402 0x1e94 Fs_Rec - ok
15:47:58.0409 0x1e94 [ 18AEB680709A01F0FAA74165EE995F39, FBBEDD9A5BA1F620C6F71647550372C0C5A21C342272BB284CF797CC572487E7 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
15:47:58.0419 0x1e94 Futuremark SystemInfo Service - ok
15:47:58.0425 0x1e94 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:47:58.0435 0x1e94 fvevol - ok
15:47:58.0438 0x1e94 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:47:58.0444 0x1e94 gagp30kx - ok
15:47:58.0445 0x1e94 gdrv - ok
15:47:58.0448 0x1e94 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:47:58.0452 0x1e94 GEARAspiWDM - ok
15:47:58.0486 0x1e94 [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
15:47:58.0519 0x1e94 GeekBuddyRSP - ok
15:47:58.0534 0x1e94 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:47:58.0563 0x1e94 gpsvc - ok
15:47:58.0578 0x1e94 GPUZ - ok
15:47:58.0580 0x1e94 [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys
15:47:58.0586 0x1e94 GVTDrv64 - ok
15:47:58.0588 0x1e94 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:47:58.0595 0x1e94 hcw85cir - ok
15:47:58.0601 0x1e94 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:47:58.0613 0x1e94 HdAudAddService - ok
15:47:58.0617 0x1e94 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:47:58.0626 0x1e94 HDAudBus - ok
15:47:58.0629 0x1e94 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:47:58.0635 0x1e94 HidBatt - ok
15:47:58.0638 0x1e94 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:47:58.0647 0x1e94 HidBth - ok
15:47:58.0650 0x1e94 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:47:58.0658 0x1e94 HidIr - ok
15:47:58.0660 0x1e94 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:47:58.0678 0x1e94 hidserv - ok
15:47:58.0680 0x1e94 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:47:58.0686 0x1e94 HidUsb - ok
15:47:58.0690 0x1e94 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:47:58.0708 0x1e94 hkmsvc - ok
15:47:58.0714 0x1e94 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:47:58.0724 0x1e94 HomeGroupListener - ok
15:47:58.0728 0x1e94 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:47:58.0738 0x1e94 HomeGroupProvider - ok
15:47:58.0742 0x1e94 [ B45C9BCB2E5D40A68A8AD0A5810BA071, 1C31B6E7407B62B7162AE09980B8BD66A6A774F659E78E54D2F078E6902F4A08 ] hotcore3 C:\Windows\system32\DRIVERS\hotcore3.sys
15:47:58.0747 0x1e94 hotcore3 - ok
15:47:58.0750 0x1e94 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:47:58.0757 0x1e94 HpSAMD - ok
15:47:58.0769 0x1e94 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:47:58.0786 0x1e94 HTTP - ok
15:47:58.0789 0x1e94 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:47:58.0794 0x1e94 hwpolicy - ok
15:47:58.0798 0x1e94 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:47:58.0805 0x1e94 i8042prt - ok
15:47:58.0815 0x1e94 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:47:58.0827 0x1e94 iaStor - ok
15:47:58.0831 0x1e94 [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:47:58.0835 0x1e94 IAStorDataMgrSvc - ok
15:47:58.0843 0x1e94 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:47:58.0855 0x1e94 iaStorV - ok
15:47:58.0860 0x1e94 [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
15:47:58.0865 0x1e94 ICCS - detected UnsignedFile.Multi.Generic ( 1 )
15:48:01.0312 0x1e94 Detect skipped due to KSN trusted
15:48:01.0312 0x1e94 ICCS - ok
15:48:01.0316 0x1e94 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:48:01.0320 0x1e94 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:48:03.0763 0x1e94 Detect skipped due to KSN trusted
15:48:03.0763 0x1e94 IDriverT - ok
15:48:03.0777 0x1e94 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:48:03.0795 0x1e94 idsvc - ok
15:48:03.0798 0x1e94 IEEtwCollectorService - ok
15:48:03.0801 0x1e94 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:48:03.0807 0x1e94 iirsp - ok
15:48:03.0820 0x1e94 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:48:03.0839 0x1e94 IKEEXT - ok
15:48:03.0853 0x1e94 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:48:03.0867 0x1e94 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
15:48:06.0306 0x1e94 Detect skipped due to KSN trusted
15:48:06.0306 0x1e94 Intel(R) Capability Licensing Service Interface - ok
15:48:06.0319 0x1e94 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
15:48:06.0336 0x1e94 Intel(R) Capability Licensing Service TCP IP Interface - ok
15:48:06.0339 0x1e94 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:48:06.0344 0x1e94 intelide - ok
15:48:06.0347 0x1e94 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:48:06.0355 0x1e94 intelppm - ok
15:48:06.0358 0x1e94 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:48:06.0377 0x1e94 IPBusEnum - ok
15:48:06.0381 0x1e94 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:48:06.0399 0x1e94 IpFilterDriver - ok
15:48:06.0408 0x1e94 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:48:06.0422 0x1e94 iphlpsvc - ok
15:48:06.0426 0x1e94 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:48:06.0433 0x1e94 IPMIDRV - ok
15:48:06.0437 0x1e94 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:48:06.0456 0x1e94 IPNAT - ok
15:48:06.0467 0x1e94 [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:48:06.0479 0x1e94 iPod Service - ok
15:48:06.0482 0x1e94 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:48:06.0490 0x1e94 IRENUM - ok
15:48:06.0492 0x1e94 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:48:06.0497 0x1e94 isapnp - ok
15:48:06.0503 0x1e94 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:48:06.0513 0x1e94 iScsiPrt - ok
15:48:06.0515 0x1e94 [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:48:06.0520 0x1e94 iusb3hcs - ok
15:48:06.0527 0x1e94 [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
15:48:06.0537 0x1e94 iusb3hub - ok
15:48:06.0549 0x1e94 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:48:06.0566 0x1e94 iusb3xhc - ok
15:48:06.0571 0x1e94 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:48:06.0578 0x1e94 jhi_service - ok
15:48:06.0581 0x1e94 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:48:06.0587 0x1e94 kbdclass - ok
15:48:06.0589 0x1e94 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:48:06.0596 0x1e94 kbdhid - ok
15:48:06.0598 0x1e94 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso C:\Windows\system32\lsass.exe
15:48:06.0605 0x1e94 KeyIso - ok
15:48:06.0609 0x1e94 [ 6D3F864756213A589A86B2E93EBEB3F9, 19B1F21B92E206CAE48AE29EDCFCCA7346E5C8C8F93CA798576D90F112A8B990 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
15:48:06.0618 0x1e94 klflt - ok
15:48:06.0623 0x1e94 [ FA4108F8C8067E4CDF01CD33BF372280, 69317362032BC353851A1696689FA4A7CA343737B8C3E4D2799BC0CD7079376F ] klhk C:\Windows\system32\DRIVERS\klhk.sys
15:48:06.0633 0x1e94 klhk - ok
15:48:06.0648 0x1e94 [ D4EAEEF7BCB49EC1DF1BFA55C9D68ABC, 7546B7DB9EB8743D976CC0F4C567F367361138168F4A751EA461E81A2D66985E ] KLIF C:\Windows\system32\DRIVERS\klif.sys
15:48:06.0668 0x1e94 KLIF - ok
15:48:06.0671 0x1e94 [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
15:48:06.0677 0x1e94 KLIM6 - ok
15:48:06.0681 0x1e94 [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:48:06.0687 0x1e94 KSecDD - ok
15:48:06.0691 0x1e94 [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:48:06.0699 0x1e94 KSecPkg - ok
15:48:06.0702 0x1e94 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:48:06.0719 0x1e94 ksthunk - ok
15:48:06.0726 0x1e94 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:48:06.0750 0x1e94 KtmRm - ok
15:48:06.0754 0x1e94 [ 875805538A76210489D65A37332085E9, B0C9A18D6367437190EEFB30EB44B7D15F69A2FAEF71FE777AABEE5F3525AD48 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
15:48:06.0760 0x1e94 L1C - ok
15:48:06.0766 0x1e94 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:48:06.0787 0x1e94 LanmanServer - ok
15:48:06.0791 0x1e94 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:48:06.0813 0x1e94 LanmanWorkstation - ok
15:48:06.0816 0x1e94 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
15:48:06.0822 0x1e94 LGBusEnum - ok
15:48:06.0825 0x1e94 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
15:48:06.0830 0x1e94 LGSHidFilt - ok
15:48:06.0832 0x1e94 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
15:48:06.0837 0x1e94 LGVirHid - ok
15:48:06.0840 0x1e94 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:48:06.0859 0x1e94 lltdio - ok
15:48:06.0865 0x1e94 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:48:06.0888 0x1e94 lltdsvc - ok
15:48:06.0890 0x1e94 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:48:06.0908 0x1e94 lmhosts - ok
15:48:06.0915 0x1e94 [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:48:06.0924 0x1e94 LMS - ok
15:48:06.0929 0x1e94 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:48:06.0936 0x1e94 LSI_FC - ok
15:48:06.0940 0x1e94 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:48:06.0947 0x1e94 LSI_SAS - ok
15:48:06.0950 0x1e94 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:48:06.0955 0x1e94 LSI_SAS2 - ok
15:48:06.0959 0x1e94 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:48:06.0966 0x1e94 LSI_SCSI - ok
15:48:06.0970 0x1e94 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:48:06.0989 0x1e94 luafv - ok
15:48:06.0991 0x1e94 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:48:06.0997 0x1e94 MBAMProtector - ok
15:48:07.0049 0x1e94 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:48:07.0072 0x1e94 MBAMService - ok
15:48:07.0076 0x1e94 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:48:07.0082 0x1e94 MBAMWebAccessControl - ok
15:48:07.0086 0x1e94 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:48:07.0094 0x1e94 Mcx2Svc - ok
15:48:07.0096 0x1e94 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:48:07.0102 0x1e94 megasas - ok
15:48:07.0108 0x1e94 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:48:07.0117 0x1e94 MegaSR - ok
15:48:07.0121 0x1e94 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
15:48:07.0128 0x1e94 MEIx64 - ok
15:48:07.0271 0x1e94 [ 29731E3F45A70312E82A72EA96483171, A2BB7B7451394CBC2C0BC01E54150D2695C7E63A753A72982AD156FA46B054CA ] mitsijm2012 D:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
15:48:07.0286 0x1e94 mitsijm2012 - ok
15:48:07.0289 0x1e94 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:48:07.0308 0x1e94 MMCSS - ok
15:48:07.0311 0x1e94 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:48:07.0328 0x1e94 Modem - ok
15:48:07.0331 0x1e94 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:48:07.0338 0x1e94 monitor - ok
15:48:07.0341 0x1e94 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:48:07.0347 0x1e94 mouclass - ok
15:48:07.0349 0x1e94 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:48:07.0355 0x1e94 mouhid - ok
15:48:07.0359 0x1e94 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:48:07.0365 0x1e94 mountmgr - ok
15:48:07.0368 0x1e94 [ 730A519505621DF46BCBF9CDAC9FB6AD, BEA87E6C88630D5978045B720D9DCC4ABB1EE5E48AF5115363800E84EABA61E6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:48:07.0375 0x1e94 MozillaMaintenance - ok
15:48:07.0380 0x1e94 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:48:07.0387 0x1e94 mpio - ok
15:48:07.0390 0x1e94 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:48:07.0409 0x1e94 mpsdrv - ok
15:48:07.0422 0x1e94 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:48:07.0452 0x1e94 MpsSvc - ok
15:48:07.0456 0x1e94 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:48:07.0465 0x1e94 MRxDAV - ok
15:48:07.0469 0x1e94 [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:48:07.0478 0x1e94 mrxsmb - ok
15:48:07.0484 0x1e94 [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:48:07.0495 0x1e94 mrxsmb10 - ok
15:48:07.0499 0x1e94 [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:48:07.0507 0x1e94 mrxsmb20 - ok
15:48:07.0510 0x1e94 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:48:07.0516 0x1e94 msahci - ok
15:48:07.0520 0x1e94 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:48:07.0527 0x1e94 msdsm - ok
15:48:07.0531 0x1e94 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:48:07.0540 0x1e94 MSDTC - ok
15:48:07.0544 0x1e94 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:48:07.0562 0x1e94 Msfs - ok
15:48:07.0564 0x1e94 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:48:07.0582 0x1e94 mshidkmdf - ok
15:48:07.0584 0x1e94 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:48:07.0589 0x1e94 msisadrv - ok
15:48:07.0594 0x1e94 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:48:07.0614 0x1e94 MSiSCSI - ok
15:48:07.0616 0x1e94 msiserver - ok
15:48:07.0618 0x1e94 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:48:07.0636 0x1e94 MSKSSRV - ok
15:48:07.0638 0x1e94 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:48:07.0656 0x1e94 MSPCLOCK - ok
