Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar..

jillsy2k · 08.01.2016, 13:56

Hallo Zusammen,
Ich habe folgendes Problem; Mein Antivir Free meldet mir beim öffnen des Avira Kontrollzentrums, dass der Echtzeitscanner nicht läuft. Ich kann den Button auch nicht Manuell
verschieben. Ich muss dazu sagen, dass mein HP Notebook vor 2 Wochen einen Fehler im NTFS Dateisystem hatte und ich den Laptop mühsam mit TestDisk, etc. wiederhergestellt habe.
Habe auch schon den Avira Boots Stick heruntergeladen (derjenige mit dem kleinen Debian System), welcher mir keine Viren, Trojaner oder sonstiges angezeigt hatte nach dem Scann.
Ich Post ein Bild des Problems, entschuldigt bitte, dass es nicht der Original Screenshot ist, bin momentan an einem anderen PC.
PS: Neuinstallation hat nichts gebracht..
Denkt ihr da ist ein Trojaner oder so was welcher er nicht erkennt??
Ich hoffe, es kann mir jemand bei diesem Problem helfen, wäre echt froh, Gewissheit zu haben (denn Windows meint Virenschutz mässig sei alles o.k + der Echtzeitscanner-Dienst läuft, wenn ich im Prozess-Manager / unter Windows-Dienste) Nachsehe.
Habe zu Avira Free noch das Tool Spyware Search and Destroy und mein Betriebssystem ist ein Windows 8.1.

im Voraus...

M-K-D-B · 08.01.2016, 15:42

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

jillsy2k · 08.01.2016, 19:50

Hallo Matthias, erstmal danke für die schnelle Antwort =)
Konnte das Problem beheben in dem ich das Internet abstellte, Antivir nochmals neu installierte und dann Updatete.
Antivir läuft normal und scannt und tut wieder wie gewohnt. Sehr wahrscheinlich war dieses Problem ein "Nachbeben", meines PC Super-Gaus vor einer Woche ( Alle Partitionene zerschossen, und mit alt-linux /TestDisk wiederhergestellt). Um sicherzugehen, habe ich jedoch die scan's mit FRSCT und TDSSKiller doch noch gemacht.
Ich poste noch die Log-Dateien
jillsy2k

frst.txt und danach addition.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015
durchgeführt von Jillsy (Administrator) auf JILLSY-PC (08-01-2016 19:40:20)
Gestartet von C:\Users\Jillsy\Desktop
Geladene Profile: Jillsy (Verfügbare Profile: Jillsy)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7165000 2014-01-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2014-12-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-11-01] (IVT Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\kies 2\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {3d668a6f-8552-11e3-be7c-0c84dc705658} - "G:\SETUP.EXE" 
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {9d99a095-270e-11e4-80ba-806e6f6e6963} - "K:\WD Drive Unlock.exe" autoplay=true
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{36D0A91B-153F-40A1-99EB-E82C452784FD}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{D3C34DF9-E5D6-442B-9AA5-E7CD700D047C}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/12
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/12
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ch/
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/12
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default
FF Homepage: hxxp://www.google.ch/
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-12-05] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-12-05] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.)
FF user.js: detected! => C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\user.js [2014-05-17]
FF Extension: PDF Download - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2015-05-31]
FF Extension: Download Statusbar Fixed - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{4204c864-50bf-467a-95b3-0912b7f15869}.xpi [2016-01-06]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\artur.dubovoy@gmail.com [2016-01-06]
FF Extension: Personas Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\personas@christopher.beard.xpi [2016-01-08]
FF Extension: Show MyIP - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}.xpi [2016-01-08]
FF Extension: Ghostery - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\firefox@ghostery.com.xpi [2016-01-02]
FF Extension: Kein Name - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\jid1-nGMZvOxL2PYSxg@jetpack.xpi [2015-05-31] [ist nicht signiert]
FF Extension: Download Status Bar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-05-31]
FF Extension: NoScript - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-08]
FF Extension: Video DownloadHelper - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-01-08]
FF Extension: Adblock Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF Extension: Download Statusbar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2015-05-31]
FF Extension: Clean Video - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [2015-05-31]

Chrome: 
=======
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Donna Karan) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2014-04-27]
CHR Extension: (Google Docs Offline) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16]
CHR Extension: (Google Mail) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-08] (Avira Operations GmbH & Co. KG)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1706744 2013-11-01] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-11-01] (IVT Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-12-05] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-12-05] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-08-26] (IObit)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-12-05] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-24] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-02] (RTS Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [27440 2015-10-16] () [Datei ist nicht signiert]
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-12-05] (Synaptics Incorporated)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-08 19:40 - 2016-01-08 19:41 - 00027707 _____ C:\Users\Jillsy\Desktop\FRST.txt
2016-01-08 19:39 - 2016-01-08 19:40 - 00000000 ____D C:\FRST
2016-01-08 19:38 - 2016-01-08 19:39 - 02370560 _____ (Farbar) C:\Users\Jillsy\Desktop\FRST64.exe
2016-01-08 18:54 - 2016-01-08 18:54 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (6).exe
2016-01-08 18:53 - 2016-01-08 18:53 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Avira
2016-01-08 18:52 - 2015-12-03 15:24 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-01-08 18:52 - 2015-12-03 15:24 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-01-08 18:52 - 2015-12-03 15:24 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-01-08 18:52 - 2015-12-03 15:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-01-08 18:49 - 2016-01-08 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-08 18:49 - 2016-01-08 18:49 - 00001233 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-01-08 12:00 - 2016-01-08 19:14 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-08 12:00 - 2016-01-08 19:05 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-08 12:00 - 2016-01-08 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-08 11:59 - 2016-01-08 11:59 - 00927824 _____ (Google Inc.) C:\Users\Jillsy\Downloads\ChromeSetup.exe
2016-01-08 10:36 - 2016-01-08 10:36 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_568efddb9c96e__ws.exe
2016-01-08 00:51 - 2016-01-08 10:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-08 00:47 - 2016-01-08 00:47 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (5).exe
2016-01-08 00:46 - 2016-01-08 00:46 - 26352816 _____ (DVDVideoSoft Ltd. ) C:\Users\Jillsy\Downloads\FreeAudioConverter (1).exe
2016-01-08 00:46 - 2016-01-08 00:46 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (4).exe
2016-01-08 00:41 - 2016-01-08 00:41 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (3).exe
2016-01-08 00:34 - 2016-01-08 00:34 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (2).exe
2016-01-06 23:27 - 2016-01-06 23:27 - 00000702 _____ C:\Users\Public\Desktop\World of Tanks.lnk
2016-01-06 23:27 - 2016-01-06 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-01-06 23:26 - 2016-01-06 23:26 - 05124704 _____ (Wargaming.net ) C:\Users\Jillsy\Downloads\WoT_internet_install_eu.exe
2016-01-06 16:54 - 2016-01-06 16:54 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Jillsy\Downloads\28790_HPUSBFW_v2.2.3.exe
2016-01-06 16:18 - 2016-01-06 17:00 - 00000000 ____D C:\Users\Jillsy\Desktop\Sicherung K
2016-01-05 23:49 - 2016-01-05 23:49 - 00000345 _____ C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Update.lnk
2016-01-05 23:47 - 2016-01-05 23:47 - 30073472 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-cross-i386-win32-win64.exe
2016-01-05 23:47 - 2016-01-05 23:47 - 00001859 _____ C:\Users\Jillsy\Downloads\README.txt
2016-01-05 23:46 - 2016-01-05 23:47 - 113126489 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-win32.exe
2016-01-05 23:05 - 2016-01-05 23:05 - 00001027 _____ C:\Users\Jillsy\Desktop\Videos.lnk
2016-01-04 23:07 - 2016-01-04 23:07 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Microsoft_Corporation
2016-01-04 23:00 - 2016-01-04 23:00 - 00000000 _____ C:\Users\Jillsy\Desktop\Neues Textdokument (2).txt
2016-01-03 23:58 - 2015-12-20 23:50 - 36684866 _____ C:\Users\Jillsy\Desktop\cncmod_launcher.zip
2016-01-03 23:58 - 2015-10-07 18:28 - 18340735 _____ C:\Users\Jillsy\Desktop\cnctuc_launchers.zip
2016-01-01 22:43 - 2016-01-07 23:32 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-01-01 22:43 - 2016-01-01 22:43 - 00001137 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-01-01 22:12 - 2016-01-01 22:13 - 00285624 _____ C:\Windows\Minidump\010116-25250-01.dmp
2016-01-01 13:50 - 2016-01-01 13:51 - 00285568 _____ C:\Windows\Minidump\010116-33593-01.dmp
2015-12-30 23:01 - 2015-12-30 23:02 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Jillsy\Downloads\LinuxLive USB Creator 2.9.4.exe
2015-12-29 18:00 - 2015-12-29 18:00 - 00285568 _____ C:\Windows\Minidump\122915-38406-01.dmp
2015-12-28 01:46 - 2015-12-28 01:46 - 00000000 _____ C:\Users\Jillsy\Desktop\Neues Textdokument.txt
2015-12-22 13:59 - 2015-12-22 14:03 - 00069632 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe
2015-12-22 13:59 - 2015-12-22 14:03 - 00033209 _____ C:\Windows\scunin.dat
2015-12-22 13:59 - 2015-12-22 14:03 - 00000967 _____ C:\Windows\ScUnin.pif
2015-12-22 13:59 - 2015-12-22 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft
2015-12-22 13:56 - 1999-03-19 18:40 - 598221809 _____ (Blizzard Entertainment) C:\Users\Jillsy\Desktop\BroodWar.mpq
2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\Program Files\Oracle
2015-12-21 01:13 - 2015-11-10 17:56 - 00964928 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-12-21 01:13 - 2015-11-10 17:56 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-12-21 01:07 - 2015-12-21 01:08 - 116982472 _____ (Oracle Corporation) C:\Users\Jillsy\Downloads\VirtualBox-5.0.10-104061-Win.exe
2015-12-16 13:37 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-16 13:37 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-16 13:37 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-16 13:37 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-12-16 13:37 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-16 13:37 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-16 13:37 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-16 13:37 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-16 13:37 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-16 13:37 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-16 13:37 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-16 13:37 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-16 13:37 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-12-16 13:37 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-16 13:37 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-16 13:37 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-16 13:37 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-16 13:37 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-12-16 13:37 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-16 13:37 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-16 13:37 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-16 13:37 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-16 13:37 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-16 13:37 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-16 13:37 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-16 13:37 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-16 13:37 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-16 13:37 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-12-16 13:37 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-12-16 13:37 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-16 13:37 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-16 13:37 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-16 13:37 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-16 13:37 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-16 13:37 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-16 13:37 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-12-16 13:37 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-16 13:37 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-16 13:37 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-16 13:37 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-16 13:30 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-16 13:30 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-16 13:30 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-12-16 13:30 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-12-16 13:30 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-12-16 13:30 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-12-16 13:30 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-12-16 13:30 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-12-16 13:30 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-12-16 13:30 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-16 13:30 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-16 13:30 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-16 13:30 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-16 13:30 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-16 13:30 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-16 13:30 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-16 13:30 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-16 13:30 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-12-16 13:30 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-16 13:30 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-16 13:30 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-12-16 13:30 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-12-16 13:30 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-12-10 19:38 - 2015-12-13 23:36 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Zero Hour Data

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-08 19:41 - 2014-05-15 17:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-08 19:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-08 19:19 - 2014-01-24 00:24 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-933261645-1527721118-3068914036-1001
2016-01-08 19:16 - 2014-01-24 09:45 - 00003619 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2016-01-08 19:15 - 2014-11-29 01:10 - 00000000 __SHD C:\Users\Jillsy\IntelGraphicsProfiles
2016-01-08 19:15 - 2013-11-20 10:44 - 00001060 _____ C:\Windows\SysWOW64\bscs.ini
2016-01-08 19:14 - 2014-01-24 09:45 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2016-01-08 19:14 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-08 19:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-01-08 18:52 - 2014-08-15 19:08 - 00000000 ____D C:\ProgramData\Avira
2016-01-08 18:52 - 2014-01-23 06:52 - 00000000 ____D C:\Program Files (x86)\Avira
2016-01-08 18:48 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-08 18:45 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-08 18:40 - 2015-07-12 13:31 - 00000000 ____D C:\ProgramData\ProductData
2016-01-08 12:00 - 2014-01-24 00:25 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-08 12:00 - 2014-01-24 00:25 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-08 12:00 - 2014-01-24 00:25 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-08 10:26 - 2014-09-24 07:17 - 01984420 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-08 10:26 - 2014-09-24 06:43 - 00843606 _____ C:\Windows\system32\perfh007.dat
2016-01-08 10:26 - 2014-09-24 06:43 - 00192300 _____ C:\Windows\system32\perfc007.dat
2016-01-08 10:26 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-01-08 10:10 - 2014-01-25 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-08 00:48 - 2015-08-16 14:59 - 00001264 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-01-08 00:22 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Battle.net
2016-01-07 23:32 - 2014-09-15 03:00 - 00000000 ____D C:\Users\Jillsy\Downloads\Everything-1.3.4.686.x86
2016-01-07 23:32 - 2014-02-26 16:50 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueJ
2016-01-07 23:32 - 2014-01-24 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-01-07 22:11 - 2014-11-29 01:26 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9BD55254-7A97-4A43-AE4A-A69447C0F3FC}
2016-01-07 22:04 - 2014-11-29 00:44 - 00000000 ____D C:\Users\Jillsy
2016-01-06 23:29 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Origin
2016-01-06 23:27 - 2014-04-20 12:11 - 00000000 ____D C:\Games
2016-01-06 22:27 - 2014-01-25 15:05 - 00000000 ____D C:\Users\Jillsy\.VirtualBox
2016-01-06 20:53 - 2015-07-19 14:41 - 00000000 ____D C:\Users\Jillsy\AppData\Local\lazarus
2016-01-05 23:58 - 2015-07-25 16:26 - 00000000 ____D C:\lazarus
2016-01-05 23:56 - 2015-07-25 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus
2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Glyph
2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Program Files (x86)\Glyph
2016-01-03 23:56 - 2014-07-03 12:47 - 00000000 ____D C:\ProgramData\Glyph
2016-01-02 13:26 - 2014-06-05 15:42 - 00000000 ____D C:\Diablo II
2016-01-02 09:39 - 2015-08-22 12:18 - 00000000 ____D C:\Users\Jillsy\VirtualBox VMs
2016-01-02 00:30 - 2014-01-25 11:14 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-02 00:21 - 2014-01-25 13:29 - 00000000 ___RD C:\Users\Jillsy\Documents\Codes
2016-01-01 23:17 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp
2016-01-01 23:16 - 2014-08-18 18:06 - 00000000 ____D C:\Program Files (x86)\Western Digital
2016-01-01 22:42 - 2014-01-25 02:20 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Tropico 4
2016-01-01 22:41 - 2014-01-25 04:21 - 00001345 _____ C:\Users\Jillsy\Desktop\Tropico 4.lnk
2016-01-01 22:12 - 2014-12-01 21:18 - 00000000 ____D C:\Windows\Minidump
2016-01-01 22:12 - 2014-05-29 23:41 - 777293901 _____ C:\Windows\MEMORY.DMP
2015-12-30 23:01 - 2014-11-03 11:48 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2015-12-30 18:01 - 2015-11-24 20:20 - 00000000 ____D C:\Program Files\Cloud Imperium Games
2015-12-30 18:00 - 2015-04-15 19:33 - 00000000 ____D C:\ProgramData\Skype
2015-12-30 18:00 - 2014-07-09 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-12-29 14:41 - 2014-05-15 17:57 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-26 09:48 - 2014-09-24 08:46 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-26 09:48 - 2014-09-24 08:46 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-22 19:05 - 2015-11-30 00:06 - 00000000 ____D C:\Program Files\Starcraft
2015-12-21 22:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-12-21 01:13 - 2015-07-19 14:46 - 00001099 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-12-21 00:50 - 2014-01-24 23:28 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-12-17 22:39 - 2015-12-06 23:45 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Data
2015-12-17 15:44 - 2014-01-25 01:59 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-16 21:20 - 2015-10-15 14:17 - 00003172 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJillsy
2015-12-16 21:20 - 2015-10-15 14:17 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForJillsy.job
2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-16 14:02 - 2015-08-08 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-16 13:57 - 2013-08-22 15:44 - 00391440 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-16 13:54 - 2014-01-23 09:04 - 00000000 ____D C:\Windows\system32\MRT
2015-12-16 13:48 - 2014-01-25 02:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-12-16 13:45 - 2014-02-01 00:30 - 00000000 ____D C:\Program Files (x86)\SPEEDLINK
2015-12-16 13:41 - 2015-11-12 19:22 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Razer
2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\ProgramData\Razer
2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\Program Files (x86)\Razer
2015-12-16 13:38 - 2014-01-23 09:04 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-16 13:21 - 2015-05-14 13:29 - 00000000 ___RD C:\Users\Jillsy\OneDrive
2015-12-16 13:21 - 2015-02-14 19:02 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-933261645-1527721118-3068914036-1001
2015-12-16 13:21 - 2014-02-07 13:42 - 00000000 ____D C:\Program Files (x86)\Zenimax Online
2015-12-16 13:09 - 2015-07-12 13:33 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\ProductData
2015-12-16 13:09 - 2014-05-04 01:42 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\SleepTimerUltimate
2015-12-16 13:09 - 2014-01-25 00:09 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Wise Registry Cleaner
2015-12-16 13:09 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Battle.net
2015-12-16 13:09 - 2014-01-24 19:17 - 00000000 ____D C:\Users\Jillsy\AppData\Local\bluesoleil
2015-12-16 13:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-16 12:58 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-05-05 20:39 - 2014-10-13 00:00 - 0002181 _____ () C:\Users\Jillsy\AppData\Roaming\FoxitReaderUpdateInfo.txt
2014-10-01 18:36 - 2014-10-01 18:36 - 0000859 _____ () C:\Users\Jillsy\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\Jillsy\AppData\Local\Temp\avgnt.exe
C:\Users\Jillsy\AppData\Local\Temp\procexp64.exe
C:\Users\Jillsy\AppData\Local\Temp\sp64126.exe
C:\Users\Jillsy\AppData\Local\Temp\Uninst.exe
C:\Users\Jillsy\AppData\Local\Temp\UninstallHPSA.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-07 23:11

==================== Ende von FRST.txt ============================

M-K-D-B · 08.01.2016, 19:51

Servus,

es fehlen noch die Addition.txt von FRST und die Log von TDSS-Killer.