15:48:07.0658 0x1e94 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:48:07.0676 0x1e94 MSPQM - ok
15:48:07.0683 0x1e94 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:48:07.0692 0x1e94 MsRPC - ok
15:48:07.0696 0x1e94 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:48:07.0701 0x1e94 mssmbios - ok
15:48:07.0761 0x1e94 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:48:07.0828 0x1e94 MSTEE - ok
15:48:07.0830 0x1e94 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:48:07.0836 0x1e94 MTConfig - ok
15:48:07.0839 0x1e94 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:48:07.0845 0x1e94 Mup - ok
15:48:07.0852 0x1e94 [ 97CCA67FCDABB8441149F04B34ABF510, 25043EC25193E2968F9112330DF63C7F9B9BEBDEEE323ACB3C396AB9494E577F ] mvs91xx C:\Windows\system32\DRIVERS\mvs91xx.sys
15:48:07.0862 0x1e94 mvs91xx - ok
15:48:07.0871 0x1e94 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:48:07.0895 0x1e94 napagent - ok
15:48:07.0902 0x1e94 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:48:07.0916 0x1e94 NativeWifiP - ok
15:48:07.0931 0x1e94 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:48:07.0951 0x1e94 NDIS - ok
15:48:07.0954 0x1e94 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:48:07.0972 0x1e94 NdisCap - ok
15:48:07.0975 0x1e94 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:48:07.0992 0x1e94 NdisTapi - ok
15:48:07.0995 0x1e94 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:48:08.0012 0x1e94 Ndisuio - ok
15:48:08.0017 0x1e94 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:48:08.0036 0x1e94 NdisWan - ok
15:48:08.0039 0x1e94 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:48:08.0056 0x1e94 NDProxy - ok
15:48:08.0058 0x1e94 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
15:48:08.0065 0x1e94 Netaapl - ok
15:48:08.0068 0x1e94 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:48:08.0086 0x1e94 NetBIOS - ok
15:48:08.0092 0x1e94 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:48:08.0113 0x1e94 NetBT - ok
15:48:08.0115 0x1e94 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon C:\Windows\system32\lsass.exe
15:48:08.0121 0x1e94 Netlogon - ok
15:48:08.0128 0x1e94 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:48:08.0152 0x1e94 Netman - ok
15:48:08.0161 0x1e94 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:08.0173 0x1e94 NetMsmqActivator - ok
15:48:08.0176 0x1e94 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:08.0184 0x1e94 NetPipeActivator - ok
15:48:08.0192 0x1e94 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:48:08.0217 0x1e94 netprofm - ok
15:48:08.0221 0x1e94 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:08.0229 0x1e94 NetTcpActivator - ok
15:48:08.0232 0x1e94 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:08.0240 0x1e94 NetTcpPortSharing - ok
15:48:08.0243 0x1e94 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:48:08.0249 0x1e94 nfrd960 - ok
15:48:08.0255 0x1e94 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:48:08.0266 0x1e94 NlaSvc - ok
15:48:08.0269 0x1e94 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:48:08.0286 0x1e94 Npfs - ok
15:48:08.0304 0x1e94 [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo C:\Windows\sysWOW64\drivers\npf_devolo.sys
15:48:08.0309 0x1e94 NPF_devolo - ok
15:48:08.0312 0x1e94 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:48:08.0331 0x1e94 nsi - ok
15:48:08.0333 0x1e94 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:48:08.0351 0x1e94 nsiproxy - ok
15:48:08.0376 0x1e94 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:48:08.0402 0x1e94 Ntfs - ok
15:48:08.0405 0x1e94 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:48:08.0422 0x1e94 Null - ok
15:48:08.0426 0x1e94 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:48:08.0433 0x1e94 nvraid - ok
15:48:08.0438 0x1e94 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:48:08.0446 0x1e94 nvstor - ok
15:48:08.0449 0x1e94 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:48:08.0456 0x1e94 nv_agp - ok
15:48:08.0459 0x1e94 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:48:08.0467 0x1e94 ohci1394 - ok
15:48:08.0471 0x1e94 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:48:08.0479 0x1e94 ose - ok
15:48:08.0548 0x1e94 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:48:08.0631 0x1e94 osppsvc - ok
15:48:08.0642 0x1e94 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:48:08.0653 0x1e94 p2pimsvc - ok
15:48:08.0662 0x1e94 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:48:08.0675 0x1e94 p2psvc - ok
15:48:08.0678 0x1e94 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
15:48:08.0686 0x1e94 Parport - ok
15:48:08.0689 0x1e94 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:48:08.0696 0x1e94 partmgr - ok
15:48:08.0700 0x1e94 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:48:08.0709 0x1e94 PcaSvc - ok
15:48:08.0714 0x1e94 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:48:08.0722 0x1e94 pci - ok
15:48:08.0724 0x1e94 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:48:08.0730 0x1e94 pciide - ok
15:48:08.0735 0x1e94 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:48:08.0744 0x1e94 pcmcia - ok
15:48:08.0747 0x1e94 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:48:08.0753 0x1e94 pcw - ok
15:48:08.0786 0x1e94 [ A279FC9BE4D1DA5DA3E79B5EAE0FDCF4, 0CC9A413E2BFE30421A74610300F6AD29769EF45557137F6FD7B7FAF0E0A241C ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
15:48:08.0825 0x1e94 PDF Architect 3 - ok
15:48:08.0841 0x1e94 [ 29D993E6AABC958032ED9620D232C521, 68F6581BB8A856561BAD22B5EB5CAB25B3F9473228B553D133ECFB4BDCEB2A3F ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
15:48:08.0860 0x1e94 PDF Architect 3 CrashHandler - ok
15:48:08.0873 0x1e94 [ 9EC3A20048C2E53B98E3617B7D6EB1DE, 8C2A11FFE65C062E8091135ECE4E392C2F18BB48C565E47DA08BF344B2587061 ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
15:48:08.0886 0x1e94 PDF Architect 3 Creator - ok
15:48:08.0898 0x1e94 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:48:08.0914 0x1e94 PEAUTH - ok
15:48:08.0935 0x1e94 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:48:08.0962 0x1e94 PeerDistSvc - ok
15:48:08.0967 0x1e94 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:48:08.0974 0x1e94 PerfHost - ok
15:48:08.0997 0x1e94 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:48:09.0037 0x1e94 pla - ok
15:48:09.0046 0x1e94 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:48:09.0058 0x1e94 PlugPlay - ok
15:48:09.0061 0x1e94 PnkBstrA - ok
15:48:09.0063 0x1e94 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:48:09.0070 0x1e94 PNRPAutoReg - ok
15:48:09.0076 0x1e94 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:48:09.0086 0x1e94 PNRPsvc - ok
15:48:09.0095 0x1e94 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:48:09.0120 0x1e94 PolicyAgent - ok
15:48:09.0125 0x1e94 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:48:09.0146 0x1e94 Power - ok
15:48:09.0149 0x1e94 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:48:09.0167 0x1e94 PptpMiniport - ok
15:48:09.0170 0x1e94 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
15:48:09.0177 0x1e94 Processor - ok
15:48:09.0182 0x1e94 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:48:09.0191 0x1e94 ProfSvc - ok
15:48:09.0194 0x1e94 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:48:09.0200 0x1e94 ProtectedStorage - ok
15:48:09.0204 0x1e94 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:48:09.0223 0x1e94 Psched - ok
15:48:09.0246 0x1e94 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:48:09.0275 0x1e94 ql2300 - ok
15:48:09.0280 0x1e94 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:48:09.0287 0x1e94 ql40xx - ok
15:48:09.0292 0x1e94 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:48:09.0304 0x1e94 QWAVE - ok
15:48:09.0307 0x1e94 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:48:09.0316 0x1e94 QWAVEdrv - ok
15:48:09.0318 0x1e94 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:48:09.0336 0x1e94 RasAcd - ok
15:48:09.0339 0x1e94 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:48:09.0357 0x1e94 RasAgileVpn - ok
15:48:09.0360 0x1e94 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:48:09.0379 0x1e94 RasAuto - ok
15:48:09.0383 0x1e94 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:48:09.0402 0x1e94 Rasl2tp - ok
15:48:09.0409 0x1e94 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:48:09.0432 0x1e94 RasMan - ok
15:48:09.0436 0x1e94 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:48:09.0454 0x1e94 RasPppoe - ok
15:48:09.0458 0x1e94 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:48:09.0476 0x1e94 RasSstp - ok
15:48:09.0482 0x1e94 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:48:09.0504 0x1e94 rdbss - ok
15:48:09.0507 0x1e94 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:48:09.0514 0x1e94 rdpbus - ok
15:48:09.0516 0x1e94 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:48:09.0533 0x1e94 RDPCDD - ok
15:48:09.0538 0x1e94 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:48:09.0547 0x1e94 RDPDR - ok
15:48:09.0549 0x1e94 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:48:09.0566 0x1e94 RDPENCDD - ok
15:48:09.0569 0x1e94 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:48:09.0586 0x1e94 RDPREFMP - ok
15:48:09.0589 0x1e94 [ 065F79543D7999EC28B687F87E96B803, 6B235C422DCA79ABF0D051C066B2866643333F7ADB7AF914F6EEAC448AA59AAF ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:48:09.0595 0x1e94 RdpVideoMiniport - ok
15:48:09.0601 0x1e94 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:48:09.0609 0x1e94 RDPWD - ok
15:48:09.0614 0x1e94 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:48:09.0622 0x1e94 rdyboost - ok
15:48:09.0626 0x1e94 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:48:09.0646 0x1e94 RemoteAccess - ok
15:48:09.0650 0x1e94 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:48:09.0670 0x1e94 RemoteRegistry - ok
15:48:09.0674 0x1e94 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:48:09.0692 0x1e94 RpcEptMapper - ok
15:48:09.0695 0x1e94 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:48:09.0702 0x1e94 RpcLocator - ok
15:48:09.0711 0x1e94 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:48:09.0734 0x1e94 RpcSs - ok
15:48:09.0737 0x1e94 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:48:09.0756 0x1e94 rspndr - ok
15:48:09.0758 0x1e94 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:48:09.0764 0x1e94 s3cap - ok
15:48:09.0766 0x1e94 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs C:\Windows\system32\lsass.exe
15:48:09.0772 0x1e94 SamSs - ok
15:48:09.0775 0x1e94 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:48:09.0782 0x1e94 sbp2port - ok
15:48:09.0787 0x1e94 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:48:09.0808 0x1e94 SCardSvr - ok
15:48:09.0810 0x1e94 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:48:09.0827 0x1e94 scfilter - ok
15:48:09.0844 0x1e94 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
15:48:09.0868 0x1e94 Schedule - ok
15:48:09.0871 0x1e94 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:48:09.0889 0x1e94 SCPolicySvc - ok
15:48:09.0893 0x1e94 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:48:09.0903 0x1e94 SDRSVC - ok
15:48:09.0905 0x1e94 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:48:09.0911 0x1e94 secdrv - ok
15:48:09.0914 0x1e94 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:48:09.0932 0x1e94 seclogon - ok
15:48:09.0935 0x1e94 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:48:09.0954 0x1e94 SENS - ok
15:48:09.0957 0x1e94 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:48:09.0964 0x1e94 SensrSvc - ok
15:48:09.0966 0x1e94 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
15:48:09.0973 0x1e94 Serenum - ok
15:48:09.0976 0x1e94 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
15:48:09.0984 0x1e94 Serial - ok
15:48:09.0986 0x1e94 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:48:09.0993 0x1e94 sermouse - ok
15:48:09.0999 0x1e94 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:48:10.0017 0x1e94 SessionEnv - ok
15:48:10.0020 0x1e94 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:48:10.0028 0x1e94 sffdisk - ok
15:48:10.0030 0x1e94 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:48:10.0037 0x1e94 sffp_mmc - ok
15:48:10.0040 0x1e94 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:48:10.0047 0x1e94 sffp_sd - ok
15:48:10.0049 0x1e94 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:48:10.0056 0x1e94 sfloppy - ok
15:48:10.0063 0x1e94 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:48:10.0086 0x1e94 SharedAccess - ok
15:48:10.0094 0x1e94 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:48:10.0117 0x1e94 ShellHWDetection - ok
15:48:10.0120 0x1e94 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:48:10.0126 0x1e94 SiSRaid2 - ok
15:48:10.0129 0x1e94 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:48:10.0135 0x1e94 SiSRaid4 - ok
15:48:10.0138 0x1e94 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:48:10.0157 0x1e94 Smb - ok
15:48:10.0161 0x1e94 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:48:10.0168 0x1e94 SNMPTRAP - ok
15:48:10.0170 0x1e94 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:48:10.0176 0x1e94 spldr - ok
15:48:10.0185 0x1e94 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:48:10.0207 0x1e94 Spooler - ok
15:48:10.0260 0x1e94 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:48:10.0333 0x1e94 sppsvc - ok
15:48:10.0338 0x1e94 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:48:10.0357 0x1e94 sppuinotify - ok
15:48:10.0365 0x1e94 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:48:10.0378 0x1e94 srv - ok
15:48:10.0385 0x1e94 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:48:10.0397 0x1e94 srv2 - ok
15:48:10.0402 0x1e94 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:48:10.0410 0x1e94 srvnet - ok
15:48:10.0415 0x1e94 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:48:10.0436 0x1e94 SSDPSRV - ok
15:48:10.0439 0x1e94 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:48:10.0459 0x1e94 SstpSvc - ok
15:48:10.0464 0x1e94 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
15:48:10.0472 0x1e94 ssudmdm - ok
15:48:10.0485 0x1e94 [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:48:10.0502 0x1e94 Steam Client Service - ok
15:48:10.0505 0x1e94 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:48:10.0510 0x1e94 stexstor - ok
15:48:10.0512 0x1e94 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:48:10.0518 0x1e94 StillCam - ok
15:48:10.0528 0x1e94 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:48:10.0546 0x1e94 stisvc - ok
15:48:10.0549 0x1e94 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:48:10.0555 0x1e94 storflt - ok
15:48:10.0558 0x1e94 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:48:10.0564 0x1e94 storvsc - ok
15:48:10.0566 0x1e94 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:48:10.0571 0x1e94 swenum - ok
15:48:10.0580 0x1e94 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:48:10.0606 0x1e94 swprv - ok
15:48:10.0609 0x1e94 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
15:48:10.0616 0x1e94 Synth3dVsc - ok
15:48:10.0641 0x1e94 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
15:48:10.0674 0x1e94 SysMain - ok
15:48:10.0679 0x1e94 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:48:10.0690 0x1e94 TabletInputService - ok
15:48:10.0696 0x1e94 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:48:10.0718 0x1e94 TapiSrv - ok
15:48:10.0721 0x1e94 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:48:10.0740 0x1e94 TBS - ok
15:48:10.0767 0x1e94 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:48:10.0801 0x1e94 Tcpip - ok
15:48:10.0829 0x1e94 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:48:10.0858 0x1e94 TCPIP6 - ok
15:48:10.0863 0x1e94 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:48:10.0869 0x1e94 tcpipreg - ok
15:48:10.0872 0x1e94 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:48:10.0879 0x1e94 TDPIPE - ok
15:48:10.0881 0x1e94 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:48:10.0887 0x1e94 TDTCP - ok
15:48:10.0891 0x1e94 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:48:10.0899 0x1e94 tdx - ok
15:48:10.0901 0x1e94 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:48:10.0908 0x1e94 TermDD - ok
15:48:10.0910 0x1e94 [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt C:\Windows\system32\drivers\terminpt.sys
15:48:10.0917 0x1e94 terminpt - ok
15:48:10.0928 0x1e94 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:48:10.0943 0x1e94 TermService - ok
15:48:10.0946 0x1e94 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:48:10.0956 0x1e94 Themes - ok
15:48:10.0959 0x1e94 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:48:10.0977 0x1e94 THREADORDER - ok
15:48:10.0981 0x1e94 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:48:11.0001 0x1e94 TrkWks - ok
15:48:11.0006 0x1e94 [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
15:48:11.0015 0x1e94 truecrypt - ok
15:48:11.0020 0x1e94 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:48:11.0039 0x1e94 TrustedInstaller - ok
15:48:11.0043 0x1e94 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:48:11.0050 0x1e94 tssecsrv - ok
15:48:11.0053 0x1e94 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:48:11.0059 0x1e94 TsUsbFlt - ok
15:48:11.0062 0x1e94 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:48:11.0068 0x1e94 TsUsbGD - ok
15:48:11.0072 0x1e94 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
15:48:11.0080 0x1e94 tsusbhub - ok
15:48:11.0084 0x1e94 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:48:11.0102 0x1e94 tunnel - ok
15:48:11.0105 0x1e94 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:48:11.0111 0x1e94 uagp35 - ok
15:48:11.0118 0x1e94 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:48:11.0140 0x1e94 udfs - ok
15:48:11.0144 0x1e94 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:48:11.0151 0x1e94 UI0Detect - ok
15:48:11.0154 0x1e94 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:48:11.0160 0x1e94 uliagpkx - ok
15:48:11.0163 0x1e94 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:48:11.0169 0x1e94 umbus - ok
15:48:11.0171 0x1e94 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:48:11.0178 0x1e94 UmPass - ok
15:48:11.0183 0x1e94 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
15:48:11.0193 0x1e94 UmRdpService - ok
15:48:11.0200 0x1e94 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:48:11.0224 0x1e94 upnphost - ok
15:48:11.0228 0x1e94 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:48:11.0235 0x1e94 USBAAPL64 - ok
15:48:11.0238 0x1e94 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:48:11.0245 0x1e94 usbccgp - ok
15:48:11.0249 0x1e94 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:48:11.0256 0x1e94 usbcir - ok
15:48:11.0259 0x1e94 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:48:11.0265 0x1e94 usbehci - ok
15:48:11.0272 0x1e94 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:48:11.0283 0x1e94 usbhub - ok
15:48:11.0285 0x1e94 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:48:11.0291 0x1e94 usbohci - ok
15:48:11.0294 0x1e94 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:48:11.0301 0x1e94 usbprint - ok
15:48:11.0304 0x1e94 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
15:48:11.0310 0x1e94 usbscan - ok
15:48:11.0314 0x1e94 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:48:11.0321 0x1e94 USBSTOR - ok
15:48:11.0323 0x1e94 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:48:11.0330 0x1e94 usbuhci - ok
15:48:11.0332 0x1e94 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:48:11.0351 0x1e94 UxSms - ok
15:48:11.0353 0x1e94 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc C:\Windows\system32\lsass.exe
15:48:11.0359 0x1e94 VaultSvc - ok
15:48:11.0361 0x1e94 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:48:11.0367 0x1e94 vdrvroot - ok
15:48:11.0377 0x1e94 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:48:11.0403 0x1e94 vds - ok
15:48:11.0405 0x1e94 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:48:11.0413 0x1e94 vga - ok
15:48:11.0415 0x1e94 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:48:11.0432 0x1e94 VgaSave - ok
15:48:11.0434 0x1e94 VGPU - ok
15:48:11.0439 0x1e94 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:48:11.0447 0x1e94 vhdmp - ok
15:48:11.0481 0x1e94 [ E066AA9C9866C2001372486A6841108C, 648E39962EDB3D77FBB5E2D5B603E16240AADE181A20E8778EE3D8847E4C0984 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
15:48:11.0519 0x1e94 VIAHdAudAddService - ok
15:48:11.0523 0x1e94 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:48:11.0529 0x1e94 viaide - ok
15:48:11.0531 0x1e94 [ 1236737C7993FB462610E1A0AA92C40B, 85385740AE7F885ACD605860AB2642DAC7456BB26C6615DAA9EE02AF54FEF77C ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
15:48:11.0536 0x1e94 VIAKaraokeService - ok
15:48:11.0541 0x1e94 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:48:11.0550 0x1e94 vmbus - ok
15:48:11.0552 0x1e94 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:48:11.0559 0x1e94 VMBusHID - ok
15:48:11.0562 0x1e94 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:48:11.0568 0x1e94 volmgr - ok
15:48:11.0575 0x1e94 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:48:11.0586 0x1e94 volmgrx - ok
15:48:11.0592 0x1e94 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:48:11.0602 0x1e94 volsnap - ok
15:48:11.0607 0x1e94 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:48:11.0614 0x1e94 vsmraid - ok
15:48:11.0639 0x1e94 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:48:11.0682 0x1e94 VSS - ok
15:48:11.0684 0x1e94 VUSB3HUB - ok
15:48:11.0687 0x1e94 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:48:11.0694 0x1e94 vwifibus - ok
15:48:11.0702 0x1e94 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:48:11.0725 0x1e94 W32Time - ok
15:48:11.0729 0x1e94 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:48:11.0735 0x1e94 WacomPen - ok
15:48:11.0738 0x1e94 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:48:11.0756 0x1e94 WANARP - ok
15:48:11.0759 0x1e94 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:48:11.0776 0x1e94 Wanarpv6 - ok
15:48:11.0795 0x1e94 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:48:11.0820 0x1e94 WatAdminSvc - ok
15:48:11.0843 0x1e94 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:48:11.0874 0x1e94 wbengine - ok
15:48:11.0880 0x1e94 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:48:11.0892 0x1e94 WbioSrvc - ok
15:48:11.0899 0x1e94 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:48:11.0914 0x1e94 wcncsvc - ok
15:48:11.0916 0x1e94 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:48:11.0924 0x1e94 WcsPlugInService - ok
15:48:11.0926 0x1e94 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:48:11.0931 0x1e94 Wd - ok
15:48:11.0944 0x1e94 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:48:11.0961 0x1e94 Wdf01000 - ok
15:48:11.0965 0x1e94 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:48:11.0973 0x1e94 WdiServiceHost - ok
15:48:11.0975 0x1e94 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:48:11.0982 0x1e94 WdiSystemHost - ok
15:48:11.0987 0x1e94 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
15:48:11.0997 0x1e94 WebClient - ok
15:48:12.0003 0x1e94 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:48:12.0024 0x1e94 Wecsvc - ok
15:48:12.0028 0x1e94 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:48:12.0047 0x1e94 wercplsupport - ok
15:48:12.0050 0x1e94 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:48:12.0069 0x1e94 WerSvc - ok
15:48:12.0071 0x1e94 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:48:12.0088 0x1e94 WfpLwf - ok
15:48:12.0090 0x1e94 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:48:12.0096 0x1e94 WIMMount - ok
15:48:12.0097 0x1e94 WinDefend - ok
15:48:12.0101 0x1e94 WinHttpAutoProxySvc - ok
15:48:12.0110 0x1e94 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:48:12.0131 0x1e94 Winmgmt - ok
15:48:12.0160 0x1e94 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
15:48:12.0198 0x1e94 WinRM - ok
15:48:12.0204 0x1e94 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
15:48:12.0212 0x1e94 WinUsb - ok
15:48:12.0226 0x1e94 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:48:12.0249 0x1e94 Wlansvc - ok
15:48:12.0284 0x1e94 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:48:12.0318 0x1e94 wlidsvc - ok
15:48:12.0322 0x1e94 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:48:12.0329 0x1e94 WmiAcpi - ok
15:48:12.0335 0x1e94 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:48:12.0344 0x1e94 wmiApSrv - ok
15:48:12.0346 0x1e94 WMPNetworkSvc - ok
15:48:12.0349 0x1e94 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:48:12.0356 0x1e94 WPCSvc - ok
15:48:12.0359 0x1e94 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:48:12.0369 0x1e94 WPDBusEnum - ok
15:48:12.0371 0x1e94 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:48:12.0389 0x1e94 ws2ifsl - ok
15:48:12.0392 0x1e94 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:48:12.0403 0x1e94 wscsvc - ok
15:48:12.0406 0x1e94 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:48:12.0414 0x1e94 WSDPrintDevice - ok
15:48:12.0415 0x1e94 WSearch - ok
15:48:12.0454 0x1e94 [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv C:\Windows\system32\wuaueng.dll
15:48:12.0501 0x1e94 wuauserv - ok