jillsy2k · 08.01.2016, 20:00

addition.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015
durchgeführt von Jillsy (Administrator) auf JILLSY-PC (08-01-2016 19:40:20)
Gestartet von C:\Users\Jillsy\Desktop
Geladene Profile: Jillsy (Verfügbare Profile: Jillsy)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7165000 2014-01-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2014-12-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-11-01] (IVT Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\kies 2\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {3d668a6f-8552-11e3-be7c-0c84dc705658} - "G:\SETUP.EXE" 
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {9d99a095-270e-11e4-80ba-806e6f6e6963} - "K:\WD Drive Unlock.exe" autoplay=true
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{36D0A91B-153F-40A1-99EB-E82C452784FD}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{D3C34DF9-E5D6-442B-9AA5-E7CD700D047C}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/12
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/12
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ch/
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/12
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default
FF Homepage: hxxp://www.google.ch/
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-12-05] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-12-05] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.)
FF user.js: detected! => C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\user.js [2014-05-17]
FF Extension: PDF Download - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2015-05-31]
FF Extension: Download Statusbar Fixed - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{4204c864-50bf-467a-95b3-0912b7f15869}.xpi [2016-01-06]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\artur.dubovoy@gmail.com [2016-01-06]
FF Extension: Personas Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\personas@christopher.beard.xpi [2016-01-08]
FF Extension: Show MyIP - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}.xpi [2016-01-08]
FF Extension: Ghostery - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\firefox@ghostery.com.xpi [2016-01-02]
FF Extension: Kein Name - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\jid1-nGMZvOxL2PYSxg@jetpack.xpi [2015-05-31] [ist nicht signiert]
FF Extension: Download Status Bar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-05-31]
FF Extension: NoScript - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-08]
FF Extension: Video DownloadHelper - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-01-08]
FF Extension: Adblock Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF Extension: Download Statusbar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2015-05-31]
FF Extension: Clean Video - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [2015-05-31]

Chrome: 
=======
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Donna Karan) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2014-04-27]
CHR Extension: (Google Docs Offline) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16]
CHR Extension: (Google Mail) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-08] (Avira Operations GmbH & Co. KG)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1706744 2013-11-01] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-11-01] (IVT Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-12-05] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-12-05] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-08-26] (IObit)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-12-05] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-24] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-02] (RTS Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [27440 2015-10-16] () [Datei ist nicht signiert]
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-12-05] (Synaptics Incorporated)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-08 19:40 - 2016-01-08 19:41 - 00027707 _____ C:\Users\Jillsy\Desktop\FRST.txt
2016-01-08 19:39 - 2016-01-08 19:40 - 00000000 ____D C:\FRST
2016-01-08 19:38 - 2016-01-08 19:39 - 02370560 _____ (Farbar) C:\Users\Jillsy\Desktop\FRST64.exe
2016-01-08 18:54 - 2016-01-08 18:54 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (6).exe
2016-01-08 18:53 - 2016-01-08 18:53 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Avira
2016-01-08 18:52 - 2015-12-03 15:24 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-01-08 18:52 - 2015-12-03 15:24 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-01-08 18:52 - 2015-12-03 15:24 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-01-08 18:52 - 2015-12-03 15:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-01-08 18:49 - 2016-01-08 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-08 18:49 - 2016-01-08 18:49 - 00001233 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-01-08 12:00 - 2016-01-08 19:14 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-08 12:00 - 2016-01-08 19:05 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-08 12:00 - 2016-01-08 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-08 11:59 - 2016-01-08 11:59 - 00927824 _____ (Google Inc.) C:\Users\Jillsy\Downloads\ChromeSetup.exe
2016-01-08 10:36 - 2016-01-08 10:36 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_568efddb9c96e__ws.exe
2016-01-08 00:51 - 2016-01-08 10:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-08 00:47 - 2016-01-08 00:47 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (5).exe
2016-01-08 00:46 - 2016-01-08 00:46 - 26352816 _____ (DVDVideoSoft Ltd. ) C:\Users\Jillsy\Downloads\FreeAudioConverter (1).exe
2016-01-08 00:46 - 2016-01-08 00:46 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (4).exe
2016-01-08 00:41 - 2016-01-08 00:41 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (3).exe
2016-01-08 00:34 - 2016-01-08 00:34 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (2).exe
2016-01-06 23:27 - 2016-01-06 23:27 - 00000702 _____ C:\Users\Public\Desktop\World of Tanks.lnk
2016-01-06 23:27 - 2016-01-06 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-01-06 23:26 - 2016-01-06 23:26 - 05124704 _____ (Wargaming.net ) C:\Users\Jillsy\Downloads\WoT_internet_install_eu.exe
2016-01-06 16:54 - 2016-01-06 16:54 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Jillsy\Downloads\28790_HPUSBFW_v2.2.3.exe
2016-01-06 16:18 - 2016-01-06 17:00 - 00000000 ____D C:\Users\Jillsy\Desktop\Sicherung K
2016-01-05 23:49 - 2016-01-05 23:49 - 00000345 _____ C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Update.lnk
2016-01-05 23:47 - 2016-01-05 23:47 - 30073472 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-cross-i386-win32-win64.exe
2016-01-05 23:47 - 2016-01-05 23:47 - 00001859 _____ C:\Users\Jillsy\Downloads\README.txt
2016-01-05 23:46 - 2016-01-05 23:47 - 113126489 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-win32.exe
2016-01-05 23:05 - 2016-01-05 23:05 - 00001027 _____ C:\Users\Jillsy\Desktop\Videos.lnk
2016-01-04 23:07 - 2016-01-04 23:07 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Microsoft_Corporation
2016-01-04 23:00 - 2016-01-04 23:00 - 00000000 _____ C:\Users\Jillsy\Desktop\Neues Textdokument (2).txt
2016-01-03 23:58 - 2015-12-20 23:50 - 36684866 _____ C:\Users\Jillsy\Desktop\cncmod_launcher.zip
2016-01-03 23:58 - 2015-10-07 18:28 - 18340735 _____ C:\Users\Jillsy\Desktop\cnctuc_launchers.zip
2016-01-01 22:43 - 2016-01-07 23:32 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-01-01 22:43 - 2016-01-01 22:43 - 00001137 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-01-01 22:12 - 2016-01-01 22:13 - 00285624 _____ C:\Windows\Minidump\010116-25250-01.dmp
2016-01-01 13:50 - 2016-01-01 13:51 - 00285568 _____ C:\Windows\Minidump\010116-33593-01.dmp
2015-12-30 23:01 - 2015-12-30 23:02 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Jillsy\Downloads\LinuxLive USB Creator 2.9.4.exe
2015-12-29 18:00 - 2015-12-29 18:00 - 00285568 _____ C:\Windows\Minidump\122915-38406-01.dmp
2015-12-28 01:46 - 2015-12-28 01:46 - 00000000 _____ C:\Users\Jillsy\Desktop\Neues Textdokument.txt
2015-12-22 13:59 - 2015-12-22 14:03 - 00069632 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe
2015-12-22 13:59 - 2015-12-22 14:03 - 00033209 _____ C:\Windows\scunin.dat
2015-12-22 13:59 - 2015-12-22 14:03 - 00000967 _____ C:\Windows\ScUnin.pif
2015-12-22 13:59 - 2015-12-22 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft
2015-12-22 13:56 - 1999-03-19 18:40 - 598221809 _____ (Blizzard Entertainment) C:\Users\Jillsy\Desktop\BroodWar.mpq
2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\Program Files\Oracle
2015-12-21 01:13 - 2015-11-10 17:56 - 00964928 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-12-21 01:13 - 2015-11-10 17:56 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-12-21 01:07 - 2015-12-21 01:08 - 116982472 _____ (Oracle Corporation) C:\Users\Jillsy\Downloads\VirtualBox-5.0.10-104061-Win.exe
2015-12-16 13:37 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-16 13:37 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-16 13:37 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-16 13:37 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-12-16 13:37 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-16 13:37 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-16 13:37 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-16 13:37 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-16 13:37 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-16 13:37 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-16 13:37 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-16 13:37 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-16 13:37 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-12-16 13:37 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-16 13:37 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-16 13:37 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-16 13:37 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-16 13:37 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-12-16 13:37 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-16 13:37 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-16 13:37 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-16 13:37 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-16 13:37 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-16 13:37 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-16 13:37 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-16 13:37 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-16 13:37 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-16 13:37 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-12-16 13:37 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-12-16 13:37 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-16 13:37 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-16 13:37 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-16 13:37 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-16 13:37 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-16 13:37 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-16 13:37 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-12-16 13:37 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-16 13:37 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-16 13:37 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-16 13:37 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-16 13:30 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-16 13:30 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-16 13:30 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-12-16 13:30 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-12-16 13:30 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-12-16 13:30 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-12-16 13:30 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-12-16 13:30 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-12-16 13:30 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-12-16 13:30 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-16 13:30 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-16 13:30 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-16 13:30 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-16 13:30 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-16 13:30 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-16 13:30 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-16 13:30 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-16 13:30 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-12-16 13:30 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-16 13:30 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-16 13:30 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-12-16 13:30 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-12-16 13:30 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-12-10 19:38 - 2015-12-13 23:36 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Zero Hour Data

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-08 19:41 - 2014-05-15 17:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-08 19:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-08 19:19 - 2014-01-24 00:24 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-933261645-1527721118-3068914036-1001
2016-01-08 19:16 - 2014-01-24 09:45 - 00003619 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2016-01-08 19:15 - 2014-11-29 01:10 - 00000000 __SHD C:\Users\Jillsy\IntelGraphicsProfiles
2016-01-08 19:15 - 2013-11-20 10:44 - 00001060 _____ C:\Windows\SysWOW64\bscs.ini
2016-01-08 19:14 - 2014-01-24 09:45 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2016-01-08 19:14 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-08 19:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-01-08 18:52 - 2014-08-15 19:08 - 00000000 ____D C:\ProgramData\Avira
2016-01-08 18:52 - 2014-01-23 06:52 - 00000000 ____D C:\Program Files (x86)\Avira
2016-01-08 18:48 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-08 18:45 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-08 18:40 - 2015-07-12 13:31 - 00000000 ____D C:\ProgramData\ProductData
2016-01-08 12:00 - 2014-01-24 00:25 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-08 12:00 - 2014-01-24 00:25 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-08 12:00 - 2014-01-24 00:25 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-08 10:26 - 2014-09-24 07:17 - 01984420 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-08 10:26 - 2014-09-24 06:43 - 00843606 _____ C:\Windows\system32\perfh007.dat
2016-01-08 10:26 - 2014-09-24 06:43 - 00192300 _____ C:\Windows\system32\perfc007.dat
2016-01-08 10:26 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-01-08 10:10 - 2014-01-25 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-08 00:48 - 2015-08-16 14:59 - 00001264 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-01-08 00:22 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Battle.net
2016-01-07 23:32 - 2014-09-15 03:00 - 00000000 ____D C:\Users\Jillsy\Downloads\Everything-1.3.4.686.x86
2016-01-07 23:32 - 2014-02-26 16:50 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueJ
2016-01-07 23:32 - 2014-01-24 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-01-07 22:11 - 2014-11-29 01:26 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9BD55254-7A97-4A43-AE4A-A69447C0F3FC}
2016-01-07 22:04 - 2014-11-29 00:44 - 00000000 ____D C:\Users\Jillsy
2016-01-06 23:29 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Origin
2016-01-06 23:27 - 2014-04-20 12:11 - 00000000 ____D C:\Games
2016-01-06 22:27 - 2014-01-25 15:05 - 00000000 ____D C:\Users\Jillsy\.VirtualBox
2016-01-06 20:53 - 2015-07-19 14:41 - 00000000 ____D C:\Users\Jillsy\AppData\Local\lazarus
2016-01-05 23:58 - 2015-07-25 16:26 - 00000000 ____D C:\lazarus
2016-01-05 23:56 - 2015-07-25 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus
2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Glyph
2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Program Files (x86)\Glyph
2016-01-03 23:56 - 2014-07-03 12:47 - 00000000 ____D C:\ProgramData\Glyph
2016-01-02 13:26 - 2014-06-05 15:42 - 00000000 ____D C:\Diablo II
2016-01-02 09:39 - 2015-08-22 12:18 - 00000000 ____D C:\Users\Jillsy\VirtualBox VMs
2016-01-02 00:30 - 2014-01-25 11:14 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-02 00:21 - 2014-01-25 13:29 - 00000000 ___RD C:\Users\Jillsy\Documents\Codes
2016-01-01 23:17 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp
2016-01-01 23:16 - 2014-08-18 18:06 - 00000000 ____D C:\Program Files (x86)\Western Digital
2016-01-01 22:42 - 2014-01-25 02:20 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Tropico 4
2016-01-01 22:41 - 2014-01-25 04:21 - 00001345 _____ C:\Users\Jillsy\Desktop\Tropico 4.lnk
2016-01-01 22:12 - 2014-12-01 21:18 - 00000000 ____D C:\Windows\Minidump
2016-01-01 22:12 - 2014-05-29 23:41 - 777293901 _____ C:\Windows\MEMORY.DMP
2015-12-30 23:01 - 2014-11-03 11:48 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2015-12-30 18:01 - 2015-11-24 20:20 - 00000000 ____D C:\Program Files\Cloud Imperium Games
2015-12-30 18:00 - 2015-04-15 19:33 - 00000000 ____D C:\ProgramData\Skype
2015-12-30 18:00 - 2014-07-09 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-12-29 14:41 - 2014-05-15 17:57 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-26 09:48 - 2014-09-24 08:46 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-26 09:48 - 2014-09-24 08:46 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-22 19:05 - 2015-11-30 00:06 - 00000000 ____D C:\Program Files\Starcraft
2015-12-21 22:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-12-21 01:13 - 2015-07-19 14:46 - 00001099 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-12-21 00:50 - 2014-01-24 23:28 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-12-17 22:39 - 2015-12-06 23:45 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Data
2015-12-17 15:44 - 2014-01-25 01:59 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-16 21:20 - 2015-10-15 14:17 - 00003172 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJillsy
2015-12-16 21:20 - 2015-10-15 14:17 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForJillsy.job
2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-16 14:02 - 2015-08-08 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-16 13:57 - 2013-08-22 15:44 - 00391440 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-16 13:54 - 2014-01-23 09:04 - 00000000 ____D C:\Windows\system32\MRT
2015-12-16 13:48 - 2014-01-25 02:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-12-16 13:45 - 2014-02-01 00:30 - 00000000 ____D C:\Program Files (x86)\SPEEDLINK
2015-12-16 13:41 - 2015-11-12 19:22 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Razer
2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\ProgramData\Razer
2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\Program Files (x86)\Razer
2015-12-16 13:38 - 2014-01-23 09:04 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-16 13:21 - 2015-05-14 13:29 - 00000000 ___RD C:\Users\Jillsy\OneDrive
2015-12-16 13:21 - 2015-02-14 19:02 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-933261645-1527721118-3068914036-1001
2015-12-16 13:21 - 2014-02-07 13:42 - 00000000 ____D C:\Program Files (x86)\Zenimax Online
2015-12-16 13:09 - 2015-07-12 13:33 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\ProductData
2015-12-16 13:09 - 2014-05-04 01:42 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\SleepTimerUltimate
2015-12-16 13:09 - 2014-01-25 00:09 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Wise Registry Cleaner
2015-12-16 13:09 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Battle.net
2015-12-16 13:09 - 2014-01-24 19:17 - 00000000 ____D C:\Users\Jillsy\AppData\Local\bluesoleil
2015-12-16 13:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-16 12:58 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-05-05 20:39 - 2014-10-13 00:00 - 0002181 _____ () C:\Users\Jillsy\AppData\Roaming\FoxitReaderUpdateInfo.txt
2014-10-01 18:36 - 2014-10-01 18:36 - 0000859 _____ () C:\Users\Jillsy\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\Jillsy\AppData\Local\Temp\avgnt.exe
C:\Users\Jillsy\AppData\Local\Temp\procexp64.exe
C:\Users\Jillsy\AppData\Local\Temp\sp64126.exe
C:\Users\Jillsy\AppData\Local\Temp\Uninst.exe
C:\Users\Jillsy\AppData\Local\Temp\UninstallHPSA.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-07 23:11

==================== Ende von FRST.txt ============================

TDSSKILLER hat nichts gefunden. Kann / soll ich dir die TDSSKILLER-log Datei sie dir noch posten? Und wenn ja, wie? ( CODE-TAG) geht nicht, zuviele Zeichen.)

Dankeschön für alles,
jillsy2k

jillsy2k · 08.01.2016, 20:02

TDDSKILLER-Log datei (aufgespalten, sorry bin neu hier ^^

Code:

ATTFilter

19:53:16.0183 0x15e0  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
19:53:16.0183 0x15e0  UEFI system
19:53:21.0993 0x15e0  ============================================================
19:53:21.0993 0x15e0  Current date / time: 2016/01/08 19:53:21.0993
19:53:21.0993 0x15e0  SystemInfo:
19:53:21.0993 0x15e0  
19:53:21.0993 0x15e0  OS Version: 6.3.9600 ServicePack: 0.0
19:53:21.0993 0x15e0  Product type: Workstation
19:53:21.0993 0x15e0  ComputerName: JILLSY-PC
19:53:21.0993 0x15e0  UserName: Jillsy
19:53:21.0993 0x15e0  Windows directory: C:\Windows
19:53:21.0993 0x15e0  System windows directory: C:\Windows
19:53:21.0993 0x15e0  Running under WOW64
19:53:21.0993 0x15e0  Processor architecture: Intel x64
19:53:21.0993 0x15e0  Number of processors: 8
19:53:21.0993 0x15e0  Page size: 0x1000
19:53:21.0993 0x15e0  Boot type: Normal boot
19:53:21.0993 0x15e0  ============================================================
19:53:22.0806 0x15e0  KLMD registered as C:\Windows\system32\drivers\11834481.sys
19:53:23.0103 0x15e0  System UUID: {4B54420E-C983-18B7-2E35-12AB3D0F6D5E}
19:53:23.0509 0x15e0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:53:23.0525 0x15e0  Drive \Device\Harddisk1\DR1 - Size: 0x3B5980000 ( 14.84 Gb ), SectorSize: 0x200, Cylinders: 0x790, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:53:23.0556 0x15e0  Drive \Device\Harddisk2\DR2 - Size: 0x1D1BF100000 ( 1862.99 Gb ), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:53:23.0556 0x15e0  ============================================================
19:53:23.0556 0x15e0  \Device\Harddisk0\DR0:
19:53:23.0556 0x15e0  GPT partitions:
19:53:23.0556 0x15e0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8BFE47D9-C1EE-0144-A798-40A2CA6E362B}, Name: , StartLBA 0x800, BlocksNum 0xC8000
19:53:23.0556 0x15e0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F8687CAF-87C1-0E4C-B46A-6779B16ED2D7}, Name: , StartLBA 0xC8800, BlocksNum 0x82000
19:53:23.0556 0x15e0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B61706C4-9830-4E45-AFA3-1054F4D46E05}, Name: , StartLBA 0x18A800, BlocksNum 0x591C5000
19:53:23.0556 0x15e0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3D6CE166-B0CE-11E5-B3C2-A72F3213F2A6}, Name: , StartLBA 0x5934F800, BlocksNum 0xE1000
19:53:23.0556 0x15e0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E79716BF-C7B7-0E42-9AC7-6F09F10BAD1D}, Name: , StartLBA 0x59430800, BlocksNum 0xC7FF800
19:53:23.0556 0x15e0  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7321DAE5-A654-9E4E-806D-26DA071EEC0B}, Name: , StartLBA 0x65C30800, BlocksNum 0xC35B800
19:53:23.0556 0x15e0  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3D6CE167-B0CE-11E5-B3C2-A72F3213F2A6}, Name: , StartLBA 0x71F8C800, BlocksNum 0x277A000
19:53:23.0556 0x15e0  MBR partitions:
19:53:23.0556 0x15e0  \Device\Harddisk1\DR1:
19:53:23.0556 0x15e0  MBR partitions:
19:53:23.0556 0x15e0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x1DAC400
19:53:23.0556 0x15e0  \Device\Harddisk2\DR2:
19:53:23.0556 0x15e0  MBR partitions:
19:53:23.0556 0x15e0  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000
19:53:23.0556 0x15e0  ============================================================
19:53:23.0571 0x15e0  C: <-> \Device\Harddisk0\DR0\Partition3
19:53:23.0618 0x15e0  D: <-> \Device\Harddisk0\DR0\Partition4
19:53:23.0650 0x15e0  I: <-> \Device\Harddisk0\DR0\Partition7
19:53:23.0681 0x15e0  L: <-> \Device\Harddisk2\DR2\Partition1
19:53:23.0696 0x15e0  F: <-> \Device\Harddisk0\DR0\Partition6
19:53:23.0712 0x15e0  H: <-> \Device\Harddisk0\DR0\Partition5
19:53:23.0712 0x15e0  ============================================================
19:53:23.0712 0x15e0  Initialize success
19:53:23.0712 0x15e0  ============================================================
19:53:28.0384 0x12ec  ============================================================
19:53:28.0384 0x12ec  Scan started
19:53:28.0384 0x12ec  Mode: Manual; 
19:53:28.0384 0x12ec  ============================================================
19:53:28.0384 0x12ec  KSN ping started
19:53:30.0693 0x12ec  KSN ping finished: true
19:53:35.0881 0x12ec  ================ Scan system memory ========================
19:53:35.0881 0x12ec  System memory - ok
19:53:35.0881 0x12ec  ================ Scan services =============================
19:53:36.0084 0x12ec  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
19:53:36.0084 0x12ec  1394ohci - ok
19:53:36.0115 0x12ec  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
19:53:36.0115 0x12ec  3ware - ok
19:53:36.0146 0x12ec  [ 899B7E724BF19F17978B6A37B864A277, F7D166DC5F7642D4B834B1E0D956929BA94F3E4D402989FC1A681A08FA1F86B6 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
19:53:36.0146 0x12ec  Accelerometer - ok
19:53:36.0178 0x12ec  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:53:36.0193 0x12ec  ACPI - ok
19:53:36.0193 0x12ec  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
19:53:36.0193 0x12ec  acpiex - ok
19:53:36.0209 0x12ec  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
19:53:36.0209 0x12ec  acpipagr - ok
19:53:36.0240 0x12ec  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
19:53:36.0240 0x12ec  AcpiPmi - ok
19:53:36.0256 0x12ec  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
19:53:36.0256 0x12ec  acpitime - ok
19:53:36.0381 0x12ec  [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:53:36.0396 0x12ec  AdobeFlashPlayerUpdateSvc - ok
19:53:36.0428 0x12ec  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
19:53:36.0443 0x12ec  ADP80XX - ok
19:53:36.0475 0x12ec  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:53:36.0475 0x12ec  AeLookupSvc - ok
19:53:36.0553 0x12ec  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
19:53:36.0553 0x12ec  AERTFilters - ok
19:53:36.0615 0x12ec  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
19:53:36.0631 0x12ec  AFD - ok
19:53:36.0646 0x12ec  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:53:36.0646 0x12ec  agp440 - ok
19:53:36.0693 0x12ec  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
19:53:36.0693 0x12ec  ahcache - ok
19:53:36.0709 0x12ec  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
19:53:36.0709 0x12ec  ALG - ok
19:53:36.0740 0x12ec  [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:53:36.0740 0x12ec  AMD External Events Utility - ok
19:53:36.0756 0x12ec  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
19:53:36.0756 0x12ec  AmdK8 - ok
19:53:37.0193 0x12ec  [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:53:37.0428 0x12ec  amdkmdag - ok
19:53:37.0475 0x12ec  [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:53:37.0490 0x12ec  amdkmdap - ok
19:53:37.0522 0x12ec  [ 5878E12EE33DC8BF2E79DEE7A802EFCA, 7D7BCC2E4BD33F84F9B8D950094EB3AE016BD16844F2CD8D28F5A4BEEDF6FBDC ] amdkmpfd        C:\Windows\system32\drivers\amdkmpfd.sys
19:53:37.0522 0x12ec  amdkmpfd - ok
19:53:37.0537 0x12ec  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
19:53:37.0553 0x12ec  AmdPPM - ok
19:53:37.0584 0x12ec  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:53:37.0584 0x12ec  amdsata - ok
19:53:37.0615 0x12ec  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:53:37.0615 0x12ec  amdsbs - ok
19:53:37.0647 0x12ec  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:53:37.0647 0x12ec  amdxata - ok
19:53:37.0881 0x12ec  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
19:53:37.0881 0x12ec  AntiVirMailService - ok
19:53:38.0037 0x12ec  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
19:53:38.0053 0x12ec  AntiVirSchedulerService - ok
19:53:38.0100 0x12ec  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
19:53:38.0100 0x12ec  AntiVirService - ok
19:53:38.0178 0x12ec  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
19:53:38.0193 0x12ec  AntiVirWebService - ok
19:53:38.0272 0x12ec  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
19:53:38.0272 0x12ec  AppHostSvc - ok
19:53:38.0303 0x12ec  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
19:53:38.0318 0x12ec  AppID - ok
19:53:38.0350 0x12ec  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:53:38.0350 0x12ec  AppIDSvc - ok
19:53:38.0381 0x12ec  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
19:53:38.0381 0x12ec  Appinfo - ok
19:53:38.0443 0x12ec  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
19:53:38.0459 0x12ec  AppReadiness - ok
19:53:38.0522 0x12ec  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
19:53:38.0537 0x12ec  AppXSvc - ok
19:53:38.0553 0x12ec  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:53:38.0553 0x12ec  arcsas - ok
19:53:38.0662 0x12ec  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:53:38.0662 0x12ec  aspnet_state - ok
19:53:38.0709 0x12ec  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:53:38.0709 0x12ec  AsyncMac - ok
19:53:38.0725 0x12ec  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:53:38.0725 0x12ec  atapi - ok
19:53:38.0772 0x12ec  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
19:53:38.0772 0x12ec  AudioEndpointBuilder - ok
19:53:38.0834 0x12ec  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:53:38.0850 0x12ec  Audiosrv - ok
19:53:38.0865 0x12ec  [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
19:53:38.0881 0x12ec  avgntflt - ok
19:53:38.0897 0x12ec  [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
19:53:38.0897 0x12ec  avipbb - ok
19:53:38.0959 0x12ec  [ BB73DD7B20132FB1A30990E025DEA1E4, 6A474ABB8B2D696ECBC50D717AF11E8F77DA65DEDA4B663E4496B89F624847DE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
19:53:38.0975 0x12ec  Avira.ServiceHost - ok
19:53:38.0990 0x12ec  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
19:53:38.0990 0x12ec  avkmgr - ok
19:53:39.0022 0x12ec  [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
19:53:39.0022 0x12ec  avnetflt - ok
19:53:39.0053 0x12ec  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:53:39.0053 0x12ec  AxInstSV - ok
19:53:39.0100 0x12ec  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:53:39.0100 0x12ec  b06bdrv - ok
19:53:39.0147 0x12ec  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
19:53:39.0147 0x12ec  BasicDisplay - ok
19:53:39.0147 0x12ec  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
19:53:39.0162 0x12ec  BasicRender - ok
19:53:39.0178 0x12ec  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
19:53:39.0178 0x12ec  bcmfn2 - ok
19:53:39.0209 0x12ec  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:53:39.0209 0x12ec  BDESVC - ok
19:53:39.0256 0x12ec  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
19:53:39.0256 0x12ec  Beep - ok
19:53:39.0318 0x12ec  [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE             C:\Windows\System32\bfe.dll
19:53:39.0334 0x12ec  BFE - ok
19:53:39.0397 0x12ec  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
19:53:39.0412 0x12ec  BITS - ok
19:53:39.0490 0x12ec  [ 9EA0331B0BE5FBBB252348E0CF55D109, 13E1DCA616D1DB720B1F401E4E72D03B343C40505CBFA30457ED584C94306718 ] BlueSoleilCS    C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
19:53:39.0522 0x12ec  BlueSoleilCS - ok
19:53:39.0537 0x12ec  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:53:39.0537 0x12ec  bowser - ok
19:53:39.0553 0x12ec  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
19:53:39.0553 0x12ec  BrokerInfrastructure - ok
19:53:39.0584 0x12ec  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
19:53:39.0584 0x12ec  Browser - ok
19:53:39.0600 0x12ec  [ 548744FF67C654C378FCA0C897CCB3C0, DC8ADAFDC93CF36EF45EDF2AEA8ECBFD4A6CA5B76E0B6F9AAD04DB411C1346F9 ] BsHelpCS        C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
19:53:39.0615 0x12ec  BsHelpCS - ok
19:53:39.0647 0x12ec  [ 34AAF6FD68B8403E76F0D08A8C1C1DA3, 2255F88C04E89AA80231B67287D81271DC226007F01CFCB55EB1EBF640C6FCF5 ] BtAudioBusSrv   C:\Windows\System32\Drivers\BtAudioBus.sys
19:53:39.0647 0x12ec  BtAudioBusSrv - ok
19:53:39.0678 0x12ec  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
19:53:39.0678 0x12ec  BthAvrcpTg - ok
19:53:39.0709 0x12ec  [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
19:53:39.0709 0x12ec  BthEnum - ok
19:53:39.0740 0x12ec  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
19:53:39.0740 0x12ec  BthHFEnum - ok
19:53:39.0756 0x12ec  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
19:53:39.0756 0x12ec  bthhfhid - ok
19:53:39.0756 0x12ec  BthHFSrv - ok
19:53:39.0803 0x12ec  [ CE3921CC0814574A699628776B3AE301, 63FF436E5FB3D3FF83191191425F124E5F8551E33F3AC222495EC2E39E44E63F ] BthL2caScoIfSrv C:\Windows\System32\Drivers\BtL2caScoIf.sys
19:53:39.0803 0x12ec  BthL2caScoIfSrv - ok
19:53:39.0834 0x12ec  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
19:53:39.0850 0x12ec  BthLEEnum - ok
19:53:39.0865 0x12ec  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
19:53:39.0865 0x12ec  BTHMODEM - ok
19:53:39.0912 0x12ec  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
19:53:39.0912 0x12ec  BthPan - ok
19:53:39.0975 0x12ec  [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
19:53:39.0990 0x12ec  BTHPORT - ok
19:53:40.0006 0x12ec  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
19:53:40.0006 0x12ec  bthserv - ok
19:53:40.0037 0x12ec  [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
19:53:40.0037 0x12ec  BTHUSB - ok
19:53:40.0084 0x12ec  [ 6F9C5E08B53E9AB0C1AE380B87F41A9C, 3B6565E6463168C8FCAE631D569167F79E9DD53D8850760920A5ADE018040312 ] btUrbFilterDrv  C:\Windows\System32\Drivers\IvtUrbBtFlt.sys
19:53:40.0084 0x12ec  btUrbFilterDrv - ok
19:53:40.0100 0x12ec  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:53:40.0100 0x12ec  cdfs - ok
19:53:40.0131 0x12ec  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
19:53:40.0131 0x12ec  cdrom - ok
19:53:40.0162 0x12ec  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:53:40.0162 0x12ec  CertPropSvc - ok
19:53:40.0194 0x12ec  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
19:53:40.0194 0x12ec  circlass - ok
19:53:40.0240 0x12ec  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
19:53:40.0240 0x12ec  CLFS - ok
19:53:40.0272 0x12ec  [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
19:53:40.0272 0x12ec  CLVirtualDrive - ok
19:53:40.0287 0x12ec  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
19:53:40.0287 0x12ec  CmBatt - ok
19:53:40.0319 0x12ec  [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG             C:\Windows\system32\Drivers\cng.sys
19:53:40.0319 0x12ec  CNG - ok
19:53:40.0350 0x12ec  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
19:53:40.0350 0x12ec  CompositeBus - ok
19:53:40.0350 0x12ec  COMSysApp - ok
19:53:40.0381 0x12ec  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
19:53:40.0381 0x12ec  condrv - ok
19:53:40.0475 0x12ec  [ BB812787B838A74943DEF209350C3883, 2C168F48A68644AA3CB6167BEC2A260E3E9C78D0766A15AA0FAA39CDBD7FA040 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:53:40.0490 0x12ec  cphs - ok
19:53:40.0522 0x1788  Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc
19:53:40.0522 0x12ec  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:53:40.0522 0x12ec  CryptSvc - ok
19:53:40.0553 0x12ec  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\Windows\system32\drivers\dam.sys
19:53:40.0553 0x12ec  dam - ok
19:53:40.0600 0x12ec  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:53:40.0615 0x12ec  DcomLaunch - ok
19:53:40.0647 0x12ec  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
19:53:40.0647 0x12ec  defragsvc - ok
19:53:40.0678 0x12ec  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
19:53:40.0678 0x12ec  DeviceAssociationService - ok
19:53:40.0709 0x12ec  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
19:53:40.0709 0x12ec  DeviceInstall - ok
19:53:40.0740 0x12ec  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
19:53:40.0740 0x12ec  Dfsc - ok
19:53:40.0772 0x12ec  [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
19:53:40.0772 0x12ec  dg_ssudbus - ok
19:53:40.0819 0x12ec  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:53:40.0819 0x12ec  Dhcp - ok
19:53:40.0881 0x12ec  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:53:40.0912 0x12ec  DiagTrack - ok
19:53:41.0022 0x12ec  [ 68BFCCC1EC25F0F942EA32AD9D67A131, CF19DA2816262D9D532249970581E55DF595A5FD0ABE44C5124A40F42A9B28B4 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
19:53:41.0037 0x12ec  DigitalWave.Update.Service - ok
19:53:41.0037 0x12ec  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
19:53:41.0053 0x12ec  disk - ok
19:53:41.0084 0x12ec  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
19:53:41.0084 0x12ec  dmvsc - ok
19:53:41.0115 0x12ec  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:53:41.0115 0x12ec  Dnscache - ok
19:53:41.0131 0x12ec  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:53:41.0147 0x12ec  dot3svc - ok
19:53:41.0178 0x12ec  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
19:53:41.0178 0x12ec  DPS - ok
19:53:41.0194 0x12ec  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:53:41.0194 0x12ec  drmkaud - ok
19:53:41.0209 0x12ec  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
19:53:41.0225 0x12ec  DsmSvc - ok
19:53:41.0272 0x12ec  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:53:41.0303 0x12ec  DXGKrnl - ok
19:53:41.0319 0x12ec  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
19:53:41.0319 0x12ec  Eaphost - ok
19:53:41.0428 0x12ec  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:53:41.0475 0x12ec  ebdrv - ok
19:53:41.0506 0x12ec  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
19:53:41.0506 0x12ec  EFS - ok
19:53:41.0553 0x12ec  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
19:53:41.0553 0x12ec  EhStorClass - ok
19:53:41.0569 0x12ec  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
19:53:41.0569 0x12ec  EhStorTcgDrv - ok
19:53:41.0584 0x12ec  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
19:53:41.0584 0x12ec  ElbyCDIO - ok
19:53:41.0615 0x12ec  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
19:53:41.0615 0x12ec  ErrDev - ok
19:53:41.0662 0x12ec  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
19:53:41.0678 0x12ec  EventSystem - ok
19:53:41.0725 0x12ec  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:53:41.0725 0x12ec  exfat - ok
19:53:41.0740 0x12ec  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:53:41.0740 0x12ec  fastfat - ok
19:53:41.0787 0x12ec  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
19:53:41.0803 0x12ec  Fax - ok
19:53:41.0803 0x12ec  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
19:53:41.0803 0x12ec  fdc - ok
19:53:41.0819 0x12ec  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:53:41.0819 0x12ec  fdPHost - ok
19:53:41.0850 0x12ec  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:53:41.0850 0x12ec  FDResPub - ok
19:53:41.0866 0x12ec  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
19:53:41.0881 0x12ec  fhsvc - ok
19:53:41.0881 0x16fc  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
19:53:41.0897 0x12ec  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:53:41.0897 0x12ec  FileInfo - ok
19:53:41.0928 0x12ec  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:53:41.0928 0x12ec  Filetrace - ok
19:53:41.0944 0x12ec  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
19:53:41.0944 0x12ec  flpydisk - ok
19:53:41.0991 0x12ec  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:53:41.0991 0x12ec  FltMgr - ok
19:53:42.0084 0x12ec  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\Windows\system32\FntCache.dll
19:53:42.0100 0x12ec  FontCache - ok
19:53:42.0225 0x12ec  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:53:42.0225 0x12ec  FontCache3.0.0.0 - ok
19:53:42.0287 0x12ec  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:53:42.0287 0x12ec  FsDepends - ok
19:53:42.0334 0x12ec  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:53:42.0334 0x12ec  Fs_Rec - ok
19:53:42.0366 0x12ec  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:53:42.0381 0x12ec  fvevol - ok
19:53:42.0397 0x12ec  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
19:53:42.0397 0x12ec  FxPPM - ok
19:53:42.0412 0x12ec  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:53:42.0412 0x12ec  gagp30kx - ok
19:53:42.0428 0x12ec  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
19:53:42.0428 0x12ec  gencounter - ok