15:48:12.0506 0x1e94 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:48:12.0513 0x1e94 WudfPf - ok
15:48:12.0518 0x1e94 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:48:12.0526 0x1e94 WUDFRd - ok
15:48:12.0529 0x1e94 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:48:12.0537 0x1e94 wudfsvc - ok
15:48:12.0542 0x1e94 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:48:12.0552 0x1e94 WwanSvc - ok
15:48:12.0554 0x1e94 xhcdrv - ok
15:48:12.0558 0x1e94 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:48:12.0564 0x1e94 xusb21 - ok
15:48:12.0567 0x1e94 ================ Scan global ===============================
15:48:12.0570 0x1e94 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:48:12.0574 0x1e94 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
15:48:12.0582 0x1e94 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
15:48:12.0586 0x1e94 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:48:12.0593 0x1e94 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:48:12.0598 0x1e94 [ Global ] - ok
15:48:12.0598 0x1e94 ================ Scan MBR ==================================
15:48:12.0600 0x1e94 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:48:12.0670 0x1e94 \Device\Harddisk0\DR0 - ok
15:48:12.0689 0x1e94 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:48:12.0772 0x1e94 \Device\Harddisk1\DR1 - ok
15:48:12.0773 0x1e94 ================ Scan VBR ==================================
15:48:12.0774 0x1e94 [ 30CA6F797293CE1FB42E895D7B6F604F ] \Device\Harddisk0\DR0\Partition1
15:48:12.0775 0x1e94 \Device\Harddisk0\DR0\Partition1 - ok
15:48:12.0776 0x1e94 [ ACC92F1E5D8AD93CC433DA69B1B9A6A3 ] \Device\Harddisk0\DR0\Partition2
15:48:12.0777 0x1e94 \Device\Harddisk0\DR0\Partition2 - ok
15:48:12.0778 0x1e94 [ 847DABB3AB56A0F5F19E15219AAFAEDD ] \Device\Harddisk1\DR1\Partition1
15:48:12.0852 0x1e94 \Device\Harddisk1\DR1\Partition1 - ok
15:48:12.0853 0x1e94 ================ Scan generic autorun ======================
15:48:13.0043 0x1e94 [ 3F0B5EBDEB180C073E01A4A2DFA28C12, 0ACE6F70260E17284B8307D0DD0ACC9B59B379A99AE43429AB644B421ADAE8A7 ] C:\Program Files\Logitech Gaming Software\LCore.exe
15:48:13.0211 0x1e94 Launch LCore - ok
15:48:13.0235 0x1e94 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
15:48:13.0242 0x1e94 Cmaudio8788 - ok
15:48:13.0272 0x1e94 [ B653CC2510CA44369C47498ABBCA8E98, 9A8C9E8B372CFD61985CD138624A6F3E8C98ABEF212B9ED3735BD6019C0C0C19 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
15:48:13.0308 0x1e94 CanonMyPrinter - ok
15:48:13.0313 0x1e94 [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
15:48:13.0319 0x1e94 iTunesHelper - ok
15:48:13.0322 0x1e94 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
15:48:13.0329 0x1e94 Logitech Download Assistant - ok
15:48:13.0332 0x1e94 [ 5514B64F7F2D25E09E2FDAF5D62B688C, 43263715ADC49250762A01E41DB2832C6A8B63CE4F66CDD8FC0B51DCA031DF27 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
15:48:13.0338 0x1e94 IAStorIcon - ok
15:48:13.0343 0x1e94 [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
15:48:13.0351 0x1e94 USB3MON - ok
15:48:13.0355 0x1e94 [ 0080EB1CDD83F14C01534B1DC754234D, D0FC9B95A12D0C92730F8031B3DB287D1309008CF15EA0C02FC14B56FAE8C320 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:48:13.0359 0x1e94 APSDaemon - ok
15:48:13.0429 0x1e94 [ 2C5C919C1147B91BA2B47527B709BDA5, 58E2D6DBF0A7023A56C1576A0E8915CB3F2D4ED72F0A0B3652F29009DD853BDE ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
15:48:13.0511 0x1e94 HDAudDeck - ok
15:48:13.0517 0x1e94 [ 7AAF55E4C97861C4BAACF908B48A76A3, 351B9B3267D667D08B001B2ED46665A6717C9C9A6609BCBCCAA2F54AE26216DC ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
15:48:13.0522 0x1e94 IJNetworkScanUtility - ok
15:48:13.0524 0x1e94 [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
15:48:13.0528 0x1e94 amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
15:48:15.0977 0x1e94 Detect skipped due to KSN trusted
15:48:15.0977 0x1e94 amd_dc_opt - ok
15:48:16.0010 0x1e94 [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
15:48:16.0042 0x1e94 tvncontrol - ok
15:48:16.0046 0x1e94 Dropbox - ok
15:48:16.0053 0x1e94 [ C2CE42005E3381A95460876020518440, 562EB30DA9A1DB58DB221423177C0680E69A4C38EEE2D5FD936633B2EB8A616E ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:48:16.0062 0x1e94 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
15:48:18.0502 0x1e94 Detect skipped due to KSN trusted
15:48:18.0502 0x1e94 QuickTime Task - ok
15:48:18.0503 0x1e94 BlueStacks Agent - ok
15:48:18.0513 0x1e94 [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:48:18.0524 0x1e94 SunJavaUpdateSched - ok
15:48:18.0601 0x1e94 [ D5DDC3EC0BF960389E9A964D7CC8CC30, 02C06CF596B33B1883C371EA9B61B1EC41319EFF853A54864329129699534769 ] D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
15:48:18.0618 0x1e94 StartCCC - ok
15:48:18.0624 0x1e94 [ 1E2B7E1F256CBC4B55DDD622FF5604EF, C25BF91080A382AAE78FB52C1E05737CC7ECE575D6243D0DC91769C4BAF36489 ] C:\Program Files (x86)\Raptr\raptrstub.exe
15:48:18.0630 0x1e94 Raptr - ok
15:48:18.0646 0x1e94 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:48:18.0666 0x1e94 Sidebar - ok
15:48:18.0670 0x1e94 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:48:18.0680 0x1e94 mctadmin - ok
15:48:18.0697 0x1e94 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:48:18.0717 0x1e94 Sidebar - ok
15:48:18.0720 0x1e94 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:48:18.0729 0x1e94 mctadmin - ok
15:48:18.0861 0x1e94 [ D5218EE66173405B26B716EBA68133F6, 265820925538A075E753701DC36F89702B3E4C0BE73B8166138495092F339E43 ] D:\Program Files (x86)\Steam\steam.exe
15:48:18.0913 0x1e94 Steam - ok
15:48:18.0917 0x1e94 [ F341DD6145F779CE5B732BC6BC6A3370, 67CE7E6DD5969C8DE34473E01D60D52FABC740B056287C2E261A36F97993ED0D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
15:48:18.0922 0x1e94 iCloudServices - ok
15:48:18.0923 0x1e94 ApplePhotoStreams - ok
15:48:18.0955 0x1e94 [ 9D0D72B696B8CDF9AE368E542FD042CE, 8CD19E8B609041A6C226D57D40509175827C75DEF93378B53A814060BB7A9E0B ] C:\Users\Mario\AppData\Roaming\Spotify\SpotifyWebHelper.exe
15:48:18.0984 0x1e94 Spotify Web Helper - ok
15:48:19.0088 0x1e94 [ DC8DC7ED86A259614D3B2186B2F841EB, 6F305431EE35849D637AF41F213B716D936311015483422FA294E9435B82AB2A ] C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe
15:48:19.0187 0x1e94 Spotify - ok
15:48:19.0191 0x1e94 Waiting for KSN requests completion. In queue: 16
15:48:20.0191 0x1e94 Waiting for KSN requests completion. In queue: 11
15:48:21.0191 0x1e94 Waiting for KSN requests completion. In queue: 11
15:48:21.0663 0x1a20 Object required for P2P: [ D5218EE66173405B26B716EBA68133F6 ] D:\Program Files (x86)\Steam\steam.exe
15:48:22.0191 0x1e94 Waiting for KSN requests completion. In queue: 4
15:48:23.0191 0x1e94 Waiting for KSN requests completion. In queue: 4
15:48:24.0123 0x1a20 Object send P2P result: true
15:48:24.0123 0x1a20 Object required for P2P: [ DC8DC7ED86A259614D3B2186B2F841EB ] C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe
15:48:24.0191 0x1e94 Waiting for KSN requests completion. In queue: 1
15:48:25.0191 0x1e94 Waiting for KSN requests completion. In queue: 1
15:48:26.0191 0x1e94 Waiting for KSN requests completion. In queue: 1
15:48:26.0539 0x1a20 Object send P2P result: true
15:48:27.0201 0x1e94 Win FW state via NFP2: enabled ( trusted )
15:48:29.0539 0x1e94 ============================================================
15:48:29.0539 0x1e94 Scan finished
15:48:29.0539 0x1e94 ============================================================
15:48:29.0543 0x1810 Detected object count: 1
15:48:29.0543 0x1810 Actual detected object count: 1
15:48:42.0597 0x1810 Aqua Computer Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:48:42.0597 0x1810 Aqua Computer Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:48:53.0647 0x0330 Deinitialize success
|
|
01.11.2015, 07:21
| #6 |
| /// the machine /// TB-Ausbilder | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl hi, Scan mit Combofix
__________________ --> Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl |
|
01.11.2015, 12:23
| #7 |
| | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl Hallo, und wieder vielen Dank für's Kümmern. Code:
ATTFilter ComboFix 15-10-28.01 - Mario 01.11.2015 11:52:37.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.16346.13239 [GMT 1:00]
ausgeführt von:: d:\users\Mario\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Mario\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzaepr2.dll
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\msdownld.tmp
c:\windows\SysWow64\tmpB48F.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-10-01 bis 2015-11-01 ))))))))))))))))))))))))))))))
.
.
2015-10-31 14:26 . 2015-10-31 14:44 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-10-30 09:27 . 2015-10-13 09:47 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{90788111-737D-4FA1-9AE8-033D16653479}\mpengine.dll
2015-10-28 14:37 . 2015-10-28 14:38 -------- d-----w- C:\FRST
2015-10-28 13:50 . 2015-10-31 14:26 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-28 13:50 . 2015-10-31 14:25 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-28 13:50 . 2015-10-28 13:50 -------- d-----w- c:\programdata\Malwarebytes
2015-10-28 13:50 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-28 13:50 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-28 12:35 . 2015-07-04 01:18 227000 ----a-w- c:\windows\system32\drivers\klhk.sys
2015-10-28 12:35 . 2015-06-30 00:05 931000 ----a-w- c:\windows\system32\drivers\klif.sys
2015-10-28 12:35 . 2015-06-30 00:05 171192 ----a-w- c:\windows\system32\drivers\klflt.sys
2015-10-28 12:35 . 2015-10-28 12:35 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2015-10-28 11:47 . 2013-05-06 07:13 110176 ----a-w- c:\windows\system32\klfphc.dll
2015-10-28 11:46 . 2015-10-28 13:59 -------- d-----w- c:\programdata\Kaspersky Lab
2015-10-28 11:46 . 2015-10-28 12:35 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2015-10-24 18:52 . 2015-10-24 18:52 0 ----a-w- c:\windows\SysWow64\OCL91BD.tmp
2015-10-24 18:51 . 2015-10-24 18:51 0 ----a-w- c:\windows\SysWow64\OCL4285.tmp
2015-10-18 18:40 . 2015-10-18 18:40 -------- d-----w- c:\programdata\Stardock
2015-10-16 01:58 . 2015-10-16 01:58 189136 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\LICLUA.EXE
2015-10-15 13:23 . 2015-09-18 19:22 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-15 13:23 . 2015-09-18 19:19 700416 ----a-w- c:\windows\system32\invagent.dll
2015-10-15 13:23 . 2015-09-18 19:19 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-10-15 13:23 . 2015-09-18 19:19 503808 ----a-w- c:\windows\system32\devinv.dll
2015-10-15 13:23 . 2015-09-18 19:19 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-10-15 13:23 . 2015-09-18 19:19 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-10-15 13:23 . 2015-09-18 19:09 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-10-13 17:50 . 2015-09-25 18:07 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-10-12 18:25 . 2015-10-12 18:25 -------- d-----w- c:\users\Mario\AppData\Roaming\7DaysToDie
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-28 12:34 . 2013-01-20 12:49 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2015-10-27 13:07 . 2015-08-18 10:04 632432 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-10-17 13:22 . 2013-01-21 09:21 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-17 13:22 . 2013-01-21 09:21 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-13 20:51 . 2013-01-23 17:59 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-09-30 10:16 . 2015-09-30 10:16 115592 ----a-w- c:\windows\system32\pdfcmon.dll
2015-09-29 02:58 . 2015-10-13 17:50 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-02 03:04 . 2015-09-09 12:22 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 12:22 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 12:22 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 12:22 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 12:22 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 12:22 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 12:22 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 12:22 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 12:22 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 12:22 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 12:22 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 12:35 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 12:35 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 12:35 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 12:35 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 12:35 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 12:35 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 12:35 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 12:35 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-27 11:48 . 2015-08-27 11:48 3584 ----a-r- c:\users\Mario\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2015-08-27 11:34 . 2014-04-12 18:57 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-08-24 12:41 . 2009-08-18 09:24 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-08-05 17:56 . 2015-09-09 13:11 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 13:14 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 13:14 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 13:14 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-08-04 06:29 . 2015-08-04 06:29 107784 ----a-w- c:\windows\system32\amdave64.dll
2015-08-04 06:29 . 2015-08-04 06:29 100568 ----a-w- c:\windows\SysWow64\amdave32.dll
2015-08-04 06:28 . 2015-08-04 06:28 141792 ----a-w- c:\windows\system32\amdhcp64.dll
2015-08-04 06:28 . 2015-08-04 06:28 128384 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2015-08-04 06:28 . 2015-08-04 06:28 78432 ----a-w- c:\windows\system32\atimpc64.dll
2015-08-04 06:28 . 2015-08-04 06:28 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2015-08-04 06:28 . 2015-08-04 06:28 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2015-08-04 06:28 . 2015-08-04 06:28 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2015-08-04 06:28 . 2012-12-19 19:31 152056 ----a-w- c:\windows\system32\atiuxp64.dll
2015-08-04 06:28 . 2015-08-04 06:28 133016 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2015-08-04 06:28 . 2012-12-19 19:31 120144 ----a-w- c:\windows\system32\atiu9p64.dll
2015-08-04 06:28 . 2012-12-19 19:30 102616 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2015-08-04 06:28 . 2012-12-19 20:08 1445224 ----a-w- c:\windows\system32\aticfx64.dll
2015-08-04 06:28 . 2012-12-19 20:09 1193904 ----a-w- c:\windows\SysWow64\aticfx32.dll
2015-08-04 06:28 . 2012-12-19 19:49 11948704 ----a-w- c:\windows\system32\atidxx64.dll
2015-08-04 06:28 . 2015-08-04 06:28 10094152 ----a-w- c:\windows\SysWow64\atidxx32.dll
2015-08-04 06:28 . 2012-12-19 19:44 7929616 ----a-w- c:\windows\SysWow64\atiumdva.dll
2015-08-04 06:28 . 2012-12-19 20:50 7408936 ----a-w- c:\windows\SysWow64\atiumdag.dll
2015-08-04 06:27 . 2012-12-19 19:59 8893160 ----a-w- c:\windows\system32\atiumd6a.dll
2015-08-04 06:27 . 2012-12-19 19:44 8779872 ----a-w- c:\windows\system32\atiumd64.dll
2015-08-04 06:25 . 2015-08-04 06:25 297672 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2015-08-04 06:23 . 2015-08-04 06:23 21622784 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2015-08-04 06:19 . 2015-08-04 06:19 235008 ----a-w- c:\windows\system32\clinfo.exe
2015-08-04 06:18 . 2015-08-04 06:18 47785472 ----a-w- c:\windows\system32\amdocl64.dll
2015-08-04 06:14 . 2015-08-04 06:14 39714304 ----a-w- c:\windows\SysWow64\amdocl.dll
2015-08-04 06:09 . 2015-08-04 06:09 65024 ----a-w- c:\windows\system32\OpenCL.dll
2015-08-04 06:09 . 2015-08-04 06:09 59392 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-08-04 05:58 . 2015-08-04 05:58 27535872 ----a-w- c:\windows\system32\amdocl12cl64.dll
2015-08-04 05:57 . 2015-08-04 05:57 22318592 ----a-w- c:\windows\SysWow64\amdocl12cl.dll
2015-08-04 04:12 . 2015-08-04 04:12 127488 ----a-w- c:\windows\system32\mantle64.dll
2015-08-04 04:12 . 2015-08-04 04:12 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2015-08-04 04:11 . 2015-08-04 04:11 6477312 ----a-w- c:\windows\system32\amdmantle64.dll
2015-08-04 03:43 . 2015-08-04 03:43 5068288 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2015-08-04 03:21 . 2015-08-04 03:21 93696 ----a-w- c:\windows\system32\mantleaxl64.dll
2015-08-04 03:21 . 2015-08-04 03:21 86528 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2015-08-04 02:55 . 2015-08-04 02:55 30752256 ----a-w- c:\windows\system32\atio6axx.dll
2015-08-04 02:32 . 2015-08-04 02:32 25299968 ----a-w- c:\windows\SysWow64\atioglxx.dll
2015-08-04 02:25 . 2015-08-04 02:25 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2015-08-04 02:25 . 2015-08-04 02:25 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2015-08-04 02:25 . 2015-08-04 02:25 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2015-08-04 02:24 . 2015-08-04 02:24 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2015-08-04 02:24 . 2015-08-04 02:24 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2015-08-04 02:24 . 2015-08-04 02:24 15716864 ----a-w- c:\windows\system32\aticaldd64.dll
2015-08-04 02:21 . 2015-08-04 02:21 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2015-08-04 02:21 . 2015-08-04 02:21 50688 ----a-w- c:\windows\system32\amdmmcl6.dll
2015-08-04 02:21 . 2015-08-04 02:21 39424 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2015-08-04 02:07 . 2012-12-19 19:57 442368 ----a-w- c:\windows\system32\atidemgy.dll
2015-08-04 02:07 . 2015-08-04 02:07 160256 ----a-w- c:\windows\system32\atieah64.exe
2015-08-04 02:07 . 2015-08-04 02:07 143872 ----a-w- c:\windows\SysWow64\atieah32.exe
2015-08-04 02:07 . 2015-08-04 02:07 204800 ----a-w- c:\windows\system32\amdgfxinfo64.dll
2015-08-04 02:07 . 2015-08-04 02:07 189952 ----a-w- c:\windows\SysWow64\amdgfxinfo32.dll
2015-08-04 02:07 . 2015-08-04 02:07 29696 ----a-w- c:\windows\system32\atimuixx.dll
2015-08-04 02:07 . 2015-08-04 02:07 672768 ----a-w- c:\windows\system32\atieclxx.exe
2015-08-04 02:06 . 2015-08-04 02:06 246784 ----a-w- c:\windows\system32\atiesrxx.exe
2015-08-04 02:05 . 2015-08-04 02:05 190976 ----a-w- c:\windows\system32\atitmm64.dll
2015-08-04 01:48 . 2015-08-04 01:48 865792 ----a-w- c:\windows\system32\coinst_15.20.dll
2015-08-04 01:48 . 2015-08-04 01:48 89088 ----a-w- c:\windows\system32\atisamu64.dll
2015-08-04 01:47 . 2015-08-04 01:47 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2015-08-04 01:43 . 2012-12-19 19:33 1247744 ----a-w- c:\windows\system32\atiadlxx.dll
2015-08-04 01:43 . 2015-08-04 01:43 926720 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2015-08-04 01:43 . 2015-08-04 01:43 926720 ----a-w- c:\windows\SysWow64\atiadlxx.dll
2015-08-04 01:43 . 2015-08-04 01:43 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2015-08-04 01:43 . 2015-08-04 01:43 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2015-08-04 01:43 . 2015-08-04 01:43 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2015-08-04 01:42 . 2015-08-04 01:42 156672 ----a-w- c:\windows\system32\atig6txx.dll
2015-08-04 01:42 . 2015-08-04 01:42 141824 ----a-w- c:\windows\SysWow64\atigktxx.dll
2015-08-04 01:42 . 2015-08-04 01:42 665088 ----a-w- c:\windows\system32\drivers\atikmpag.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
2015-09-17 13:21 38112 ----a-w- c:\program files (x86)\PDF Architect 3\creator-ie-helper.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{2DFF3579-5AA7-45B9-9328-1D38EA230861}"= "c:\program files (x86)\PDF Architect 3\creator-ie-plugin.dll" [2015-09-17 517344]
.
[HKEY_CLASSES_ROOT\clsid\{2dff3579-5aa7-45b9-9328-1d38ea230861}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter.1]
[HKEY_CLASSES_ROOT\TypeLib\{882BBDC8-4C5D-46A7-8333-5F4E819666F4}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-08-18 10:05 329376 ----a-w- c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-08-18 10:05 329376 ----a-w- c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-08-18 10:05 329376 ----a-w- c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-08-18 10:05 329376 ----a-w- c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-08-18 10:05 329376 ----a-w- c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\program files (x86)\Steam\steam.exe" [2015-10-14 2901584]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2015-04-26 43816]
"Spotify Web Helper"="c:\users\Mario\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-10-22 2030912]
"Spotify"="c:\users\Mario\AppData\Roaming\Spotify\Spotify.exe" [2015-10-22 7736128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-05-15 60712]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-05-23 5120144]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2010-01-18 128352]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"tvncontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2014-09-24 2327248]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2015-10-12 36711472]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2015-06-16 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
"StartCCC"="d:\program files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-08-04 767176]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-10-01 56080]
.
c:\users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
An OneNote senden.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2015-9-25 195248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Start GeekBuddy.lnk - c:\program files (x86)\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2014-9-25 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox-Update-Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 MBAMService;MBAMService;d:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;d:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;d:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64;d:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 dbupdatem;Dropbox-Update-Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler;c:\program files (x86)\PDF Architect 3\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 3\crash-handler-ws.exe [x]
R3 PDF Architect 3;PDF Architect 3;c:\program files (x86)\PDF Architect 3\ws.exe;c:\program files (x86)\PDF Architect 3\ws.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Aqua Computer Service;Aqua Computer Service;c:\program files\aquasuite\AquaComputerService.exe;c:\program files\aquasuite\AquaComputerService.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DevoloNetworkService;devolo Network Service;d:\program files (x86)\devolo\dlan\devolonetsvc.exe;d:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 mitsijm2012;Autodesk Moldflow Inventor Tool Suite Integration 2012 Job-Manager;d:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe;d:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 PDF Architect 3 Creator;PDF Architect 3 Creator;c:\program files (x86)\PDF Architect 3\creator-ws.exe;c:\program files (x86)\PDF Architect 3\creator-ws.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cmudaxp;ASUS Xonar D2X Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-11-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-21 13:22]
.
2015-11-01 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18 15:12]
.
2015-11-01 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18 15:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-08-18 10:05 358064 ----a-w- c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-08-18 10:05 358064 ----a-w- c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-08-18 10:05 358064 ----a-w- c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-08-18 10:05 358064 ----a-w- c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-08-18 10:05 358064 ----a-w- c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-10-27 13:08 2339032 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-10-27 13:08 2339032 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-10-27 13:08 2339032 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2015-03-12 13318424]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2011-05-12 8769536]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 2114376]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-07-11 170280]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft &Excel exportieren - d:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-ApplePhotoStreams - d:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Wow6432Node-HKLM-Run-BlueStacks Agent - c:\program files (x86)\BlueStacks\HD-Agent.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-{43B74FAB-FB58-447D-8D3A-5F638AF36FD1} - c:\programdata\{87B61FE8-334F-4066-B7AA-68DC81782D4D}\Netzmanager1.071.0301_120720a.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\d:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-2508083331-1529705533-2935304339-1000\Software\SecuROM\License information*]
"datasecu"=hex:22,b4,b9,b1,ed,f6,04,b9,77,73,1e,12,f0,4c,01,67,3e,88,61,8c,57,
86,ff,bd,84,c7,70,b1,6c,5d,58,37,19,44,03,cd,1f,1c,87,f1,8e,c4,14,a7,c0,9a,\
"rkeysecu"=hex:b6,fc,fa,c0,9a,39,c6,0f,d9,3a,ca,30,2b,67,1b,fb
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-11-01 12:17:44 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-11-01 11:17
.
Vor Suchlauf: 13 Verzeichnis(se), 26.904.440.832 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 28.009.730.048 Bytes frei
.