19:53:42.0475 0x12ec  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
19:53:42.0475 0x12ec  GPIOClx0101 - ok
19:53:42.0569 0x12ec  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:53:42.0584 0x12ec  gpsvc - ok
19:53:42.0631 0x12ec  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:53:42.0631 0x12ec  gupdate - ok
19:53:42.0647 0x12ec  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:53:42.0662 0x12ec  gupdatem - ok
19:53:42.0694 0x12ec  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
19:53:42.0694 0x12ec  HDAudBus - ok
19:53:42.0709 0x12ec  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
19:53:42.0709 0x12ec  HidBatt - ok
19:53:42.0725 0x12ec  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
19:53:42.0741 0x12ec  HidBth - ok
19:53:42.0756 0x12ec  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
19:53:42.0756 0x12ec  hidi2c - ok
19:53:42.0772 0x12ec  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
19:53:42.0787 0x12ec  HidIr - ok
19:53:42.0803 0x12ec  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
19:53:42.0803 0x12ec  hidserv - ok
19:53:42.0803 0x12ec  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
19:53:42.0803 0x12ec  HidUsb - ok
19:53:42.0819 0x12ec  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:53:42.0819 0x12ec  hkmsvc - ok
19:53:42.0866 0x12ec  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:53:42.0866 0x12ec  HomeGroupListener - ok
19:53:42.0897 0x12ec  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:53:42.0897 0x12ec  HomeGroupProvider - ok
19:53:42.0944 0x1788  Object send P2P result: true
19:53:42.0944 0x1788  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
19:53:42.0991 0x12ec  [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:53:43.0006 0x12ec  HP Support Assistant Service - ok
19:53:43.0037 0x12ec  [ D104FF402FC3DDB686E6DEF00334DB26, 6CCE56587C02ECE474C6BF959C4A6F752A1FF0B718FBE8EE4FD9755313A207C1 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
19:53:43.0037 0x12ec  hpdskflt - ok
19:53:43.0116 0x12ec  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:53:43.0131 0x12ec  hpqwmiex - ok
19:53:43.0162 0x12ec  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:53:43.0162 0x12ec  HpSAMD - ok
19:53:43.0162 0x12ec  [ 55FFCBB036D7BE4BCA6FA1421203A27F, 5BB865FC631390F59AF5F2452D4D2DA47E34A49E194C8010E942F5A2013F3895 ] hpsrv           C:\Windows\system32\Hpservice.exe
19:53:43.0178 0x12ec  hpsrv - ok
19:53:43.0225 0x12ec  [ 3DB220B90C0C99057C5FDC735C8A7FA8, ECF6BAB435055C27609A9253F7ECBF917C3C411CF576373A877EA01A717D6FB3 ] HPWMISVC        c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
19:53:43.0241 0x12ec  HPWMISVC - ok
19:53:43.0287 0x12ec  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:53:43.0303 0x12ec  HTTP - ok
19:53:43.0334 0x12ec  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:53:43.0334 0x12ec  hwpolicy - ok
19:53:43.0366 0x12ec  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
19:53:43.0366 0x12ec  hyperkbd - ok
19:53:43.0381 0x12ec  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
19:53:43.0381 0x12ec  HyperVideo - ok
19:53:43.0428 0x12ec  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
19:53:43.0428 0x12ec  i8042prt - ok
19:53:43.0475 0x12ec  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
19:53:43.0475 0x12ec  iaLPSSi_GPIO - ok
19:53:43.0491 0x12ec  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
19:53:43.0491 0x12ec  iaLPSSi_I2C - ok
19:53:43.0537 0x12ec  [ 60F6526DB3297C7324957EF3143F88FF, F0D4AF7E66CD42793C5137B4F5E66AFCE13253C3FF8D397921EA23CD04D49763 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
19:53:43.0537 0x12ec  iaStorA - ok
19:53:43.0584 0x12ec  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
19:53:43.0584 0x12ec  iaStorAV - ok
19:53:43.0694 0x12ec  [ 9D7AFC77C928460336642D6EFDB5BDEA, 9CF555B94A21D7A518B9228B6BE86679200FEC4219156D7D2183CDC906BA4548 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:53:43.0694 0x12ec  IAStorDataMgrSvc - ok
19:53:43.0709 0x12ec  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:53:43.0709 0x12ec  iaStorV - ok
19:53:43.0772 0x12ec  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
19:53:43.0772 0x12ec  ICCS - ok
19:53:43.0772 0x12ec  IEEtwCollectorService - ok
19:53:43.0912 0x12ec  [ CEFA6BDB4789F3DA003ACBDCC64F5877, 0FE78AEFA9A75B4A99AD6B73AC3252E4C6DFA9D306FEC02D26C1FD574108BFBA ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:53:43.0959 0x12ec  igfx - ok
19:53:44.0006 0x12ec  [ 75909533EECD0CD9D5974B59474AA6C0, F81D0F949F1F01D09C91735C79288395B82C27B8FB78804752E5A678D7EF3860 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
19:53:44.0006 0x12ec  igfxCUIService1.0.0.0 - ok
19:53:44.0053 0x12ec  [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT          C:\Windows\System32\ikeext.dll
19:53:44.0069 0x12ec  IKEEXT - ok
19:53:44.0116 0x12ec  [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
19:53:44.0116 0x12ec  intaud_WaveExtensible - ok
19:53:44.0241 0x12ec  [ 6237A7F235E7BB3D4FAFB7E71B0D6EC1, 5FC6A225BDFEA3461713C16F4A2EAA1728E2D1AEDDFFB4165833EB0D82A99B31 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:53:44.0272 0x12ec  IntcAzAudAddService - ok
19:53:44.0319 0x16fc  Object send P2P result: true
19:53:44.0334 0x12ec  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:53:44.0334 0x16fc  Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb
19:53:44.0350 0x12ec  IntcDAud - ok
19:53:44.0413 0x12ec  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:53:44.0428 0x12ec  Intel(R) Capability Licensing Service Interface - ok
19:53:44.0459 0x12ec  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:53:44.0475 0x12ec  Intel(R) Capability Licensing Service TCP IP Interface - ok
19:53:44.0522 0x12ec  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:53:44.0522 0x12ec  Intel(R) ME Service - ok
19:53:44.0553 0x12ec  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:53:44.0553 0x12ec  intelide - ok
19:53:44.0569 0x12ec  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
19:53:44.0584 0x12ec  intelpep - ok
19:53:44.0600 0x12ec  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
19:53:44.0600 0x12ec  intelppm - ok
19:53:44.0647 0x12ec  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:53:44.0647 0x12ec  IpFilterDriver - ok
19:53:44.0709 0x12ec  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:53:44.0725 0x12ec  iphlpsvc - ok
19:53:44.0772 0x12ec  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
19:53:44.0772 0x12ec  IPMIDRV - ok
19:53:44.0803 0x12ec  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:53:44.0803 0x12ec  IPNAT - ok
19:53:44.0866 0x12ec  [ B76542085ABAD1AD4E5684F761DFC2EF, C6699B788D6E81E73519433F12BFD3B12C71A5EE2A12810697FE9C4350A179B3 ] IpOverUsbSvc    C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
19:53:44.0866 0x12ec  IpOverUsbSvc - ok
19:53:44.0881 0x12ec  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:53:44.0881 0x12ec  IRENUM - ok
19:53:44.0897 0x12ec  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:53:44.0897 0x12ec  isapnp - ok
19:53:44.0944 0x12ec  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
19:53:44.0959 0x12ec  iScsiPrt - ok
19:53:44.0991 0x12ec  [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
19:53:44.0991 0x12ec  iwdbus - ok
19:53:45.0022 0x12ec  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:53:45.0022 0x12ec  jhi_service - ok
19:53:45.0053 0x12ec  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
19:53:45.0053 0x12ec  kbdclass - ok
19:53:45.0084 0x12ec  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
19:53:45.0084 0x12ec  kbdhid - ok
19:53:45.0131 0x12ec  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
19:53:45.0131 0x12ec  kdnic - ok
19:53:45.0131 0x12ec  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
19:53:45.0147 0x12ec  KeyIso - ok
19:53:45.0163 0x12ec  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:53:45.0178 0x12ec  KSecDD - ok
19:53:45.0209 0x12ec  [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:53:45.0209 0x12ec  KSecPkg - ok
19:53:45.0241 0x12ec  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:53:45.0241 0x12ec  ksthunk - ok
19:53:45.0272 0x12ec  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:53:45.0272 0x12ec  KtmRm - ok
19:53:45.0319 0x12ec  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:53:45.0319 0x12ec  LanmanServer - ok
19:53:45.0366 0x1788  Object send P2P result: true
19:53:45.0366 0x1788  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
19:53:45.0366 0x12ec  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:53:45.0381 0x12ec  LanmanWorkstation - ok
19:53:45.0413 0x12ec  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
19:53:45.0428 0x12ec  lfsvc - ok
19:53:45.0538 0x12ec  [ 337FA50FFDED5E2BC94B36BF625AB681, BC77CCED8F2B52D26C7A2D7960FB5C1690F5D7E41013644C9226A85C9FF4FA2C ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
19:53:45.0584 0x12ec  LiveUpdateSvc - ok
19:53:45.0616 0x12ec  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:53:45.0616 0x12ec  lltdio - ok
19:53:45.0663 0x12ec  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:53:45.0678 0x12ec  lltdsvc - ok
19:53:45.0709 0x12ec  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:53:45.0709 0x12ec  lmhosts - ok
19:53:45.0756 0x12ec  [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:53:45.0772 0x12ec  LMS - ok
19:53:45.0803 0x12ec  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:53:45.0803 0x12ec  LSI_SAS - ok
19:53:45.0819 0x12ec  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:53:45.0819 0x12ec  LSI_SAS2 - ok
19:53:45.0834 0x12ec  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
19:53:45.0834 0x12ec  LSI_SAS3 - ok
19:53:45.0850 0x12ec  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
19:53:45.0850 0x12ec  LSI_SSS - ok
19:53:45.0913 0x12ec  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
19:53:45.0928 0x12ec  LSM - ok
19:53:45.0944 0x12ec  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:53:45.0944 0x12ec  luafv - ok
19:53:45.0959 0x12ec  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
19:53:45.0959 0x12ec  megasas - ok
19:53:45.0991 0x12ec  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
19:53:46.0006 0x12ec  megasr - ok
19:53:46.0022 0x12ec  [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
19:53:46.0022 0x12ec  MEIx64 - ok
19:53:46.0053 0x12ec  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
19:53:46.0053 0x12ec  MMCSS - ok
19:53:46.0084 0x12ec  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
19:53:46.0084 0x12ec  Modem - ok
19:53:46.0100 0x12ec  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
19:53:46.0100 0x12ec  monitor - ok
19:53:46.0116 0x12ec  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
19:53:46.0116 0x12ec  mouclass - ok
19:53:46.0163 0x12ec  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
19:53:46.0163 0x12ec  mouhid - ok
19:53:46.0194 0x12ec  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:53:46.0209 0x12ec  mountmgr - ok
19:53:46.0241 0x12ec  [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:53:46.0256 0x12ec  MozillaMaintenance - ok
19:53:46.0272 0x12ec  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:53:46.0288 0x12ec  mpsdrv - ok
19:53:46.0334 0x12ec  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:53:46.0350 0x12ec  MpsSvc - ok
19:53:46.0366 0x12ec  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:53:46.0381 0x12ec  MRxDAV - ok
19:53:46.0428 0x12ec  [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:53:46.0444 0x12ec  mrxsmb - ok
19:53:46.0459 0x12ec  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:53:46.0475 0x12ec  mrxsmb10 - ok
19:53:46.0506 0x12ec  [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:53:46.0506 0x12ec  mrxsmb20 - ok
19:53:46.0538 0x12ec  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
19:53:46.0538 0x12ec  MsBridge - ok
19:53:46.0553 0x12ec  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
19:53:46.0569 0x12ec  MSDTC - ok
19:53:46.0585 0x12ec  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:53:46.0585 0x12ec  Msfs - ok
19:53:46.0631 0x12ec  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
19:53:46.0631 0x12ec  msgpiowin32 - ok
19:53:46.0647 0x12ec  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:53:46.0647 0x12ec  mshidkmdf - ok
19:53:46.0647 0x12ec  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
19:53:46.0647 0x12ec  mshidumdf - ok
19:53:46.0663 0x12ec  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:53:46.0663 0x12ec  msisadrv - ok
19:53:46.0694 0x12ec  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:53:46.0694 0x12ec  MSiSCSI - ok
19:53:46.0694 0x12ec  msiserver - ok
19:53:46.0710 0x12ec  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:53:46.0710 0x12ec  MSKSSRV - ok
19:53:46.0741 0x12ec  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
19:53:46.0741 0x12ec  MsLldp - ok
19:53:46.0756 0x12ec  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:53:46.0756 0x12ec  MSPCLOCK - ok
19:53:46.0756 0x16fc  Object send P2P result: true
19:53:46.0756 0x16fc  Object required for P2P: [ BB73DD7B20132FB1A30990E025DEA1E4 ] Avira.ServiceHost
19:53:46.0756 0x12ec  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:53:46.0756 0x12ec  MSPQM - ok
19:53:46.0772 0x12ec  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:53:46.0788 0x12ec  MsRPC - ok
19:53:46.0803 0x12ec  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
19:53:46.0803 0x12ec  mssmbios - ok
19:53:46.0803 0x12ec  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:53:46.0803 0x12ec  MSTEE - ok
19:53:46.0819 0x12ec  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
19:53:46.0819 0x12ec  MTConfig - ok
19:53:46.0835 0x12ec  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
19:53:46.0835 0x12ec  Mup - ok
19:53:46.0850 0x12ec  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
19:53:46.0850 0x12ec  mvumis - ok
19:53:46.0913 0x12ec  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
19:53:46.0913 0x12ec  napagent - ok
19:53:46.0960 0x12ec  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:53:46.0960 0x12ec  NativeWifiP - ok
19:53:46.0975 0x12ec  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
19:53:46.0975 0x12ec  NcaSvc - ok
19:53:47.0006 0x12ec  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
19:53:47.0006 0x12ec  NcbService - ok
19:53:47.0022 0x12ec  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
19:53:47.0038 0x12ec  NcdAutoSetup - ok
19:53:47.0085 0x12ec  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:53:47.0100 0x12ec  NDIS - ok
19:53:47.0131 0x12ec  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:53:47.0131 0x12ec  NdisCap - ok
19:53:47.0147 0x12ec  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
19:53:47.0163 0x12ec  NdisImPlatform - ok
19:53:47.0178 0x12ec  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:53:47.0178 0x12ec  NdisTapi - ok
19:53:47.0210 0x12ec  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:53:47.0210 0x12ec  Ndisuio - ok
19:53:47.0225 0x12ec  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
19:53:47.0225 0x12ec  NdisVirtualBus - ok
19:53:47.0241 0x12ec  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:53:47.0256 0x12ec  NdisWan - ok
19:53:47.0256 0x12ec  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
19:53:47.0256 0x12ec  NdisWanLegacy - ok
19:53:47.0288 0x12ec  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:53:47.0288 0x12ec  NDProxy - ok
19:53:47.0350 0x12ec  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
19:53:47.0350 0x12ec  Ndu - ok
19:53:47.0366 0x12ec  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:53:47.0366 0x12ec  NetBIOS - ok
19:53:47.0381 0x12ec  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:53:47.0381 0x12ec  NetBT - ok
19:53:47.0397 0x12ec  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
19:53:47.0397 0x12ec  Netlogon - ok
19:53:47.0428 0x12ec  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
19:53:47.0428 0x12ec  Netman - ok
19:53:47.0460 0x12ec  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
19:53:47.0475 0x12ec  netprofm - ok
19:53:47.0585 0x12ec  [ B863D45D0E5FA6DF7C06B404D7F8C2AA, BC3EA27ACEB0D5DF1319D0374FA37BBE8D2D3F6B673F0CB1954624175255F95B ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
19:53:47.0616 0x12ec  netr28x - ok
19:53:47.0678 0x12ec  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:53:47.0678 0x12ec  NetTcpPortSharing - ok
19:53:47.0710 0x12ec  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
19:53:47.0710 0x12ec  netvsc - ok
19:53:47.0756 0x12ec  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:53:47.0772 0x12ec  NlaSvc - ok
19:53:47.0788 0x1788  Object send P2P result: true
19:53:47.0788 0x1788  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
19:53:47.0803 0x12ec  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:53:47.0803 0x12ec  Npfs - ok
19:53:47.0866 0x12ec  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
19:53:47.0866 0x12ec  npsvctrig - ok
19:53:47.0897 0x12ec  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
19:53:47.0897 0x12ec  nsi - ok
19:53:47.0913 0x12ec  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:53:47.0913 0x12ec  nsiproxy - ok
19:53:47.0991 0x12ec  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:53:48.0053 0x12ec  Ntfs - ok
19:53:48.0085 0x12ec  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
19:53:48.0085 0x12ec  Null - ok
19:53:48.0100 0x12ec  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:53:48.0100 0x12ec  nvraid - ok
19:53:48.0116 0x12ec  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:53:48.0116 0x12ec  nvstor - ok
19:53:48.0131 0x12ec  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:53:48.0131 0x12ec  nv_agp - ok
19:53:48.0225 0x12ec  [ 40CB809645F1D0A93C535F9B0402F269, E683ED4ED824CE4E49715F23E3D3E8245B398D7A0D279E1F31470B9D7AF7E223 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:53:48.0256 0x12ec  Origin Client Service - ok
19:53:48.0303 0x12ec  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:53:48.0303 0x12ec  p2pimsvc - ok
19:53:48.0350 0x12ec  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
19:53:48.0366 0x12ec  p2psvc - ok
19:53:48.0381 0x12ec  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
19:53:48.0381 0x12ec  Parport - ok
19:53:48.0397 0x12ec  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:53:48.0413 0x12ec  partmgr - ok
19:53:48.0444 0x12ec  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:53:48.0444 0x12ec  PcaSvc - ok
19:53:48.0491 0x12ec  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
19:53:48.0491 0x12ec  pci - ok
19:53:48.0522 0x12ec  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:53:48.0522 0x12ec  pciide - ok
19:53:48.0538 0x12ec  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:53:48.0538 0x12ec  pcmcia - ok
19:53:48.0538 0x12ec  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:53:48.0538 0x12ec  pcw - ok
19:53:48.0553 0x12ec  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\Windows\system32\drivers\pdc.sys
19:53:48.0569 0x12ec  pdc - ok
19:53:48.0616 0x12ec  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:53:48.0616 0x12ec  PEAUTH - ok
19:53:48.0725 0x12ec  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:53:48.0725 0x12ec  PerfHost - ok
19:53:48.0803 0x12ec  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
19:53:48.0819 0x12ec  pla - ok
19:53:48.0850 0x12ec  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:53:48.0850 0x12ec  PlugPlay - ok
19:53:48.0881 0x12ec  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:53:48.0881 0x12ec  PNRPAutoReg - ok
19:53:48.0897 0x12ec  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:53:48.0913 0x12ec  PNRPsvc - ok
19:53:48.0944 0x12ec  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:53:48.0944 0x12ec  PolicyAgent - ok
19:53:48.0975 0x12ec  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
19:53:48.0975 0x12ec  Power - ok
19:53:49.0007 0x12ec  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:53:49.0022 0x12ec  PptpMiniport - ok
19:53:49.0163 0x12ec  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:53:49.0178 0x16fc  Object send P2P result: true
19:53:49.0178 0x16fc  Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt

M-K-D-B · 08.01.2016, 20:05

Servus,

du hast zweimal die FRST.txt gepostet.

Kannst du bitte noch die Addition.txt posten?

jillsy2k · 08.01.2016, 20:06

Code:

ATTFilter

19:53:49.0210 0x12ec  PrintNotify - ok
19:53:49.0241 0x12ec  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
19:53:49.0241 0x12ec  Processor - ok
19:53:49.0288 0x12ec  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
19:53:49.0288 0x12ec  ProfSvc - ok
19:53:49.0319 0x12ec  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:53:49.0319 0x12ec  Psched - ok
19:53:49.0350 0x12ec  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\Windows\system32\pwdrvio.sys
19:53:49.0350 0x12ec  pwdrvio - ok
19:53:49.0366 0x12ec  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\WINDOWS\system32\pwdspio.sys
19:53:49.0366 0x12ec  pwdspio - ok
19:53:49.0382 0x12ec  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
19:53:49.0382 0x12ec  QWAVE - ok
19:53:49.0413 0x12ec  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:53:49.0413 0x12ec  QWAVEdrv - ok
19:53:49.0444 0x12ec  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:53:49.0444 0x12ec  RasAcd - ok
19:53:49.0460 0x12ec  [ 3EE5097945A7F680E320953271EB2D4F, 0B9F2B458177A654F65C5E862B7C55B35E20271B76D5E20A20F30D3223A1216F ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:53:49.0460 0x12ec  RasAgileVpn - ok
19:53:49.0522 0x12ec  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
19:53:49.0538 0x12ec  RasAuto - ok
19:53:49.0553 0x12ec  [ 1BD3022FD6E450B00DE560265638FD2A, 3878B443053DFFED62641BE8736891F426C7121EB8C4DB38FF0F218697133A6D ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:53:49.0569 0x12ec  Rasl2tp - ok
19:53:49.0632 0x12ec  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
19:53:49.0647 0x12ec  RasMan - ok
19:53:49.0663 0x12ec  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:53:49.0663 0x12ec  RasPppoe - ok
19:53:49.0678 0x12ec  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:53:49.0678 0x12ec  RasSstp - ok
19:53:49.0725 0x12ec  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:53:49.0725 0x12ec  rdbss - ok
19:53:49.0757 0x12ec  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
19:53:49.0757 0x12ec  rdpbus - ok
19:53:49.0772 0x12ec  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:53:49.0772 0x12ec  RDPDR - ok
19:53:49.0788 0x12ec  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:53:49.0788 0x12ec  RdpVideoMiniport - ok
19:53:49.0803 0x12ec  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:53:49.0819 0x12ec  rdyboost - ok
19:53:49.0882 0x12ec  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
19:53:49.0897 0x12ec  ReFS - ok
19:53:49.0928 0x12ec  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:53:49.0944 0x12ec  RemoteAccess - ok
19:53:49.0960 0x12ec  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:53:49.0960 0x12ec  RemoteRegistry - ok
19:53:50.0007 0x12ec  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
19:53:50.0007 0x12ec  RFCOMM - ok
19:53:50.0038 0x12ec  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:53:50.0038 0x12ec  RpcEptMapper - ok
19:53:50.0069 0x12ec  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
19:53:50.0069 0x12ec  RpcLocator - ok
19:53:50.0100 0x12ec  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
19:53:50.0116 0x12ec  RpcSs - ok
19:53:50.0147 0x12ec  [ 60BCF0F09DD963D0F89F571F9D1EB8C1, 59BC9EA4D6C5B24352FC7C2DF4856398F6F734A2C52FD9A9195539593C37C8BC ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
19:53:50.0163 0x12ec  RSP2STOR - ok
19:53:50.0194 0x12ec  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:53:50.0194 0x12ec  rspndr - ok
19:53:50.0194 0x1788  Object send P2P result: true
19:53:50.0272 0x12ec  [ 3B7A94926B52D171C5B515EDECC2118E, 4D3A8F24AAA8DD155BE2B5814701FFE67C367BB29D31D615685277D2DEF0DB0A ] rtbth           C:\Windows\System32\drivers\rtbth.sys
19:53:50.0288 0x12ec  rtbth - ok
19:53:50.0382 0x12ec  [ 3A50489C017292386C1C6CF6EB283F23, 42E2C75A83A45070BB548591B83C3744F5DF6BB3743221D0442C1BA23789AD5D ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
19:53:50.0382 0x12ec  RtkAudioService - ok
19:53:50.0428 0x12ec  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
19:53:50.0460 0x12ec  RTL8168 - ok
19:53:50.0491 0x12ec  [ A336CE9CED25DAD273CC66556A511E0B, BC5FCD9C15F10A5775AA0E5BCEFA556A9D0B57267FA5518E1B3369BE066DD88C ] RTSPER          C:\Windows\system32\DRIVERS\RtsPer.sys
19:53:50.0491 0x12ec  RTSPER - ok
19:53:50.0522 0x12ec  [ E7E36EA112048AC5AC8AA15B6EC35109, 75AC0FF6E939FFCA1DB3E12E1CA2725AF9527867A25B3938AC5DF20620352F22 ] rzudd           C:\Windows\System32\drivers\rzudd.sys
19:53:50.0522 0x12ec  rzudd - ok
19:53:50.0553 0x12ec  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
19:53:50.0553 0x12ec  s3cap - ok
19:53:50.0585 0x12ec  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
19:53:50.0585 0x12ec  SamSs - ok
19:53:50.0616 0x12ec  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:53:50.0616 0x12ec  sbp2port - ok
19:53:50.0647 0x12ec  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:53:50.0647 0x12ec  SCardSvr - ok
19:53:50.0678 0x12ec  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
19:53:50.0678 0x12ec  ScDeviceEnum - ok
19:53:50.0694 0x12ec  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:53:50.0694 0x12ec  scfilter - ok
19:53:50.0757 0x12ec  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
19:53:50.0772 0x12ec  Schedule - ok
19:53:50.0803 0x12ec  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:53:50.0803 0x12ec  SCPolicySvc - ok
19:53:50.0819 0x12ec  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
19:53:50.0835 0x12ec  sdbus - ok
19:53:50.0960 0x12ec  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
19:53:50.0975 0x12ec  SDScannerService - ok
19:53:51.0007 0x12ec  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
19:53:51.0007 0x12ec  sdstor - ok
19:53:51.0069 0x12ec  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
19:53:51.0100 0x12ec  SDUpdateService - ok
19:53:51.0116 0x12ec  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
19:53:51.0116 0x12ec  SDWSCService - ok
19:53:51.0147 0x12ec  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:53:51.0147 0x12ec  secdrv - ok
19:53:51.0163 0x12ec  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
19:53:51.0163 0x12ec  seclogon - ok
19:53:51.0194 0x12ec  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
19:53:51.0194 0x12ec  SENS - ok
19:53:51.0210 0x12ec  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsSimulatorDriver C:\Windows\system32\DRIVERS\WUDFRd.sys
19:53:51.0225 0x12ec  SensorsSimulatorDriver - ok
19:53:51.0241 0x12ec  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:53:51.0257 0x12ec  SensrSvc - ok
19:53:51.0272 0x12ec  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
19:53:51.0272 0x12ec  SerCx - ok
19:53:51.0303 0x12ec  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
19:53:51.0303 0x12ec  SerCx2 - ok
19:53:51.0335 0x12ec  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
19:53:51.0335 0x12ec  Serenum - ok
19:53:51.0350 0x12ec  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
19:53:51.0350 0x12ec  Serial - ok
19:53:51.0366 0x12ec  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
19:53:51.0366 0x12ec  sermouse - ok
19:53:51.0413 0x12ec  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
19:53:51.0413 0x12ec  SessionEnv - ok
19:53:51.0429 0x12ec  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
19:53:51.0429 0x12ec  sfloppy - ok
19:53:51.0460 0x12ec  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:53:51.0475 0x12ec  SharedAccess - ok
19:53:51.0522 0x12ec  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:53:51.0522 0x12ec  ShellHWDetection - ok
19:53:51.0569 0x12ec  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:53:51.0569 0x12ec  SiSRaid2 - ok
19:53:51.0585 0x12ec  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:53:51.0585 0x12ec  SiSRaid4 - ok
19:53:51.0600 0x16fc  Object send P2P result: true
19:53:51.0616 0x12ec  [ 3E76F338E42616A22CA3AC379F95F2CB, 8EFE03420FF5BB518D1B9A38770A4A3FF19979D19F023F3C07C21E26676D9317 ] SmbDrv          C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
19:53:51.0616 0x12ec  SmbDrv - ok
19:53:51.0647 0x12ec  [ EBC839A7079CE7B353153AF9FAE8A57A, BEA3A1DEEA0CB0EE2E1B73CD592CC77C9B9FDEA2A0EA9369A0E10DEF97C5F923 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
19:53:51.0647 0x12ec  SmbDrvI - ok
19:53:51.0679 0x12ec  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
19:53:51.0679 0x12ec  smphost - ok
19:53:51.0710 0x12ec  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:53:51.0710 0x12ec  SNMPTRAP - ok
19:53:51.0757 0x12ec  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
19:53:51.0757 0x12ec  spaceport - ok
19:53:51.0819 0x12ec  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
19:53:51.0819 0x12ec  SpbCx - ok
19:53:51.0897 0x12ec  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\SysWOW64\speedfan.sys
19:53:51.0897 0x12ec  speedfan - ok
19:53:51.0960 0x12ec  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\Windows\System32\spoolsv.exe
19:53:51.0991 0x12ec  Spooler - ok
19:53:52.0194 0x12ec  [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc          C:\Windows\system32\sppsvc.exe
19:53:52.0272 0x12ec  sppsvc - ok
19:53:52.0366 0x12ec  [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:53:52.0366 0x12ec  SQLWriter - ok
19:53:52.0413 0x12ec  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:53:52.0429 0x12ec  srv - ok
19:53:52.0460 0x12ec  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:53:52.0475 0x12ec  srv2 - ok
19:53:52.0475 0x12ec  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:53:52.0491 0x12ec  srvnet - ok
19:53:52.0507 0x12ec  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:53:52.0507 0x12ec  SSDPSRV - ok
19:53:52.0522 0x12ec  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:53:52.0522 0x12ec  SstpSvc - ok
19:53:52.0554 0x12ec  [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
19:53:52.0569 0x12ec  ssudmdm - ok
19:53:52.0710 0x12ec  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
19:53:52.0725 0x12ec  ss_conn_service - ok
19:53:52.0804 0x12ec  [ 2DA28B9D2FBB9BE0324B7D03D9854D52, 2D54060A121A1572D9D87E8B334F97DDECDFF723B69105AA10E3AF4CB064BBE3 ] StartMenuService C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
19:53:52.0819 0x12ec  StartMenuService - ok
19:53:52.0866 0x12ec  [ 7AE700179C4839F657D245319E234A06, 6EAEFE4A8CAF1A70F1BAD4DD457C6AEC080839542D4E5582376489800BE52E89 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:53:52.0882 0x12ec  Steam Client Service - ok
19:53:52.0913 0x12ec  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:53:52.0913 0x12ec  stexstor - ok
19:53:53.0069 0x12ec  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
19:53:53.0085 0x12ec  stisvc - ok
19:53:53.0100 0x12ec  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
19:53:53.0100 0x12ec  storahci - ok
19:53:53.0132 0x12ec  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:53:53.0132 0x12ec  storflt - ok
19:53:53.0147 0x12ec  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
19:53:53.0163 0x12ec  stornvme - ok
19:53:53.0179 0x12ec  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
19:53:53.0179 0x12ec  StorSvc - ok
19:53:53.0225 0x12ec  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:53:53.0225 0x12ec  storvsc - ok
19:53:53.0241 0x12ec  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
19:53:53.0241 0x12ec  svsvc - ok
19:53:53.0272 0x12ec  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
19:53:53.0272 0x12ec  swenum - ok
19:53:53.0319 0x12ec  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
19:53:53.0335 0x12ec  swprv - ok
19:53:53.0366 0x12ec  [ 2D6C2C672D092B82FD22AFDB9E32B1EF, E5988F82955D9A5EE712831CF0E420A88316E7126BC24D834460CF7115F91AD4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:53:53.0382 0x12ec  SynTP - ok
19:53:53.0460 0x12ec  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
19:53:53.0475 0x12ec  SysMain - ok
19:53:53.0522 0x12ec  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
19:53:53.0538 0x12ec  SystemEventsBroker - ok
19:53:53.0554 0x12ec  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:53:53.0554 0x12ec  TabletInputService - ok
19:53:53.0585 0x12ec  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:53:53.0585 0x12ec  TapiSrv - ok
19:53:53.0694 0x12ec  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:53:53.0741 0x12ec  Tcpip - ok
19:53:53.0804 0x12ec  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:53:53.0835 0x12ec  TCPIP6 - ok
19:53:53.0866 0x12ec  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:53:53.0866 0x12ec  tcpipreg - ok
19:53:53.0913 0x12ec  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:53:53.0913 0x12ec  tdx - ok
19:53:53.0991 0x12ec  [ 1A4B1847BD8C7079C3A6C873342CC84A, E49E60896C6726EB8F8EE3A443B839AA6A6E802919C7D102DD820AD7C3DDA32C ] Te.Service      C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
19:53:53.0991 0x12ec  Te.Service - ok
19:53:54.0022 0x12ec  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
19:53:54.0022 0x12ec  terminpt - ok
19:53:54.0085 0x12ec  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
19:53:54.0116 0x12ec  TermService - ok
19:53:54.0132 0x12ec  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
19:53:54.0132 0x12ec  Themes - ok
19:53:54.0163 0x12ec  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:53:54.0163 0x12ec  THREADORDER - ok
19:53:54.0179 0x12ec  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
19:53:54.0194 0x12ec  TimeBroker - ok
19:53:54.0226 0x12ec  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
19:53:54.0226 0x12ec  TPM - ok
19:53:54.0257 0x12ec  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
19:53:54.0257 0x12ec  TrkWks - ok
19:53:54.0319 0x12ec  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:53:54.0319 0x12ec  TrustedInstaller - ok
19:53:54.0366 0x12ec  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:53:54.0366 0x12ec  TsUsbFlt - ok
19:53:54.0413 0x12ec  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
19:53:54.0413 0x12ec  TsUsbGD - ok
19:53:54.0444 0x12ec  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:53:54.0460 0x12ec  tunnel - ok
19:53:54.0491 0x12ec  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:53:54.0491 0x12ec  uagp35 - ok
19:53:54.0507 0x12ec  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
19:53:54.0522 0x12ec  UASPStor - ok
19:53:54.0554 0x12ec  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
19:53:54.0554 0x12ec  UCX01000 - ok
19:53:54.0601 0x12ec  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:53:54.0616 0x12ec  udfs - ok
19:53:54.0647 0x12ec  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
19:53:54.0647 0x12ec  UEFI - ok
19:53:54.0679 0x12ec  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:53:54.0679 0x12ec  UI0Detect - ok
19:53:54.0679 0x12ec  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:53:54.0679 0x12ec  uliagpkx - ok
19:53:54.0710 0x12ec  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
19:53:54.0710 0x12ec  umbus - ok
19:53:54.0726 0x12ec  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
19:53:54.0726 0x12ec  UmPass - ok
19:53:54.0757 0x12ec  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:53:54.0757 0x12ec  UmRdpService - ok
19:53:54.0788 0x12ec  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
19:53:54.0788 0x12ec  upnphost - ok
19:53:54.0819 0x12ec  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:53:54.0819 0x12ec  usbaudio - ok
19:53:54.0835 0x12ec  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
19:53:54.0851 0x12ec  usbccgp - ok
19:53:54.0866 0x12ec  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
19:53:54.0866 0x12ec  usbcir - ok
19:53:54.0897 0x12ec  [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
19:53:54.0897 0x12ec  usbehci - ok
19:53:54.0913 0x12ec  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
19:53:54.0929 0x12ec  usbhub - ok
19:53:54.0960 0x12ec  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
19:53:54.0960 0x12ec  USBHUB3 - ok
19:53:55.0007 0x12ec  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
19:53:55.0007 0x12ec  usbohci - ok
19:53:55.0038 0x12ec  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
19:53:55.0054 0x12ec  usbprint - ok
19:53:55.0085 0x12ec  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
19:53:55.0101 0x12ec  USBSTOR - ok
19:53:55.0116 0x12ec  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
19:53:55.0116 0x12ec  usbuhci - ok
19:53:55.0147 0x12ec  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:53:55.0163 0x12ec  usbvideo - ok
19:53:55.0210 0x12ec  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
19:53:55.0210 0x12ec  USBXHCI - ok
19:53:55.0241 0x12ec  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
19:53:55.0241 0x12ec  VaultSvc - ok
19:53:55.0288 0x12ec  [ 6F2C8F6969E1282FAAC560C04DECF0D1, C313E56E92203E7FDDF22052B751EAA76CC62F652B3FCA1871198441A0F85A1A ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
19:53:55.0304 0x12ec  VBoxDrv - ok
19:53:55.0366 0x12ec  [ F844DC3A071B9840B73A07BD81DED40B, B381CCD493660817544B6FED83C8E583028C4B60420AC812357440F6248D351E ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
19:53:55.0366 0x12ec  VBoxNetAdp - ok
19:53:55.0366 0x12ec  VBoxNetFlt - ok
19:53:55.0413 0x12ec  [ 73B84C1CE9731DA3EA0B11839C47F729, DE91D345DA348AB81992B7D75163EDB276E9A63724FA1B1E15A09DC33F47EF8D ] VBoxNetLwf      C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
19:53:55.0429 0x12ec  VBoxNetLwf - ok
19:53:55.0444 0x12ec  [ 6AB7FC5FA41DCF67929F95D1431B18D1, 67684C16291CFCC0DF9AE307248DFFB34D2E301B350ABD868B2384FA75786DB6 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
19:53:55.0444 0x12ec  VBoxUSBMon - ok
19:53:55.0476 0x12ec  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\Windows\System32\drivers\VClone.sys
19:53:55.0476 0x12ec  VClone - ok
19:53:55.0507 0x12ec  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:53:55.0507 0x12ec  vdrvroot - ok
19:53:55.0554 0x12ec  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
19:53:55.0569 0x12ec  vds - ok
19:53:55.0601 0x12ec  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
19:53:55.0601 0x12ec  VerifierExt - ok
19:53:55.0632 0x12ec  [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
19:53:55.0632 0x12ec  vhdmp - ok
19:53:55.0679 0x12ec  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:53:55.0679 0x12ec  viaide - ok
19:53:55.0710 0x12ec  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:53:55.0710 0x12ec  vmbus - ok
19:53:55.0741 0x12ec  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
19:53:55.0741 0x12ec  VMBusHID - ok
19:53:55.0788 0x12ec  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
19:53:55.0804 0x12ec  vmicguestinterface - ok
19:53:55.0835 0x12ec  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
19:53:55.0835 0x12ec  vmicheartbeat - ok
19:53:55.0851 0x12ec  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
19:53:55.0866 0x12ec  vmickvpexchange - ok
19:53:55.0866 0x12ec  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
19:53:55.0882 0x12ec  vmicrdv - ok
19:53:55.0897 0x12ec  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
19:53:55.0897 0x12ec  vmicshutdown - ok
19:53:55.0913 0x12ec  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
19:53:55.0913 0x12ec  vmictimesync - ok
19:53:55.0929 0x12ec  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
19:53:55.0944 0x12ec  vmicvss - ok
19:53:55.0944 0x12ec  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:53:55.0944 0x12ec  volmgr - ok
19:53:55.0960 0x12ec  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:53:55.0976 0x12ec  volmgrx - ok
19:53:55.0976 0x12ec  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:53:55.0991 0x12ec  volsnap - ok
19:53:56.0007 0x12ec  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
19:53:56.0023 0x12ec  vpci - ok
19:53:56.0038 0x12ec  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:53:56.0038 0x12ec  vsmraid - ok
19:53:56.0116 0x12ec  [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS             C:\Windows\system32\vssvc.exe
19:53:56.0132 0x12ec  VSS - ok
19:53:56.0257 0x12ec  [ 19D2D8B9F506193A191A8CFD14435ED1, 3359D167B314E14D6E99CA5C79BB5A1C2CEE88823346DD96C4F1B7CD4A2A5D2E ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
19:53:56.0257 0x12ec  VSStandardCollectorService140 - ok
19:53:56.0288 0x12ec  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
19:53:56.0304 0x12ec  VSTXRAID - ok
19:53:56.0366 0x12ec  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:53:56.0366 0x12ec  vwifibus - ok
19:53:56.0398 0x12ec  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:53:56.0398 0x12ec  vwififlt - ok
19:53:56.0413 0x12ec  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
19:53:56.0413 0x12ec  vwifimp - ok
19:53:56.0460 0x12ec  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
19:53:56.0476 0x12ec  W32Time - ok
19:53:56.0538 0x12ec  [ A22546B0093EBBDE03C52E56C3391373, 0C28D5C6A4E4EF12ABF0195409CAED17E07DEA22FB330D99FEEF847CBBC04A4E ] w3logsvc        C:\Windows\system32\inetsrv\w3logsvc.dll
19:53:56.0554 0x12ec  w3logsvc - ok
19:53:56.0569 0x12ec  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
19:53:56.0569 0x12ec  WacomPen - ok
19:53:56.0616 0x12ec  [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:53:56.0616 0x12ec  WANARP - ok
19:53:56.0616 0x12ec  [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:53:56.0632 0x12ec  Wanarpv6 - ok
19:53:56.0694 0x12ec  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
19:53:56.0710 0x12ec  WAS - ok
19:53:56.0773 0x12ec  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
19:53:56.0788 0x12ec  wbengine - ok
19:53:56.0819 0x12ec  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:53:56.0819 0x12ec  WbioSrvc - ok
19:53:56.0851 0x12ec  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
19:53:56.0851 0x12ec  Wcmsvc - ok
19:53:56.0882 0x12ec  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:53:56.0882 0x12ec  wcncsvc - ok
19:53:56.0898 0x12ec  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:53:56.0898 0x12ec  WcsPlugInService - ok
19:53:56.0929 0x12ec  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
19:53:56.0929 0x12ec  WdBoot - ok
19:53:56.0976 0x12ec  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\Windows\System32\drivers\wdcsam64.sys
19:53:56.0976 0x12ec  WDC_SAM - ok
19:53:57.0038 0x12ec  [ 464C440F9344289FDEA03F7475C44ACC, 5C7F9C1B604FCF01A78F69DBFC379B47E1A00EE35279A9F0F90E1E3663B0C3B7 ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
19:53:57.0038 0x12ec  WDDriveService - ok
19:53:57.0116 0x12ec  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:53:57.0132 0x12ec  Wdf01000 - ok
19:53:57.0148 0x12ec  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
19:53:57.0163 0x12ec  WdFilter - ok
19:53:57.0179 0x12ec  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:53:57.0179 0x12ec  WdiServiceHost - ok
19:53:57.0179 0x12ec  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:53:57.0179 0x12ec  WdiSystemHost - ok
19:53:57.0210 0x12ec  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
19:53:57.0226 0x12ec  WdNisDrv - ok
19:53:57.0241 0x12ec  WdNisSvc - ok
19:53:57.0273 0x12ec  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
19:53:57.0273 0x12ec  WebClient - ok
19:53:57.0304 0x12ec  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:53:57.0304 0x12ec  Wecsvc - ok
19:53:57.0319 0x12ec  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
19:53:57.0319 0x12ec  WEPHOSTSVC - ok
19:53:57.0351 0x12ec  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:53:57.0351 0x12ec  wercplsupport - ok
19:53:57.0382 0x12ec  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
19:53:57.0382 0x12ec  WerSvc - ok
19:53:57.0413 0x12ec  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
19:53:57.0413 0x12ec  WFPLWFS - ok
19:53:57.0444 0x12ec  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
19:53:57.0444 0x12ec  WiaRpc - ok
19:53:57.0460 0x12ec  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:53:57.0460 0x12ec  WIMMount - ok
19:53:57.0476 0x12ec  WinDefend - ok
19:53:57.0523 0x12ec  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
19:53:57.0538 0x12ec  WinHttpAutoProxySvc - ok
19:53:57.0601 0x12ec  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:53:57.0601 0x12ec  Winmgmt - ok
19:53:57.0679 0x12ec  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:53:57.0726 0x12ec  WinRM - ok
19:53:57.0757 0x12ec  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
19:53:57.0757 0x12ec  WinUsb - ok
19:53:57.0788 0x12ec  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
19:53:57.0788 0x12ec  WirelessButtonDriver - ok
19:53:57.0866 0x12ec  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
19:53:57.0882 0x12ec  WlanSvc - ok
19:53:57.0960 0x12ec  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
19:53:57.0976 0x12ec  wlidsvc - ok
19:53:58.0007 0x12ec  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
19:53:58.0007 0x12ec  WmiAcpi - ok
19:53:58.0069 0x12ec  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:53:58.0069 0x12ec  wmiApSrv - ok
19:53:58.0163 0x12ec  WMPNetworkSvc - ok
19:53:58.0194 0x12ec  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
19:53:58.0194 0x12ec  Wof - ok
19:53:58.0288 0x12ec  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
19:53:58.0304 0x12ec  workfolderssvc - ok
19:53:58.0335 0x12ec  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
19:53:58.0335 0x12ec  wpcfltr - ok
19:53:58.0366 0x12ec  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:53:58.0366 0x12ec  WPCSvc - ok
19:53:58.0413 0x12ec  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:53:58.0413 0x12ec  WPDBusEnum - ok
19:53:58.0445 0x12ec  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
19:53:58.0445 0x12ec  WpdUpFltr - ok
19:53:58.0491 0x12ec  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:53:58.0491 0x12ec  ws2ifsl - ok
19:53:58.0523 0x12ec  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
19:53:58.0523 0x12ec  wscsvc - ok
19:53:58.0538 0x12ec  WSearch - ok
19:53:58.0648 0x12ec  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
19:53:58.0695 0x12ec  WSService - ok
19:53:58.0820 0x12ec  [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv        C:\Windows\system32\wuaueng.dll
19:53:58.0866 0x12ec  wuauserv - ok
19:53:58.0898 0x12ec  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:53:58.0898 0x12ec  WudfPf - ok
19:53:58.0913 0x12ec  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
19:53:58.0929 0x12ec  WUDFRd - ok
19:53:58.0960 0x12ec  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:53:58.0960 0x12ec  wudfsvc - ok
19:53:58.0976 0x12ec  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
19:53:58.0976 0x12ec  WUDFWpdFs - ok
19:53:58.0991 0x12ec  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
19:53:58.0991 0x12ec  WUDFWpdMtp - ok
19:53:59.0023 0x12ec  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:53:59.0038 0x12ec  WwanSvc - ok
19:53:59.0038 0x12ec  ================ Scan global ===============================
19:53:59.0085 0x12ec  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
19:53:59.0101 0x12ec  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
19:53:59.0132 0x12ec  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
19:53:59.0163 0x12ec  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
19:53:59.0179 0x12ec  [ Global ] - ok
19:53:59.0179 0x12ec  ================ Scan MBR ==================================
19:53:59.0195 0x12ec  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:53:59.0195 0x12ec  \Device\Harddisk0\DR0 - ok
19:53:59.0226 0x12ec  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:53:59.0226 0x12ec  \Device\Harddisk1\DR1 - ok
19:53:59.0820 0x12ec  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
19:53:59.0835 0x12ec  \Device\Harddisk2\DR2 - ok
19:53:59.0835 0x12ec  ================ Scan VBR ==================================
19:53:59.0851 0x12ec  [ 216885FB42A51C7ACD8C689E63879383 ] \Device\Harddisk0\DR0\Partition1
19:53:59.0913 0x12ec  \Device\Harddisk0\DR0\Partition1 - ok
19:53:59.0929 0x12ec  [ 67A2D8D343D38CECBBABC4E91603524D ] \Device\Harddisk0\DR0\Partition2
19:53:59.0991 0x12ec  \Device\Harddisk0\DR0\Partition2 - ok
19:54:00.0007 0x12ec  [ C55EDC227AA97715A43BF19C136C7EF5 ] \Device\Harddisk0\DR0\Partition3
19:54:00.0070 0x12ec  \Device\Harddisk0\DR0\Partition3 - ok
19:54:00.0085 0x12ec  [ DAD8E063BE049A797F01ACB48D20893B ] \Device\Harddisk0\DR0\Partition4
19:54:00.0101 0x12ec  \Device\Harddisk0\DR0\Partition4 - ok
19:54:00.0116 0x12ec  [ 075854CF32EBB5692D2CF583D09400F7 ] \Device\Harddisk0\DR0\Partition5
19:54:00.0132 0x12ec  \Device\Harddisk0\DR0\Partition5 - ok
19:54:00.0148 0x12ec  [ E78F343ADB8B02F806734D6878BAC3EE ] \Device\Harddisk0\DR0\Partition6
19:54:00.0163 0x12ec  \Device\Harddisk0\DR0\Partition6 - ok
19:54:00.0179 0x12ec  [ A2B0117760552C2DB5912984F1926969 ] \Device\Harddisk0\DR0\Partition7
19:54:00.0179 0x12ec  \Device\Harddisk0\DR0\Partition7 - ok
19:54:00.0210 0x12ec  [ A55BD79B9E781791B5AE70A41B4ED1DC ] \Device\Harddisk1\DR1\Partition1
19:54:00.0210 0x12ec  \Device\Harddisk1\DR1\Partition1 - ok
19:54:00.0210 0x12ec  [ E98C61614179C13B334C11E0A855394B ] \Device\Harddisk2\DR2\Partition1
19:54:00.0273 0x12ec  \Device\Harddisk2\DR2\Partition1 - ok
19:54:00.0273 0x12ec  ================ Scan generic autorun ======================
19:54:00.0507 0x12ec  [ E3F5788BE024B06D28C0623AD87AF60B, CF9D1853863DE3D2F79D2DAD8E5D2119EA77C28624F1F0B94E87A35A34A66306 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:54:00.0632 0x12ec  RTHDVCPL - ok
19:54:00.0632 0x12ec  SynTPEnh - ok
19:54:00.0679 0x12ec  [ 21CBCE4FC4B7916E7755710883C36AE1, 2E20E072E3D2DAAC5F413A6F56070C6C8C5DAB3DDD6BE0A12F90E56BD5137F5B ] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
19:54:00.0679 0x12ec  BtTray - ok
19:54:00.0726 0x12ec  [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
19:54:00.0726 0x12ec  VirtualCloneDrive - ok
19:54:00.0882 0x12ec  [ 25218B917E6C638A5A0257BBAF3AF7DB, 7DC4D65462D45CE4230300555C5EE666729179F135C720B2B79DC8409743A0F7 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
19:54:00.0992 0x12ec  WD Quick View - ok
19:54:01.0085 0x12ec  [ 3A0710EED4371267DC2CA63AAE26954A, 1233DA56E9AE50E948D8F428AD5B4C748DBBD528D409A57AA6F60381FE95068B ] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
19:54:01.0101 0x12ec  HPMessageService - ok
19:54:01.0195 0x12ec  [ 845A4F50702714950804D6BD428083C1, 9718115B968BBCAEE35B3B0AE9817CAF1DAFAD3EE0F3927375CFF41A7E3F48EA ] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
19:54:01.0242 0x12ec  DriveUtilitiesHelper - ok
19:54:01.0335 0x12ec  [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
19:54:01.0351 0x12ec  StartCCC - ok
19:54:01.0476 0x12ec  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
19:54:01.0523 0x12ec  SDTray - ok
19:54:01.0601 0x12ec  [ 2EA68E33DFF41A10F1BAB15FC3A28076, C971C009F36A87116FBE785E45EB7192EAD9BAF713C43C8A3AC643624144ECF9 ] C:\Program Files (x86)\Samsung\kies 2\Kies\KiesTrayAgent.exe
19:54:01.0601 0x12ec  KiesTrayAgent - ok
19:54:01.0679 0x12ec  [ 7733088C1C9AF0D59A2E18095687AD0A, 79F82FEB231BACB849DD1D95B84B40731E3276202B489003038DE15AA765B65F ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
19:54:01.0679 0x12ec  Avira SystrayStartTrigger - ok
19:54:01.0867 0x12ec  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
19:54:01.0882 0x12ec  avgnt - ok
19:54:01.0929 0x12ec  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
19:54:01.0945 0x12ec  SpybotPostWindows10UpgradeReInstall - ok
19:54:01.0945 0x12ec  Waiting for KSN requests completion. In queue: 102
19:54:02.0960 0x12ec  Waiting for KSN requests completion. In queue: 102
19:54:03.0976 0x12ec  Waiting for KSN requests completion. In queue: 102
19:54:05.0007 0x12ec  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
19:54:05.0007 0x12ec  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
19:54:05.0023 0x12ec  Win FW state via NFP2: enabled ( trusted )
19:54:07.0382 0x12ec  ============================================================
19:54:07.0382 0x12ec  Scan finished
19:54:07.0382 0x12ec  ============================================================
19:54:07.0398 0x12a8  Detected object count: 0
19:54:07.0398 0x12a8  Actual detected object count: 0
19:54:11.0258 0x1608  Deinitialize success