- - End Of File - - 02FFEA3E4B70838959AF61ED0B81587A
|
|
02.11.2015, 19:11
| #8 |
| /// the machine /// TB-Ausbilder | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.11.2015, 02:32
| #9 |
| | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl mbam: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 02.11.2015 Suchlaufzeit: 20:18 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.02.05 Rootkit-Datenbank: v2015.10.28.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Mario Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 476865 Abgelaufene Zeit: 5 Min., 47 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.016 - Bericht erstellt am 02/11/2015 um 21:09:20
# Aktualisiert am 01/11/2015 von Xplode
# Datenbank : 2015-11-01.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Mario - WAKGOD
# Gestartet von : d:\Users\Mario\Desktop\AdwCleaner_5.016.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Users\Mario\AppData\Local\PackageAware
[-] Ordner Gelöscht : C:\Users\Mario\AppData\Roaming\pdfforge
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[-] Datei Gelöscht : C:\Users\Public\Desktop\GeekBuddy.lnk
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\GeekBuddyRSP
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GeekBuddyRSP
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1510 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Ultimate x64
Ran by Mario on 02.11.2015 at 21:12:47,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2DFF3579-5AA7-45B9-9328-1D38EA230861}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2DFF3579-5AA7-45B9-9328-1D38EA230861}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}
~~~ Files
Successfully deleted: [File] C:\Program Files (x86)\GUT3A83.tmp
~~~ Folders
Successfully deleted: [Folder] C:\Users\Mario\Appdata\Local\crashrpt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.11.2015 at 21:14:04,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von Mario (Administrator) auf WAKGOD (03-11-2015 02:24:14)
Gestartet von D:\Users\Mario\downloads
Geladene Profile: Mario (Verfügbare Profile: Mario & Lernen)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-17] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5120144 2012-05-23] (VIA)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2010-01-18] (CANON INC.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Spotify Web Helper] => C:\Users\Mario\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030912 2015-10-22] (Spotify Ltd)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Spotify] => C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe [7736128 2015-10-22] (Spotify Ltd)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-08-20]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0B52BEBB-7563-41E0-B641-7EB5A06869B3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1B8A7188-20ED-4D44-8C47-45B185A97B35}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{F3E5FAE6-6066-4660-9FD6-542222576451}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-10-27] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-18] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-18] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2508083331-1529705533-2935304339-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Mario\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2508083331-1529705533-2935304339-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-07] ()
FF SearchPlugin: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\searchplugins\youtube-videosuche.xml [2015-05-29]
FF Extension: Video DownloadHelper - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-09-30] [ist nicht signiert]
StartMenuInternet: FIREFOX.EXE - d:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-03-25]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 Aqua Computer Service; C:\Program Files\aquasuite\AquaComputerService.exe [536064 2013-03-27] (Aqua Computer GmbH & Co. KG) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
S2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-25] (Comodo Security Solutions, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
S2 DevoloNetworkService; D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-12-05] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-08-17] (Futuremark)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 mitsijm2012; D:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-07] (Autodesk, Inc.)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH)
S2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-05] ()
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AIDA64Driver; D:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [30624 2012-10-28] ()
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-09-03] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-01-20] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2013-12-05] (Paragon Software Group)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [931000 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 VUSB3HUB; system32\DRIVERS\ViaHub3.sys [X]
S3 xhcdrv; system32\DRIVERS\xhcdrv.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-02 21:14 - 2015-11-02 21:14 - 00001556 _____ C:\Users\Mario\Desktop\JRT.txt
2015-11-02 21:12 - 2015-10-05 23:26 - 01801288 _____ (Malwarebytes) C:\Users\Mario\Desktop\JRT.exe
2015-11-02 21:06 - 2015-11-02 21:09 - 00000000 ____D C:\AdwCleaner
2015-11-01 12:17 - 2015-11-01 12:17 - 00046418 _____ C:\ComboFix.txt
2015-11-01 11:51 - 2015-11-01 12:17 - 00000000 ____D C:\Qoobox
2015-11-01 11:51 - 2015-11-01 12:16 - 00000000 ____D C:\Windows\erdnt
2015-11-01 11:51 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-01 11:51 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-01 11:51 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-01 11:51 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-01 11:51 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-01 11:51 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-01 11:51 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-01 11:51 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-01 01:17 - 2015-11-01 01:17 - 00000000 ____D C:\Users\Mario\AppData\LocalLow\Dreamsite Games
2015-10-31 15:26 - 2015-10-31 15:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-28 15:37 - 2015-11-03 02:24 - 00000000 ____D C:\FRST
2015-10-28 15:19 - 2015-10-28 15:19 - 00000000 _____ C:\Users\Mario\defogger_reenable
2015-10-28 14:50 - 2015-11-02 20:18 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-28 14:50 - 2015-10-31 15:25 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-28 14:50 - 2015-10-28 14:50 - 00000790 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-28 14:50 - 2015-10-28 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-28 14:50 - 2015-10-28 14:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-28 14:50 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-28 14:50 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-28 13:35 - 2015-10-28 13:35 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-28 13:35 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-28 13:35 - 2015-06-30 01:05 - 00931000 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-10-28 13:35 - 2015-06-30 01:05 - 00171192 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-10-28 12:47 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-28 12:46 - 2015-10-28 14:59 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-28 12:46 - 2015-10-28 13:35 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-24 19:52 - 2015-10-24 19:52 - 00000000 _____ C:\Windows\SysWOW64\OCL91BD.tmp
2015-10-24 19:51 - 2015-10-24 19:51 - 00000000 _____ C:\Windows\SysWOW64\OCL4285.tmp
2015-10-18 19:40 - 2015-10-18 19:40 - 00000000 ____D C:\ProgramData\Stardock
2015-10-16 10:18 - 2015-10-16 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-15 14:23 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 14:23 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 14:23 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-13 19:29 - 2015-10-13 19:29 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Citizen Launcher
2015-10-13 18:51 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-13 18:51 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-13 18:51 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 18:51 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-13 18:51 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 18:51 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-13 18:51 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-13 18:51 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-13 18:51 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-13 18:51 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-13 18:51 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-13 18:51 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-13 18:51 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 18:51 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-13 18:51 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-13 18:51 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 18:51 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-13 18:51 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-13 18:51 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-13 18:51 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-13 18:51 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-13 18:51 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-13 18:51 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-13 18:51 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-13 18:51 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-13 18:51 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-13 18:51 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-13 18:51 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-13 18:51 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-13 18:51 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-13 18:51 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-13 18:51 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-13 18:51 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-13 18:51 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-13 18:51 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-13 18:51 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-13 18:51 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 18:51 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-13 18:51 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-13 18:51 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-13 18:51 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-13 18:51 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-13 18:51 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-13 18:51 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-13 18:51 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-13 18:51 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-13 18:51 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-13 18:51 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-13 18:51 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-13 18:51 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-13 18:51 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-13 18:51 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-13 18:51 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-13 18:51 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 18:51 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-13 18:51 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-13 18:51 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-13 18:51 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 18:51 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-13 18:51 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-13 18:51 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-13 18:50 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-13 18:50 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-13 18:50 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 18:50 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 18:50 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-13 18:50 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-13 18:50 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-13 18:50 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-13 18:50 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-13 18:50 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-13 18:50 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-13 18:50 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-13 18:50 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-13 18:50 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-13 18:50 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-13 18:50 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-13 18:50 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-13 18:50 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-13 18:50 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-13 18:50 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-13 18:50 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-13 18:50 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-13 18:50 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-13 18:50 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-13 18:50 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-13 18:50 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-13 18:50 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-13 18:50 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-13 18:50 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-13 18:50 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-13 18:50 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-13 18:50 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-13 18:50 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-13 18:50 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-13 18:50 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-13 18:50 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-13 18:50 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-13 18:50 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-12 19:25 - 2015-10-12 19:25 - 00000000 ____D C:\Users\Mario\AppData\Roaming\7DaysToDie
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-03 02:22 - 2013-01-21 10:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-03 02:18 - 2015-06-18 16:12 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-03 02:12 - 2013-01-19 18:58 - 01188507 _____ C:\Windows\WindowsUpdate.log
2015-11-02 21:18 - 2015-06-18 16:12 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-02 21:18 - 2009-07-14 05:45 - 00027168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-02 21:18 - 2009-07-14 05:45 - 00027168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-02 21:14 - 2011-04-12 08:43 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-11-02 21:14 - 2011-04-12 08:43 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-11-02 21:14 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-02 21:10 - 2015-06-18 16:12 - 00000000 ____D C:\Users\Mario\AppData\Local\Dropbox
2015-11-02 21:10 - 2015-04-08 19:26 - 00000000 ____D C:\Users\Mario\AppData\Local\Spotify
2015-11-02 21:10 - 2015-04-08 19:24 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Spotify
2015-11-02 21:10 - 2015-01-17 14:31 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Raptr
2015-11-02 21:10 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-02 21:10 - 2009-07-14 05:51 - 00153857 _____ C:\Windows\setupact.log
2015-11-02 13:21 - 2013-01-22 15:47 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6D29F55A-55FE-4567-AD7B-56A549E15B84}
2015-11-01 20:34 - 2013-01-21 12:55 - 00000000 ____D C:\Users\Mario\AppData\Roaming\vlc
2015-11-01 12:17 - 2014-05-10 14:08 - 00000000 ____D C:\Users\Mario\AppData\Local\Apps\2.0
2015-11-01 12:17 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2015-11-01 12:16 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-11-01 11:57 - 2010-11-21 04:47 - 00836234 _____ C:\Windows\PFRO.log
2015-10-31 14:11 - 2013-06-19 16:08 - 00000000 ____D C:\ProgramData\aquasuite-data
2015-10-31 12:34 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-30 21:08 - 2015-08-27 12:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-30 21:08 - 2014-12-26 16:36 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-29 19:27 - 2014-12-15 21:17 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-29 00:39 - 2015-07-14 19:59 - 00000000 ____D C:\Users\Mario\AppData\Roaming\LolClient
2015-10-28 15:19 - 2013-01-19 18:59 - 00000000 ____D C:\Users\Mario
2015-10-28 14:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Web
2015-10-28 13:34 - 2013-01-20 13:49 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-10-28 13:34 - 2013-01-20 13:49 - 00003877 _____ C:\Windows\LkmdfCoInst.log
2015-10-28 12:41 - 2015-08-13 13:31 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-27 14:08 - 2015-08-18 11:02 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-24 19:52 - 2014-12-23 20:10 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-10-21 21:48 - 2013-01-20 11:43 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-18 19:40 - 2013-01-21 10:57 - 00665776 _____ C:\Windows\DirectX.log
2015-10-17 14:22 - 2013-01-21 10:21 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 14:22 - 2013-01-21 10:21 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 14:22 - 2013-01-21 10:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 12:36 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-10-16 10:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-16 10:18 - 2015-06-18 16:12 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-15 19:59 - 2014-12-11 18:12 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 19:59 - 2014-05-06 21:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-13 21:54 - 2013-08-13 21:07 - 00000000 ____D C:\Windows\system32\MRT
2015-10-13 21:54 - 2013-02-20 19:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 21:51 - 2013-01-23 18:59 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-13 19:29 - 2015-09-01 15:58 - 00000760 _____ C:\Users\Mario\Desktop\Star Citizen Launcher.lnk
2015-10-13 19:29 - 2015-09-01 15:58 - 00000760 _____ C:\Users\Lernen\Desktop\Star Citizen Launcher.lnk
2015-10-12 10:36 - 2015-01-17 14:31 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-10-11 18:45 - 2013-07-14 13:52 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Might & Magic Heroes VI
2015-10-09 15:11 - 2015-04-04 15:51 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 11:31 - 2015-04-04 15:51 - 00000000 ___SD C:\Windows\SysWOW64\GWX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-01-17 14:34 - 2015-09-28 17:48 - 0003973 _____ () C:\Users\Mario\AppData\Roaming\LTspiceIV.ini
2014-11-28 19:39 - 2014-11-28 19:39 - 0000017 _____ () C:\Users\Mario\AppData\Local\resmon.resmoncfg
2015-02-11 17:30 - 2015-02-11 17:30 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-07-08 17:37 - 2013-07-08 17:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Mario\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxikfot.dll
C:\Users\Mario\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-01 12:14
==================== Ende von FRST.txt ============================
|
|
03.11.2015, 02:34
| #10 |
| | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl Und noch die Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von Mario (2015-11-03 02:24:27)
Gestartet von D:\Users\Mario\downloads
Windows 7 Ultimate Service Pack 1 (X64) (2013-01-19 17:58:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2508083331-1529705533-2935304339-500 - Administrator - Disabled)
Gast (S-1-5-21-2508083331-1529705533-2935304339-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2508083331-1529705533-2935304339-1004 - Limited - Enabled)
Lernen (S-1-5-21-2508083331-1529705533-2935304339-1003 - Administrator - Enabled) => C:\Users\Lernen
Mario (S-1-5-21-2508083331-1529705533-2935304339-1000 - Administrator - Enabled) => C:\Users\Mario
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.25 - GIGABYTE)
3DMark (HKLM-x32\...\Steam App 223850) (Version: - Futuremark)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
Akamai NetSession Interface (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version: - Remedy Entertainment)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aquasuite (HKLM-x32\...\aquasuite5) (Version: - Aqua Computer GmbH & Co. KG)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
ASUS Xonar D2X Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (HKLM\...\{B46DECD1-1664-4EF1-0000-22D71E81877C}) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (HKLM\...\Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul) (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Deutsch (HKLM\...\Autodesk Inventor Professional 2012) (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Deutsch (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Vault 2012 (Client) (HKLM-x32\...\Autodesk Vault 2012 (Client)) (Version: 16.0.56.200 - Autodesk, Inc.)
Autodesk Vault 2012 (Client) (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
Autodesk Vault 2012 (Client) German Language Pack (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Automation - The Car Company Tycoon Game (HKLM-x32\...\Steam App 293760) (Version: - Camshaft Software)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
cadvilla basic plus 5 (HKLM\...\{BE7D95B0-6BB8-4381-820F-4673D20C84F5}_is1) (Version: 5.0.0.2 - Trixl GmbH)
cadvilla Tutorial Version 1.0 (HKLM-x32\...\{C62795BE-D29B-4232-9F94-BCB542D122F0}_is1) (Version: 1.0 - Trixl GmbH)
calibre 64bit (HKLM\...\{1C757A31-7FAE-43EA-99C4-672222534BC2}) (Version: 1.7.0 - Kovid Goyal)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon MP620 series Benutzerregistrierung (HKLM-x32\...\Canon MP620 series Benutzerregistrierung) (Version: - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Die Gilde 2 - Gold Edition (HKLM-x32\...\Die Gilde 2 - Gold Edition) (Version: V 1.20 - JoWood)
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version: - Codemasters Racing Studio)
dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden
DRAGON BALL XENOVERSE (HKLM-x32\...\Steam App 323470) (Version: - DIMPS)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
DWG TrueView 2012 (HKLM\...\DWG TrueView 2012) (Version: 18.2.51.0 - Autodesk)
DWG TrueView 2012 (Version: 18.2.51.0 - Autodesk) Hidden
Easy Tune 6 B12.0626.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.0626.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Eco Materials Adviser (x64) (HKLM\...\{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}) (Version: 1.32.0.0 - Granta Design Limited)
Elite Dangerous Launcher version 0.4.1765.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.1765.0 - Frontier Developments)
Empire TV Tycoon (HKLM-x32\...\Steam App 377900) (Version: - Dreamsite Games)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version: - AMPLITUDE Studios)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Futuremark SystemInfo (HKLM-x32\...\{185D7B00-8600-4716-A619-D8CBE689974B}) (Version: 4.40.560.0 - Futuremark)
Galactic Civilizations II: Ultimate Edition (HKLM-x32\...\Steam App 202200) (Version: - Stardock Entertainment)
GeekBuddy (HKLM-x32\...\{87A5B227-81F8-4E51-86CA-39E89CB33B16}) (Version: 4.18.121 - Comodo Security Solutions Inc)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version: - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackup Viewer 2.00 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version: - iMacTools)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
Kingdoms of Amalur: Reckoning™ (HKLM-x32\...\Steam App 102500) (Version: - Big Huge Games)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version: - Team Bondi)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
LTspice IV (HKLM-x32\...\LTspice IV) (Version: - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1010 - Marvell)
MATLAB Student R2010a (HKLM-x32\...\MatlabR2010a) (Version: 7.10 - The MathWorks, Inc.)
Medieval Engineers (HKLM-x32\...\Steam App 333950) (Version: - Keen Software House)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft OneNote 2013 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Might & Magic ® Heroes ® VI (HKLM-x32\...\Steam App 48220) (Version: - Blackhole)
Mozilla Firefox 18.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 18.0 (x86 de)) (Version: 18.0 - Mozilla)
Mozilla Firefox 41.0.2 (x86 de) (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.241 - Logitech)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Recuva (HKLM\...\Recuva) (Version: 1.45 - Piriform)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.9 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 3.9 - Saal Digital Fotoservice GmbH) Hidden
Schnell-Deinstallations-Tool für Autodesk Inventor 2012 (HKLM\...\{D25FF5C1-1664-469A-9794-69309387C193}) (Version: 16.0.16000.0000 - Autodesk)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - Keen Software House)
Spotify (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Star Citizen Launcher (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version: - Star Gem Inc.)
Star Conflict Launcher 1.0.1.18 (HKLM-x32\...\StarConflictLauncher_is1) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.11.26825 - Blizzard Entertainment)
Startopia (HKLM-x32\...\Steam App 243040) (Version: - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Curious Expedition (HKLM-x32\...\Steam App 358130) (Version: - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
TriDef 3D 6.5 (HKLM-x32\...\essentials-bundle) (Version: 6.5 - Dynamic Digital Depth Australia Pty Ltd)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{17A14094-F274-44E2-B54B-FC0E966AE5C7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\LUxClientSink.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2D5C6B27-86B3-4E81-9F8B-9C68887F5BE6}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\LUxUIMgr.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{714D325C-E9CE-44ab-A72A-36BB410BA19B}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\FEAFilesHandler.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C0E7110B-2136-11D4-8DD0-0010B541CAA8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorMarshal.Dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Program Files\Autodesk\AutoCAD 2014\de-DE\acadficn.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E6E92821-2731-4AA3-B919-D2BC514FEC64}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridgePS.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei
==================== Wiederherstellungspunkte =========================
27-10-2015 14:01:55 Windows Update
29-10-2015 19:27:32 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
29-10-2015 19:27:38 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
01-11-2015 11:51:30 ComboFix created restore point
02-11-2015 21:12:48 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-11-01 12:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E274B58-D602-43B4-9684-33C2B4DB7AFC} - System32\Tasks\{ECF3DAD0-1AFD-46C1-B41C-AD08FBD55565} => pcalua.exe -a "D:\Program Files (x86)\TriDef 3D\TriDef\Common\TriDef3DDisplaySetup.exe" -d "d:\Program Files (x86)\TriDef 3D\TriDef\Common"
Task: {127B0FB4-4A66-41CB-BD24-71F99EF10A89} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {31992ED4-BD66-4F82-848C-58275783197B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {3A3463E1-7D8D-4D3D-A165-0F6099783F5C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {7D01C1F8-8D0D-4097-8665-02EA9B625E21} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {7DF2D8CB-4288-4EF4-9EE7-6772106312AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {804CF0D1-F89A-4360-8160-1E38B5F777DF} - System32\Tasks\{4937B928-1F70-4E4D-9F90-30B19BFFD7FA} => pcalua.exe -a D:\Users\Mario\downloads\msicuu2.exe -d D:\Users\Mario\downloads
Task: {98BC9B38-B1C3-4751-979B-71A5BF992442} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {9C5CEEF5-980D-433B-937D-0563DAFDF9AB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {A7165FDA-6E77-40CD-A8EE-F4F316786142} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BC6FE798-7549-49F7-8DEC-7DB66AAFFE44} - System32\Tasks\{D6A16315-8AA0-4394-9949-62E4B972B07F} => pcalua.exe -a "F:\Spiele für Lan\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "F:\Spiele für Lan\Call of Duty 4 - Modern Warfare"
Task: {EDFE630F-5211-4DDA-80D6-5BFF684773B3} - System32\Tasks\{2E792ADF-5189-427D-B92B-4AF2670A9F4B} => pcalua.exe -a D:\Users\Mario\downloads\RegCleaner.exe -d D:\Users\Mario\downloads
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-18 11:02 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-15 15:27 - 2015-05-15 15:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-17 20:00 - 2014-10-17 20:00 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-01-20 11:02 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-09-02 10:29 - 2013-09-16 11:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ADSK DLMSession => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Mario\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Mario\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: gbrspcontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{965F110C-420A-4BB4-A706-523D6FC60BBC}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B789D5C8-BD03-43D5-B714-4833E528D623}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{00780DA0-577B-4DE8-A200-95DD3C1C9343}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{83E8AE4A-763B-4291-9A7B-2A968EA4BB57}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2DCFE65-3DB0-4320-88EE-C23BD24BB240}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ACA4E8FB-5D1E-48C3-A6E9-4FAA7FAC4989}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{73BAD040-D1D7-4685-9A19-EA2DE2D01F4E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A877C44B-2DD7-4663-853E-EA25059B6B33}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2BD3554F-4CD2-4EC8-BDF0-34D6EAB0A071}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{CF1DCAFB-EE5C-455A-B1AE-8A067ABEC4AE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{B76671E1-F9A0-4E10-8A71-926B2B725945}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{2C31BC53-9B0C-4923-93CD-134B2DDE73AD}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{F643CEA5-BA54-4214-88DE-727888D25D37}] => (Allow) D:\Program Files (x86)\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{E902DC53-990E-4F2A-B3DF-375B5DEAAEDC}] => (Allow) D:\Program Files (x86)\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{D50989DF-D2CB-492B-A02E-A110DE8FC546}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{BE381255-FE92-493C-95DE-BFA655C2C308}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{615144B6-3D45-41A6-B5AF-A2CF401E5545}] => (Allow) D:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{E0C74655-91E6-42AD-894C-952C91238E74}] => (Allow) D:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{2DF3094F-ADC5-4E83-802E-3AE6C815DDBF}] => (Allow) C:\Users\Mario\AppData\Local\Temp\pftD5A.tmp\fsetup.exe
FirewallRules: [{238A8B6A-42EF-42D9-BBE3-872D42343BEC}] => (Allow) C:\Users\Mario\AppData\Local\Temp\pftD5A.tmp\fsetup.exe
FirewallRules: [{10C6CD12-0C8B-470F-8015-0EACBC1D973B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{1DE769BD-2DF1-4E73-8065-AB8CD2984097}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{6B1EEDF5-314F-4269-AE46-6A0DFEA0456C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{975795EB-9BDD-4552-986E-C22896830E73}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{11CC7E6E-CEC7-4BD5-9524-71A0551FC455}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{FF94FF4C-B86C-41E7-A434-F3A2C23BD9C0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{3A8D263E-8B23-4D6D-BA6E-3DE7E4D967CC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{ED4DDCF9-270B-4F78-95BB-689B0CC27DCB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{F5C0EDC3-DFDE-49BD-9D83-06FE78419BBB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{92E874AE-643D-4483-9CBE-BC78BF2F3D36}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{A151D699-5218-4B1E-8606-31320E0BA7F3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{B1CACD10-52EF-4571-8502-5E38B0959231}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{6EBD9D7A-21F5-4D59-BBD7-876AE98D7EFD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DiRT 3\dirt3.exe
FirewallRules: [{EEF5F05A-AC21-4252-B7FE-87D9742202E0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DiRT 3\dirt3.exe
FirewallRules: [{5FD004C9-ABEE-4101-8519-5D6C99415D76}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{B239C9D3-50D2-4DE9-9D79-1717B8392A10}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{037D0F96-F690-4044-92F2-E38D98906706}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{D2C9EDF3-A584-4344-AD10-44B766C4AECC}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{F47C36C7-1598-45BB-AC9C-35400AB7E9EE}] => (Allow) D:\Alt D\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{E2098DA8-CC0A-4D33-A6AF-45CF25883389}] => (Allow) D:\Alt D\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{CE7547CC-63C4-4300-9EDC-95A1FADB3788}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{1E1700B2-922C-428D-9F37-4FA75BAA39AA}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{7AF04FF3-55E1-4D41-8B55-9E1890C5CDBA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{3497FFE5-1A21-4BB8-8ADE-A881372781AC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{8B4224D1-8D3A-4056-80B2-522D02E20706}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{9887F9FA-F739-4098-BAA4-274D87B70473}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{ED6DF60F-B67F-4654-AAA8-4B375E2164BF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{4E93F34C-78BA-4E2A-863D-E7BFF2FB3345}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{D928C4C0-A916-4AAC-B1E8-51BAD62546D4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{7EE7FFB3-5B37-4E11-93D6-CA9CA5D4CBC0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{65CD7FB6-2D40-4BF4-BCC4-70B2CF364988}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{B2D21727-AA57-49E9-88A6-F36FD975DE6C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{FC43DFF8-1713-4D45-80DA-50BB75C64EBD}] => (Allow) D:\Program Files (x86)\Origin\FIFA Manager 14\Manager14.exe
FirewallRules: [{EC997D54-7C0C-4E26-8ADC-B4E04493E851}] => (Allow) D:\Program Files (x86)\Origin\FIFA Manager 14\Manager14.exe
FirewallRules: [{73476562-5129-4D52-A934-0D71AC2862C7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{29E75F0E-0EB7-4B71-9F24-75C1D4643F7F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [TCP Query User{6D3F7DFD-178A-406F-AD2E-0B0EF247F96E}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Block) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{5BDF3BC9-ED72-4897-8C9B-D567A1285ED0}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Block) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{759F2E21-CB81-46E4-AC9D-4346474E59C3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{A264AAC2-52C6-4CB0-AA82-5E13D5B3F770}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{FE6CB7BE-23BC-45F2-A023-CB2BDDC1555E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{827F2D62-A790-4C9F-B654-6FDFEAE8C320}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{F92D3616-E596-45FB-890F-EF760A6CEE9C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{5F2BEE00-109F-4602-B7AB-95E53859552A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [TCP Query User{C8AB7109-039F-41E9-825B-D2104D1CAF19}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{171F1388-F727-4BFC-B5BC-35C45ABDF466}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{882D3BFB-CD02-4FD1-8E34-C49F1371E416}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{1C3C6EAB-ECBD-487F-B2A4-BEA8F1CFB187}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{3821A5D5-0A44-49F0-9419-4FC79FDED117}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{29872FA9-284E-4BF9-AE32-ED2B90F50D1C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{947B1178-5F2A-421A-85FD-5D751D6DF9A4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{C4E42559-9FFD-4C5D-ACBF-F32D794AC123}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{FA06CB50-3CD1-47EE-81C9-FE7A6F1FF5EB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{FDC95ECA-EE54-48F0-8787-EA2F6BB7129D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{A2BE1020-2694-4D46-8369-7727CBB68B56}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7E2186D6-000B-44C6-B71C-8C9A257A8442}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{0C1113FB-04F8-4AE2-B518-6E97C577B84D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{DA1F2C81-CEF2-4F79-8536-01131133C031}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{4BA04CD1-368E-461E-A1AE-0094E42CB6EA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{D4556F2F-72CF-4344-A42A-5A130B8B6C5B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{3A1F0628-B2DB-42AF-8B5A-4E279BF7DED9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{C9A2B82F-DE1C-453D-B49E-4A499BBE3934}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{17E3568F-6302-455B-A538-4F0D0A507753}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{D4FC8FB6-F28A-4202-AFEE-53D858103120}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{B69283DC-9C37-4E91-8D26-CEB6A0681F07}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Galactic Civilizations II - Ultimate Edition\Twilight\GC2TwilightOfTheArnor.exe
FirewallRules: [{43FCA703-B52B-4E8F-9DE6-059582A39FCB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Galactic Civilizations II - Ultimate Edition\Twilight\GC2TwilightOfTheArnor.exe
FirewallRules: [{1FF871DC-18DF-4FBB-A1CB-49AB28701B82}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{CF1B2E55-5202-4A39-8AE9-6AE46D573345}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{54FE59E1-9103-43EA-9C46-E07323457987}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{1C639D60-B663-4F39-B4E0-17F654262FBE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{1CFF44AF-D38F-4C78-8527-EAAE8F432DFD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{71CEAE73-30D4-4CBC-ABDB-E4FC09CD188F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{DBBD6CF8-E3BE-4D0F-8D4D-3FB98EF99CAF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{0AA5A1F0-BD01-4FFA-B959-C88A317E84E8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{F27784D8-47CA-44FE-87CA-F2F1576DB70F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{C98905A5-D9B9-410B-842D-D6890AAD9E26}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{AA210F4E-DF56-4C0D-ACF5-8925EF72CC6B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{47C33655-31DE-44EA-8B55-A1A2516117A3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{E0B0954C-159B-4C08-B9E3-DD6BA1FEDF7D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{235EE3C3-03B6-4D9B-893B-BCECA33AE19B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{9D22DAE1-C78D-4653-B6FC-66EE1B29DF1C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{7D04F1D6-B4B8-453B-A943-5C1593891D0B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{8B4503BD-B1C4-4D81-89D8-0A6F64BE73FB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{FDDF32DF-7D1A-4FE7-96BE-32D42264BA0F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{84E79338-CCE9-4188-A10D-29157E1E2D17}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF02C93D-2C46-4B37-B962-19C384EFA103}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4093C914-3DB5-4D9D-B031-511890105978}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{381ADD66-D099-4C9B-8D72-EDE6A20F6C93}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{D459F41E-0222-4801-AB26-B1AD23C8B280}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{CC601224-2620-4A8B-A97F-14EDBF23819D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{7C704CCB-D2D7-4EEB-91BC-2D7F939950E0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{07DA511F-A879-40D4-8210-875DDC636D98}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{B20656FC-4A61-41DB-A531-94F54783756B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{6619F624-5F3E-4E80-AD42-545272D81329}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{0936A2F7-D3A3-4E2B-A0ED-0F33B52EB512}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{A774F7CA-FC0D-47FF-909E-59ECB45D2851}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{C9F87D21-6E00-4062-80C0-DAF0FD5640EC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Godus\windows\godus.exe
FirewallRules: [{3D1B9255-57D4-461B-9D22-D1471755E308}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Godus\windows\godus.exe
FirewallRules: [{8D27AD06-0868-4688-A6B2-B51F5BC6D4CE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{4228A036-11D7-4BB8-8FCA-9271312F0895}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{5C04C660-20C1-49C0-B4A9-192860CA45A8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{E5477090-605F-4FF8-BD5D-3DED100C98BE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B3E43AF9-533C-4F86-91CC-35625F6BE444}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{5D93F297-1DDD-465F-ABFE-8D39128B2693}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{8CA85D9C-C006-4ECE-9808-2D29EC2472F2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{4C564B59-BAD6-4B06-B975-29D2F05EF243}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{7197C9C5-9CCF-4380-95FD-1E8CBB5C6611}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{01590297-4C7F-413D-92DB-2A47C434E028}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{CE039751-19F0-4428-B7F5-C83DD8A2FB94}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{A6DDD054-18A6-439F-A60A-616E8D1642DD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{ED9A5189-DF33-4BA9-A490-898C1A5BA7F6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{0C9BADB8-F037-4F09-A4A0-9408C6D11667}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{1EFCBD7B-CDB5-47E0-B936-A50E4535B880}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{49094478-BCB4-4C30-9E49-011A22E44791}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{5F71D05D-0E04-4CA3-B6A2-F41C3D6F715C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{B1F57978-828B-4EE4-AA13-D6BF0E33846E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [TCP Query User{92C1F3DB-5222-4C52-929A-C93582778AF6}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2997A13E-DDD7-4A5F-B11A-398848D5EBF1}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BB34A2C2-72CD-4A4C-BBAA-1CBB1811A6E4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{C5351D06-B0ED-4F2A-9CC6-0B3FBC9A1BF9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{F02664CB-D9FD-4110-A4B4-D44A491BB3E6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{20D3098E-6A12-4D13-BC8E-CE7083E79863}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{91CC3A78-75DD-4CA0-A280-B5530D3BD5A1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Curious Expedition\nw.exe
FirewallRules: [{E301BF3A-364A-4B44-810E-179DE09C8918}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Curious Expedition\nw.exe
FirewallRules: [{A76CF13A-DF1A-4F27-86A3-47861F64AC06}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{EBF72FAF-CA77-440B-B764-F7E62C73F40C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{C782509E-96AF-45E4-B73E-DE8711607348}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{D506091C-508A-4AD9-853F-6561717B110F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{0ADC0B6A-3CD0-4E69-A6B3-F06E56C334E3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II\GuildII.exe
FirewallRules: [{8970025C-2E16-4258-8340-1B63FAEEAD60}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II\GuildII.exe
FirewallRules: [{D40896D7-B9A1-48A3-9ED8-3506AEA9EF14}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{93D5BDE9-C894-4A45-85AF-9BCCC25DCEA8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{12EF3CB6-8AD8-43FB-BBF2-0F099E79241E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{445DCB15-C78B-41BD-9ED1-18AEE923759F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{50AFAF84-361C-4C08-B15F-5D9BF04E2218}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Startopia\startopia.exe
FirewallRules: [{7421C5EB-E854-40AE-9BBD-2272689F6252}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Startopia\startopia.exe
FirewallRules: [{EF008559-261D-42B3-BB85-2EB84E7EAD31}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{C40176B6-31D1-4C04-8493-607766BBA6EF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{E23D771E-DDEF-4909-92CD-C2FBDBCE4651}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{3EA6C4A0-023F-4C1B-BB38-C71530B6A4FA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{DAE989FB-6A91-4AAA-B155-9E4FCA45E9A6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{A4810FB3-3F25-46AB-B823-DF5C43C983D5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{D1225A65-5001-4772-9907-A112DD061934}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{D6453AE3-D6D4-4A87-BD10-2939712CB073}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{09902A01-1461-49B5-B819-CCB1EE9EF85C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{AD6EC883-8EEC-4FD8-8991-EF6FD969AE05}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{D5C8C7F4-F71A-4EB6-A966-6969532EACBC}] => (Allow) D:\Program Files (x86)\BattleNet\Battle.net\Battle.net.exe
FirewallRules: [{0992C7DB-857C-43A9-9E25-348506338EEB}] => (Allow) D:\Program Files (x86)\BattleNet\Battle.net\Battle.net.exe
FirewallRules: [{634E3C0B-9271-450E-A53C-50425C5EB0BA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{95A7FBB1-1E81-44CF-9A08-076CF6A3E16A}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{2974D597-073A-4F4B-B5B7-3FFB95D9E450}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{B674311E-17DB-458E-9CE0-048ECADC5B1F}] => (Allow) C:\Users\Mario\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{EFC31C88-F374-45C5-BCC9-01A60A414DE0}D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe] => (Allow) D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe
FirewallRules: [UDP Query User{DAA27DAD-AA07-4DBE-8E02-CAD1934207A3}D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe] => (Allow) D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe
FirewallRules: [{766FE798-8AB6-4D1B-90A0-D6E8CFA21A8E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{43CC7273-0E98-4D0D-ABA1-29FFBC4F0F4C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{C15D9151-6047-40D4-AF2F-02B24FFF3BF1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{7E2B5519-AA68-417C-97A8-DE4A973B5CF6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{0BB7039B-A1D4-40B2-AB34-4DC4D04D9CA3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5C9856C4-6E45-4194-9735-7F3D23FD8E97}] => (Allow) LPort=2869
FirewallRules: [{D72B930C-88BB-4FDF-B074-B1D29D9C0B17}] => (Allow) LPort=1900
FirewallRules: [{BEDC4523-6F08-4543-8160-8AE8FD01614E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{3C0ACA69-928B-402B-B610-EBE8F264DAF9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{455CBFE4-DC85-45CE-AF60-D521D2A349F0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{0B5CFA37-7488-434B-86E1-7572C9D8B094}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{0B4AE6B6-6A7C-4A37-8347-48969AFDB17B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{97CCF153-C52A-42A5-B650-09BA1D7A3398}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{19A28B81-EE4B-4760-BE5D-AD0082AA6D1D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DAB135F4-5948-445D-9AA6-39AEC2FC07D5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4356867B-75D5-4E91-92E1-47FC55225FCF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{235135FB-C6BA-4936-983B-23272E7574C9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{4C5AA192-30AD-4E9B-A8C7-22A79B2E7BE9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [TCP Query User{FDF54BB0-5126-4D1E-B9F5-E8B8C9E3CB32}C:\users\mario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mario\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DAEF1DBD-5D05-4690-83F4-30062D6C5D1F}C:\users\mario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mario\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2F20D451-3AA1-43C0-95BC-5326851657F4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{9C508D5D-54BD-43A8-86F1-69FE3D49006F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{EF01BA0B-1BE6-4D7F-93F7-88227E79566A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Empire TV Tycoon\EmpireTV.exe
FirewallRules: [{0287F97A-8589-4FF6-9308-823D800F5740}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Empire TV Tycoon\EmpireTV.exe
FirewallRules: [{DBC355C3-44FB-4722-9816-93DAA354E513}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{58B5DEB5-A109-4FB5-83F1-9FBA831C9BCA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [d:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/02/2015 09:10:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/02/2015 08:15:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/02/2015 01:17:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/01/2015 08:11:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/01/2015 12:25:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/01/2015 11:57:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/01/2015 11:47:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/31/2015 10:56:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/31/2015 10:14:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3016) (User: NT-AUTORITÄT)
Description: Der Wert "Object List" des Schlüssels "SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance" kann nicht aktualisiert werden. Das erste DWORD im Datenbereich enthält den Fehlercode, und das zweite DWORD enthält den aktualisierten Wert.
Error: (10/31/2015 10:14:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3016) (User: NT-AUTORITÄT)
Description: Der Wert "First Help" des Schlüssels "SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance" kann nicht aktualisiert werden. Das erste DWORD im Datenbereich enthält den Fehlercode, und das zweite DWORD enthält den aktualisierten Wert.
Systemfehler:
=============
Error: (11/02/2015 09:15:05 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Software Protection" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (11/02/2015 09:13:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/02/2015 09:13:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/02/2015 09:13:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/02/2015 09:13:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/02/2015 09:13:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/02/2015 09:13:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/02/2015 09:13:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VIA Karaoke digital mixer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/02/2015 09:13:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/02/2015 09:13:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect 3 Creator" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2015-11-01 11:56:18.478
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-11-01 11:56:18.442
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-25 12:21:06.199
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 17:26:48.911
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 17:26:48.906
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-17 06:28:58.487
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 16:39:38.578
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 16:39:38.575
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 16:34:46.774
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 16:34:46.722
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 16346.1 MB
Verfügbarer physikalischer RAM: 13895.47 MB
Summe virtueller Speicher: 32690.4 MB
Verfügbarer virtueller Speicher: 30159.91 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:25.34 GB) NTFS
Drive d: (Müllhalde) (Fixed) (Total:1863.01 GB) (Free:392.55 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: E389A575)
Partition 1: (Active) - (Size=100 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C052AFF8)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Und nochmal vielen Dank! |
|
03.11.2015, 21:13
| #11 |
| /// the machine /// TB-Ausbilder | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl Bitte Windows Repair laufen lassen: Windows reparieren - so geht's - Anleitungen Jetzt kannst Du es versuchen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.11.2015, 14:54
| #12 |
| | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl Da in der Beschreibung vom Tool unter andrem stand, dass mehrmaliges Ausführen zu besseren Ergebnissen führen, habe ich das zunächst zwei Mal laufen lassen. Aber aus gegebenen Gründen nicht (wie eigentlich empfohlen) im abgesichterten Modus. Erst nach den zwei Läufen habe ich gemerkt, dass der "Geekbuddy" von Comodo sich mit dem PC ebenfalls gestartet hatte. Da ich mir nicht sicher war, ob dieser bei der Reparatur dazwischengefunkt hatte, habe ich den Geekbuddy deinstalliert und das Tool noch zwei Mal laufen lassen. Wenn ich jetzt den abgesichterten Modus starte, akzeptiert er immerhin das Passwort von meinem Nutzer und will mit der Anmeldung fortfahren (anstatt wie vorher anzugeben, dass das Passwort falsch wäre). Das Neustartproblem selbst ist aber noch immer vorhanden.  Nach ein paar Sekunden im Anmeldebildschirm startet er neu.Bei der erfolgreichen Eingabe vom Passwort konnte ich noch kurz ein "Wilkommen" sehen und dann kam wieder der Neustart. |
|
04.11.2015, 20:45
| #13 |
| /// the machine /// TB-Ausbilder | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl Sehr merkwürdig. Passiert das bei allen 3 Safe Modes?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.11.2015, 21:32
| #14 |
| | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl Leider ja |
|
05.11.2015, 21:14
| #15 |
| /// the machine /// TB-Ausbilder | Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl |
| 100%, bildschirm, bluestacks, bonjour, canon, computer, desktop, dnsapi.dll, firefox, flash player, hängt, installation, internet, kaspersky, mozilla, problem, prozesse, registry, rundll, security, sekunden, software, starten, svchost.exe, system, trojaner, usb, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