So. :-)

jillsy2k · 08.01.2016, 21:12

Ja, tschuldige. Hier die addition;

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-01-2015
durchgeführt von Jillsy (2016-01-08 19:41:25)
Gestartet von C:\Users\Jillsy\Desktop
Windows 8.1 (X64) (2014-11-29 00:10:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-933261645-1527721118-3068914036-500 - Administrator - Disabled)
Gast (S-1-5-21-933261645-1527721118-3068914036-501 - Limited - Disabled)
Jillsy (S-1-5-21-933261645-1527721118-3068914036-1001 - Administrator - Enabled) => C:\Users\Jillsy

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1914 - Die Schalen des Zorns (HKLM-x32\...\{404E1E52-9302-45D2-B4F8-50D2251C391E}) (Version: 1.00.0000 - Rondomedia)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Act of Aggression (HKLM-x32\...\Steam App 318020) (Version:  - Eugen Systems)
Act of War: Direct Action (HKLM-x32\...\Steam App 2710) (Version:  - Eugen Systems)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version:  - Trion Worlds, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{eac7da46-2097-4dd4-80a6-8b67cbb2b23f}) (Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.1 - BlueJ Team)
Build Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden
Buildtools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden
C&C - Zero Hour - Full Uncut Patch Final v.2.5 (HKLM-x32\...\C&C - Zero Hour - Full Uncut Patch Final v.2.5) (Version:  - )
CodedUITestUAP (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ and The Covert Operations™ (HKLM-x32\...\{050E298D-C9B8-4582-A332-26201268A297}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert, Counterstrike and The Aftermath (HKLM-x32\...\{B9A7CCBE-48F7-4B3E-BD20-76ADDD4DC69F}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Renegade (HKLM-x32\...\{24DFBE4C-FD7F-48F2-A7D9-D1A0929B2113}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Tiberian Sun™ and Firestorm™ (HKLM-x32\...\{78F60BDD-1923-4CF7-B6BD-087D06D7B5BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version:  - Valve)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Diablo (HKLM-x32\...\Diablo) (Version:  - )
Diablo II (HKLM-x32\...\Diablo II) (Version:  - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.72.1224 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gemeinsam genutzte Internet-Komponenten von Westwood (HKLM-x32\...\WOLAPI) (Version:  - )
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version:  - )
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{AB5BCC55-18E2-46C7-9405-FF61CB888F05}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02}) (Version: 2.20.11 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{F2481209-98FE-4943-8903-90D19E1B7062}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDE Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden
IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Impire (HKLM-x32\...\Steam App 202130) (Version:  - Cyanide Montreal)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
March of War (HKLM-x32\...\Steam App 234310) (Version:  - ISOTX)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Express 2015 für Windows Desktop - DEU (HKLM-x32\...\{1541de02-c602-410d-9962-8f1c6cc255ff}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
MiniRA Plus 1.2 installer (HKLM-x32\...\MiniRA Plus 1.2 installer) (Version:  - )
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden
MyFreeCodec (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MyFreeCodec) (Version:  - )
NetBeans IDE 7.4 (HKLM\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Ihr Firmenname)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden
Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink Bluetooth Stack (HKLM\...\{C079427A-BB28-5168-3DB1-DC6608D226D4}) (Version: 11.0.748.2 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6870 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.007 - Realtek Semiconductor Corp.)
RIFT (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\RIFT) (Version:  - Trion Worlds, Inc.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Scribus 1.4.3 (64bit) (HKLM\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - Firaxis Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version:  - )
Total Annihilation (HKLM-x32\...\Total Annihilation) (Version:  - )
Tropico 4 1.00 (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Tropico 4) (Version: 1.00 - Kalypso Media)
TypeScript Power Tool (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WD Drive Utilities (HKLM-x32\...\{59E0381C-1047-45A3-B68A-57F586EAF3C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{847C1E81-8A3F-49BF-8FF0-189E56634656}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{E8DDC6BB-0080-4E70-840B-58B74FBCDE11}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{979a4332-3eb0-4561-9f74-a4fb871cf2bd}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WinAppDeploy (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {008C2DBE-5F21-45A5-B6E3-BEFF20F6F2BE} - System32\Tasks\{BC9DA1F7-3812-46CE-A25B-0BDE9058B05A} => pcalua.exe -a "C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Command and Conquer Generals Zero Hour\blitzkrieg2.exe" -d "C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Command and Conquer Generals Zero Hour"
Task: {0CE604DB-7A1B-409E-B51D-3AB505A79E8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2015-11-30] (Hewlett-Packard)
Task: {2029588E-4BE7-4AB4-8BCC-C4BF6A643500} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe
Task: {2FBD74D8-D7C0-4128-A16A-06D9E528476C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {56E7BFE8-13F4-4D6D-A81A-E518A1C1391D} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-10-27] (WiseCleaner.com)
Task: {69E09619-57F7-45EA-99C4-87EC2135055E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8664EE1D-ED66-4C58-97D8-3D388BFED8BC} - System32\Tasks\HPCeeScheduleForJillsy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {89E250D8-BF93-4F10-82B1-DA114BA9115C} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-08-19] (Hewlett-Packard Development Company, L.P.)
Task: {8F47A1B7-356E-495F-A46F-3B7A3C9CA05C} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-933261645-1527721118-3068914036-1001 => C:\Users\Jillsy\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-16] (Microsoft Corporation)
Task: {92F0C38C-AFE3-4147-8BA4-9DCD0210F807} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-16] (Microsoft Corporation)
Task: {A97CC0B6-588E-4DFE-B892-71FFDA363BFD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {B916F941-1A30-46FB-AF19-9D18789CFA73} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {CA11CFD3-3B00-43D5-8D5B-2CA61F0EE4CD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D7702F07-06C1-4849-AA86-E14094963802} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {E10533B9-CA87-4F6E-B21C-1185D92ACB93} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {EDAD5230-AE74-4C61-BA97-ED62D7C564C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {F9DB7AA9-FBD5-4AA5-9D22-8AD8F8CEA151} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {FCDE6132-7403-453A-8EA6-F49A9156E762} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJillsy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-11-01 15:48 - 2013-11-01 15:48 - 00371448 _____ () C:\Windows\system32\BsExtendFunc.dll
2013-11-01 15:48 - 2013-11-01 15:48 - 00029432 _____ () C:\Windows\system32\BsTrace.dll
2013-11-01 15:48 - 2013-11-01 15:48 - 00016632 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-11-01 15:48 - 2013-11-01 15:48 - 00062200 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2013-11-01 15:48 - 2013-11-01 15:48 - 00029432 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2013-05-24 10:22 - 2013-05-24 10:22 - 00334648 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 10:53 - 2011-07-05 10:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2013-11-01 15:48 - 2013-11-01 15:48 - 00016632 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2013-11-01 15:48 - 2013-11-01 15:48 - 00062200 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2015-08-16 14:59 - 2015-12-24 17:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-08-16 14:59 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-08-16 14:59 - 2015-12-24 17:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-08-16 14:59 - 2015-12-24 17:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-08-16 14:59 - 2015-12-24 17:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-08-16 14:59 - 2015-12-24 17:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-07-19 17:23 - 2015-05-20 18:03 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-09-21 10:21 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-09-21 10:21 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-09-21 10:21 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-09-21 10:21 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-09-21 10:21 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-07-19 17:23 - 2015-08-26 17:44 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2015-07-19 17:23 - 2015-08-26 17:44 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2015-07-19 17:23 - 2015-08-26 17:44 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2015-07-19 17:23 - 2015-08-26 17:45 - 00268920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll
2015-07-19 17:23 - 2015-08-26 17:44 - 00053024 _____ () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll
2015-07-19 17:23 - 2015-08-26 17:44 - 00622880 _____ () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll
2014-01-25 00:48 - 2013-08-05 08:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-07-19 17:23 - 2015-08-26 17:45 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2013-11-01 15:48 - 2013-11-01 15:48 - 00080120 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll
2013-11-01 15:48 - 2013-11-01 15:48 - 00371448 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll
2014-12-05 10:07 - 2014-12-05 10:07 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.

IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7867 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2012-07-26 06:26 - 2015-09-21 10:31 - 00450831 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15464 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jillsy\Pictures\Politisch_sonstiges\communist_screensaver.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WSearch => 2
HKLM\...\StartupApproved\Run32: => "SPEEDLINK KUDOS"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{77B00F4F-D287-4F4F-B225-50E11CAFCEB1}C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat] => (Block) C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat
FirewallRules: [TCP Query User{9A87AD92-4F7A-4CBB-9709-F5DA91DCD46C}C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat] => (Block) C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat
FirewallRules: [{0871632F-F2C3-4B2E-88FB-DC98E2B8C52C}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{7F1623DC-581B-4733-B6CC-237AEACF2EAC}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DFADDF91-60AE-4D68-8923-393DB307F5B0}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B804410C-17D1-4F60-9BDA-9BCEBDF84D00}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\Command Conquer 3 Kanes Wrath\RetailExe\1.2\cnc3ep1.dat
FirewallRules: [{7CD5BCB7-49B7-4405-9722-2387456E07F8}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
FirewallRules: [{818A33F8-BD88-490A-85F8-A2E31517E72F}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
FirewallRules: [{5A9683AF-E0D7-4025-BBB0-4BEE7D3428B5}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{C6F3A2FB-73AA-45A3-A280-5AD665DC1D50}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [UDP Query User{54ECFB4C-6323-4541-9224-2B781BAD0F3D}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{A02FC674-045F-42EF-9F5C-6EB9F9B5DD14}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{DF8B3425-D02C-4F0C-9597-9FE96162CD37}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe
FirewallRules: [TCP Query User{3CAD24A7-B537-49E3-BDA6-2821C03AD89E}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe
FirewallRules: [{F17D43B4-E496-43F4-978D-A250C49DF401}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{0994C847-228F-4118-A1FB-F5CB9A537629}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{7396F9DA-0ACF-4390-BFAA-A02413775D81}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{03C6DCF0-DC4E-4AB1-A0E0-382F3D3AB0C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{D21D6C6B-DF37-4C13-8578-50824BBA7B0D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{8C623108-47A3-48F5-BDDD-1F212D98A0E0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [UDP Query User{3479FF1F-51DA-4F67-A68A-BAD33DEDC37B}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
FirewallRules: [TCP Query User{E4B2AB9C-3799-4305-B3A4-390E374B4AFB}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
FirewallRules: [{67D10E8F-13AC-42B3-87A8-728785D99A63}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{B1BBAE92-5261-4662-B010-E6340A62029D}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{5627B416-724E-40E2-82A4-BE78181B6F3C}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\MarchOfWar\game.exe
FirewallRules: [{F2AE1BB2-C783-404A-8FA2-147D3692B79A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\MarchOfWar\game.exe
FirewallRules: [{E95530D4-4F4C-46C1-8139-6FD6FD40FC85}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{2FF03B5F-BEAA-4C26-A0D5-BAE00DEEE3B7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{A2311008-A14D-4BAD-914C-A9E787A730A8}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{952A3631-4B4D-421C-9A34-4C17F122DC30}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{43D97D92-C722-49E9-9FDF-918EB74C13BF}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8C71ADB1-DAF1-45F7-B144-451B1B9D9981}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4E14DED1-53CA-4E4A-B602-0B495979D819}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{347F59D6-76D7-45C7-B997-82535AF01DEE}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{527EE3A2-4754-4127-90C9-916F633F1258}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Impire\Impire.exe
FirewallRules: [{48A9A9A2-E48C-483C-8A85-6A9A875DF5C0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Impire\Impire.exe
FirewallRules: [{9603CE39-D288-445F-9692-67E01088498F}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe
FirewallRules: [{A5F666EB-0ECC-4DBD-A019-3473A4D8281C}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe
FirewallRules: [{F47E7B9F-5665-4BE4-BB14-7A42193EBB06}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{9B708C1C-19E7-4962-9F9B-2C8EF5E4C893}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [UDP Query User{30D9ADD7-96E6-4287-A2A7-EF4EE55FA562}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe
FirewallRules: [TCP Query User{A3F61336-F95F-4ACB-8EF4-CA21DD7C2AFC}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe
FirewallRules: [{9A9D5D9D-0966-4C66-8600-DA77AB0796B4}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{F57658E0-4F8C-48D1-A1E4-A93659AAA2A8}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [UDP Query User{C41D3E23-B845-4F67-9D2C-393D00387DC1}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [TCP Query User{389222E5-6CF5-4E86-9A71-3957AA90014B}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [{A502D93B-C8BA-426F-A2C3-0752E5C014BA}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe
FirewallRules: [{B78F6F36-0273-4A58-ADF3-378F58FB5811}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe
FirewallRules: [{01D86C80-EE8B-49DE-B269-81D27792E0E2}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{EA374A6A-3F18-41EF-9519-C743E9FE35C7}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{4C75026C-C5C5-45DA-9DE5-DED8A0CA6917}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe
FirewallRules: [{A0BCD8D7-92AD-4E0D-A783-3E8E3C0E8C04}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe
FirewallRules: [{53CC2CC3-B84C-4443-BC5F-D985CD252961}] => (Allow) C:\Program Files (x86)\Origin Games\CNC and The Covert Operations\CNC95Launcher.exe
FirewallRules: [{C99B20CF-EB06-4BD3-BF0B-3E574EA6D27E}] => (Allow) C:\Program Files (x86)\Origin Games\CNC and The Covert Operations\CNC95Launcher.exe
FirewallRules: [{815019A8-5A68-492B-936B-0FA7D4EC04DA}] => (Allow) C:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{6BFE26BC-1F34-48C6-96C8-87117738353B}] => (Allow) C:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{F6965599-DE2C-4EB1-A914-6F55A6E5887E}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{8EF57C2A-35EF-4ECA-A486-68E6CBB5E25C}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{99A06801-FE48-4F3E-A164-FAC48088DBD6}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [{28C30C02-4FF2-4BC7-8E43-5E130611811F}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [{C1A8177D-C255-424F-841C-8752B5D33280}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{689654EF-AA3E-4EE2-A14B-3DBD226691AF}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E1274847-115C-4C64-8014-F03D64E6640F}] => (Allow) F:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{1C4B4D3F-06DF-493F-9E97-721BF1B380FB}] => (Allow) F:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{D897E023-AC42-4272-88EE-F643681ED3F5}] => (Allow) F:\Programme\Battle.net\Battle.net.exe
FirewallRules: [{30116663-3EA6-400E-B1EC-6F65172870F9}] => (Allow) F:\Programme\Battle.net\Battle.net.exe
FirewallRules: [{AD621562-B258-4BEA-918C-72182128D320}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{04996B5E-2478-4745-8EC4-F87DA049BFFE}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{C96BF102-BF94-4AEC-B5E5-26C85089931A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{E5C2C617-4135-43B4-A81A-19D5956AB582}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{A5471AF6-3CAA-44F8-BA4D-AC19A021BC79}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [TCP Query User{E8E30EFE-FFA0-4427-A34D-BCDEC07150AA}F:\program files (x86)\warthunder\launcher.exe] => (Allow) F:\program files (x86)\warthunder\launcher.exe
FirewallRules: [UDP Query User{CEC463DF-AA0D-4A32-A573-667B327F3C58}F:\program files (x86)\warthunder\launcher.exe] => (Allow) F:\program files (x86)\warthunder\launcher.exe
FirewallRules: [TCP Query User{4E33AA3E-B169-4D6A-B100-2273E22610D6}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe
FirewallRules: [UDP Query User{18E9FCE7-EB22-42D1-8CF3-027E5E7DBA0D}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe
FirewallRules: [{A577F4F3-9405-40FC-A966-365C88D3E4AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6C379C6F-2BA0-4895-ACF0-84F8A53F6C10}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DD16FA5-3984-4F17-9AB6-DF8E7F6A3617}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{36E11355-6223-45B8-92FD-CE4F96CF69FA}] => (Allow) LPort=2869
FirewallRules: [{C90CD4C6-C69E-433C-B1B1-5EFE35E248F5}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{1090934E-213D-4240-85FB-F808DA1538F4}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A185E50C-6A96-4498-BEED-8E3FD65139A3}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{8A6EC896-1C58-45B0-9D75-0119F73D41C0}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{BA039A47-405B-4D32-820A-CDF72A1CF9D0}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{29C9480D-46C6-46D7-82E3-F66458BD0CDA}C:\program files (x86)\origin games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942.exe
FirewallRules: [UDP Query User{5B2D829E-9D84-4124-AE8F-833868268401}C:\program files (x86)\origin games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942.exe
FirewallRules: [{8691DE5D-FD28-4B34-9108-8D9827B74659}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\WDExpress.exe
FirewallRules: [{BE496921-DC8F-4B8C-B0ED-D9CCB12102A4}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{0F200D13-0BE7-4157-A25E-97E184D0C21E}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
FirewallRules: [UDP Query User{2F1615C4-8BFB-4586-A3DA-6CD5DCCAAE55}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
FirewallRules: [{054B4AD0-B5D2-4639-9B69-5C6534AA861B}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{0C15EEC7-6C22-46DD-8829-93E4F003549D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{C84DA38C-2C8D-4EA4-9FD1-EA357A44018C}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{F5C6C20F-CBE1-48A3-AE45-A9C7565422CA}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{33D285AF-E8CB-4255-8CF8-E6D70C07472D}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of Aggression\ActOfAggression.exe
FirewallRules: [{6E0AD701-49A3-4363-8B13-4D1460D8841F}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of Aggression\ActOfAggression.exe
FirewallRules: [{1B8F524B-F8C7-4D0C-8D89-5BDD928F06D0}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of War Direct Action\ActOfWar.exe
FirewallRules: [{D40963D6-1F31-4420-B044-D9D56FFA9F17}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of War Direct Action\ActOfWar.exe
FirewallRules: [{FE5D5EFB-63D9-41BE-A85A-4CCB03AE5913}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9993442B-FB90-455F-9E39-3EA7B09D7622}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C136AEAE-3562-409B-AE10-23F363B2E160}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{5D514E99-A001-4E29-B445-286B2A637F0C}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{ECA58A2C-2004-40DC-ACB1-68BF786041E1}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{8AE29A91-7605-4168-AE9D-55B3662BB14F}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{A380B121-5621-4B0A-B281-12117533A3A0}C:\program files\starcraft\starcraft.exe] => (Block) C:\program files\starcraft\starcraft.exe
FirewallRules: [UDP Query User{CDB73C6F-6D55-41DE-8EC8-DCC348C5C78C}C:\program files\starcraft\starcraft.exe] => (Block) C:\program files\starcraft\starcraft.exe
FirewallRules: [TCP Query User{4D3AC84D-C1C8-4447-893E-107C63C9D9D8}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{C5675333-7335-4659-9EF0-E8B707BBF178}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{4DD43A1D-33F0-416E-BAFD-27648E88E6F7}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{FC1D01EE-BB68-416A-A505-8BF9D335FA8F}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [{2146CE46-7A40-4B17-82D3-3BB5F2A041AB}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{072C4572-FF00-4B04-A11E-97CA54C24ED6}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{574342EA-8CA3-47FB-9864-9A69DCDF59B6}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{8DED3EAF-DD5C-411C-BE3A-BDF935F72856}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [UDP Query User{28964522-6023-4670-94AF-7A89F229A361}H:\games\world_of_tanks\wotlauncher.exe] => (Allow) H:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{F8CB4C5C-E2F1-4B2F-B407-3AC022D220E0}H:\games\world_of_tanks\wotlauncher.exe] => (Allow) H:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{4390C718-6D50-413F-8E36-82AC51C4927E}H:\games\world_of_tanks\wotlauncher.exe] => (Allow) H:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{9255D280-34B7-4ECC-8CEA-6A230D80C304}H:\games\world_of_tanks\worldoftanks.exe] => (Allow) H:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{DC605707-5D02-4365-BFCF-00121ABF6B2D}H:\games\world_of_tanks\worldoftanks.exe] => (Allow) H:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{D9992707-EBE4-4F08-94CD-E55067FC95CD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

08-01-2016 00:46:47 DVDVideoSoftRestorePoint
08-01-2016 01:00:00 Removed Avira Savings Advisor

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/08/2016 06:50:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BlueSoleilCS.exe, Version: 11.0.748.0, Zeitstempel: 0x52735a21
Name des fehlerhaften Moduls: tl_filter.dll, Version: 0.0.0.0, Zeitstempel: 0x519ec946
Ausnahmecode: 0xc0000094
Fehleroffset: 0x0000d53d
ID des fehlerhaften Prozesses: 0x778
Startzeit der fehlerhaften Anwendung: 0xBlueSoleilCS.exe0
Pfad der fehlerhaften Anwendung: BlueSoleilCS.exe1
Pfad des fehlerhaften Moduls: BlueSoleilCS.exe2
Berichtskennung: BlueSoleilCS.exe3
Vollständiger Name des fehlerhaften Pakets: BlueSoleilCS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BlueSoleilCS.exe5

Error: (01/07/2016 11:12:17 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (01/07/2016 07:22:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: procexp64.exe, Version: 15.40.0.0, Zeitstempel: 0x51f7e32c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650b9bb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f12e0
ID des fehlerhaften Prozesses: 0x167c
Startzeit der fehlerhaften Anwendung: 0xprocexp64.exe0
Pfad der fehlerhaften Anwendung: procexp64.exe1
Pfad des fehlerhaften Moduls: procexp64.exe2
Berichtskennung: procexp64.exe3
Vollständiger Name des fehlerhaften Pakets: procexp64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: procexp64.exe5

Error: (01/07/2016 07:12:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\Windows\system32\mscoree.dll8

Error: (01/04/2016 12:09:50 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (01/03/2016 04:19:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm generals.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c8

Startzeit: 01d146345b00e36a

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Command and Conquer Generals Zero Hour\generals.exe

Berichts-ID: 71f8ac04-b22d-11e5-83b1-0c84dc705658

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/02/2016 07:05:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (01/02/2016 12:34:19 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe" ; Beschreibung = Created by Wise Registry Cleaner; Fehler = 0x80070422).

Error: (01/02/2016 12:33:43 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe" ; Beschreibung = Created by Wise Registry Cleaner; Fehler = 0x80070422).

Error: (01/02/2016 12:33:24 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe" ; Beschreibung = Created by Wise Registry Cleaner; Fehler = 0x80070422).


Systemfehler:
=============
Error: (01/08/2016 06:52:37 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (01/08/2016 06:50:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BlueSoleilCS" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/08/2016 12:57:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Digital Wave Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/08/2016 12:48:59 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Digital Wave Update Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (01/07/2016 11:12:52 PM) (Source: DCOM) (EventID: 10010) (User: Jillsy-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/07/2016 11:12:22 PM) (Source: DCOM) (EventID: 10010) (User: Jillsy-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/07/2016 10:02:45 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT-AUTORITÄT)
Description: Der Systemüberwachungszeitgeber wurde ausgelöst.

Error: (01/07/2016 10:03:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎01.‎2016 um 21:39:05 unerwartet heruntergefahren.

Error: (01/07/2016 06:25:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/07/2016 06:25:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8084.27 MB
Verfügbarer physikalischer RAM: 5561.13 MB
Summe virtueller Speicher: 16276.27 MB
Verfügbarer virtueller Speicher: 12943.56 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:712.88 GB) (Free:337.77 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS
Drive f: (Daten) (Fixed) (Total:97.68 GB) (Free:10.98 GB) NTFS
Drive h: (Daten) (Fixed) (Total:100 GB) (Free:20.4 GB) NTFS
Drive i: (RECOVERY) (Fixed) (Total:19.74 GB) (Free:1.95 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive j: () (Removable) (Total:14.83 GB) (Free:9.92 GB) FAT32
Drive l: (My Book) (Fixed) (Total:1862.98 GB) (Free:1336.68 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D2E2694D)

Partition: GPT.

========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 9371220B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Zitat:

Zitat von M-K-D-B

Servus,

du hast zweimal die FRST.txt gepostet.

Kannst du bitte noch die Addition.txt posten?

klar, mach ich. Soweit ich dies beureteilen kann ist alles in Ordnung oder?

M-K-D-B · 09.01.2016, 10:03

Servus,

sieht gut aus.

Eine Kleinigkeit stört mich:

Zitat:

FF user.js: detected! => C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\user.js [2014-05-17]

Sowas wird meist von Adware angelegt.

Wir lassen kurz zwei Programme scannen, ob die was finden:

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM.

jillsy2k · 09.01.2016, 14:04

Hallo Matthias. Hatte heute sehr Zeitdruck und darum nach dem ADWCleaner Scann, (nach Neustart und [glaube ich 1. Fund]), den PC wieder Heruntergefahren.. Bluescreen. Jetzt bin ich wieder heimgekommen und es läuft soweit alles wieder. Poste dir gleich die LOG Files (MBAM Scannt noch.
Eine andere Frage, an dich als Profi; soll ich Malware Bytes drauf lassen und Spybot Search and Destroy deinstallieren oder Malware Bytes drauf lassen?
Bin mit Spybot bisher sehr gut gefahren.

Hier schonmal AdwCleaner Log:

Code:

ATTFilter

# AdwCleaner v5.028 - Bericht erstellt am 09/01/2016 um 12:04:34
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Jillsy - JILLSY-PC
# Gestartet von : C:\Users\Jillsy\Desktop\AdwCleaner_5.028.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
[-] Datei Gelöscht : C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.superfish.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKCU\Software\Ciuvo
[-] Schlüssel Gelöscht : HKCU\Software\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\DriverTuner_Init
[-] Schlüssel Gelöscht : HKCU\Software\DriverTuner
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ViewPassword
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FAD0F79E-5EA4-542B-76A3-46093E52C1F5}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ciuvo.com

***** [ Internetbrowser ] *****

[-] [C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : delta-search.com
[-] [C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : world-of-tanks.softonic.de

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3228 Bytes] ##########

MBAM hat nix gefunden ich poste dir zuerst die mbam1.log, dann die protection-log;

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 09.01.2016
Suchlaufzeit: 13:29
Protokolldatei: mbm1.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.01.09.02
Rootkit-Datenbank: v2016.01.05.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Jillsy

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 448619
Abgelaufene Zeit: 29 Min., 35 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 09.01.2016
Suchlaufzeit: 13:29
Protokolldatei: mbm1.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.01.09.02
Rootkit-Datenbank: v2016.01.05.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Jillsy

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 448619
Abgelaufene Zeit: 29 Min., 35 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

M-K-D-B · 09.01.2016, 14:12

Servus,

ich persönlich würde Spybot deinstallieren und lieber mit Malwarebytes' Anti-Malware ab und zu meinen PC scannen.

Ein paar Adware-Reste wurden ja noch entfernt.

Bitte nochmal FRST ausführen, ob jetzt alles gut aussieht:

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

jillsy2k · 09.01.2016, 14:13

Nachtrag, besten Dank für deine Hilfe.

Ich habe Malwarebytes deinstalliert und werde jetzt einen Wiederherstellungsgspunkt, dann nachher eine komplette Sicherung machen.
PS; Nochmal die Frage ist deiner Ansicht nach, MBAM besser als Spybot Search and Destroy? oder Ist es egal?
Und was hältst du vom Wise Registry Cleaner? (benutze den regelmässig [bis auf die "PC-Optimierung@]) um die Registry zu reinigen (was er das macht weiss ich nicht im Detail, bisher hat es zumindest nix geschadet und bei einem Kollegen von mir lief danach der Laptop einiges schneller und vorallem kann ich mit dem Tool auf Windows 8.1 64 bit bequem einen Wiederherstellungspunkte.

M-K-D-B · 09.01.2016, 14:14

Servus,

lies bitte meinen letzten Post.

Deine Fragen beantworte ich dir dann, wenn die Logdateien von FRST sauber sind.

jillsy2k · 09.01.2016, 14:51

Gut ich bleibe beim Spybot und mache 1x im Monat mit MBAM einen Scan, wäre dies eine option? :-)
Hier nochmal FRST und Addition.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015
durchgeführt von Jillsy (Administrator) auf JILLSY-PC (09-01-2016 14:47:18)
Gestartet von C:\Users\Jillsy\Desktop
Geladene Profile: Jillsy &  (Verfügbare Profile: Jillsy)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7165000 2014-01-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2014-12-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-11-01] (IVT Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\kies 2\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {3d668a6f-8552-11e3-be7c-0c84dc705658} - "G:\SETUP.EXE" 
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {9d99a095-270e-11e4-80ba-806e6f6e6963} - "K:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3d668a6f-8552-11e3-be7c-0c84dc705658} - "G:\SETUP.EXE" 
HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9d99a095-270e-11e4-80ba-806e6f6e6963} - "K:\WD Drive Unlock.exe" autoplay=true
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{36D0A91B-153F-40A1-99EB-E82C452784FD}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{D3C34DF9-E5D6-442B-9AA5-E7CD700D047C}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default
FF Homepage: hxxp://www.google.ch/
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-12-05] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-12-05] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.)
FF Extension: PDF Download - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2015-05-31]
FF Extension: Download Statusbar Fixed - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{4204c864-50bf-467a-95b3-0912b7f15869}.xpi [2016-01-06]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\artur.dubovoy@gmail.com [2016-01-06]
FF Extension: Personas Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\personas@christopher.beard.xpi [2016-01-08]
FF Extension: Show MyIP - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}.xpi [2016-01-08]
FF Extension: Ghostery - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\firefox@ghostery.com.xpi [2016-01-02]
FF Extension: Kein Name - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\jid1-nGMZvOxL2PYSxg@jetpack.xpi [2015-05-31] [ist nicht signiert]
FF Extension: Download Status Bar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-05-31]
FF Extension: NoScript - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-08]
FF Extension: Video DownloadHelper - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-01-08]
FF Extension: Adblock Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF Extension: Download Statusbar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2015-05-31]
FF Extension: Clean Video - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [2015-05-31]

Chrome: 
=======
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Donna Karan) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2014-04-27]
CHR Extension: (Google Docs Offline) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16]
CHR Extension: (Google Mail) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-08] (Avira Operations GmbH & Co. KG)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1706744 2013-11-01] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-11-01] (IVT Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-12-05] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-12-05] (Intel Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-08-26] (IObit)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-12-05] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-24] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-02] (RTS Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [27440 2015-10-16] () [Datei ist nicht signiert]
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-12-05] (Synaptics Incorporated)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-09 14:47 - 2016-01-09 14:47 - 00030147 _____ C:\Users\Jillsy\Desktop\FRST.txt
2016-01-09 14:47 - 2016-01-08 19:39 - 02370560 _____ (Farbar) C:\Users\Jillsy\Desktop\FRST64.exe
2016-01-09 14:20 - 2016-01-09 14:20 - 00001589 _____ C:\Users\Jillsy\Desktop\CD USB ISO MAKER.lnk
2016-01-09 14:20 - 2016-01-09 14:20 - 00000000 ____D C:\Program Files (x86)\Unetbootin
2016-01-09 14:02 - 2016-01-09 14:02 - 00000735 _____ C:\protection-mbm2.txt
2016-01-09 14:01 - 2016-01-09 14:01 - 00001198 _____ C:\mbm1.txt
2016-01-09 13:28 - 2016-01-09 13:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-09 12:12 - 2016-01-09 12:13 - 00285512 _____ C:\Windows\Minidump\010916-31328-01.dmp
2016-01-09 12:09 - 2016-01-09 12:09 - 00285512 _____ C:\Windows\Minidump\010916-25796-01.dmp
2016-01-09 11:50 - 2016-01-09 12:04 - 00000000 ____D C:\AdwCleaner
2016-01-08 20:06 - 2016-01-08 20:09 - 00251318 _____ C:\TDSSKiller.3.1.0.9_08.01.2016_20.06.08_log.txt
2016-01-08 20:05 - 2016-01-08 20:34 - 00000000 ____D C:\TDSSKILLER
2016-01-08 19:39 - 2016-01-09 14:47 - 00000000 ____D C:\FRST
2016-01-08 18:54 - 2016-01-08 18:54 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (6).exe
2016-01-08 18:53 - 2016-01-08 18:53 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Avira
2016-01-08 18:52 - 2015-12-03 15:24 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-01-08 18:52 - 2015-12-03 15:24 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-01-08 18:52 - 2015-12-03 15:24 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-01-08 18:52 - 2015-12-03 15:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-01-08 18:49 - 2016-01-08 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-08 18:49 - 2016-01-08 18:49 - 00001233 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-01-08 12:00 - 2016-01-09 14:05 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-08 12:00 - 2016-01-09 12:13 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-08 12:00 - 2016-01-08 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-08 11:59 - 2016-01-08 11:59 - 00927824 _____ (Google Inc.) C:\Users\Jillsy\Downloads\ChromeSetup.exe
2016-01-08 10:36 - 2016-01-08 10:36 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_568efddb9c96e__ws.exe
2016-01-08 00:51 - 2016-01-08 10:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-08 00:47 - 2016-01-08 00:47 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (5).exe
2016-01-08 00:46 - 2016-01-08 00:46 - 26352816 _____ (DVDVideoSoft Ltd. ) C:\Users\Jillsy\Downloads\FreeAudioConverter (1).exe
2016-01-08 00:46 - 2016-01-08 00:46 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (4).exe
2016-01-08 00:41 - 2016-01-08 00:41 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (3).exe
2016-01-08 00:34 - 2016-01-08 00:34 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (2).exe
2016-01-06 23:27 - 2016-01-06 23:27 - 00000702 _____ C:\Users\Public\Desktop\World of Tanks.lnk
2016-01-06 23:27 - 2016-01-06 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-01-06 23:26 - 2016-01-06 23:26 - 05124704 _____ (Wargaming.net ) C:\Users\Jillsy\Downloads\WoT_internet_install_eu.exe
2016-01-06 16:54 - 2016-01-06 16:54 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Jillsy\Downloads\28790_HPUSBFW_v2.2.3.exe
2016-01-05 23:49 - 2016-01-05 23:49 - 00000345 _____ C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Update.lnk
2016-01-05 23:47 - 2016-01-05 23:47 - 30073472 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-cross-i386-win32-win64.exe
2016-01-05 23:47 - 2016-01-05 23:47 - 00001859 _____ C:\Users\Jillsy\Downloads\README.txt
2016-01-05 23:46 - 2016-01-05 23:47 - 113126489 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-win32.exe
2016-01-05 23:05 - 2016-01-05 23:05 - 00001027 _____ C:\Users\Jillsy\Desktop\Videos.lnk
2016-01-04 23:07 - 2016-01-04 23:07 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Microsoft_Corporation
2016-01-04 23:00 - 2016-01-04 23:00 - 00000000 _____ C:\Users\Jillsy\Desktop\Neues Textdokument (2).txt
2016-01-01 22:43 - 2016-01-07 23:32 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-01-01 22:43 - 2016-01-01 22:43 - 00001137 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-01-01 22:12 - 2016-01-01 22:13 - 00285624 _____ C:\Windows\Minidump\010116-25250-01.dmp
2016-01-01 13:50 - 2016-01-01 13:51 - 00285568 _____ C:\Windows\Minidump\010116-33593-01.dmp
2015-12-30 23:01 - 2015-12-30 23:02 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Jillsy\Downloads\LinuxLive USB Creator 2.9.4.exe
2015-12-29 18:00 - 2015-12-29 18:00 - 00285568 _____ C:\Windows\Minidump\122915-38406-01.dmp
2015-12-22 13:59 - 2015-12-22 14:03 - 00069632 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe
2015-12-22 13:59 - 2015-12-22 14:03 - 00033209 _____ C:\Windows\scunin.dat
2015-12-22 13:59 - 2015-12-22 14:03 - 00000967 _____ C:\Windows\ScUnin.pif
2015-12-22 13:59 - 2015-12-22 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft
2015-12-22 13:56 - 1999-03-19 18:40 - 598221809 _____ (Blizzard Entertainment) C:\Users\Jillsy\Desktop\BroodWar.mpq
2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\Program Files\Oracle
2015-12-21 01:13 - 2015-11-10 17:56 - 00964928 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-12-21 01:13 - 2015-11-10 17:56 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-12-21 01:07 - 2015-12-21 01:08 - 116982472 _____ (Oracle Corporation) C:\Users\Jillsy\Downloads\VirtualBox-5.0.10-104061-Win.exe
2015-12-16 13:37 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-16 13:37 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-16 13:37 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-16 13:37 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-12-16 13:37 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-16 13:37 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-16 13:37 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-16 13:37 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-16 13:37 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-16 13:37 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-16 13:37 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-16 13:37 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-16 13:37 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-12-16 13:37 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-16 13:37 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-16 13:37 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-16 13:37 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-16 13:37 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-12-16 13:37 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-16 13:37 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-16 13:37 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-16 13:37 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-16 13:37 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-16 13:37 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-16 13:37 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-16 13:37 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-16 13:37 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-16 13:37 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-12-16 13:37 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-12-16 13:37 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-16 13:37 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-16 13:37 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-16 13:37 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-16 13:37 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-16 13:37 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-16 13:37 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-12-16 13:37 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-16 13:37 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-16 13:37 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-16 13:37 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-16 13:30 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-16 13:30 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-16 13:30 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-12-16 13:30 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-12-16 13:30 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-12-16 13:30 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-12-16 13:30 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-12-16 13:30 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-12-16 13:30 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-12-16 13:30 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-16 13:30 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-16 13:30 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-16 13:30 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-16 13:30 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-16 13:30 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-16 13:30 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-16 13:30 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-16 13:30 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-12-16 13:30 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-16 13:30 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-16 13:30 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-12-16 13:30 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-12-16 13:30 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-12-10 19:38 - 2015-12-13 23:36 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Zero Hour Data

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-09 14:41 - 2014-05-15 17:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-09 14:22 - 2014-02-08 21:10 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\TS3Client
2016-01-09 14:22 - 2014-02-08 21:10 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-01-09 14:11 - 2014-01-24 00:24 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-933261645-1527721118-3068914036-1001
2016-01-09 14:06 - 2014-09-15 03:00 - 00000000 ____D C:\Users\Jillsy\Downloads\Everything-1.3.4.686.x86
2016-01-09 13:38 - 2014-01-25 13:29 - 00000000 ___RD C:\Users\Jillsy\Documents\Codes
2016-01-09 12:16 - 2014-11-29 01:10 - 00000000 __SHD C:\Users\Jillsy\IntelGraphicsProfiles
2016-01-09 12:16 - 2014-01-24 09:45 - 00003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2016-01-09 12:14 - 2013-11-20 10:44 - 00001060 _____ C:\Windows\SysWOW64\bscs.ini
2016-01-09 12:13 - 2014-01-24 09:45 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2016-01-09 12:13 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-09 12:12 - 2014-12-01 21:18 - 00000000 ____D C:\Windows\Minidump
2016-01-09 12:12 - 2014-05-29 23:41 - 639352797 _____ C:\Windows\MEMORY.DMP
2016-01-09 12:12 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-09 12:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-01-09 11:53 - 2014-11-29 01:26 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9BD55254-7A97-4A43-AE4A-A69447C0F3FC}
2016-01-08 23:18 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Origin
2016-01-08 19:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-01-08 18:52 - 2014-08-15 19:08 - 00000000 ____D C:\ProgramData\Avira
2016-01-08 18:52 - 2014-01-23 06:52 - 00000000 ____D C:\Program Files (x86)\Avira
2016-01-08 18:48 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-08 18:45 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-08 18:40 - 2015-07-12 13:31 - 00000000 ____D C:\ProgramData\ProductData
2016-01-08 12:00 - 2014-01-24 00:25 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-08 12:00 - 2014-01-24 00:25 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-08 12:00 - 2014-01-24 00:25 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-08 10:26 - 2014-09-24 07:17 - 01984420 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-08 10:26 - 2014-09-24 06:43 - 00843606 _____ C:\Windows\system32\perfh007.dat
2016-01-08 10:26 - 2014-09-24 06:43 - 00192300 _____ C:\Windows\system32\perfc007.dat
2016-01-08 10:10 - 2014-01-25 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-08 00:48 - 2015-08-16 14:59 - 00001264 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-01-08 00:22 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Battle.net
2016-01-07 23:32 - 2014-02-26 16:50 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueJ
2016-01-07 23:32 - 2014-01-24 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-01-07 22:04 - 2014-11-29 00:44 - 00000000 ____D C:\Users\Jillsy
2016-01-06 23:27 - 2014-04-20 12:11 - 00000000 ____D C:\Games
2016-01-06 22:27 - 2014-01-25 15:05 - 00000000 ____D C:\Users\Jillsy\.VirtualBox
2016-01-06 20:53 - 2015-07-19 14:41 - 00000000 ____D C:\Users\Jillsy\AppData\Local\lazarus
2016-01-05 23:58 - 2015-07-25 16:26 - 00000000 ____D C:\lazarus
2016-01-05 23:56 - 2015-07-25 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus
2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Glyph
2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Program Files (x86)\Glyph
2016-01-03 23:56 - 2014-07-03 12:47 - 00000000 ____D C:\ProgramData\Glyph
2016-01-02 13:26 - 2014-06-05 15:42 - 00000000 ____D C:\Diablo II
2016-01-02 09:39 - 2015-08-22 12:18 - 00000000 ____D C:\Users\Jillsy\VirtualBox VMs
2016-01-02 00:30 - 2014-01-25 11:14 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-01 23:17 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp
2016-01-01 23:16 - 2014-08-18 18:06 - 00000000 ____D C:\Program Files (x86)\Western Digital
2016-01-01 22:42 - 2014-01-25 02:20 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Tropico 4
2016-01-01 22:41 - 2014-01-25 04:21 - 00001345 _____ C:\Users\Jillsy\Desktop\Tropico 4.lnk
2015-12-30 23:01 - 2014-11-03 11:48 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2015-12-30 18:01 - 2015-11-24 20:20 - 00000000 ____D C:\Program Files\Cloud Imperium Games
2015-12-30 18:00 - 2015-04-15 19:33 - 00000000 ____D C:\ProgramData\Skype
2015-12-30 18:00 - 2014-07-09 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-12-29 14:41 - 2014-05-15 17:57 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-26 09:48 - 2014-09-24 08:46 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-26 09:48 - 2014-09-24 08:46 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-22 19:05 - 2015-11-30 00:06 - 00000000 ____D C:\Program Files\Starcraft
2015-12-21 22:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-12-21 01:13 - 2015-07-19 14:46 - 00001099 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-12-21 00:50 - 2014-01-24 23:28 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-12-17 22:39 - 2015-12-06 23:45 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Data
2015-12-17 15:44 - 2014-01-25 01:59 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-16 21:20 - 2015-10-15 14:17 - 00003172 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJillsy
2015-12-16 21:20 - 2015-10-15 14:17 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForJillsy.job
2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-16 14:02 - 2015-08-08 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-16 13:57 - 2013-08-22 15:44 - 00391440 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-16 13:54 - 2014-01-23 09:04 - 00000000 ____D C:\Windows\system32\MRT
2015-12-16 13:48 - 2014-01-25 02:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-12-16 13:45 - 2014-02-01 00:30 - 00000000 ____D C:\Program Files (x86)\SPEEDLINK
2015-12-16 13:41 - 2015-11-12 19:22 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Razer
2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\ProgramData\Razer
2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\Program Files (x86)\Razer
2015-12-16 13:38 - 2014-01-23 09:04 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-16 13:21 - 2015-05-14 13:29 - 00000000 ___RD C:\Users\Jillsy\OneDrive
2015-12-16 13:21 - 2015-02-14 19:02 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-933261645-1527721118-3068914036-1001
2015-12-16 13:21 - 2014-02-07 13:42 - 00000000 ____D C:\Program Files (x86)\Zenimax Online
2015-12-16 13:09 - 2015-07-12 13:33 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\ProductData
2015-12-16 13:09 - 2014-05-04 01:42 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\SleepTimerUltimate
2015-12-16 13:09 - 2014-01-25 00:09 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Wise Registry Cleaner
2015-12-16 13:09 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Battle.net
2015-12-16 13:09 - 2014-01-24 19:17 - 00000000 ____D C:\Users\Jillsy\AppData\Local\bluesoleil
2015-12-16 13:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-16 12:58 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-05-05 20:39 - 2014-10-13 00:00 - 0002181 _____ () C:\Users\Jillsy\AppData\Roaming\FoxitReaderUpdateInfo.txt
2014-10-01 18:36 - 2014-10-01 18:36 - 0000859 _____ () C:\Users\Jillsy\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\Jillsy\AppData\Local\Temp\avgnt.exe
C:\Users\Jillsy\AppData\Local\Temp\sp64126.exe
C:\Users\Jillsy\AppData\Local\Temp\sqlite3.dll
C:\Users\Jillsy\AppData\Local\Temp\Uninst.exe
C:\Users\Jillsy\AppData\Local\Temp\UninstallHPSA.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-09 12:24

==================== Ende von FRST.txt ============================

08.01.2016, 19:51	#4
M-K-D-B /// TB-Ausbilder	Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Servus, es fehlen noch die Addition.txt von FRST und die Log von TDSS-Killer.

08.01.2016, 20:05	#7
M-K-D-B /// TB-Ausbilder	Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Servus, du hast zweimal die FRST.txt gepostet. Kannst du bitte noch die Addition.txt posten?

09.01.2016, 14:14	#14
M-K-D-B /// TB-Ausbilder	Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Servus, lies bitte meinen letzten Post. Deine Fragen beantworte ich dir dann, wenn die Logdateien von FRST sauber sind.

Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar..

Plagegeister aller Art und deren Bekämpfung: Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar..