| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Spam Nachricht an alle Skype Kontakte "http://bit.ly/21Dc6l3?dazjsugo=XXX"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.03.2016, 21:45
| #1 |
 |  Spam Nachricht an alle Skype Kontakte "http://bit.ly/21Dc6l3?dazjsugo=XXX" Hallo liebe Gemeinde, heute zwischen 16:39 und 16:40 wurde von meinem Skype Account an die meisten meiner Kontakte in Skype eine Nachricht geschrieben. Ich war nicht am Laptop, aber er war an (während meine Musikbibliothek aktualisiert wurde). Die Nachricht sieht so aus "hxxp://bit.ly/21Dc6l3?dazjsugo=XXX" wobei XXX= Name des Skype Kontakts. Den Link hat wohl nur einer angeklickt, jedoch mit seinem Windows 10 Phone. Soll ich einen extra Thread dafür erstellen? Habe einen ähnlichen Thread gefunden und mir alle Tools heruntergeladen. Noch nicht benutzt. Habe "Avira" und "Spybot - Search and Destroy" durchlaufen lassen - ohne Erfolg. Hier der Ähnliche: http://www.trojaner-board.de/160697-...ngefangen.html Aber ich denke da muss etwas sein, ich meine sonst könnte man nicht über meinen Skype Account Links verschicken  Auf meinem Laptop läuft Windows 7 Professional 64 Bit. Ich habe ansonsten keine "Symptome" bemerkt. Freue mich von euch Hilfe zu erhalten  LG Edit: Ich habe folgende Tools runtergeladen: - adwcleaner - malewarebytes - Junkware Removal Tool - FRST Geändert von bright_night (06.03.2016 um 22:32 Uhr) |
|
07.03.2016, 17:53
| #2 |
| /// TB-Ausbilder   | Spam Nachricht an alle Skype Kontakte "http://bit.ly/21Dc6l3?dazjsugo=XXX" Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
07.03.2016, 18:15
| #3 |
| | TDSSKiller Report Teil 1 TDSSKiller
__________________Code:
ATTFilter 18:03:39.0075 0x1f58 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:03:49.0933 0x1f58 ============================================================
18:03:49.0933 0x1f58 Current date / time: 2016/03/07 18:03:49.0933
18:03:49.0933 0x1f58 SystemInfo:
18:03:49.0933 0x1f58
18:03:49.0933 0x1f58 OS Version: 6.1.7601 ServicePack: 1.0
18:03:49.0933 0x1f58 Product type: Workstation
18:03:49.0933 0x1f58 ComputerName: GABRIEL-PC
18:03:49.0933 0x1f58 UserName: Gabriel
18:03:49.0933 0x1f58 Windows directory: C:\Windows
18:03:49.0933 0x1f58 System windows directory: C:\Windows
18:03:49.0933 0x1f58 Running under WOW64
18:03:49.0933 0x1f58 Processor architecture: Intel x64
18:03:49.0933 0x1f58 Number of processors: 4
18:03:49.0933 0x1f58 Page size: 0x1000
18:03:49.0933 0x1f58 Boot type: Normal boot
18:03:49.0933 0x1f58 ============================================================
18:03:50.0370 0x1f58 KLMD registered as C:\Windows\system32\drivers\63749034.sys
18:03:50.0526 0x1f58 System UUID: {6CF98F6C-AA6A-AC79-4E2F-C9F9149E0819}
18:03:51.0009 0x1f58 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:03:51.0009 0x1f58 ============================================================
18:03:51.0009 0x1f58 \Device\Harddisk0\DR0:
18:03:51.0009 0x1f58 MBR partitions:
18:03:51.0009 0x1f58 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x72000
18:03:51.0009 0x1f58 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72800, BlocksNum 0x1B142000
18:03:51.0009 0x1f58 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1B1B4800, BlocksNum 0x1CF7000
18:03:51.0009 0x1f58 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1CEAB800, BlocksNum 0x31A000
18:03:51.0009 0x1f58 ============================================================
18:03:51.0009 0x1f58 C: <-> \Device\Harddisk0\DR0\Partition2
18:03:51.0009 0x1f58 D: <-> \Device\Harddisk0\DR0\Partition3
18:03:51.0009 0x1f58 E: <-> \Device\Harddisk0\DR0\Partition4
18:03:51.0009 0x1f58 ============================================================
18:03:51.0025 0x1f58 Initialize success
18:03:51.0025 0x1f58 ============================================================
18:05:01.0507 0x21f8 ============================================================
18:05:01.0507 0x21f8 Scan started
18:05:01.0507 0x21f8 Mode: Manual; SigCheck; TDLFS;
18:05:01.0507 0x21f8 ============================================================
18:05:01.0507 0x21f8 KSN ping started
18:05:11.0413 0x21f8 KSN ping finished: true
18:05:11.0663 0x21f8 ================ Scan system memory ========================
18:05:11.0663 0x21f8 System memory - ok
18:05:11.0663 0x21f8 ================ Scan services =============================
18:05:11.0694 0x21f8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
18:05:11.0741 0x21f8 1394ohci - ok
18:05:11.0756 0x21f8 [ EE9407D42154190C3169D11EA4B8C711, 42A084DC8D6A6679D2170FCC320766F9134D907F9B60C503EE32F77FA364481E ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
18:05:11.0772 0x21f8 Accelerometer - ok
18:05:11.0772 0x21f8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:05:11.0788 0x21f8 ACPI - ok
18:05:11.0788 0x21f8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:05:11.0803 0x21f8 AcpiPmi - ok
18:05:11.0803 0x21f8 [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
18:05:11.0819 0x21f8 acsock - ok
18:05:11.0819 0x21f8 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:05:11.0834 0x21f8 AdobeARMservice - ok
18:05:11.0850 0x21f8 [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:05:11.0850 0x21f8 AdobeFlashPlayerUpdateSvc - ok
18:05:11.0866 0x21f8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:05:11.0881 0x21f8 adp94xx - ok
18:05:11.0897 0x21f8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:05:11.0897 0x21f8 adpahci - ok
18:05:11.0912 0x21f8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:05:11.0912 0x21f8 adpu320 - ok
18:05:11.0928 0x21f8 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:05:11.0928 0x21f8 AeLookupSvc - ok
18:05:11.0944 0x21f8 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
18:05:11.0959 0x21f8 AFD - ok
18:05:11.0990 0x21f8 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
18:05:12.0006 0x21f8 AgereSoftModem - ok
18:05:12.0022 0x21f8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:05:12.0022 0x21f8 agp440 - ok
18:05:12.0022 0x21f8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:05:12.0037 0x21f8 ALG - ok
18:05:12.0037 0x21f8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:05:12.0053 0x21f8 aliide - ok
18:05:12.0053 0x21f8 [ 606C8F129FE18D6E3EA2FD542D43D72D, 1BDB9B1C3C8345429FFF25189DCA16F4174F29B5C5DFD5AEB5C277CD4E6EBCA8 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:05:12.0068 0x21f8 AMD External Events Utility - ok
18:05:12.0068 0x21f8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:05:12.0084 0x21f8 amdide - ok
18:05:12.0084 0x21f8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:05:12.0100 0x21f8 AmdK8 - ok
18:05:12.0100 0x21f8 amdkmdag - ok
18:05:12.0115 0x21f8 [ C0C27A1094F6EA978FB2CAACFDE0E594, 9B481D55ED3D55A975CB1EB32DD0DB9AD032D592585A5799F81918EFB7843AAE ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:05:12.0131 0x21f8 amdkmdap - ok
18:05:12.0131 0x21f8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:05:12.0146 0x21f8 AmdPPM - ok
18:05:12.0146 0x21f8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:05:12.0162 0x21f8 amdsata - ok
18:05:12.0162 0x21f8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:05:12.0178 0x21f8 amdsbs - ok
18:05:12.0178 0x21f8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:05:12.0193 0x21f8 amdxata - ok
18:05:12.0209 0x21f8 [ 4258991B9E25540D35C7C8234D4FE1D8, CB4E100E30626A02FE59CA7CAEE187B6B03BA531931B1D132E88C0638BCE6B7A ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
18:05:12.0240 0x21f8 AntiVirMailService - ok
18:05:12.0240 0x21f8 [ B72014AB9465B84D82AD324DBC4A77EF, 905E922839BDE1FBA26DCC8F48361DC08BD51CC42BCF0904FAB99D2C34027239 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:05:12.0256 0x21f8 AntiVirSchedulerService - ok
18:05:12.0271 0x21f8 [ B72014AB9465B84D82AD324DBC4A77EF, 905E922839BDE1FBA26DCC8F48361DC08BD51CC42BCF0904FAB99D2C34027239 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:05:12.0287 0x21f8 AntiVirService - ok
18:05:12.0318 0x21f8 [ FD20E4FC7D4E7BEBA088387DCE991865, F9EE69774C92F71BDE1D40671EAE5630273CA632BA1E996B00758527D0D75F3D ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:05:12.0349 0x21f8 AntiVirWebService - ok
18:05:12.0349 0x21f8 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
18:05:12.0365 0x21f8 AppID - ok
18:05:12.0365 0x21f8 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:05:12.0365 0x21f8 AppIDSvc - ok
18:05:12.0380 0x21f8 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
18:05:12.0380 0x21f8 Appinfo - ok
18:05:12.0396 0x21f8 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:05:12.0396 0x21f8 Apple Mobile Device Service - ok
18:05:12.0396 0x21f8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
18:05:12.0412 0x21f8 AppMgmt - ok
18:05:12.0412 0x21f8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:05:12.0427 0x21f8 arc - ok
18:05:12.0427 0x21f8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:05:12.0443 0x21f8 arcsas - ok
18:05:12.0443 0x21f8 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:05:12.0458 0x21f8 aspnet_state - ok
18:05:12.0458 0x21f8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:05:12.0490 0x21f8 AsyncMac - ok
18:05:12.0490 0x21f8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:05:12.0490 0x21f8 atapi - ok
18:05:12.0505 0x21f8 [ F270AFC3848C54C67E3BFB892CE9B9C6, BF5F087D2677E8D75DB34335B54496A3C3AFBCE5A019C52B9EB2B1D19A0803B1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:05:12.0505 0x21f8 AtiHDAudioService - ok
18:05:12.0521 0x21f8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:05:12.0552 0x21f8 AudioEndpointBuilder - ok
18:05:12.0552 0x21f8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:05:12.0583 0x21f8 AudioSrv - ok
18:05:12.0583 0x21f8 [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:05:12.0599 0x21f8 avgntflt - ok
18:05:12.0599 0x21f8 [ 6BA8ADBDF2A492A75DA81868C32F67BD, 56CB3A0647DACA414D5A65D4701443604E573F41FEE79349D88D558C6336453A ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:05:12.0614 0x21f8 avipbb - ok
18:05:12.0614 0x21f8 [ 98BB62ABFD17F284C3C5DE40F8266F3C, CD08C737BE9FC32FF98252FCFFCAE779EC6FAB76BF80F0835ACE71F1E155D70D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:05:12.0630 0x21f8 Avira.ServiceHost - ok
18:05:12.0630 0x21f8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:05:12.0646 0x21f8 avkmgr - ok
18:05:12.0646 0x21f8 [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
18:05:12.0661 0x21f8 avnetflt - ok
18:05:12.0661 0x21f8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:05:12.0677 0x21f8 AxInstSV - ok
18:05:12.0677 0x21f8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:05:12.0692 0x21f8 b06bdrv - ok
18:05:12.0708 0x21f8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:05:12.0724 0x21f8 b57nd60a - ok
18:05:12.0724 0x21f8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:05:12.0739 0x21f8 BDESVC - ok
18:05:12.0739 0x21f8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:05:12.0755 0x21f8 Beep - ok
18:05:12.0770 0x21f8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:05:12.0786 0x21f8 BFE - ok
18:05:12.0817 0x21f8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:05:12.0848 0x21f8 BITS - ok
18:05:12.0848 0x21f8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:05:12.0864 0x21f8 blbdrive - ok
18:05:12.0864 0x21f8 [ 00D323119C9413F028D9D821DE5E5A35, 40E5F27D6078F3F6DA7FA3A41DF60F4DC2E718CC185372C19ED041D55365D0F7 ] bmdrvr C:\Windows\syswow64\drivers\bmdrvr.sys
18:05:12.0864 0x21f8 bmdrvr - ok
18:05:12.0880 0x21f8 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:05:12.0895 0x21f8 Bonjour Service - ok
18:05:12.0895 0x21f8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:05:12.0911 0x21f8 bowser - ok
18:05:12.0911 0x21f8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:05:12.0926 0x21f8 BrFiltLo - ok
18:05:12.0926 0x21f8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:05:12.0942 0x21f8 BrFiltUp - ok
18:05:12.0942 0x21f8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:05:12.0958 0x21f8 Browser - ok
18:05:12.0958 0x21f8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:05:12.0973 0x21f8 Brserid - ok
18:05:12.0973 0x21f8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:05:12.0989 0x21f8 BrSerWdm - ok
18:05:12.0989 0x21f8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:05:13.0004 0x21f8 BrUsbMdm - ok
18:05:13.0004 0x21f8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:05:13.0004 0x21f8 BrUsbSer - ok
18:05:13.0020 0x21f8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
18:05:13.0020 0x21f8 BthEnum - ok
18:05:13.0020 0x21f8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:05:13.0036 0x21f8 BTHMODEM - ok
18:05:13.0036 0x21f8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:05:13.0051 0x21f8 BthPan - ok
18:05:13.0067 0x21f8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
18:05:13.0082 0x21f8 BTHPORT - ok
18:05:13.0082 0x21f8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:05:13.0114 0x21f8 bthserv - ok
18:05:13.0114 0x21f8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
18:05:13.0129 0x21f8 BTHUSB - ok
18:05:13.0129 0x21f8 [ 3ACC37139CE0B2DA2053AF916DA67D22, E1DCCB4C92C1C71E77F95AE2EF248FFF4FF99F0E6178DE1CA56202C2FC4DFB27 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
18:05:13.0145 0x21f8 btwampfl - ok
18:05:13.0160 0x21f8 [ A771078558477068DFD8037B82EB00F8, 58E1686B12B747639FE3BF4CCA58D48B8BBB349C9D316315AD7237F44EF760A4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:05:13.0160 0x21f8 btwaudio - ok
18:05:13.0176 0x21f8 [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
18:05:13.0192 0x21f8 btwavdt - ok
18:05:13.0207 0x21f8 [ BECD6D71C66F7F91AC4EF7CFEB5CB24E, 4B0F46BA8DB64E3EA379025AE6F2827B81327CED6F1475AA25166D3AA4398E3D ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:05:13.0238 0x21f8 btwdins - ok
18:05:13.0238 0x21f8 [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
18:05:13.0254 0x21f8 btwl2cap - ok
18:05:13.0254 0x21f8 [ EDD953D635F3AA89EF902E3F82D60D22, 22A60B225A1AD0F25B9715338C805FED9D5F4BCAC296BBC0D045C6935BDA55E7 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:05:13.0254 0x21f8 btwrchid - ok
18:05:13.0285 0x21f8 [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
18:05:13.0316 0x21f8 c2cautoupdatesvc - ok
18:05:13.0348 0x21f8 [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
18:05:13.0394 0x21f8 c2cpnrsvc - ok
18:05:13.0394 0x21f8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:05:13.0426 0x21f8 cdfs - ok
18:05:13.0426 0x21f8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:05:13.0441 0x21f8 cdrom - ok
18:05:13.0441 0x21f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:05:13.0457 0x21f8 CertPropSvc - ok
18:05:13.0472 0x21f8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:05:13.0472 0x21f8 circlass - ok
18:05:13.0488 0x21f8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
18:05:13.0504 0x21f8 CLFS - ok
18:05:13.0504 0x21f8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:05:13.0519 0x21f8 clr_optimization_v2.0.50727_32 - ok
18:05:13.0519 0x21f8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:05:13.0519 0x21f8 clr_optimization_v2.0.50727_64 - ok
18:05:13.0535 0x21f8 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:05:13.0550 0x21f8 clr_optimization_v4.0.30319_32 - ok
18:05:13.0550 0x21f8 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:05:13.0566 0x21f8 clr_optimization_v4.0.30319_64 - ok
18:05:13.0566 0x21f8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:05:13.0582 0x21f8 CmBatt - ok
18:05:13.0582 0x21f8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:05:13.0582 0x21f8 cmdide - ok
18:05:13.0597 0x21f8 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
18:05:13.0613 0x21f8 CNG - ok
18:05:13.0613 0x21f8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:05:13.0628 0x21f8 Compbatt - ok
18:05:13.0628 0x21f8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:05:13.0644 0x21f8 CompositeBus - ok
18:05:13.0644 0x21f8 COMSysApp - ok
18:05:13.0644 0x21f8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:05:13.0660 0x21f8 crcdisk - ok
18:05:13.0660 0x21f8 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:05:13.0675 0x21f8 CryptSvc - ok
18:05:13.0691 0x21f8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
18:05:13.0706 0x21f8 CSC - ok
18:05:13.0722 0x21f8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
18:05:13.0738 0x21f8 CscService - ok
18:05:13.0753 0x21f8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:05:13.0784 0x21f8 DcomLaunch - ok
18:05:13.0784 0x21f8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:05:13.0816 0x21f8 defragsvc - ok
18:05:13.0816 0x21f8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:05:13.0847 0x21f8 DfsC - ok
18:05:13.0847 0x21f8 [ 7156833E6DFE0A804EA5CF7B8876AB7C, B9DB81CBAB14CD03C3F85FA774A84C519CA973055C0C7A711768D974BF34C489 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:05:13.0862 0x21f8 dg_ssudbus - ok
18:05:13.0862 0x21f8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:05:13.0878 0x21f8 Dhcp - ok
18:05:13.0894 0x21f8 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
18:05:13.0925 0x21f8 DiagTrack - ok
18:05:13.0940 0x21f8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:05:13.0956 0x21f8 discache - ok
18:05:13.0956 0x21f8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
18:05:13.0972 0x21f8 Disk - ok
18:05:13.0972 0x21f8 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
18:05:13.0987 0x21f8 dmvsc - ok
18:05:13.0987 0x21f8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:05:14.0003 0x21f8 Dnscache - ok
18:05:14.0003 0x21f8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:05:14.0034 0x21f8 dot3svc - ok
18:05:14.0050 0x21f8 [ ABC44B9AA588432B3031E961E8374147, 350BB3B62CB9BCEDBBC3598E530DFE0355BF8ECE69EDC8FB97328C13BA86CE2F ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
18:05:14.0065 0x21f8 DpHost - ok
18:05:14.0065 0x21f8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:05:14.0096 0x21f8 DPS - ok
18:05:14.0096 0x21f8 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:05:14.0096 0x21f8 drmkaud - ok
18:05:14.0112 0x21f8 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:05:14.0128 0x21f8 dtsoftbus01 - ok
18:05:14.0143 0x21f8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:05:14.0159 0x21f8 DXGKrnl - ok
18:05:14.0174 0x21f8 [ C659B06DC1B1350CD83D7CF10F982ACF, 0CA87FD9ACE249B7A3C38D7F786E93A883E395FEFAD130A4F2F09392AF3C2DE6 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
18:05:14.0190 0x21f8 e1cexpress - ok
18:05:14.0190 0x21f8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:05:14.0221 0x21f8 EapHost - ok
18:05:14.0284 0x21f8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:05:14.0346 0x21f8 ebdrv - ok
18:05:14.0346 0x21f8 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] EFS C:\Windows\System32\lsass.exe
18:05:14.0362 0x21f8 EFS - ok
18:05:14.0362 0x21f8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:05:14.0393 0x21f8 ehRecvr - ok
18:05:14.0393 0x21f8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:05:14.0408 0x21f8 ehSched - ok
18:05:14.0408 0x21f8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:05:14.0440 0x21f8 elxstor - ok
18:05:14.0440 0x21f8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:05:14.0440 0x21f8 ErrDev - ok
18:05:14.0455 0x21f8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:05:14.0486 0x21f8 EventSystem - ok
18:05:14.0486 0x21f8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:05:14.0518 0x21f8 exfat - ok
18:05:14.0518 0x21f8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:05:14.0549 0x21f8 fastfat - ok
18:05:14.0564 0x21f8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:05:14.0580 0x21f8 Fax - ok
18:05:14.0580 0x21f8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:05:14.0596 0x21f8 fdc - ok
18:05:14.0596 0x21f8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:05:14.0627 0x21f8 fdPHost - ok
18:05:14.0627 0x21f8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:05:14.0642 0x21f8 FDResPub - ok
18:05:14.0658 0x21f8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:05:14.0658 0x21f8 FileInfo - ok
18:05:14.0658 0x21f8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:05:14.0689 0x21f8 Filetrace - ok
18:05:14.0689 0x21f8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:05:14.0705 0x21f8 flpydisk - ok
18:05:14.0705 0x21f8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:05:14.0720 0x21f8 FltMgr - ok
18:05:14.0736 0x21f8 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
18:05:14.0767 0x21f8 FontCache - ok
18:05:14.0767 0x21f8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:05:14.0783 0x21f8 FontCache3.0.0.0 - ok
18:05:14.0783 0x21f8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:05:14.0798 0x21f8 FsDepends - ok
18:05:14.0798 0x21f8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:05:14.0798 0x21f8 Fs_Rec - ok
18:05:14.0814 0x21f8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:05:14.0830 0x21f8 fvevol - ok
18:05:14.0830 0x21f8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:05:14.0830 0x21f8 gagp30kx - ok
18:05:14.0845 0x21f8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:05:14.0845 0x21f8 GEARAspiWDM - ok
18:05:14.0861 0x21f8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:05:14.0892 0x21f8 gpsvc - ok
18:05:14.0908 0x21f8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:05:14.0908 0x21f8 gupdate - ok
18:05:14.0908 0x21f8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:05:14.0923 0x21f8 gupdatem - ok
18:05:14.0923 0x21f8 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:05:14.0939 0x21f8 hamachi - ok
18:05:14.0970 0x21f8 [ C0EF69A59C13D9204D1D70434AA3D00C, 56BD4F7C74B2A36665677C32F30C4E1839DB9AAAC82FFA4A2622B4D261D865F2 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:05:15.0017 0x21f8 Hamachi2Svc - ok
18:05:15.0032 0x21f8 [ BDDBCFF870442B3C24C158CD53079132, 62314C296ACF1EF9EB38FB70B66B57D1BB9917C8536B39892272D172BC58A5C3 ] hcmon C:\Windows\system32\drivers\hcmon.sys
18:05:15.0032 0x21f8 hcmon - ok
18:05:15.0048 0x21f8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:05:15.0048 0x21f8 hcw85cir - ok
18:05:15.0064 0x21f8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:05:15.0079 0x21f8 HdAudAddService - ok
18:05:15.0079 0x21f8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:05:15.0095 0x21f8 HDAudBus - ok
18:05:15.0095 0x21f8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:05:15.0095 0x21f8 HidBatt - ok
18:05:15.0110 0x21f8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:05:15.0110 0x21f8 HidBth - ok
18:05:15.0126 0x21f8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:05:15.0126 0x21f8 HidIr - ok
18:05:15.0142 0x21f8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:05:15.0157 0x21f8 hidserv - ok
18:05:15.0157 0x21f8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:05:15.0173 0x21f8 HidUsb - ok
18:05:15.0173 0x21f8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:05:15.0204 0x21f8 hkmsvc - ok
18:05:15.0204 0x21f8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:05:15.0220 0x21f8 HomeGroupListener - ok
18:05:15.0220 0x21f8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:05:15.0235 0x21f8 HomeGroupProvider - ok
18:05:15.0235 0x21f8 [ 44AD1D87919994161131D5FB16C5B551, 2548C2421D1D974C5AB7F02CE69E55365DDEDDC535701C38386A9AC7162E03D4 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
18:05:15.0251 0x21f8 HP Power Assistant Service - ok
18:05:15.0282 0x21f8 [ ABB8C2411EB4F7433F1CEE334DA8B211, 1B95AFA6A51B493DACDEF2800EB87C0C15B8A29A9B3ADA93FBA3817474717F39 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
18:05:15.0313 0x21f8 hpCMSrv - ok
18:05:15.0313 0x21f8 [ 7D2F0F709D88ED2617AFB0864D7B963E, 54BFEC3BFE0B04FC21CD5B92EC22621811A8B3A0E05B6A00529BBBB3B8103B7A ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
18:05:15.0313 0x21f8 hpdskflt - ok
18:05:15.0329 0x21f8 [ D8E6828AA73D32B1AE891027C4500ADE, 991081FCF28A9D1F52C88CB355741F6C9BF1F7D917FD92EE7E9A5CE3DAEB6828 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
18:05:15.0344 0x21f8 hpHotkeyMonitor - ok
18:05:15.0360 0x21f8 [ F85D5BB03E9C35D5C664A71A0B6CB444, 669D6094651AFC01D36CC5F86F33348E7D7D8ED9E9C5A69A48F0C121C70053DC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
18:05:15.0360 0x21f8 HpqKbFiltr - ok
18:05:15.0376 0x21f8 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
18:05:15.0407 0x21f8 hpqwmiex - ok
18:05:15.0407 0x21f8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:05:15.0422 0x21f8 HpSAMD - ok
18:05:15.0422 0x21f8 [ 21685DC7E55FE3A0BB74DDD1606843B8, AE293200DF3BF5C948CEB08C4D6EC973B8746E487275FF3D146FFAFE8D5D1E37 ] hpsrv C:\Windows\system32\Hpservice.exe
18:05:15.0438 0x21f8 hpsrv - ok
18:05:15.0454 0x21f8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:05:15.0469 0x21f8 HTTP - ok
18:05:15.0469 0x21f8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:05:15.0485 0x21f8 hwpolicy - ok
18:05:15.0485 0x21f8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:05:15.0500 0x21f8 i8042prt - ok
18:05:15.0500 0x21f8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:05:15.0516 0x21f8 iaStorV - ok
18:05:15.0516 0x21f8 [ 188338EAB1E483BC715CDF5A2B0996E3, CBC811FD7FFA36746FFB6E6C186A77F8018C6A5F279EDDE8C633DFD74075BCFF ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
18:05:15.0532 0x21f8 IDMWFP - ok
18:05:15.0532 0x21f8 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:05:15.0547 0x21f8 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:05:15.0922 0x21c0 Object required for P2P: [ 98BB62ABFD17F284C3C5DE40F8266F3C ] Avira.ServiceHost
18:05:16.0499 0x1cec Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
18:05:18.0402 0x21f8 Detect skipped due to KSN trusted
18:05:18.0402 0x21f8 IDriverT - ok
18:05:18.0418 0x21f8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:05:18.0449 0x21f8 idsvc - ok
18:05:18.0449 0x21f8 IEEtwCollectorService - ok
18:05:18.0449 0x21f8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:05:18.0464 0x21f8 iirsp - ok
18:05:18.0480 0x21f8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:05:18.0496 0x21f8 IKEEXT - ok
18:05:18.0496 0x21f8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:05:18.0511 0x21f8 intelide - ok
18:05:18.0511 0x21f8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:05:18.0527 0x21f8 intelppm - ok
18:05:18.0527 0x21f8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:05:18.0542 0x21f8 IPBusEnum - ok
18:05:18.0558 0x21f8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:05:18.0574 0x21f8 IpFilterDriver - ok
18:05:18.0589 0x21f8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:05:18.0605 0x21f8 iphlpsvc - ok
18:05:18.0605 0x21f8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:05:18.0620 0x21f8 IPMIDRV - ok
18:05:18.0620 0x21f8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:05:18.0652 0x21f8 IPNAT - ok
18:05:18.0667 0x21f8 [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:05:18.0683 0x21f8 iPod Service - ok
18:05:18.0683 0x21f8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:05:18.0698 0x21f8 IRENUM - ok
18:05:18.0698 0x21f8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:05:18.0698 0x21f8 isapnp - ok
18:05:18.0714 0x21f8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:05:18.0730 0x21f8 iScsiPrt - ok
18:05:18.0730 0x21f8 [ EB56D7AC688BCB1171812EF6CBB32193, 3423D53842CAB2473EECE6EF90ED25765B3DB9D85EA5D3A4D2C59A947A959F4D ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:05:18.0730 0x21f8 iusb3hcs - ok
18:05:18.0745 0x21f8 [ 3DD76F45DA45CEDCDFC7BF7AB93E6216, 11757969FCAA14C1DCD4CF06C11BA9EA528C2CD4C6F0C2F5C4EFFFA82AAA22A6 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
18:05:18.0761 0x21f8 iusb3hub - ok
18:05:18.0776 0x21f8 [ B0342584DAB73797F584CADD41EEC6BD, 517938881A8395B36847838407E1BDE2C0A982AF544CECC44C86BEEA382E9E63 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:05:18.0792 0x21f8 iusb3xhc - ok
18:05:18.0792 0x21f8 [ 7DABE2B788FF1EB32E38838EC189361E, F891810BFEEA5A94558EA3D22AEE42E3C4D761BB7F7A8C53100F6FF7C65C74AD ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
18:05:18.0808 0x21f8 JMCR - ok
18:05:18.0808 0x21f8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:05:18.0823 0x21f8 kbdclass - ok
18:05:18.0823 0x21f8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:05:18.0839 0x21f8 kbdhid - ok
18:05:18.0839 0x21f8 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] KeyIso C:\Windows\system32\lsass.exe
18:05:18.0839 0x21f8 KeyIso - ok
18:05:18.0854 0x21f8 [ 7BDDD24C5A148534D3737DBFA96B3E69, 06130316A21B1D67B5885AB7030603097EC96F7104F3766D67793ECFC1143158 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:05:18.0854 0x21f8 KSecDD - ok
18:05:18.0870 0x21f8 [ BA500732D160C61E889E8180EE53C86F, 2E9B9FEF4E2F86DBF6778AD0A581CE2F1CA0AC777440BA05AB36B031CE1E8781 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:05:18.0870 0x21f8 KSecPkg - ok
18:05:18.0870 0x21f8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:05:18.0901 0x21f8 ksthunk - ok
18:05:18.0901 0x21f8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:05:18.0932 0x21f8 KtmRm - ok
18:05:18.0948 0x21f8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:05:18.0979 0x21f8 LanmanServer - ok
18:05:18.0979 0x21f8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:05:18.0995 0x21f8 LanmanWorkstation - ok
18:05:19.0010 0x21f8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:05:19.0026 0x21f8 lltdio - ok
18:05:19.0042 0x21f8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:05:19.0073 0x21f8 lltdsvc - ok
18:05:19.0073 0x21f8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:05:19.0088 0x21f8 lmhosts - ok
18:05:19.0104 0x21f8 [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
18:05:19.0120 0x21f8 LMIGuardianSvc - ok
18:05:19.0120 0x21f8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:05:19.0135 0x21f8 LSI_FC - ok
18:05:19.0135 0x21f8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:05:19.0151 0x21f8 LSI_SAS - ok
18:05:19.0151 0x21f8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:05:19.0151 0x21f8 LSI_SAS2 - ok
18:05:19.0166 0x21f8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:05:19.0166 0x21f8 LSI_SCSI - ok
18:05:19.0182 0x21f8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:05:19.0198 0x21f8 luafv - ok
18:05:19.0198 0x21f8 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:05:19.0213 0x21f8 MBAMProtector - ok
18:05:19.0244 0x21f8 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
18:05:19.0244 0x21c0 Object send P2P result: true
18:05:19.0260 0x21f8 MBAMScheduler - ok
18:05:19.0291 0x21f8 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:05:19.0322 0x21f8 MBAMService - ok
18:05:19.0322 0x21f8 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:05:19.0338 0x21f8 MBAMSwissArmy - ok
18:05:19.0338 0x21f8 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:05:19.0338 0x21f8 MBAMWebAccessControl - ok
18:05:19.0354 0x21f8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:05:19.0354 0x21f8 Mcx2Svc - ok
18:05:19.0369 0x21f8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:05:19.0369 0x21f8 megasas - ok
18:05:19.0369 0x21f8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:05:19.0385 0x21f8 MegaSR - ok
18:05:19.0385 0x21f8 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:05:19.0400 0x21f8 MEIx64 - ok
18:05:19.0400 0x21f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:05:19.0432 0x21f8 MMCSS - ok
18:05:19.0432 0x21f8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:05:19.0463 0x21f8 Modem - ok
18:05:19.0463 0x21f8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:05:19.0463 0x21f8 monitor - ok
18:05:19.0478 0x21f8 [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
18:05:19.0478 0x21f8 MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
18:05:19.0806 0x1cec Object send P2P result: true
18:05:22.0349 0x21f8 Detect skipped due to KSN trusted
18:05:22.0349 0x21f8 MotioninJoyXFilter - ok
18:05:22.0349 0x21f8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:05:22.0364 0x21f8 mouclass - ok
18:05:22.0364 0x21f8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:05:22.0380 0x21f8 mouhid - ok
18:05:22.0380 0x21f8 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:05:22.0380 0x21f8 mountmgr - ok
18:05:22.0396 0x21f8 [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:05:22.0396 0x21f8 MozillaMaintenance - ok
18:05:22.0411 0x21f8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:05:22.0411 0x21f8 mpio - ok
18:05:22.0427 0x21f8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:05:22.0442 0x21f8 mpsdrv - ok
18:05:22.0458 0x21f8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:05:22.0489 0x21f8 MpsSvc - ok
18:05:22.0505 0x21f8 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:05:22.0505 0x21f8 MRxDAV - ok
18:05:22.0520 0x21f8 [ 355DF71D1DD1999E8AEDF986534B233C, 4F5B07A3E9F4C5EE259A72353835364BFEAEC792090C178C4EF91B517B1C49D0 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:05:22.0520 0x21f8 mrxsmb - ok
18:05:22.0536 0x21f8 [ A16FC9323A85CAEA5804D04646A91CF9, ABC9F1BE4B871EBB5FDED9FC248DABEC4004EBCCF53E6C4D1E54AF69653B00E0 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:05:22.0552 0x21f8 mrxsmb10 - ok
18:05:22.0552 0x21f8 [ 2539BE615440BA1EA4CF84A66B6C0AF9, 3369DE38EE49E5507A73036CDF3982AEF2331D61C7EC4F159004EAD14309A933 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:05:22.0567 0x21f8 mrxsmb20 - ok
18:05:22.0567 0x21f8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:05:22.0567 0x21f8 msahci - ok
18:05:22.0583 0x21f8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:05:22.0583 0x21f8 msdsm - ok
18:05:22.0598 0x21f8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:05:22.0598 0x21f8 MSDTC - ok
18:05:22.0614 0x21f8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:05:22.0630 0x21f8 Msfs - ok
18:05:22.0630 0x21f8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:05:22.0661 0x21f8 mshidkmdf - ok
18:05:22.0661 0x21f8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:05:22.0676 0x21f8 msisadrv - ok
18:05:22.0676 0x21f8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:05:22.0708 0x21f8 MSiSCSI - ok
18:05:22.0708 0x21f8 msiserver - ok
18:05:22.0708 0x21f8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:05:22.0739 0x21f8 MSKSSRV - ok
18:05:22.0739 0x21f8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:05:22.0754 0x21f8 MSPCLOCK - ok
18:05:22.0754 0x21f8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:05:22.0786 0x21f8 MSPQM - ok
18:05:22.0786 0x21f8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:05:22.0801 0x21f8 MsRPC - ok
18:05:22.0817 0x21f8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:05:22.0817 0x21f8 mssmbios - ok
18:05:22.0817 0x21f8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:05:22.0848 0x21f8 MSTEE - ok
18:05:22.0848 0x21f8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:05:22.0864 0x21f8 MTConfig - ok
18:05:22.0864 0x21f8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:05:22.0864 0x21f8 Mup - ok
18:05:22.0879 0x21f8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:05:22.0910 0x21f8 napagent - ok
18:05:22.0926 0x21f8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:05:22.0942 0x21f8 NativeWifiP - ok
18:05:22.0957 0x21f8 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:05:22.0973 0x21f8 NDIS - ok
18:05:22.0988 0x21f8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:05:23.0004 0x21f8 NdisCap - ok
18:05:23.0004 0x21f8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:05:23.0035 0x21f8 NdisTapi - ok
18:05:23.0035 0x21f8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:05:23.0051 0x21f8 Ndisuio - ok
18:05:23.0066 0x21f8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:05:23.0082 0x21f8 NdisWan - ok
18:05:23.0098 0x21f8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:05:23.0113 0x21f8 NDProxy - ok
18:05:23.0113 0x21f8 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
18:05:23.0129 0x21f8 Netaapl - ok
18:05:23.0129 0x21f8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:05:23.0160 0x21f8 NetBIOS - ok
18:05:23.0160 0x21f8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:05:23.0191 0x21f8 NetBT - ok
18:05:23.0191 0x21f8 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] Netlogon C:\Windows\system32\lsass.exe
18:05:23.0191 0x21f8 Netlogon - ok
18:05:23.0207 0x21f8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:05:23.0238 0x21f8 Netman - ok
18:05:23.0238 0x21f8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:23.0254 0x21f8 NetMsmqActivator - ok
18:05:23.0254 0x21f8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:23.0269 0x21f8 NetPipeActivator - ok
18:05:23.0285 0x21f8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:05:23.0316 0x21f8 netprofm - ok
18:05:23.0316 0x21f8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:23.0332 0x21f8 NetTcpActivator - ok
18:05:23.0332 0x21f8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:23.0347 0x21f8 NetTcpPortSharing - ok
18:05:23.0519 0x21f8 [ A4A38C166C3986603E87FB99127F57CE, 129272877BD99813F8840AFD10F7160EBA3678AAC4846E8BED5730C74A02283B ] NETwNs64 C:\Windows\system32\DRIVERS\NETwsw00.sys
18:05:23.0706 0x21f8 NETwNs64 - ok
18:05:23.0722 0x21f8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:05:23.0737 0x21f8 nfrd960 - ok
18:05:23.0737 0x21f8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:05:23.0753 0x21f8 NlaSvc - ok
18:05:23.0753 0x21f8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:05:23.0784 0x21f8 Npfs - ok
18:05:23.0784 0x21f8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:05:23.0800 0x21f8 nsi - ok
18:05:23.0815 0x21f8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:05:23.0831 0x21f8 nsiproxy - ok
18:05:23.0862 0x21f8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:05:23.0893 0x21f8 Ntfs - ok
18:05:23.0909 0x21f8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:05:23.0924 0x21f8 Null - ok
18:05:23.0924 0x21f8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:05:23.0940 0x21f8 nvraid - ok
18:05:23.0940 0x21f8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:05:23.0956 0x21f8 nvstor - ok
18:05:23.0956 0x21f8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:05:23.0971 0x21f8 nv_agp - ok
18:05:23.0971 0x21f8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:05:23.0987 0x21f8 ohci1394 - ok
18:05:24.0002 0x21f8 [ BBADDD6B22005AC66802483885C8CFD3, C37E97F60DB9820EF56AF72B08FB86CFFADD641CB7C8E71B91F184536AB116D7 ] OkayFreedom VPN Starter Service C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
18:05:24.0002 0x21f8 OkayFreedom VPN Starter Service - ok
18:05:24.0018 0x21f8 [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:05:24.0018 0x21f8 ose64 - ok
18:05:24.0112 0x21f8 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:05:24.0190 0x21f8 osppsvc - ok
18:05:24.0205 0x21f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:05:24.0221 0x21f8 p2pimsvc - ok
18:05:24.0236 0x21f8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:05:24.0252 0x21f8 p2psvc - ok
18:05:24.0252 0x21f8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:05:24.0268 0x21f8 Parport - ok
18:05:24.0268 0x21f8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:05:24.0283 0x21f8 partmgr - ok
18:05:24.0283 0x21f8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:05:24.0299 0x21f8 PcaSvc - ok
18:05:24.0299 0x21f8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:05:24.0314 0x21f8 pci - ok
18:05:24.0314 0x21f8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:05:24.0330 0x21f8 pciide - ok
18:05:24.0330 0x21f8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:05:24.0346 0x21f8 pcmcia - ok
18:05:24.0346 0x21f8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:05:24.0361 0x21f8 pcw - ok
18:05:24.0361 0x21f8 [ BAF3216DDAA12E66EBBB31760E02BC14, 668AE32CAF8E64F225DA9515F564469ED3F0B8D23A35C2E0B09CD1ECBFD0050C ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
18:05:24.0361 0x21f8 PdiService - ok
18:05:24.0377 0x21f8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:05:24.0392 0x21f8 PEAUTH - ok
18:05:24.0424 0x21f8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:05:24.0455 0x21f8 PeerDistSvc - ok
18:05:24.0470 0x21f8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:05:24.0486 0x21f8 PerfHost - ok
18:05:24.0517 0x21f8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:05:24.0564 0x21f8 pla - ok
18:05:24.0564 0x21f8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:05:24.0580 0x21f8 PlugPlay - ok
18:05:24.0580 0x21f8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:05:24.0595 0x21f8 PNRPAutoReg - ok
18:05:24.0611 0x21f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:05:24.0611 0x21f8 PNRPsvc - ok
18:05:24.0626 0x21f8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:05:24.0658 0x21f8 PolicyAgent - ok
18:05:24.0658 0x21f8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:05:24.0689 0x21f8 Power - ok
18:05:24.0704 0x21f8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:05:24.0720 0x21f8 PptpMiniport - ok
18:05:24.0720 0x21f8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:05:24.0736 0x21f8 Processor - ok
18:05:24.0736 0x21f8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:05:24.0751 0x21f8 ProfSvc - ok
18:05:24.0751 0x21f8 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] ProtectedStorage C:\Windows\system32\lsass.exe
18:05:24.0767 0x21f8 ProtectedStorage - ok
18:05:24.0767 0x21f8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:05:24.0798 0x21f8 Psched - ok
18:05:24.0814 0x21f8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:05:24.0860 0x21f8 ql2300 - ok
18:05:24.0860 0x21f8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:05:24.0876 0x21f8 ql40xx - ok
18:05:24.0876 0x21f8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:05:24.0892 0x21f8 QWAVE - ok
18:05:24.0892 0x21f8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:05:24.0907 0x21f8 QWAVEdrv - ok
18:05:24.0907 0x21f8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:05:24.0938 0x21f8 RasAcd - ok
18:05:24.0938 0x21f8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:05:24.0954 0x21f8 RasAgileVpn - ok
18:05:24.0970 0x21f8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:05:24.0985 0x21f8 RasAuto - ok
18:05:25.0001 0x21f8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:05:25.0016 0x21f8 Rasl2tp - ok
18:05:25.0032 0x21f8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:05:25.0063 0x21f8 RasMan - ok
18:05:25.0063 0x21f8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:05:25.0079 0x21f8 RasPppoe - ok
18:05:25.0094 0x21f8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:05:25.0110 0x21f8 RasSstp - ok
18:05:25.0126 0x21f8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:05:25.0141 0x21f8 rdbss - ok
18:05:25.0157 0x21f8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:05:25.0157 0x21f8 rdpbus - ok
18:05:25.0157 0x21f8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:05:25.0188 0x21f8 RDPCDD - ok
18:05:25.0188 0x21f8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:05:25.0204 0x21f8 RDPDR - ok
18:05:25.0204 0x21f8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:05:25.0235 0x21f8 RDPENCDD - ok
18:05:25.0235 0x21f8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:05:25.0250 0x21f8 RDPREFMP - ok
18:05:25.0266 0x21f8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:05:25.0266 0x21f8 RdpVideoMiniport - ok
18:05:25.0282 0x21f8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:05:25.0282 0x21f8 RDPWD - ok
18:05:25.0297 0x21f8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:05:25.0297 0x21f8 rdyboost - ok
18:05:25.0313 0x21f8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:05:25.0328 0x21f8 RemoteAccess - ok
18:05:25.0344 0x21f8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:05:25.0360 0x21f8 RemoteRegistry - ok
18:05:25.0375 0x21f8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:05:25.0375 0x21f8 RFCOMM - ok
18:05:25.0391 0x21f8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:05:25.0406 0x21f8 RpcEptMapper - ok
18:05:25.0422 0x21f8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:05:25.0422 0x21f8 RpcLocator - ok
18:05:25.0438 0x21f8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:05:25.0469 0x21f8 RpcSs - ok
18:05:25.0469 0x21f8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:05:25.0500 0x21f8 rspndr - ok
18:05:25.0500 0x21f8 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:05:25.0500 0x21f8 s3cap - ok
18:05:25.0500 0x21f8 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] SamSs C:\Windows\system32\lsass.exe
18:05:25.0516 0x21f8 SamSs - ok
18:05:25.0531 0x21f8 [ BC99D12CE9DB8DB55E231F8D195FC67B, F348D35D3F43366DBEEC864495458041326A7D1951A78E18AF89179D7FC87AB0 ] SamsungRapidDiskFltr C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys
18:05:25.0531 0x21f8 SamsungRapidDiskFltr - ok
18:05:25.0547 0x21f8 [ AF482EF7743667400875C7B9470BFD4D, 8C07C2DA2EB921160FD02B4BF86F0636B317EC32C1841581BEC25A0909EC7EF0 ] SamsungRapidFSFltr C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys
18:05:25.0547 0x21f8 SamsungRapidFSFltr - ok
18:05:25.0547 0x21f8 [ 3763C406CB735D044373C50FF95167E3, BBAA92881A9A1A12C87A59C157F0661B847D23E8275DF712DA4AB0DAF62227E5 ] SamsungRapidSvc C:\Windows\system32\RAPID\SamsungRapidSvc.exe
18:05:25.0562 0x21f8 SamsungRapidSvc - ok
18:05:25.0562 0x21f8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:05:25.0578 0x21f8 sbp2port - ok
18:05:25.0578 0x21f8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:05:25.0609 0x21f8 SCardSvr - ok
18:05:25.0609 0x21f8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:05:25.0625 0x21f8 scfilter - ok
18:05:25.0656 0x21f8 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
18:05:25.0672 0x21f8 Schedule - ok
18:05:25.0687 0x21f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:05:25.0703 0x21f8 SCPolicySvc - ok
18:05:25.0718 0x21f8 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:05:25.0718 0x21f8 sdbus - ok
18:05:25.0734 0x21f8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:05:25.0734 0x21f8 SDRSVC - ok
18:05:25.0765 0x21f8 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
18:05:25.0812 0x21f8 SDScannerService - ok
18:05:25.0843 0x21f8 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
18:05:25.0890 0x21f8 SDUpdateService - ok
18:05:25.0890 0x21f8 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
18:05:25.0906 0x21f8 SDWSCService - ok
18:05:25.0906 0x21f8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:05:25.0906 0x21f8 secdrv - ok
18:05:25.0921 0x21f8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:05:25.0937 0x21f8 seclogon - ok
18:05:25.0937 0x21f8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:05:25.0968 0x21f8 SENS - ok
18:05:25.0968 0x21f8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:05:25.0984 0x21f8 SensrSvc - ok
18:05:25.0984 0x21f8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:05:25.0984 0x21f8 Serenum - ok
18:05:25.0999 0x21f8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
18:05:25.0999 0x21f8 Serial - ok
18:05:26.0015 0x21f8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:05:26.0015 0x21f8 sermouse - ok
18:05:26.0030 0x21f8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:05:26.0046 0x21f8 SessionEnv - ok
18:05:26.0046 0x21f8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:05:26.0062 0x21f8 sffdisk - ok
18:05:26.0062 0x21f8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:05:26.0077 0x21f8 sffp_mmc - ok
18:05:26.0077 0x21f8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:05:26.0093 0x21f8 sffp_sd - ok
18:05:26.0093 0x21f8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:05:26.0093 0x21f8 sfloppy - ok
18:05:26.0108 0x21f8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:05:26.0140 0x21f8 SharedAccess - ok
18:05:26.0140 0x21f8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:05:26.0171 0x21f8 ShellHWDetection - ok
18:05:26.0171 0x21f8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:05:26.0186 0x21f8 SiSRaid2 - ok
18:05:26.0186 0x21f8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:05:26.0202 0x21f8 SiSRaid4 - ok
18:05:26.0202 0x21f8 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:05:26.0218 0x21f8 SkypeUpdate - ok
18:05:26.0233 0x21f8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:05:26.0249 0x21f8 Smb - ok
18:05:26.0249 0x21f8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:05:26.0264 0x21f8 SNMPTRAP - ok
18:05:26.0264 0x21f8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:05:26.0280 0x21f8 spldr - ok
18:05:26.0296 0x21f8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:05:26.0311 0x21f8 Spooler - ok
18:05:26.0374 0x21f8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:05:26.0452 0x21f8 sppsvc - ok
18:05:26.0452 0x21f8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:05:26.0483 0x21f8 sppuinotify - ok
18:05:26.0498 0x21f8 [ E3E187646E491A8175F759A465A9B767, D1867FD304A1420C2D5B9B01B4EADF1C899E75D8E257A731EA9299FE2CF49120 ] SPUVCbv C:\Windows\system32\Drivers\SPUVCbv_x64.sys
18:05:26.0530 0x21f8 SPUVCbv - ok
18:05:26.0530 0x21f8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:05:26.0545 0x21f8 srv - ok
18:05:26.0561 0x21f8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:05:26.0576 0x21f8 srv2 - ok
18:05:26.0576 0x21f8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:05:26.0592 0x21f8 srvnet - ok
18:05:26.0592 0x21f8 [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
18:05:26.0608 0x21f8 ssadbus - ok
18:05:26.0608 0x21f8 [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
18:05:26.0623 0x21f8 ssadmdfl - ok
18:05:26.0623 0x21f8 [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
18:05:26.0639 0x21f8 ssadmdm - ok
18:05:26.0654 0x21f8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:05:26.0670 0x21f8 SSDPSRV - ok
18:05:26.0670 0x21f8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:05:26.0701 0x21f8 SstpSvc - ok
18:05:26.0701 0x21f8 [ 9E1BFA37FCF943C3B48F71F08019EA95, 9BDA420412B802B1E746767A0917BD29CC167C752F0FC73AD28AF6F46F06A7A6 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:05:26.0717 0x21f8 ssudmdm - ok
18:05:26.0732 0x21f8 [ 634C0CDC3F63AED52982A15C21FA9939, 9163A562EC5B5E5BAF962AA2390E125A609C5EE50D980593D9209E6DEBD7C994 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
18:05:26.0732 0x21f8 STacSV - detected UnsignedFile.Multi.Generic ( 1 )
18:05:29.0338 0x21f8 Detect skipped due to KSN trusted
18:05:29.0338 0x21f8 STacSV - ok
18:05:29.0353 0x21f8 [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:05:29.0369 0x21f8 Steam Client Service - ok
18:05:29.0384 0x21f8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:05:29.0384 0x21f8 stexstor - ok
18:05:29.0400 0x21f8 [ 54A0E8D8118455AB2BF4B42DA46ECC02, E4BBE2354B5E1BB9FE36BCDB5393801B3F882F144BED1E98A8ADB68FC50028BE ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
18:05:29.0416 0x21f8 STHDA - ok
18:05:29.0431 0x21f8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:05:29.0447 0x21f8 stisvc - ok
18:05:29.0462 0x21f8 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:05:29.0462 0x21f8 storflt - ok
18:05:29.0462 0x21f8 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
18:05:29.0478 0x21f8 StorSvc - ok
18:05:29.0478 0x21f8 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:05:29.0494 0x21f8 storvsc - ok
18:05:29.0494 0x21f8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:05:29.0494 0x21f8 swenum - ok
18:05:29.0509 0x21f8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:05:29.0540 0x21f8 swprv - ok
18:05:29.0556 0x21f8 [ 48A191AE1F810F3F76F04187BA6B0F14, 3401EF6B378F1BE60769132706D0EAACCBF9763644EF3DE4510A8F69C97AA56A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:05:29.0556 0x21f8 SynTP - ok
18:05:29.0587 0x21f8 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
18:05:29.0634 0x21f8 SysMain - ok
18:05:29.0634 0x21f8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:05:29.0650 0x21f8 TabletInputService - ok
18:05:29.0650 0x21f8 [ 84CA1EEF6A8A5AE5D5603BBC8ED83FCD, 1C30E026C5ACA703C1EB8164C29CC69FA4D3F3B563C22981F76E872E4CB7CECF ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
18:05:29.0665 0x21f8 tap0901 - ok
18:05:29.0665 0x21f8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:05:29.0696 0x21f8 TapiSrv - ok
18:05:29.0696 0x21f8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:05:29.0728 0x21f8 TBS - ok
18:05:29.0759 0x21f8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:05:29.0790 0x21f8 Tcpip - ok
18:05:29.0837 0x21f8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:05:29.0868 0x21f8 TCPIP6 - ok
18:05:29.0868 0x21f8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:05:29.0884 0x21f8 tcpipreg - ok
18:05:29.0884 0x21f8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:05:29.0899 0x21f8 TDPIPE - ok
18:05:29.0899 0x21f8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:05:29.0915 0x21f8 TDTCP - ok
18:05:29.0915 0x21f8 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:05:29.0930 0x21f8 tdx - ok
18:05:29.0930 0x21f8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:05:29.0930 0x21f8 TermDD - ok
18:05:29.0946 0x21f8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:05:29.0977 0x21f8 TermService - ok
18:05:29.0977 0x21f8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:05:29.0993 0x21f8 Themes - ok
18:05:29.0993 0x21f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:05:30.0024 0x21f8 THREADORDER - ok
18:05:30.0024 0x21f8 [ 0FE2FC59C0B9A3CA3EC2B18E1CCCF2DD, 26AE50F2263DDDE3C6678566E2B198966CE870DF4B254F2D655752F742F63C12 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
18:05:30.0024 0x21f8 TomTomHOMEService - ok
18:05:30.0040 0x21f8 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
18:05:30.0040 0x21f8 TPM - ok
18:05:30.0055 0x21f8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:05:30.0071 0x21f8 TrkWks - ok
18:05:30.0071 0x21f8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:05:30.0102 0x21f8 TrustedInstaller - ok
18:05:30.0102 0x21f8 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:05:30.0118 0x21f8 tssecsrv - ok
18:05:30.0118 0x21f8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:05:30.0133 0x21f8 TsUsbFlt - ok
18:05:30.0133 0x21f8 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:05:30.0133 0x21f8 TsUsbGD - ok
18:05:30.0149 0x21f8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:05:30.0164 0x21f8 tunnel - ok
18:05:30.0180 0x21f8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:05:30.0180 0x21f8 uagp35 - ok
18:05:30.0196 0x21f8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:05:30.0211 0x21f8 udfs - ok
18:05:30.0227 0x21f8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:05:30.0227 0x21f8 UI0Detect - ok
18:05:30.0242 0x21f8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:05:30.0242 0x21f8 uliagpkx - ok
18:05:30.0242 0x21f8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:05:30.0258 0x21f8 umbus - ok
18:05:30.0258 0x21f8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:05:30.0274 0x21f8 UmPass - ok
18:05:30.0274 0x21f8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
18:05:30.0289 0x21f8 UmRdpService - ok
18:05:30.0305 0x21f8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:05:30.0320 0x21f8 upnphost - ok
18:05:30.0336 0x21f8 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:05:30.0336 0x21f8 USBAAPL64 - ok
18:05:30.0352 0x21f8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:05:30.0352 0x21f8 usbaudio - ok
18:05:30.0352 0x21f8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:05:30.0367 0x21f8 usbccgp - ok
18:05:30.0367 0x21f8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:05:30.0383 0x21f8 usbcir - ok
18:05:30.0383 0x21f8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:05:30.0398 0x21f8 usbehci - ok
18:05:30.0398 0x21f8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:05:30.0414 0x21f8 usbhub - ok
18:05:30.0414 0x21f8 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:05:30.0430 0x21f8 usbohci - ok
18:05:30.0430 0x21f8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:05:30.0445 0x21f8 usbprint - ok
18:05:30.0445 0x21f8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:05:30.0445 0x21f8 usbscan - ok
18:05:30.0461 0x21f8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:05:30.0461 0x21f8 USBSTOR - ok
18:05:30.0476 0x21f8 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:05:30.0476 0x21f8 usbuhci - ok
18:05:30.0476 0x21f8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:05:30.0492 0x21f8 usbvideo - ok
18:05:30.0492 0x21f8 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
18:05:30.0508 0x21f8 usb_rndisx - ok
18:05:30.0508 0x21f8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:05:30.0539 0x21f8 UxSms - ok
18:05:30.0539 0x21f8 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] VaultSvc C:\Windows\system32\lsass.exe
18:05:30.0539 0x21f8 VaultSvc - ok
18:05:30.0601 0x21f8 [ 2A4070AF8A1674161905D8D0264423DC, 5EDC8C4F7E39CDE28EA00C0A9C0F56D1D65A23BADCE7151F0106AA8075405AD1 ] vcsFPService C:\Windows\system32\vcsFPService.exe
18:05:30.0648 0x21f8 vcsFPService - ok
18:05:30.0664 0x21f8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:05:30.0664 0x21f8 vdrvroot - ok
18:05:30.0679 0x21f8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:05:30.0710 0x21f8 vds - ok
18:05:30.0710 0x21f8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:05:30.0726 0x21f8 vga - ok
18:05:30.0726 0x21f8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:05:30.0757 0x21f8 VgaSave - ok
18:05:30.0757 0x21f8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:05:30.0773 0x21f8 vhdmp - ok
18:05:30.0773 0x21f8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:05:30.0788 0x21f8 viaide - ok
18:05:30.0788 0x21f8 [ 2562943B90AFA9829097FB4274276D1D, EE003EF7A3EC49CFEF2EED841482721D7A89368967BFC44CE8DD9D3BDAF0572F ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
18:05:30.0788 0x21f8 VMAuthdService - ok
18:05:30.0804 0x21f8 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:05:30.0804 0x21f8 vmbus - ok
18:05:30.0820 0x21f8 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:05:30.0820 0x21f8 VMBusHID - ok
18:05:30.0820 0x21f8 [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
18:05:30.0835 0x21f8 vmci - ok
18:05:30.0835 0x21f8 [ 4F19996D0765835797EC7B5F35D12240, FD4D222A373C3DF2B9FC7877C0EC050BF71A6C700FB52984E44FD25E49755A11 ] vmkbd2 C:\Windows\system32\drivers\VMkbd.sys
18:05:30.0851 0x21f8 vmkbd2 - ok
18:05:30.0851 0x21f8 [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
18:05:30.0851 0x21f8 VMnetAdapter - ok
18:05:30.0851 0x21f8 [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
18:05:30.0866 0x21f8 VMnetBridge - ok
18:05:30.0882 0x21f8 [ 05A869D1B12B08B5601487CA534B5021, 07A4BE681C0C0B23CBD5C05715DAA887D4DDE6D99251BC5D748F321940C23315 ] VMnetDHCP C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
18:05:30.0898 0x21f8 VMnetDHCP - ok
18:05:30.0898 0x21f8 [ F550680013FEA869820CB8320FAA2352, AA98DB7E71737DD8574ADB2DD9531C1DD46BABE99F89ED87D681D6C21BFA0D1C ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
18:05:30.0913 0x21f8 VMnetuserif - ok
18:05:30.0913 0x21f8 [ 396BB5901811148B2999134161FC86B3, 359112FAA69115BDFC212C3BA98DD3E9E73E29F0DC4DE13DBFCAAF4130F4680E ] VMparport C:\Windows\system32\drivers\VMparport.sys
18:05:30.0913 0x21f8 VMparport - ok
18:05:30.0944 0x21f8 [ 41FAE6618768DC93D98DDAF3F8282D3E, 95995542026CC111B8FFAA01AC9E55B2F942A9108F5F00502A35339C13BBF20D ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
18:05:30.0960 0x21f8 VMUSBArbService - ok
18:05:30.0976 0x21f8 [ F13B73E932CACDDE5ED825BDF7AA9637, 4B6C8D82324314294AE439ACDE933E6C8E77635ADE933BC52A0CD9A68927702D ] VMware NAT Service C:\WINDOWS\SYSWOW64\VMNAT.EXE
18:05:30.0991 0x21f8 VMware NAT Service - ok
18:05:30.0991 0x21f8 [ CE12629081F3634B9565752A96368DA1, 01E8D88C94705F5E3205F7C3884CB1DC6BD0F0065989A0DC7A73A5818454505F ] vmware-converter-agent C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
18:05:31.0007 0x21f8 vmware-converter-agent - ok
18:05:31.0022 0x21f8 [ 3D3D595A3FB4E92DA08B168D65AC8671, 00EC621954BC7EC67BD6AE65D10934FA85CE31C7EF6E64FC8A1127828E21F911 ] vmware-converter-server C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
18:05:31.0038 0x21f8 vmware-converter-server - ok
18:05:31.0038 0x21f8 [ 3D3D595A3FB4E92DA08B168D65AC8671, 00EC621954BC7EC67BD6AE65D10934FA85CE31C7EF6E64FC8A1127828E21F911 ] vmware-converter-worker C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
18:05:31.0054 0x21f8 vmware-converter-worker - ok
18:05:31.0272 0x21f8 [ 5591F0BB3713AB911D4021124D1FDB54, 21AB28EABBAFC41E7FF4F318D03785274EB842DCD8BDED814155FB29413769D7 ] VMwareHostd C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
18:05:31.0506 0x21f8 VMwareHostd - ok
18:05:31.0522 0x21f8 [ 227E4EA654B4D52C2AAA8B1DCD5C45DE, 7D9A675A6481D288846D7F22AE15EC62DF31C9385C83D875586EE371CC9C3410 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
18:05:31.0537 0x21f8 vmx86 - ok
18:05:31.0537 0x21f8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:05:31.0553 0x21f8 volmgr - ok
18:05:31.0553 0x21f8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:05:31.0568 0x21f8 volmgrx - ok
18:05:31.0584 0x21f8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:05:31.0584 0x21f8 volsnap - ok
18:05:31.0600 0x21f8 [ 86C96C079293E2E06708E146A011F4C4, 10F8DBA78B76B304525FC72C83990F10133936010E26D2F9AEB2FB747F8B75C2 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
18:05:31.0615 0x21f8 vpnagent - ok
18:05:31.0615 0x21f8 [ 5932B2999AEF21C4599A792599F28D89, 78B2842BA71F9DAB5BB64BA4AB97BD19DEEFB075F83D735244906D046E78B2DC ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
18:05:31.0631 0x21f8 vpnva - ok
18:05:31.0631 0x21f8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:05:31.0646 0x21f8 vsmraid - ok
18:05:31.0646 0x21f8 [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock C:\Windows\system32\drivers\vsock.sys
18:05:31.0662 0x21f8 vsock - ok
18:05:31.0678 0x21f8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:05:31.0724 0x21f8 VSS - ok
18:05:31.0740 0x21f8 [ E7CE8988B98202A5CF429CA358D26CC5, 773E38E263D2EB179E8767809ED4B98CDECEA4BD970AAE0BB31FD6D219E5E079 ] vstor2-mntapi20-shared C:\Windows\syswow64\drivers\vstor2-mntapi20-shared.sys
18:05:31.0740 0x21f8 vstor2-mntapi20-shared - ok
18:05:31.0740 0x21f8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:05:31.0756 0x21f8 vwifibus - ok
18:05:31.0756 0x21f8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:05:31.0771 0x21f8 vwififlt - ok
18:05:31.0771 0x21f8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:05:31.0787 0x21f8 vwifimp - ok
18:05:31.0802 0x21f8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:05:31.0834 0x21f8 W32Time - ok
18:05:31.0834 0x21f8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:05:31.0834 0x21f8 WacomPen - ok
18:05:31.0849 0x21f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:05:31.0865 0x21f8 WANARP - ok
18:05:31.0865 0x21f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:05:31.0896 0x21f8 Wanarpv6 - ok
18:05:31.0927 0x21f8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:05:31.0974 0x21f8 wbengine - ok
18:05:31.0974 0x21f8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:05:31.0990 0x21f8 WbioSrvc - ok
18:05:32.0005 0x21f8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:05:32.0036 0x21f8 wcncsvc - ok
18:05:32.0036 0x21f8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:05:32.0052 0x21f8 WcsPlugInService - ok
18:05:32.0052 0x21f8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:05:32.0052 0x21f8 Wd - ok
18:05:32.0083 0x21f8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:05:32.0099 0x21f8 Wdf01000 - ok
18:05:32.0099 0x21f8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:05:32.0114 0x21f8 WdiServiceHost - ok
18:05:32.0114 0x21f8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:05:32.0130 0x21f8 WdiSystemHost - ok
18:05:32.0130 0x21f8 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
18:05:32.0146 0x21f8 WebClient - ok
18:05:32.0146 0x21f8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:05:32.0177 0x21f8 Wecsvc - ok
18:05:32.0177 0x21f8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:05:32.0208 0x21f8 wercplsupport - ok
18:05:32.0208 0x21f8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:05:32.0239 0x21f8 WerSvc - ok
18:05:32.0239 0x21f8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:05:32.0270 0x21f8 WfpLwf - ok
18:05:32.0270 0x21f8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:05:32.0270 0x21f8 WIMMount - ok
18:05:32.0270 0x21f8 WinDefend - ok
18:05:32.0286 0x21f8 WinHttpAutoProxySvc - ok
18:05:32.0302 0x21f8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:05:32.0317 0x21f8 Winmgmt - ok
18:05:32.0364 0x21f8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
18:05:32.0395 0x21f8 WinRM - ok
18:05:32.0411 0x21f8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\Windows\system32\DRIVERS\WinUsb.sys
18:05:32.0411 0x21f8 WinUSB - ok
18:05:32.0442 0x21f8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:05:32.0458 0x21f8 Wlansvc - ok
18:05:32.0458 0x21f8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:05:32.0473 0x21f8 WmiAcpi - ok
18:05:32.0473 0x21f8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:05:32.0489 0x21f8 wmiApSrv - ok
18:05:32.0489 0x21f8 WMPNetworkSvc - ok
18:05:32.0504 0x21f8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:05:32.0504 0x21f8 WPCSvc - ok
18:05:32.0504 0x21f8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:05:32.0520 0x21f8 WPDBusEnum - ok
18:05:32.0520 0x21f8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:05:32.0551 0x21f8 ws2ifsl - ok
18:05:32.0551 0x21f8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:05:32.0567 0x21f8 wscsvc - ok
18:05:32.0567 0x21f8 WSearch - ok
18:05:32.0614 0x21f8 [ 3D4032E6A5885C007AEF4BA816AB4032, 21EB2B5B5A64EED44B5B7743820842205175F52A6F5525BD0F95DCB2733F449C ] wuauserv C:\Windows\system32\wuaueng.dll
18:05:32.0676 0x21f8 wuauserv - ok
18:05:32.0676 0x21f8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:05:32.0692 0x21f8 WudfPf - ok
18:05:32.0692 0x21f8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:05:32.0707 0x21f8 WUDFRd - ok
18:05:32.0707 0x21f8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:05:32.0723 0x21f8 wudfsvc - ok
18:05:32.0723 0x21f8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:05:32.0738 0x21f8 WwanSvc - ok
18:05:32.0738 0x21f8 [ B4C8CF1CC970F4F3BCC58055DDDC4C90, 54A43294E33276AC3363EE15AB929833AA61E7AF88D22E433A9EE2D5EDA413BA ] xiringcciddrv3 C:\Windows\system32\DRIVERS\xccid3wdm.sys
18:05:32.0754 0x21f8 xiringcciddrv3 - ok
18:05:32.0754 0x21f8 [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
18:05:32.0770 0x21f8 xusb21 - ok
18:05:32.0785 0x21f8 ================ Scan global ===============================
18:05:32.0785 0x21f8 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:05:32.0801 0x21f8 [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\Windows\system32\winsrv.dll
18:05:32.0801 0x21f8 [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\Windows\system32\winsrv.dll
18:05:32.0816 0x21f8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:05:32.0816 0x21f8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:05:32.0832 0x21f8 [ Global ] - ok
18:05:32.0832 0x21f8 ================ Scan MBR ==================================
18:05:32.0832 0x21f8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:05:32.0879 0x21f8 \Device\Harddisk0\DR0 - ok
18:05:32.0879 0x21f8 ================ Scan VBR ==================================
18:05:32.0879 0x21f8 [ 44F5AF351CBD8A410E4FCBD0B4E422EA ] \Device\Harddisk0\DR0\Partition1
18:05:32.0879 0x21f8 \Device\Harddisk0\DR0\Partition1 - ok
18:05:32.0894 0x21f8 [ 5B165CFEB3D3C13B74E55DFBC4C1D10B ] \Device\Harddisk0\DR0\Partition2
18:05:32.0894 0x21f8 \Device\Harddisk0\DR0\Partition2 - ok
18:05:32.0894 0x21f8 [ 7B54F05BA7BEDC24014261355EDF2950 ] \Device\Harddisk0\DR0\Partition3
18:05:32.0894 0x21f8 \Device\Harddisk0\DR0\Partition3 - ok
18:05:32.0894 0x21f8 [ 949C76751EABAC4D47603384A445A598 ] \Device\Harddisk0\DR0\Partition4
18:05:32.0894 0x21f8 \Device\Harddisk0\DR0\Partition4 - ok
18:05:32.0894 0x21f8 ================ Scan generic autorun ======================
18:05:32.0894 0x21f8 SynTPEnh - ok
18:05:32.0910 0x21f8 [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe
18:05:32.0910 0x21f8 iTunesHelper - ok
18:05:32.0941 0x21f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:05:32.0972 0x21f8 Sidebar - ok
18:05:32.0972 0x21f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:05:32.0988 0x21f8 mctadmin - ok
18:05:33.0004 0x21f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:05:33.0035 0x21f8 Sidebar - ok
18:05:33.0035 0x21f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:05:33.0050 0x21f8 mctadmin - ok
18:05:33.0066 0x21f8 [ 1F93DAF10BC91666F52FC5B9632C86EB, 3D2AE1090198AAEE7CDB587ED1D2784B9FF4E4B03F4F65BC2F46E28B136F3F01 ] C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:05:33.0082 0x21f8 OneDrive - ok
18:05:33.0238 0x21f8 [ CE1DEC053DA24927E89D9AA196D31281, 39DD431CFCD10AA4E176062E33A0262FEE5806E192B37037C97439B1CEF232C8 ] C:\Program Files\CCleaner\CCleaner64.exe
18:05:33.0394 0x21f8 CCleaner Monitoring - ok
18:05:33.0409 0x21f8 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:05:33.0440 0x21f8 Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64 - ok
18:05:33.0456 0x21f8 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ]
|
|
07.03.2016, 18:16
| #4 |
| | TDSSKiller Report Teil 2Code:
ATTFilter C:\Windows\system32\cmd.exe
18:05:33.0487 0x21f8 Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64 - ok
18:05:33.0487 0x21f8 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:05:33.0518 0x21f8 Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64 - ok
18:05:33.0534 0x21f8 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:05:33.0550 0x21f8 Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64 - ok
18:05:33.0565 0x21f8 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:05:33.0596 0x21f8 Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64 - ok
18:05:33.0596 0x21f8 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:05:33.0628 0x21f8 Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64 - ok
18:05:33.0643 0x21f8 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:05:33.0674 0x21f8 Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64 - ok
18:05:33.0674 0x21f8 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:05:33.0706 0x21f8 Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64 - ok
18:05:33.0721 0x21f8 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:05:33.0737 0x21f8 Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64 - ok
18:05:33.0737 0x21f8 Waiting for KSN requests completion. In queue: 294
18:05:34.0751 0x21f8 Waiting for KSN requests completion. In queue: 294
18:05:35.0765 0x21f8 Waiting for KSN requests completion. In queue: 294
18:05:36.0779 0x21f8 Waiting for KSN requests completion. In queue: 294
18:05:37.0122 0x0f94 Object required for P2P: [ 3763C406CB735D044373C50FF95167E3 ] SamsungRapidSvc
18:05:37.0793 0x21f8 Waiting for KSN requests completion. In queue: 184
18:05:38.0807 0x21f8 Waiting for KSN requests completion. In queue: 184
18:05:39.0743 0x0f94 Object send P2P result: true
18:05:39.0852 0x21f8 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.133 ), 0x41000 ( enabled : updated )
18:05:39.0852 0x21f8 Win FW state via NFP2: enabled ( trusted )
18:05:42.0410 0x21f8 ============================================================
18:05:42.0410 0x21f8 Scan finished
18:05:42.0410 0x21f8 ============================================================
18:05:42.0410 0x1e3c Detected object count: 0
18:05:42.0410 0x1e3c Actual detected object count: 0
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von Gabriel (Administrator) auf GABRIEL-PC (07-03-2016 18:01:44) Gestartet von C:\Users\Gabriel\Downloads Geladene Profile: Gabriel (Verfügbare Profile: Gabriel) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser nicht gefunden!) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AMD) C:\Windows\System32\atieclxx.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe () C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation) HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Users\Gabriel\AppData\Local\Temp\OfficeDC\_tools\IDMShellExt64.dll [2012-02-08] (Tonec Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) AutoConfigURL: [S-1-5-21-3980449854-420695129-2575981882-1000] => hxxp://127.0.0.1:8445/okayfreedom.pac Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\..\Interfaces\{55287400-DE03-44A2-863C-9C0144864978}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{55287400-DE03-44A2-863C-9C0144864978}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{E44E6384-8F8B-421A-8D3A-8A5F1BD97E07}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{E95ECF9B-ABF1-4A94-8E2A-43470FA0EB02}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{EE9C8FEE-8405-4E4F-8B24-B213688943D2}: [DhcpNameServer] 192.168.42.129 ManualProxies: 0hxxp://127.0.0.1:8445/okayfreedom.pac Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Kein Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> Keine Datei BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-26] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-26] (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default FF Homepage: www.google.de FF Session Restore: -> ist aktiviert. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin64.dll [2014-07-24] (Skype) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-26] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin.dll [2014-07-24] (Skype) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-20] (Digital Persona, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\searchplugins\youtube-videosuche.xml [2015-09-02] FF Extension: Adblock Plus Pop-up Addon - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\extensions\adblockpopups@jessehakanen.net.xpi [2015-09-02] FF Extension: Avira Browser Safety - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\abs@avira.com [2016-02-25] FF Extension: Mein Grundeinkommen - CrowdBar - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\jid1-XGbYhwCViPEOUQ@jetpack.xpi [2015-11-26] FF Extension: OpenSC PKCS11 Installer - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\support@hrz.uni-giessen.de.xpi [2015-09-01] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-25] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2014-11-11] [ist nicht signiert] FF HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gabriel\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\Gabriel\AppData\Roaming\IDM\idmmzcc5 [2014-11-27] [ist nicht signiert] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.de/" CHR Session Restore: Default -> ist aktiviert. CHR Profile: C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05] CHR Extension: (Google Docs) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Google Drive) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (YouTube) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27] CHR Extension: (Adblock Plus) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04] CHR Extension: (Google-Suche) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Google Tabellen) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05] CHR Extension: (Avira Browserschutz) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-02-18] CHR Extension: (Google Docs Offline) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19] CHR Extension: (Skype) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-21] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25] CHR Extension: (Google Mail) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Users\Gabriel\AppData\Local\Temp\OfficeDC\_tools\IDMGCExt.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2016-02-18] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1417592 2016-02-18] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-20] (DigitalPersona, Inc.) R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [346552 2015-11-12] (Steganos Software GmbH) R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd.) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [Datei ist nicht signiert] R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [480472 2014-06-10] (VMware, Inc.) R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [480472 2014-06-10] (VMware, Inc.) R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [480472 2014-06-10] (VMware, Inc.) R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe [14407384 2014-06-12] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2016-02-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG) S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [75344 2013-02-22] (VMware, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-23] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-07] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd.) R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd.) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus) R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33496 2014-06-12] (VMware, Inc.) R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [32472 2014-06-12] (VMware, Inc.) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.) S3 xiringcciddrv3; C:\Windows\System32\DRIVERS\xccid3wdm.sys [36184 2012-06-29] (Ingenico) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-07 18:01 - 2016-03-07 18:01 - 00027520 _____ C:\Users\Gabriel\Downloads\FRST.txt 2016-03-07 18:01 - 2016-03-07 18:01 - 00000000 ____D C:\FRST 2016-03-07 18:00 - 2016-03-07 18:00 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Gabriel\Downloads\tdsskiller.exe 2016-03-07 16:34 - 2016-03-07 16:34 - 02949383 _____ C:\Users\Gabriel\Downloads\Dateiordner_Allgemeiner_Dateiordner.zip 2016-03-07 14:14 - 2016-03-07 14:14 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\Program Files\iTunes 2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\Program Files\iPod 2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-03-07 10:24 - 2016-03-07 10:24 - 00000000 ___HD C:\OneDriveTemp 2016-03-07 10:07 - 2016-03-07 13:38 - 00001078 _____ C:\Windows\system32dbgraw.bmp 2016-03-06 21:56 - 2016-03-06 21:56 - 01609216 _____ (Malwarebytes) C:\Users\Gabriel\Downloads\JRT.exe 2016-03-06 21:55 - 2016-03-06 21:55 - 02374144 _____ (Farbar) C:\Users\Gabriel\Downloads\FRST64.exe 2016-03-06 20:59 - 2016-03-07 17:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-03-06 20:58 - 2016-03-06 20:58 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-03-06 20:58 - 2016-03-06 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-03-06 20:58 - 2016-03-06 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-06 20:58 - 2016-03-06 20:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-03-06 20:58 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-03-06 20:58 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-03-06 20:58 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-03-06 20:53 - 2016-03-06 20:53 - 22908888 _____ (Malwarebytes ) C:\Users\Gabriel\Downloads\mbam-setup-2.2.0.1024.exe 2016-03-06 11:46 - 2016-03-06 11:46 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\UltraMixer4 2016-03-06 11:45 - 2016-03-06 11:46 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\UltraMixer5 2016-03-06 11:45 - 2016-03-06 11:45 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\AMD 2016-03-06 11:45 - 2016-03-06 11:45 - 00000000 ____D C:\Users\Gabriel\.oracle_jre_usage 2016-03-06 11:43 - 2016-03-06 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMixer5 2016-03-06 11:42 - 2016-03-06 11:43 - 00000000 ____D C:\Program Files\UltraMixer5 2016-03-06 11:24 - 2016-03-06 11:24 - 00000000 ____D C:\Users\Gabriel\AppData\Local\MediaMonkey 2016-03-04 17:24 - 2016-03-04 17:24 - 00002022 _____ C:\Users\Public\Desktop\Max Recorder.lnk 2016-03-04 17:24 - 2016-03-04 17:24 - 00000000 ____D C:\Users\Gabriel\AppData\Local\MaxRecorder 2016-03-04 17:24 - 2016-03-04 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder 2016-03-04 17:24 - 2016-03-04 17:24 - 00000000 ____D C:\Program Files (x86)\Max Recorder 2016-03-04 16:04 - 2016-03-06 11:13 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Spotify 2016-03-04 16:04 - 2016-03-04 16:04 - 00001817 _____ C:\Users\Gabriel\Desktop\Spotify.lnk 2016-03-04 16:04 - 2016-03-04 16:04 - 00001803 _____ C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-03-04 16:03 - 2016-03-06 11:13 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Spotify 2016-03-02 22:59 - 2016-03-02 22:59 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\library_dir 2016-03-02 22:59 - 2016-03-02 22:59 - 00000000 ____D C:\ProgramData\ATI 2016-03-02 22:58 - 2016-03-03 00:13 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Raptr 2016-03-02 22:58 - 2016-03-03 00:12 - 00000000 ____D C:\Program Files (x86)\Raptr 2016-03-02 22:58 - 2016-03-02 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2016-03-02 22:58 - 2016-03-02 22:58 - 00000000 ____D C:\Program Files (x86)\AMD 2016-03-02 22:56 - 2016-03-02 22:57 - 00000000 ____D C:\Program Files\AMD 2016-03-02 21:06 - 2016-03-02 21:06 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Kryptotel_fz_llc 2016-03-02 20:46 - 2016-03-07 10:08 - 00196608 _____ C:\Windows\system32\Ikeext.etl 2016-03-02 16:33 - 2016-03-02 16:33 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Activision 2016-02-25 20:41 - 2016-02-25 20:49 - 00000000 ____D C:\Users\Gabriel\AppData\Local\BetterDS3 2016-02-25 20:23 - 2016-03-02 23:57 - 00000000 ____D C:\Windows\Minidump 2016-02-25 20:22 - 2016-02-25 20:22 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\MotioninJoy 2016-02-25 20:22 - 2016-02-25 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy 2016-02-25 20:22 - 2016-02-25 20:22 - 00000000 ____D C:\Program Files\MotioninJoy 2016-02-25 20:22 - 2011-12-07 19:42 - 00328712 _____ (Logitech Inc.) C:\Windows\system32\MijFrc.dll 2016-02-25 19:48 - 2016-02-25 22:13 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Unity 2016-02-25 19:48 - 2016-02-25 19:48 - 00000000 ____D C:\Users\Gabriel\AppData\LocalLow\Unity 2016-02-17 22:42 - 2015-11-12 11:51 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys 2016-02-17 22:41 - 2016-03-02 23:57 - 00000000 ____D C:\Users\Gabriel\AppData\Local\LogMeIn Hamachi 2016-02-17 22:41 - 2016-02-17 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2016-02-17 22:41 - 2016-02-17 22:41 - 00000000 ____D C:\Users\Gabriel\AppData\Local\LogMeIn 2016-02-17 22:41 - 2016-02-17 22:41 - 00000000 ____D C:\ProgramData\LogMeIn 2016-02-17 22:41 - 2016-02-17 22:41 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2016-02-17 20:28 - 2016-02-21 21:01 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Hero_Siege 2016-02-17 18:59 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2016-02-17 18:59 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2016-02-17 18:59 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2016-02-17 18:59 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2016-02-17 18:59 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2016-02-17 18:59 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2016-02-16 19:46 - 2016-03-01 01:10 - 00000000 ____D C:\Users\Gabriel\Desktop\MW 2016-02-16 19:23 - 2016-02-16 19:23 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\MW2 FoV Changer 2016-02-16 19:12 - 2016-02-17 16:18 - 00000000 ____D C:\Program Files (x86)\MW2CU 2016-02-11 12:14 - 2016-02-11 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-02-11 12:13 - 2016-02-11 12:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-02-11 12:13 - 2016-02-11 12:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-02-11 12:08 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2016-02-11 12:08 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2016-02-11 12:07 - 2015-12-16 19:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2016-02-11 12:07 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll 2016-02-11 12:07 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL 2016-02-11 12:07 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL 2016-02-11 12:07 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL 2016-02-11 12:07 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll 2016-02-11 12:07 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL 2016-02-11 12:07 - 2015-12-16 19:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll 2016-02-10 13:59 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-02-10 13:59 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-02-10 13:59 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-02-10 13:59 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-02-10 13:59 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-02-10 13:59 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-02-10 13:59 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-02-10 13:59 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-02-10 13:59 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-02-10 13:59 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-02-10 13:59 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-02-10 13:59 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-02-10 13:59 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-02-10 13:59 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-02-10 13:59 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-02-10 13:59 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-02-10 13:59 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-02-10 13:59 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-02-10 13:59 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-02-10 13:59 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-02-10 13:59 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-02-10 13:59 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-02-10 13:59 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-02-10 13:59 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-02-10 13:59 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-02-10 13:59 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-02-10 13:59 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-02-10 13:59 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-02-10 13:59 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-02-10 13:59 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-02-10 13:59 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-02-10 13:59 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-02-10 13:59 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-02-10 13:59 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-02-10 13:59 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-02-10 13:59 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-02-10 13:59 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-02-10 13:59 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-02-10 13:59 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-02-10 13:59 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-02-10 13:59 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-02-10 13:59 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-02-10 13:59 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-02-10 13:59 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-02-10 13:59 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-02-10 13:59 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-02-10 13:59 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-02-10 13:59 - 2016-01-16 20:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-02-10 13:59 - 2016-01-16 19:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-02-10 13:59 - 2016-01-11 15:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-02-10 13:59 - 2016-01-11 15:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-02-10 13:59 - 2016-01-11 15:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-02-10 13:59 - 2016-01-11 15:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-02-10 13:59 - 2016-01-11 15:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-02-10 13:59 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-02-10 13:59 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2016-02-10 13:58 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-02-10 13:58 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-02-10 13:58 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-02-10 13:58 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-02-10 13:58 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-02-10 13:58 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-02-10 13:58 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-02-10 13:58 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-02-10 13:58 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2016-02-10 13:58 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2016-02-10 13:58 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-02-10 13:58 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-02-10 13:58 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2016-02-10 13:58 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2016-02-10 13:58 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-02-10 13:58 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-02-10 13:58 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-02-10 13:58 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-02-10 13:58 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-02-10 13:58 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-02-10 13:58 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-02-10 13:58 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-02-10 13:58 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-02-10 13:58 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-02-10 13:58 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-02-10 13:58 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-02-10 13:58 - 2016-01-11 20:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-02-10 13:58 - 2016-01-11 20:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-02-10 13:58 - 2016-01-11 20:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-02-10 13:58 - 2016-01-11 19:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-02-10 13:58 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-02-10 13:58 - 2016-01-11 19:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-02-10 13:58 - 2016-01-11 19:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-02-10 13:58 - 2016-01-11 19:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-02-10 13:58 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-02-10 13:58 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-02-10 13:58 - 2016-01-11 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-02-10 13:58 - 2016-01-11 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-02-10 13:58 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-02-10 13:58 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-02-10 13:58 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-02-10 13:58 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-02-10 13:58 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-02-10 13:58 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-02-10 13:58 - 2015-12-20 19:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-02-10 13:58 - 2015-12-20 19:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2016-02-10 13:58 - 2015-12-20 15:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-02-10 13:57 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-02-10 13:57 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-02-10 13:57 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-02-10 13:57 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-02-10 13:57 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-02-10 13:57 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-02-10 13:57 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-02-10 13:57 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-02-10 13:57 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-02-10 13:57 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-02-10 13:57 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-02-10 13:57 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-02-10 13:57 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-02-10 13:57 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-02-10 13:57 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-02-10 13:57 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-02-10 13:57 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-02-10 13:57 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-02-10 13:57 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-02-10 13:57 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-02-10 13:57 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-02-10 13:57 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-02-10 13:57 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-02-10 13:57 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-02-10 13:57 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-02-10 13:57 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-02-10 13:57 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-02-10 13:57 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-02-10 13:57 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-02-10 13:57 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-02-10 13:57 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-02-10 13:57 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-02-10 13:57 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-02-10 13:57 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-02-10 13:57 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-02-10 13:57 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-02-10 13:57 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-02-10 13:57 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-02-10 13:57 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-02-10 13:57 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-02-10 13:57 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-02-10 13:57 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-02-10 13:57 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-02-09 23:55 - 2016-02-09 23:55 - 00000000 ____D C:\Windows\SysWOW64\IPM 2016-02-06 19:46 - 2016-03-06 16:40 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\MediaMonkey 2016-02-06 19:46 - 2016-02-06 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey 2016-02-06 19:45 - 2016-02-06 19:46 - 00000000 ____D C:\Program Files (x86)\MediaMonkey 2016-02-06 19:45 - 2016-02-06 19:45 - 00000000 ____D C:\ProgramData\MediaMonkey 2016-02-06 15:19 - 2016-02-06 15:20 - 00000000 ____D C:\Users\Gabriel\Downloads\Seiler_Und_Speer_-_Ham_kummst ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-07 17:38 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-03-07 17:38 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-03-07 17:22 - 2014-10-14 20:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-07 17:13 - 2015-11-19 12:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-03-07 16:00 - 2014-11-19 23:33 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\vlc 2016-03-07 15:33 - 2014-10-14 20:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-07 14:16 - 2011-04-12 08:43 - 00702064 _____ C:\Windows\system32\perfh007.dat 2016-03-07 14:16 - 2011-04-12 08:43 - 00150698 _____ C:\Windows\system32\perfc007.dat 2016-03-07 14:16 - 2009-07-14 06:13 - 01627626 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-07 14:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-03-07 14:14 - 2014-11-30 16:48 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-03-07 10:24 - 2014-11-02 13:10 - 00000000 ___RD C:\Users\Gabriel\OneDrive 2016-03-07 10:09 - 2015-10-19 19:09 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS 2016-03-07 10:08 - 2014-10-14 23:24 - 00000000 ____D C:\ProgramData\VMware 2016-03-07 10:07 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-07 00:03 - 2016-01-05 12:33 - 00000000 ____D C:\Program Files (x86)\Steam 2016-03-06 23:53 - 2014-10-15 11:39 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Skype 2016-03-06 20:13 - 2014-10-11 18:46 - 00000000 ____D C:\AdwCleaner 2016-03-06 11:45 - 2014-10-14 18:45 - 00000000 ____D C:\Users\Gabriel 2016-03-06 11:19 - 2014-12-29 20:36 - 00000000 ____D C:\Program Files (x86)\Warcraft III 2016-03-06 11:17 - 2015-04-11 10:47 - 00000000 ____D C:\Users\Gabriel\AppData\Local\CrashDumps 2016-03-02 23:59 - 2015-01-06 22:09 - 00000000 ____D C:\Users\Gabriel\Documents\My Games 2016-03-02 22:57 - 2014-10-14 21:51 - 00000000 ____D C:\Program Files\ATI Technologies 2016-03-02 22:57 - 2014-10-14 20:13 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-02 22:55 - 2014-10-09 17:49 - 00000000 ____D C:\AMD 2016-03-02 22:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing 2016-03-01 21:57 - 2015-04-28 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2016-03-01 21:57 - 2015-04-28 21:57 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2 2016-03-01 21:55 - 2015-04-28 21:56 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Downloaded Installations 2016-03-01 13:00 - 2014-10-14 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-02-28 01:35 - 2015-04-07 15:17 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-02-28 01:35 - 2015-04-07 15:17 - 00000000 ___SD C:\Windows\system32\GWX 2016-02-20 12:24 - 2014-10-14 20:03 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-18 11:27 - 2014-10-14 22:25 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2016-02-18 11:16 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-02-17 20:37 - 2014-10-15 11:39 - 00000000 ____D C:\ProgramData\Skype 2016-02-17 07:31 - 2016-01-12 22:26 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-16 14:25 - 2015-12-28 19:21 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Amazon Music 2016-02-14 17:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-02-13 11:14 - 2015-07-10 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom 2016-02-13 11:14 - 2014-12-25 21:55 - 00000000 ____D C:\Program Files (x86)\OkayFreedom 2016-02-11 23:58 - 2014-11-02 13:10 - 00002184 _____ C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-02-11 15:08 - 2014-12-25 21:56 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Steganos VPN 2016-02-11 13:03 - 2009-07-14 05:45 - 00514768 _____ C:\Windows\system32\FNTCACHE.DAT 2016-02-11 13:00 - 2014-10-14 21:54 - 01601906 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-02-11 11:37 - 2014-12-12 09:48 - 00000000 ____D C:\Windows\system32\appraiser 2016-02-11 11:37 - 2014-10-16 15:11 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-02-11 11:22 - 2014-10-15 11:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-02-11 11:21 - 2014-10-18 11:11 - 00000000 ____D C:\Windows\system32\MRT 2016-02-11 11:09 - 2014-10-18 11:11 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-02-11 11:06 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini 2016-02-09 22:13 - 2015-11-19 12:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-02-09 22:13 - 2014-10-21 21:20 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-02-09 22:13 - 2014-10-21 21:20 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-07-22 14:51 - 2015-07-22 14:51 - 0159200 ____T () C:\Users\Gabriel\AppData\Roaming\CrashRpt1402.dll 2015-09-09 00:33 - 2015-09-09 11:51 - 0007597 _____ () C:\Users\Gabriel\AppData\Local\Resmon.ResmonCfg 2015-06-08 21:29 - 2015-06-08 21:30 - 0000000 _____ () C:\Users\Gabriel\AppData\Local\{B7EE9282-17A0-494E-AB5C-97B2FE8262F4} Einige Dateien in TEMP: ==================== C:\Users\Gabriel\AppData\Local\Temp\avgnt.exe C:\Users\Gabriel\AppData\Local\Temp\jpathwatch-nativelib-v-0-94-jpathwatch-native.dll C:\Users\Gabriel\AppData\Local\Temp\Quarantine.exe C:\Users\Gabriel\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-28 11:51 ==================== Ende von FRST.txt ============================ |
|
07.03.2016, 21:59
| #5 |
| | Addition.txt FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Gabriel (2016-03-07 18:02:07)
Gestartet von C:\Users\Gabriel\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-10-14 17:45:10)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3980449854-420695129-2575981882-500 - Administrator - Disabled)
Gabriel (S-1-5-21-3980449854-420695129-2575981882-1000 - Administrator - Enabled) => C:\Users\Gabriel
Gast (S-1-5-21-3980449854-420695129-2575981882-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3980449854-420695129-2575981882-1002 - Limited - Enabled)
___VMware_Conv_SA___ (S-1-5-21-3980449854-420695129-2575981882-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Skybox Labs)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
Amazon Music (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Amazon Amazon Music) (Version: 4.1.0.1229 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.141 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (x32 Version: 1.3 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ElcomPDF (HKLM\...\ElcomPDF) (Version: - )
Foiled (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Foiled) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hager (HKLM-x32\...\ZPlan21) (Version: - )
Hager prerequisites (HKLM-x32\...\{98C64AD3-6A1D-4737-9ED8-06A73741550C}) (Version: 1.00.0000 - hager)
Hager prerequisites (HKLM-x32\...\{EB733D93-1923-4F2E-97D1-125AAA8DD59D}) (Version: 1.00.0000 - hager)
Hero Siege (HKLM-x32\...\Steam App 269210) (Version: - Elias Viglione)
HP Connection Manager (HKLM-x32\...\{C0ED9561-8312-457C-BB1B-BDC7EE034CED}) (Version: 4.7.4.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{57FA60DA-585F-456A-B80E-17D1CDD22A30}) (Version: 5.0.27.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{682FBA83-2CCA-4CFA-A08A-6767DAB2FC9C}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.2.1213 - Hewlett-Packard Company)
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Max Recorder (HKLM-x32\...\Max Recorder) (Version: 2.006.0.0 - Silver Vine, LLC)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - German/Deutsch (HKLM\...\Office15.OMUI.de-de) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\OneDriveSetup.exe) (Version: 17.3.6301.0127 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.6.3 - Steganos Software GmbH)
OpenSC (HKLM-x32\...\{0707CEBF-DD03-4042-B2AF-F48F0DFF6A53}) (Version: 0.13.0.0 - OpenSC Project)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
RAPID Mode (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.2.2 - SAMSUNG Electronics Co., Ltd.)
SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{69F300CB-D6BF-41DD-B7CC-983BAFF4EE15}) (Version: 3.1.15602.22612 - Skype Technologies S.A.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UltraMixer 5.1.1 (HKLM\...\{272e17ad-75e3-4a72-bee8-45e5e927920f}_is1) (Version: 5.1.1 - UltraMixer Digital Audio Solutions)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VirtualDJ 8 (HKLM-x32\...\{6B8D3A67-346D-410E-81D2-3BFE228D263D}) (Version: 8.1.2587.0 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware vCenter Converter Standalone (HKLM-x32\...\{17C3235A-A4B9-44ED-8794-54D8408F9733}) (Version: 5.1.1.1890470 - VMware, Inc.)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.3 - VMware, Inc)
VMware Workstation (Version: 10.0.3 - VMware, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows-Treiberpaket - XIRING (xiringcciddrv3) SmartCardReader (06/29/2012 3.0.0.3) (HKLM\...\CC5816C152375AF188FA880B1B39AA2B1245E122) (Version: 06/29/2012 3.0.0.3 - XIRING)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3980449854-420695129-2575981882-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3980449854-420695129-2575981882-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E1C33D2-FA5A-438C-9255-3333ED5C2027} - System32\Tasks\{30D93048-8DD3-4E08-A791-F21748378FD1} => pcalua.exe -a C:\Users\Gabriel\Downloads\sp60775.exe -d C:\Users\Gabriel\Downloads
Task: {17ACD971-9D10-4E62-AEB0-C5CFEFD282FE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {20EE9B8D-4B86-45AE-9B44-0CF32C15E287} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3980449854-420695129-2575981882-1000
Task: {2B818B35-1AF3-4198-AF12-85ECEEA7942D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {525ADF54-93B7-455C-8F4B-B3AAF73E6B20} - System32\Tasks\{D022BC08-F7C4-4A40-AB58-F701B2077139} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{FE041B02-234C-4AAA-9511-80DF6482A458}\Setup.exe" -c -runfromtemp -l0x0007 anything -removeonly
Task: {55E35628-895A-497E-8367-C7DF9139DCBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {683BBF82-5582-4209-86DE-1C78FD8D87E2} - System32\Tasks\{ADBCDE11-73EF-4E97-8823-6282628B908F} => pcalua.exe -a C:\Users\Gabriel\Downloads\JLUPruefeChipkarte.exe -d C:\Users\Gabriel\Downloads
Task: {75090E95-D6EB-4187-BD1B-0A0119E8BCFE} - System32\Tasks\{A127F928-3218-4584-8AED-62BD0FD4B3FA} => C:\The Games Page\Gunner 3\gunner3.exe [2000-11-04] (Clickteam)
Task: {7AC857D2-0071-4D83-9400-6289FDAD4EAF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-10-15] ()
Task: {9FB00720-67C6-4746-8450-CCEF4E505E90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A8F356BF-120A-46FB-8EC3-A48712BACDEA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {AD3A2732-7A99-431E-8D3C-4876FFC28F85} - System32\Tasks\{83300497-BB56-431B-8B2E-5AA86C038B68} => C:\Users\Gabriel\Downloads\OfficeDC.1.33.exe
Task: {AE4E012A-BDA5-4C9B-96FC-B743A479E174} - System32\Tasks\{EB8BD2C2-A141-43ED-ACAA-5B72BF8BCC86} => C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe [2008-06-20] ()
Task: {C0744401-F414-4668-B068-EE666BD23471} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {C1C44672-A119-43A6-9762-71F9683D0A10} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C2E1AC57-8D74-4A37-A7F8-EF99B455D7C6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {C376D878-4F2F-4C0B-9197-E0B476335ACA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {CBC28C97-36BB-482A-990E-AC0057AEBA45} - System32\Tasks\{3E33D226-F5A1-40BF-94E3-835631EB3EDB} => C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe [2008-06-20] ()
Task: {CF425B62-2E2D-48E3-9FDC-0DC130270817} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D4419160-71B7-417C-B9FC-8840DA06E777} - System32\Tasks\{47DA8770-DB3F-49CE-B1A1-7A999E23C9D8} => C:\The Games Page\Gunner 3\gunner3.exe [2000-11-04] (Clickteam)
Task: {D814A807-A0FB-4099-97F1-85C7AD42A6C9} - System32\Tasks\{36A09DAE-4309-4F49-B1FA-476689651A43} => pcalua.exe -a C:\Users\Gabriel\Downloads\sp66402.exe -d C:\Users\Gabriel\Downloads
Task: {DA0C5085-89FC-4F74-8C86-2F0F06148D51} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DB59D9B8-F946-4197-9A33-601C859458F7} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-11-06] (Samsung Electronics.)
Task: {FCB33D48-5900-4EED-A617-A1222491AE75} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-01-17 16:57 - 2012-01-17 16:57 - 00298368 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-10-12 00:55 - 2011-10-12 00:55 - 00213328 _____ () C:\Windows\system32\PassThroughOTP.dll
2015-03-08 18:40 - 2008-07-19 15:26 - 00087040 _____ () C:\Windows\System32\custmon64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-12 16:44 - 2014-06-12 16:44 - 14407384 _____ () C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-02-10 13:26 - 2012-02-10 13:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2013-10-10 22:48 - 2013-10-10 22:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-10-14 20:25 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-14 20:25 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-14 20:25 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-14 20:25 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-14 20:25 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-06-10 19:56 - 2014-06-10 19:56 - 00086744 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\mspack.dll
2014-06-10 19:55 - 2014-06-10 19:55 - 01297624 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\libxml2.dll
2014-06-10 19:54 - 2014-06-10 19:54 - 00542936 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\sqlite3.dll
2014-06-12 17:22 - 2014-06-12 17:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2014-10-14 23:18 - 00450709 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15461 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Amazon Music => "C:\Users\Gabriel\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: SamsungRapidApp => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Gabriel\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Gabriel\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Player\vmware-tray.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BD889D3D-A690-49B3-AA2E-D8ADCBA53300}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{ECE1A4AF-907D-4B2B-A44C-42494757D425}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4C0D6FAD-A54E-4847-8D7C-C75AAAA9AB33}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CF20E5F0-6707-4CDF-9220-D05C1FBA4DEB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{30C11337-998C-4BF2-85F3-710ADF0413AF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{A588E33A-723A-4506-A183-1236643A1AB3}H:\call of duty modern warfare 2 lanserver\iw4mp.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [UDP Query User{479F72ED-ADA8-4124-BA78-5F02C1754392}H:\call of duty modern warfare 2 lanserver\iw4mp.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [{146785B4-2FD5-4D6D-81C3-536E4157CDAC}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [{93A0B2BF-0217-4781-A12C-D67F117C83D4}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [TCP Query User{863D9770-572F-4C1E-BE98-94C022CDEAD9}H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [UDP Query User{74108909-43E8-4A91-92E2-C8015C97902E}H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [{B8AC803E-53C3-44C5-8B88-77796C2254DD}] => (Block) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [{71630EED-E6EE-4FD9-A294-A729DBF2040A}] => (Block) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [TCP Query User{35618C5C-F8A3-4A15-A1F9-0EA3536F1624}H:\call of duty modern warfare 2 lanserver\iw4mp.dat] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [UDP Query User{FED1F4EB-5A18-41E9-9598-0517488D3388}H:\call of duty modern warfare 2 lanserver\iw4mp.dat] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [{F626EE4D-4BBC-466F-B55F-936D086F1FCF}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [{BA97A5D3-8DC9-479E-A4EC-81DCB5D74B71}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [{00778EFF-14CA-4D0E-A141-A6EFEF2BA262}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{7E2189A5-498F-4047-915E-BEACCEF6A65D}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{17E5BB5B-9E4A-425D-9117-6BB76BB6BAD5}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
FirewallRules: [{8E94A732-40D8-4C1A-BAE9-839A03F834E4}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
FirewallRules: [{1A57E7C0-22CE-4B04-AF33-E21EDA78C5A6}] => (Allow) LPort=9089
FirewallRules: [{0B865921-0DE7-4F62-8DE0-7500885E341A}] => (Allow) LPort=56789
FirewallRules: [{124A0744-198D-41F7-B3CF-AF9CE4BBB5FB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C27638A-0B97-4C8B-91D5-FCDE2ED59314}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{241298C7-5B03-481E-81F3-A712E57D7407}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{07D87E29-691E-4C5C-9756-9FF92DEBA380}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4C3C541F-2496-44B1-9950-AC60FC64648D}] => (Allow) C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\SkypeWebPlugin.exe
FirewallRules: [{143F0BBE-F991-40A1-B55F-422C4FBA73DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FA773BE8-D4FA-4FDA-BB7D-9AEB1E211118}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE263E50-6FA8-479D-872E-D2F60673A7E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{552C7D46-C458-4406-9678-9C9158F35F45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{C5C69819-8614-4EDE-86AB-45016436752E}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{D4769BE2-ED0C-4485-9B3E-97CC8E1C33AF}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{9CF6E971-6D88-44DD-936D-90D456BDA7C7}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{9B6C0EE3-3793-4B72-9246-294113C601DD}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{ACFEDF83-5EAF-42EA-B89B-06A27CB7C962}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{DFEC1E30-95E6-4653-B0DC-0FA26DC4640A}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{3A4DD678-F87B-486B-9151-0B89061262B3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E981BA85-8BE3-46F2-82BA-36437FC30EF5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CEB39972-31F0-4F81-93EA-35676F34BA49}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{78F9AB54-EE29-48EB-A73C-0701923B2A35}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{00DB28AD-62F9-46AD-81FD-9AB8DBA00E8D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14B14F2F-E995-4B7B-8F43-496D75BBAABA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF1DBBC4-6C4F-46EB-AA3F-67EDF8246DFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{277E9E08-BC4D-46B3-AB30-F484BD2717B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CD80537A-F693-48DF-B7C9-F4CBA03C60BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DD641276-B854-4F67-9C30-E6E8D9DA6045}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C365DE2C-7E09-4C40-8B80-1A1AF5993AAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{191F760E-3CA6-4001-9A26-85893F834538}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{049D3184-88F2-497B-A458-877FE4683D55}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{6BA1621D-C2B5-41EA-A063-83AC91199F7E}C:\elcom\zplan21\apps\rteng9.exe] => (Allow) C:\elcom\zplan21\apps\rteng9.exe
FirewallRules: [UDP Query User{08D20B19-7A32-4C10-9EFC-34913850CF10}C:\elcom\zplan21\apps\rteng9.exe] => (Allow) C:\elcom\zplan21\apps\rteng9.exe
FirewallRules: [{8874AED5-87AD-410A-A6AA-44CF7014F41D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{638B5C96-B087-40DB-B542-EC4A0737610A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{40222547-33EE-41C0-9D3F-3758D995E7B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2E2F1418-7077-4442-B361-EAC7C5691D4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2087A9F4-2BF7-4DE7-83BB-3E28BC70FC59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{930565A8-D500-4D26-ADC0-96D7C702BABC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{6E40B288-3D78-4D87-8059-844FF6817FED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{4AE6992B-7C19-42F9-A6A1-3B92C801B2E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{FC87BD8E-CADB-4F6C-BF24-E1631BFC7B07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{DBE7445C-3C8A-4DBB-9790-187A699D6F08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{E2142C34-AE82-472A-80E6-4574D18A98EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{9727ACC0-A829-4E18-8F05-E4B1FE581658}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{4C92B497-66FA-4520-9159-D15320712A97}] => (Allow) C:\Users\Gabriel\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
FirewallRules: [{6C27D0BF-DDB8-4810-9178-58819DCDCD14}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{49D5A6D9-A3C6-483B-9826-5443DB6A903F}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{4B3EEF91-2386-4316-ACE4-2EC7CF5AFAC8}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{5B6D0EA0-537A-446D-89B4-DC8A9142F04F}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{9A718AE9-3C12-42C0-AC28-59F02B98F10C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5204B4D7-1F41-4836-8495-6F2D79C9418C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{E7FEE871-2757-463F-AE3B-61A1E49AA77B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{DF72E38F-1846-426A-A670-6420676FF3D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{156169AA-0A8B-4518-B4B2-4BC4C112CBCB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{7F976C0A-A97A-4A81-9F71-7B16EB4B03BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{9E374EB6-9408-446B-804B-6751CA136B9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{A39878E4-1020-4B64-A4A4-717EFAE1AD40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{414CBCDC-BEA1-421E-9B24-D54F9D3130E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{C036A278-BA22-423B-882B-BB2237AE4354}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{57174513-1B1C-4FF7-9449-754E3046842B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A1F48AA9-A2F5-4E39-A2FD-C27197274403}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{E003C2D1-C34E-4E00-8994-02A5ED0B7777}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3D0B99CC-501F-4E0D-8E63-30566A67E863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{0D3A9B0F-826C-4487-998A-36886B4F3BBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{DC211AE0-E468-47C8-9935-5A3CE61DD515}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{64A345C3-B2D2-4EF1-B70C-9F4D9F95C87B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [TCP Query User{9853A361-1588-447E-A515-8F11FCA9FE09}C:\users\gabriel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gabriel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{53EA0294-74CB-487E-B186-283D8CA0C191}C:\users\gabriel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gabriel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E85A1E67-9DA1-41F5-8A25-F1C261727C56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{126902C4-08B1-4B84-BFC8-968A674302FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [TCP Query User{6169CF1D-35A4-427A-B572-494EEF1C14D5}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{EBE417A8-5F4C-4F8D-B0C1-B6EDEB3D59C8}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{AFD4042E-D673-4EB1-B304-C05BB4A59960}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
02-03-2016 21:06:32 Installed VpnOneClick
02-03-2016 21:47:33 DirectX wurde installiert
02-03-2016 22:16:10 Removed VpnOneClick
02-03-2016 22:57:02 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
07-03-2016 13:07:03 Removed Windows Phone app for desktop
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/07/2016 10:08:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/06/2016 07:49:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7035
Error: (03/06/2016 07:49:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7035
Error: (03/06/2016 07:49:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/06/2016 07:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6037
Error: (03/06/2016 07:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6037
Error: (03/06/2016 07:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/06/2016 07:49:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5038
Error: (03/06/2016 07:49:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5038
Error: (03/06/2016 07:49:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (03/07/2016 10:07:52 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/06/2016 11:13:06 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/03/2016 11:28:30 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/02/2016 10:26:34 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/02/2016 10:25:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/02/2016 10:25:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/02/2016 10:25:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/02/2016 10:25:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TomTomHOMEService" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (03/02/2016 10:25:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/02/2016 10:25:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Power Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 8123.56 MB
Verfügbarer physikalischer RAM: 4328.6 MB
Summe virtueller Speicher: 8321.77 MB
Verfügbarer virtueller Speicher: 4099.59 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:216.63 GB) (Free:43.73 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.48 GB) (Free:0 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.55 GB) (Free:1.53 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E6D17E37)
Partition 1: (Active) - (Size=228 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=216.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1.6 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
Mist! Mir ist ein Fehler unterlaufen, hab die Programme aus dem Download Order aus gestartet  Nochmal von neu? |
|
08.03.2016, 07:10
| #6 |
| /// TB-Ausbilder | Spam Nachricht an alle Skype Kontakte "http://bit.ly/21Dc6l3?dazjsugo=XXX" Servus, Du hast da mindestens eine illegale/gecrackte Software auf deinem Rechner: Microsoft Office Lesestoff:Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter, wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems. |
|
08.03.2016, 13:02
| #7 |
| | Ups Moin, Office deinstalliert. Crack gelöscht. Da ich Office zum arbeiten brauche wird gerade das 2016er Office installiert. Legal über die Uni erworben  Gecracktes CoD MW deinstalliert - wird eh nie genutzt. Sorry, hab einfach nicht dran gedacht  Sonst bin ich sauber  ... hoffe ich !Soll ich nochmal FRST.exe und TDSSKiller.exe starten? LG Geändert von bright_night (08.03.2016 um 13:08 Uhr) |
|
08.03.2016, 16:23
| #8 |
| /// TB-Ausbilder | Spam Nachricht an alle Skype Kontakte "http://bit.ly/21Dc6l3?dazjsugo=XXX" Servus, FRST nochmal:
|
|
09.03.2016, 11:03
| #9 |
| | FRST.txtCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Gabriel (Administrator) auf GABRIEL-PC (09-03-2016 11:01:24)
Gestartet von C:\Users\Gabriel\Desktop
Geladene Profile: Gabriel (Verfügbare Profile: Gabriel)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser nicht gefunden!)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64"
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64"
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Users\Gabriel\AppData\Local\Temp\OfficeDC\_tools\IDMShellExt64.dll [2012-02-08] (Tonec Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
AutoConfigURL: [S-1-5-21-3980449854-420695129-2575981882-1000] => hxxp://127.0.0.1:8445/okayfreedom.pac
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{55287400-DE03-44A2-863C-9C0144864978}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{55287400-DE03-44A2-863C-9C0144864978}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{E44E6384-8F8B-421A-8D3A-8A5F1BD97E07}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{E95ECF9B-ABF1-4A94-8E2A-43470FA0EB02}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{EE9C8FEE-8405-4E4F-8B24-B213688943D2}: [DhcpNameServer] 192.168.42.129
ManualProxies: 0hxxp://127.0.0.1:8445/okayfreedom.pac
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Kein Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> Keine Datei
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-03-08] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-03-08] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-03-08] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-03-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-26] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-03-08] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-26] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default
FF Homepage: www.google.de
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-03-08] (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin64.dll [2014-07-24] (Skype)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-03-08] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-03-08] (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin.dll [2014-07-24] (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-20] (Digital Persona, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\searchplugins\youtube-videosuche.xml [2015-09-02]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\extensions\adblockpopups@jessehakanen.net.xpi [2015-09-02]
FF Extension: Avira Browser Safety - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\abs@avira.com [2016-02-25]
FF Extension: Mein Grundeinkommen - CrowdBar - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\jid1-XGbYhwCViPEOUQ@jetpack.xpi [2015-11-26]
FF Extension: OpenSC PKCS11 Installer - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\support@hrz.uni-giessen.de.xpi [2015-09-01] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-25]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2014-11-11] [ist nicht signiert]
FF HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gabriel\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Gabriel\AppData\Roaming\IDM\idmmzcc5 [2014-11-27] [ist nicht signiert]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Google Docs) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (Google-Suche) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Tabellen) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Avira Browserschutz) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-02-18]
CHR Extension: (Google Docs Offline) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Skype) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Google Mail) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Users\Gabriel\AppData\Local\Temp\OfficeDC\_tools\IDMGCExt.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1417592 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-28] (Microsoft Corporation)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-20] (DigitalPersona, Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [346552 2015-11-12] (Steganos Software GmbH)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [Datei ist nicht signiert]
R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [480472 2014-06-10] (VMware, Inc.)
R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [480472 2014-06-10] (VMware, Inc.)
R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [480472 2014-06-10] (VMware, Inc.)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe [14407384 2014-06-12] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [75344 2013-02-22] (VMware, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-23] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33496 2014-06-12] (VMware, Inc.)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [32472 2014-06-12] (VMware, Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 xiringcciddrv3; C:\Windows\System32\DRIVERS\xccid3wdm.sys [36184 2012-06-29] (Ingenico)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-09 11:01 - 2016-03-09 11:01 - 00029389 _____ C:\Users\Gabriel\Desktop\FRST.txt
2016-03-09 11:00 - 2016-03-09 11:00 - 00000000 ___HD C:\OneDriveTemp
2016-03-09 10:48 - 2016-03-09 10:49 - 00001078 _____ C:\Windows\system32dbgraw.bmp
2016-03-08 13:04 - 2016-03-08 13:04 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-03-08 12:36 - 2016-03-08 12:36 - 00002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-03-08 12:36 - 2016-03-08 12:36 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-03-08 12:36 - 2016-03-08 12:36 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-03-08 12:36 - 2016-03-08 12:36 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-03-08 12:36 - 2016-03-08 12:36 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-03-08 12:36 - 2016-03-08 12:36 - 00002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-03-08 12:36 - 2016-03-08 12:36 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-03-08 12:36 - 2016-03-08 12:36 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-03-08 12:36 - 2016-03-08 12:36 - 00002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-03-08 12:36 - 2016-03-08 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-03-08 12:26 - 2016-03-08 13:05 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-08 12:18 - 2016-03-08 12:18 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-03-08 12:15 - 2016-03-08 12:15 - 04492488 _____ (Microsoft Corporation) C:\Users\Gabriel\Downloads\Setup.X64.de-de_O365ProPlusRetail_71a9fdd8-54cf-4eee-9768-1d64430e3282_TX_PR_b_32_.exe
2016-03-08 12:09 - 2016-03-08 12:09 - 03237576 _____ (Microsoft Corporation) C:\Users\Gabriel\Downloads\Setup.X86.de-DE_O365ProPlusRetail_71a9fdd8-54cf-4eee-9768-1d64430e3282_TX_PR_b_32_.exe
2016-03-08 12:00 - 2016-03-08 12:01 - 00318194 _____ C:\Users\Gabriel\Downloads\12540.pdf
2016-03-07 18:03 - 2016-03-07 18:18 - 00243786 _____ C:\TDSSKiller.3.1.0.9_07.03.2016_18.03.39_log.txt
2016-03-07 18:01 - 2016-03-09 11:01 - 00000000 ____D C:\FRST
2016-03-07 18:00 - 2016-03-07 18:00 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Gabriel\Downloads\tdsskiller.exe
2016-03-07 16:34 - 2016-03-07 16:34 - 02949383 _____ C:\Users\Gabriel\Downloads\Dateiordner_Allgemeiner_Dateiordner.zip
2016-03-07 14:14 - 2016-03-07 14:14 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\Program Files\iTunes
2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\Program Files\iPod
2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-06 21:56 - 2016-03-06 21:56 - 01609216 _____ (Malwarebytes) C:\Users\Gabriel\Downloads\JRT.exe
2016-03-06 21:55 - 2016-03-06 21:55 - 02374144 _____ (Farbar) C:\Users\Gabriel\Desktop\FRST64.exe
2016-03-06 20:59 - 2016-03-08 11:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-06 20:58 - 2016-03-06 20:58 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-06 20:58 - 2016-03-06 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-03-06 20:58 - 2016-03-06 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-06 20:58 - 2016-03-06 20:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-03-06 20:58 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-06 20:58 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-06 20:58 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-06 20:53 - 2016-03-06 20:53 - 22908888 _____ (Malwarebytes ) C:\Users\Gabriel\Downloads\mbam-setup-2.2.0.1024.exe
2016-03-06 11:46 - 2016-03-06 11:46 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\UltraMixer4
2016-03-06 11:45 - 2016-03-06 11:46 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\UltraMixer5
2016-03-06 11:45 - 2016-03-06 11:45 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\AMD
2016-03-06 11:45 - 2016-03-06 11:45 - 00000000 ____D C:\Users\Gabriel\.oracle_jre_usage
2016-03-06 11:43 - 2016-03-06 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMixer5
2016-03-06 11:42 - 2016-03-06 11:43 - 00000000 ____D C:\Program Files\UltraMixer5
2016-03-06 11:24 - 2016-03-06 11:24 - 00000000 ____D C:\Users\Gabriel\AppData\Local\MediaMonkey
2016-03-04 17:24 - 2016-03-04 17:24 - 00002022 _____ C:\Users\Public\Desktop\Max Recorder.lnk
2016-03-04 17:24 - 2016-03-04 17:24 - 00000000 ____D C:\Users\Gabriel\AppData\Local\MaxRecorder
2016-03-04 17:24 - 2016-03-04 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2016-03-04 17:24 - 2016-03-04 17:24 - 00000000 ____D C:\Program Files (x86)\Max Recorder
2016-03-04 16:04 - 2016-03-06 11:13 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Spotify
2016-03-04 16:04 - 2016-03-04 16:04 - 00001817 _____ C:\Users\Gabriel\Desktop\Spotify.lnk
2016-03-04 16:04 - 2016-03-04 16:04 - 00001803 _____ C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-03-04 16:03 - 2016-03-06 11:13 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Spotify
2016-03-02 22:59 - 2016-03-02 22:59 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\library_dir
2016-03-02 22:59 - 2016-03-02 22:59 - 00000000 ____D C:\ProgramData\ATI
2016-03-02 22:58 - 2016-03-03 00:13 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Raptr
2016-03-02 22:58 - 2016-03-03 00:12 - 00000000 ____D C:\Program Files (x86)\Raptr
2016-03-02 22:58 - 2016-03-02 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-03-02 22:58 - 2016-03-02 22:58 - 00000000 ____D C:\Program Files (x86)\AMD
2016-03-02 22:56 - 2016-03-02 22:57 - 00000000 ____D C:\Program Files\AMD
2016-03-02 21:06 - 2016-03-02 21:06 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Kryptotel_fz_llc
2016-03-02 20:46 - 2016-03-09 10:48 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-03-02 16:33 - 2016-03-02 16:33 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Activision
2016-02-28 05:01 - 2016-02-28 05:01 - 00635120 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-02-28 05:01 - 2016-02-28 05:01 - 00439536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-02-28 05:01 - 2016-02-28 05:01 - 00390408 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-02-28 05:01 - 2016-02-28 05:01 - 00333080 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-02-28 05:01 - 2016-02-28 05:01 - 00267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-02-28 05:01 - 2016-02-28 05:01 - 00243480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-02-28 05:01 - 2016-02-28 05:01 - 00088816 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-02-28 05:01 - 2016-02-28 05:01 - 00085232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-02-25 20:41 - 2016-02-25 20:49 - 00000000 ____D C:\Users\Gabriel\AppData\Local\BetterDS3
2016-02-25 20:23 - 2016-03-02 23:57 - 00000000 ____D C:\Windows\Minidump
2016-02-25 20:22 - 2016-02-25 20:22 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\MotioninJoy
2016-02-25 20:22 - 2016-02-25 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2016-02-25 20:22 - 2016-02-25 20:22 - 00000000 ____D C:\Program Files\MotioninJoy
2016-02-25 20:22 - 2011-12-07 19:42 - 00328712 _____ (Logitech Inc.) C:\Windows\system32\MijFrc.dll
2016-02-25 19:48 - 2016-02-25 22:13 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Unity
2016-02-25 19:48 - 2016-02-25 19:48 - 00000000 ____D C:\Users\Gabriel\AppData\LocalLow\Unity
2016-02-17 22:42 - 2015-11-12 11:51 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-02-17 22:41 - 2016-03-08 11:49 - 00000000 ____D C:\Users\Gabriel\AppData\Local\LogMeIn Hamachi
2016-02-17 22:41 - 2016-02-17 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-02-17 22:41 - 2016-02-17 22:41 - 00000000 ____D C:\Users\Gabriel\AppData\Local\LogMeIn
2016-02-17 22:41 - 2016-02-17 22:41 - 00000000 ____D C:\ProgramData\LogMeIn
2016-02-17 22:41 - 2016-02-17 22:41 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-02-17 20:28 - 2016-02-21 21:01 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Hero_Siege
2016-02-17 18:59 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-02-17 18:59 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-02-17 18:59 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-02-17 18:59 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-02-17 18:59 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-02-17 18:59 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-02-17 18:59 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-02-17 18:59 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-02-17 18:59 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-02-17 18:59 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-02-17 18:59 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-02-17 18:59 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-02-17 18:59 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-02-17 18:59 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-02-17 18:59 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-02-17 18:59 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-02-17 18:59 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-02-17 18:59 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-02-17 18:59 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-02-17 18:59 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-02-17 18:59 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-02-17 18:59 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-02-17 18:59 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-02-17 18:59 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-02-16 19:46 - 2016-03-01 01:10 - 00000000 ____D C:\Users\Gabriel\Desktop\MW
2016-02-16 19:23 - 2016-02-16 19:23 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\MW2 FoV Changer
2016-02-16 19:12 - 2016-02-17 16:18 - 00000000 ____D C:\Program Files (x86)\MW2CU
2016-02-11 12:14 - 2016-02-11 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-11 12:13 - 2016-02-11 12:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-11 12:13 - 2016-02-11 12:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-11 12:08 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-02-11 12:08 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-02-11 12:07 - 2015-12-16 19:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-02-11 12:07 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-02-11 12:07 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-02-11 12:07 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-02-11 12:07 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-02-11 12:07 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-02-11 12:07 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-02-11 12:07 - 2015-12-16 19:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-02-10 13:59 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 13:59 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 13:59 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 13:59 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 13:59 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 13:59 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 13:59 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-10 13:59 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-10 13:59 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-10 13:59 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-10 13:59 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 13:59 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 13:59 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 13:59 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-10 13:59 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 13:59 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-10 13:59 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 13:59 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 13:59 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 13:59 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 13:59 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 13:59 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 13:59 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 13:59 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 13:59 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-10 13:59 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 13:59 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-10 13:59 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-10 13:59 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 13:59 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-10 13:59 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-10 13:59 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-10 13:59 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-10 13:59 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 13:59 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 13:59 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 13:59 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-10 13:59 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-10 13:59 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-10 13:59 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-10 13:59 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-10 13:59 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-10 13:59 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-10 13:59 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-10 13:59 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-10 13:59 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 13:59 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-10 13:59 - 2016-01-16 20:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 13:59 - 2016-01-16 19:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 13:59 - 2016-01-11 15:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 13:59 - 2016-01-11 15:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 13:59 - 2016-01-11 15:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 13:59 - 2016-01-11 15:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 13:59 - 2016-01-11 15:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 13:59 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 13:59 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-10 13:58 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 13:58 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 13:58 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 13:58 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 13:58 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 13:58 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 13:58 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 13:58 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 13:58 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 13:58 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 13:58 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 13:58 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 13:58 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-10 13:58 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-10 13:58 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 13:58 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-10 13:58 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-10 13:58 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 13:58 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 13:58 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-10 13:58 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-10 13:58 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 13:58 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-10 13:58 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-10 13:58 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 13:58 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-10 13:58 - 2016-01-11 20:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 13:58 - 2016-01-11 20:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 13:58 - 2016-01-11 20:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 13:58 - 2016-01-11 19:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 13:58 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-10 13:58 - 2016-01-11 19:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 13:58 - 2016-01-11 19:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 13:58 - 2016-01-11 19:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 13:58 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 13:58 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 13:58 - 2016-01-11 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 13:58 - 2016-01-11 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 13:58 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-10 13:58 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-10 13:58 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-10 13:58 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-10 13:58 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 13:58 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 13:58 - 2015-12-20 19:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 13:58 - 2015-12-20 19:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 13:58 - 2015-12-20 15:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 13:57 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 13:57 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 13:57 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 13:57 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 13:57 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-10 13:57 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-10 13:57 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 13:57 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 13:57 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 13:57 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 13:57 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 13:57 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 13:57 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-10 13:57 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 13:57 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 13:57 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 13:57 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 13:57 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-10 13:57 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 13:57 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 13:57 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 13:57 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 13:57 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 13:57 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 13:57 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 13:57 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 13:57 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 13:57 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 13:57 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-10 13:57 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-10 13:57 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 13:57 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 13:57 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 13:57 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-10 13:57 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-10 13:57 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 13:57 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-10 13:57 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-10 13:57 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-10 13:57 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-10 13:57 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-10 13:57 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-10 13:57 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-10 13:57 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-10 13:57 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 13:57 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-10 13:57 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-10 13:57 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 13:57 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-10 13:57 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 13:57 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-10 13:57 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 13:57 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 13:57 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-10 13:57 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 13:57 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-10 13:57 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 13:57 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 13:57 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 13:57 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 13:57 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 13:57 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 13:57 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-10 13:57 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-10 13:57 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-10 13:57 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-10 13:57 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-10 13:57 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 13:57 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-09 23:55 - 2016-02-09 23:55 - 00000000 ____D C:\Windows\SysWOW64\IPM
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-09 11:00 - 2014-11-02 13:10 - 00000000 ___RD C:\Users\Gabriel\OneDrive
2016-03-09 10:57 - 2011-04-12 08:43 - 00702064 _____ C:\Windows\system32\perfh007.dat
2016-03-09 10:57 - 2011-04-12 08:43 - 00150698 _____ C:\Windows\system32\perfc007.dat
2016-03-09 10:57 - 2009-07-14 06:13 - 01627626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-09 10:57 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-09 10:57 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-09 10:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-09 10:49 - 2015-10-19 19:09 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-03-09 10:49 - 2014-10-14 23:24 - 00000000 ____D C:\ProgramData\VMware
2016-03-09 10:49 - 2014-10-14 20:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-09 10:48 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-09 10:48 - 2009-07-14 05:45 - 00514768 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-08 13:22 - 2014-10-14 20:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-08 13:13 - 2015-11-19 12:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-08 13:05 - 2014-10-14 19:37 - 00151088 _____ C:\Users\Gabriel\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-08 13:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-03-08 12:26 - 2014-10-15 11:05 - 00000000 ____D C:\Program Files\Microsoft Office
2016-03-08 12:14 - 2011-04-12 08:55 - 00000000 ____D C:\Windows\ShellNew
2016-03-08 12:12 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2016-03-08 12:09 - 2014-10-14 22:43 - 00000000 ____D C:\Users\Gabriel\Tools
2016-03-07 16:00 - 2014-11-19 23:33 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\vlc
2016-03-07 14:14 - 2014-11-30 16:48 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-03-07 00:03 - 2016-01-05 12:33 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-06 23:53 - 2014-10-15 11:39 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Skype
2016-03-06 20:13 - 2014-10-11 18:46 - 00000000 ____D C:\AdwCleaner
2016-03-06 16:40 - 2016-02-06 19:46 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\MediaMonkey
2016-03-06 11:45 - 2014-10-14 18:45 - 00000000 ____D C:\Users\Gabriel
2016-03-06 11:19 - 2014-12-29 20:36 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2016-03-06 11:17 - 2015-04-11 10:47 - 00000000 ____D C:\Users\Gabriel\AppData\Local\CrashDumps
2016-03-02 23:59 - 2015-01-06 22:09 - 00000000 ____D C:\Users\Gabriel\Documents\My Games
2016-03-02 22:57 - 2014-10-14 21:51 - 00000000 ____D C:\Program Files\ATI Technologies
2016-03-02 22:57 - 2014-10-14 20:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-02 22:55 - 2014-10-09 17:49 - 00000000 ____D C:\AMD
2016-03-02 22:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2016-03-01 21:57 - 2015-04-28 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-03-01 21:57 - 2015-04-28 21:57 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2
2016-03-01 21:55 - 2015-04-28 21:56 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Downloaded Installations
2016-03-01 13:00 - 2014-10-14 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-28 01:35 - 2015-04-07 15:17 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-28 01:35 - 2015-04-07 15:17 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-20 12:24 - 2014-10-14 20:03 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-18 11:27 - 2014-10-14 22:25 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-02-18 11:16 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-17 20:37 - 2014-10-15 11:39 - 00000000 ____D C:\ProgramData\Skype
2016-02-17 07:31 - 2016-01-12 22:26 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-16 14:25 - 2015-12-28 19:21 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Amazon Music
2016-02-14 17:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-13 11:14 - 2015-07-10 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2016-02-13 11:14 - 2014-12-25 21:55 - 00000000 ____D C:\Program Files (x86)\OkayFreedom
2016-02-11 23:58 - 2014-11-02 13:10 - 00002184 _____ C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-02-11 15:08 - 2014-12-25 21:56 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Steganos VPN
2016-02-11 13:00 - 2014-10-14 21:54 - 01601906 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-02-11 11:37 - 2014-12-12 09:48 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 11:37 - 2014-10-16 15:11 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-11 11:21 - 2014-10-18 11:11 - 00000000 ____D C:\Windows\system32\MRT
2016-02-11 11:09 - 2014-10-18 11:11 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-09 22:13 - 2015-11-19 12:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 22:13 - 2014-10-21 21:20 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 22:13 - 2014-10-21 21:20 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-22 14:51 - 2015-07-22 14:51 - 0159200 ____T () C:\Users\Gabriel\AppData\Roaming\CrashRpt1402.dll
2015-09-09 00:33 - 2015-09-09 11:51 - 0007597 _____ () C:\Users\Gabriel\AppData\Local\Resmon.ResmonCfg
2015-06-08 21:29 - 2015-06-08 21:30 - 0000000 _____ () C:\Users\Gabriel\AppData\Local\{B7EE9282-17A0-494E-AB5C-97B2FE8262F4}
Einige Dateien in TEMP:
====================
C:\Users\Gabriel\AppData\Local\Temp\avgnt.exe
C:\Users\Gabriel\AppData\Local\Temp\jpathwatch-nativelib-v-0-94-jpathwatch-native.dll
C:\Users\Gabriel\AppData\Local\Temp\Quarantine.exe
C:\Users\Gabriel\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-28 11:51
==================== Ende von FRST.txt ============================
|
|
09.03.2016, 11:04
| #10 |
| | Addition.txtCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Gabriel (2016-03-09 11:01:45)
Gestartet von C:\Users\Gabriel\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-10-14 17:45:10)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3980449854-420695129-2575981882-500 - Administrator - Disabled)
Gabriel (S-1-5-21-3980449854-420695129-2575981882-1000 - Administrator - Enabled) => C:\Users\Gabriel
Gast (S-1-5-21-3980449854-420695129-2575981882-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3980449854-420695129-2575981882-1002 - Limited - Enabled)
___VMware_Conv_SA___ (S-1-5-21-3980449854-420695129-2575981882-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Skybox Labs)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
Amazon Music (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Amazon Amazon Music) (Version: 4.1.0.1229 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.141 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ElcomPDF (HKLM\...\ElcomPDF) (Version: - )
Foiled (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Foiled) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hager (HKLM-x32\...\ZPlan21) (Version: - )
Hager prerequisites (HKLM-x32\...\{98C64AD3-6A1D-4737-9ED8-06A73741550C}) (Version: 1.00.0000 - hager)
Hager prerequisites (HKLM-x32\...\{EB733D93-1923-4F2E-97D1-125AAA8DD59D}) (Version: 1.00.0000 - hager)
Hero Siege (HKLM-x32\...\Steam App 269210) (Version: - Elias Viglione)
HP Connection Manager (HKLM-x32\...\{C0ED9561-8312-457C-BB1B-BDC7EE034CED}) (Version: 4.7.4.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{57FA60DA-585F-456A-B80E-17D1CDD22A30}) (Version: 5.0.27.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{682FBA83-2CCA-4CFA-A08A-6767DAB2FC9C}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.2.1213 - Hewlett-Packard Company)
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Max Recorder (HKLM-x32\...\Max Recorder) (Version: 2.006.0.0 - Silver Vine, LLC)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6568.2036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\OneDriveSetup.exe) (Version: 17.3.6301.0127 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.6.3 - Steganos Software GmbH)
OpenSC (HKLM-x32\...\{0707CEBF-DD03-4042-B2AF-F48F0DFF6A53}) (Version: 0.13.0.0 - OpenSC Project)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
RAPID Mode (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.2.2 - SAMSUNG Electronics Co., Ltd.)
SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{69F300CB-D6BF-41DD-B7CC-983BAFF4EE15}) (Version: 3.1.15602.22612 - Skype Technologies S.A.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UltraMixer 5.1.1 (HKLM\...\{272e17ad-75e3-4a72-bee8-45e5e927920f}_is1) (Version: 5.1.1 - UltraMixer Digital Audio Solutions)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VirtualDJ 8 (HKLM-x32\...\{6B8D3A67-346D-410E-81D2-3BFE228D263D}) (Version: 8.1.2587.0 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware vCenter Converter Standalone (HKLM-x32\...\{17C3235A-A4B9-44ED-8794-54D8408F9733}) (Version: 5.1.1.1890470 - VMware, Inc.)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.3 - VMware, Inc)
VMware Workstation (Version: 10.0.3 - VMware, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows-Treiberpaket - XIRING (xiringcciddrv3) SmartCardReader (06/29/2012 3.0.0.3) (HKLM\...\CC5816C152375AF188FA880B1B39AA2B1245E122) (Version: 06/29/2012 3.0.0.3 - XIRING)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3980449854-420695129-2575981882-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3980449854-420695129-2575981882-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E1C33D2-FA5A-438C-9255-3333ED5C2027} - System32\Tasks\{30D93048-8DD3-4E08-A791-F21748378FD1} => pcalua.exe -a C:\Users\Gabriel\Downloads\sp60775.exe -d C:\Users\Gabriel\Downloads
Task: {20EE9B8D-4B86-45AE-9B44-0CF32C15E287} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3980449854-420695129-2575981882-1000
Task: {2B818B35-1AF3-4198-AF12-85ECEEA7942D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {525ADF54-93B7-455C-8F4B-B3AAF73E6B20} - System32\Tasks\{D022BC08-F7C4-4A40-AB58-F701B2077139} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{FE041B02-234C-4AAA-9511-80DF6482A458}\Setup.exe" -c -runfromtemp -l0x0007 anything -removeonly
Task: {5455FBDA-C13B-441A-8640-1BDE4BEC042A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-03-08] (Microsoft Corporation)
Task: {55E35628-895A-497E-8367-C7DF9139DCBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {683BBF82-5582-4209-86DE-1C78FD8D87E2} - System32\Tasks\{ADBCDE11-73EF-4E97-8823-6282628B908F} => pcalua.exe -a C:\Users\Gabriel\Downloads\JLUPruefeChipkarte.exe -d C:\Users\Gabriel\Downloads
Task: {75090E95-D6EB-4187-BD1B-0A0119E8BCFE} - System32\Tasks\{A127F928-3218-4584-8AED-62BD0FD4B3FA} => C:\The Games Page\Gunner 3\gunner3.exe [2000-11-04] (Clickteam)
Task: {8A0ABB32-E53E-458E-918E-042D9D8DCA19} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-10-15] ()
Task: {8BD9843E-C2D6-438F-83C1-7DA2EF7C17B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-03-08] (Microsoft Corporation)
Task: {9FB00720-67C6-4746-8450-CCEF4E505E90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A8F356BF-120A-46FB-8EC3-A48712BACDEA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {AD3A2732-7A99-431E-8D3C-4876FFC28F85} - System32\Tasks\{83300497-BB56-431B-8B2E-5AA86C038B68} => C:\Users\Gabriel\Downloads\OfficeDC.1.33.exe
Task: {AE4E012A-BDA5-4C9B-96FC-B743A479E174} - System32\Tasks\{EB8BD2C2-A141-43ED-ACAA-5B72BF8BCC86} => C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
Task: {C0744401-F414-4668-B068-EE666BD23471} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {C2E1AC57-8D74-4A37-A7F8-EF99B455D7C6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {C33CDC8F-AB43-46EF-945E-7DF89004BBF3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-03-08] (Microsoft Corporation)
Task: {C376D878-4F2F-4C0B-9197-E0B476335ACA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {CBC28C97-36BB-482A-990E-AC0057AEBA45} - System32\Tasks\{3E33D226-F5A1-40BF-94E3-835631EB3EDB} => C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
Task: {CF425B62-2E2D-48E3-9FDC-0DC130270817} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D4419160-71B7-417C-B9FC-8840DA06E777} - System32\Tasks\{47DA8770-DB3F-49CE-B1A1-7A999E23C9D8} => C:\The Games Page\Gunner 3\gunner3.exe [2000-11-04] (Clickteam)
Task: {D814A807-A0FB-4099-97F1-85C7AD42A6C9} - System32\Tasks\{36A09DAE-4309-4F49-B1FA-476689651A43} => pcalua.exe -a C:\Users\Gabriel\Downloads\sp66402.exe -d C:\Users\Gabriel\Downloads
Task: {DB59D9B8-F946-4197-9A33-601C859458F7} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-11-06] (Samsung Electronics.)
Task: {F540DB13-6D4E-4500-AFF5-CF42588797DB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)
Task: {FCB33D48-5900-4EED-A617-A1222491AE75} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {FF8F448D-2462-423B-846B-DDDE64D4C967} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-01-17 16:57 - 2012-01-17 16:57 - 00298368 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-10-12 00:55 - 2011-10-12 00:55 - 00213328 _____ () C:\Windows\system32\PassThroughOTP.dll
2015-03-08 18:40 - 2008-07-19 15:26 - 00087040 _____ () C:\Windows\System32\custmon64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-08 12:18 - 2016-02-28 02:20 - 00173248 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2014-06-12 16:44 - 2014-06-12 16:44 - 14407384 _____ () C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-02-10 13:26 - 2012-02-10 13:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2013-10-10 22:48 - 2013-10-10 22:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-10-14 20:25 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-14 20:25 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-14 20:25 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-14 20:25 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-14 20:25 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-06-10 19:56 - 2014-06-10 19:56 - 00086744 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\mspack.dll
2014-06-10 19:55 - 2014-06-10 19:55 - 01297624 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\libxml2.dll
2014-06-10 19:54 - 2014-06-10 19:54 - 00542936 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\sqlite3.dll
2014-06-12 17:22 - 2014-06-12 17:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2014-10-14 23:18 - 00450709 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15461 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Amazon Music => "C:\Users\Gabriel\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: SamsungRapidApp => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Gabriel\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Gabriel\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Player\vmware-tray.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BD889D3D-A690-49B3-AA2E-D8ADCBA53300}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{ECE1A4AF-907D-4B2B-A44C-42494757D425}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4C0D6FAD-A54E-4847-8D7C-C75AAAA9AB33}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CF20E5F0-6707-4CDF-9220-D05C1FBA4DEB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{30C11337-998C-4BF2-85F3-710ADF0413AF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{A588E33A-723A-4506-A183-1236643A1AB3}H:\call of duty modern warfare 2 lanserver\iw4mp.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [UDP Query User{479F72ED-ADA8-4124-BA78-5F02C1754392}H:\call of duty modern warfare 2 lanserver\iw4mp.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [{146785B4-2FD5-4D6D-81C3-536E4157CDAC}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [{93A0B2BF-0217-4781-A12C-D67F117C83D4}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [TCP Query User{863D9770-572F-4C1E-BE98-94C022CDEAD9}H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [UDP Query User{74108909-43E8-4A91-92E2-C8015C97902E}H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [{B8AC803E-53C3-44C5-8B88-77796C2254DD}] => (Block) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [{71630EED-E6EE-4FD9-A294-A729DBF2040A}] => (Block) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [TCP Query User{35618C5C-F8A3-4A15-A1F9-0EA3536F1624}H:\call of duty modern warfare 2 lanserver\iw4mp.dat] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [UDP Query User{FED1F4EB-5A18-41E9-9598-0517488D3388}H:\call of duty modern warfare 2 lanserver\iw4mp.dat] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [{F626EE4D-4BBC-466F-B55F-936D086F1FCF}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [{BA97A5D3-8DC9-479E-A4EC-81DCB5D74B71}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [{00778EFF-14CA-4D0E-A141-A6EFEF2BA262}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{7E2189A5-498F-4047-915E-BEACCEF6A65D}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{17E5BB5B-9E4A-425D-9117-6BB76BB6BAD5}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
FirewallRules: [{8E94A732-40D8-4C1A-BAE9-839A03F834E4}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
FirewallRules: [{1A57E7C0-22CE-4B04-AF33-E21EDA78C5A6}] => (Allow) LPort=9089
FirewallRules: [{0B865921-0DE7-4F62-8DE0-7500885E341A}] => (Allow) LPort=56789
FirewallRules: [{124A0744-198D-41F7-B3CF-AF9CE4BBB5FB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C27638A-0B97-4C8B-91D5-FCDE2ED59314}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{241298C7-5B03-481E-81F3-A712E57D7407}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{07D87E29-691E-4C5C-9756-9FF92DEBA380}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4C3C541F-2496-44B1-9950-AC60FC64648D}] => (Allow) C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\SkypeWebPlugin.exe
FirewallRules: [{143F0BBE-F991-40A1-B55F-422C4FBA73DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FA773BE8-D4FA-4FDA-BB7D-9AEB1E211118}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE263E50-6FA8-479D-872E-D2F60673A7E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{552C7D46-C458-4406-9678-9C9158F35F45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{C5C69819-8614-4EDE-86AB-45016436752E}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{D4769BE2-ED0C-4485-9B3E-97CC8E1C33AF}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{9CF6E971-6D88-44DD-936D-90D456BDA7C7}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{9B6C0EE3-3793-4B72-9246-294113C601DD}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{00DB28AD-62F9-46AD-81FD-9AB8DBA00E8D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14B14F2F-E995-4B7B-8F43-496D75BBAABA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF1DBBC4-6C4F-46EB-AA3F-67EDF8246DFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{277E9E08-BC4D-46B3-AB30-F484BD2717B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CD80537A-F693-48DF-B7C9-F4CBA03C60BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DD641276-B854-4F67-9C30-E6E8D9DA6045}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C365DE2C-7E09-4C40-8B80-1A1AF5993AAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{191F760E-3CA6-4001-9A26-85893F834538}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{049D3184-88F2-497B-A458-877FE4683D55}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{6BA1621D-C2B5-41EA-A063-83AC91199F7E}C:\elcom\zplan21\apps\rteng9.exe] => (Allow) C:\elcom\zplan21\apps\rteng9.exe
FirewallRules: [UDP Query User{08D20B19-7A32-4C10-9EFC-34913850CF10}C:\elcom\zplan21\apps\rteng9.exe] => (Allow) C:\elcom\zplan21\apps\rteng9.exe
FirewallRules: [{8874AED5-87AD-410A-A6AA-44CF7014F41D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{638B5C96-B087-40DB-B542-EC4A0737610A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{40222547-33EE-41C0-9D3F-3758D995E7B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2E2F1418-7077-4442-B361-EAC7C5691D4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2087A9F4-2BF7-4DE7-83BB-3E28BC70FC59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{930565A8-D500-4D26-ADC0-96D7C702BABC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{6E40B288-3D78-4D87-8059-844FF6817FED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{4AE6992B-7C19-42F9-A6A1-3B92C801B2E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{FC87BD8E-CADB-4F6C-BF24-E1631BFC7B07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{DBE7445C-3C8A-4DBB-9790-187A699D6F08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{E2142C34-AE82-472A-80E6-4574D18A98EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{9727ACC0-A829-4E18-8F05-E4B1FE581658}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{4C92B497-66FA-4520-9159-D15320712A97}] => (Allow) C:\Users\Gabriel\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
FirewallRules: [{6C27D0BF-DDB8-4810-9178-58819DCDCD14}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{49D5A6D9-A3C6-483B-9826-5443DB6A903F}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{4B3EEF91-2386-4316-ACE4-2EC7CF5AFAC8}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{5B6D0EA0-537A-446D-89B4-DC8A9142F04F}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{9A718AE9-3C12-42C0-AC28-59F02B98F10C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5204B4D7-1F41-4836-8495-6F2D79C9418C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{E7FEE871-2757-463F-AE3B-61A1E49AA77B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{DF72E38F-1846-426A-A670-6420676FF3D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{156169AA-0A8B-4518-B4B2-4BC4C112CBCB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{7F976C0A-A97A-4A81-9F71-7B16EB4B03BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{9E374EB6-9408-446B-804B-6751CA136B9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{A39878E4-1020-4B64-A4A4-717EFAE1AD40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{414CBCDC-BEA1-421E-9B24-D54F9D3130E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{C036A278-BA22-423B-882B-BB2237AE4354}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{57174513-1B1C-4FF7-9449-754E3046842B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A1F48AA9-A2F5-4E39-A2FD-C27197274403}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{E003C2D1-C34E-4E00-8994-02A5ED0B7777}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3D0B99CC-501F-4E0D-8E63-30566A67E863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{0D3A9B0F-826C-4487-998A-36886B4F3BBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{DC211AE0-E468-47C8-9935-5A3CE61DD515}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{64A345C3-B2D2-4EF1-B70C-9F4D9F95C87B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [TCP Query User{9853A361-1588-447E-A515-8F11FCA9FE09}C:\users\gabriel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gabriel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{53EA0294-74CB-487E-B186-283D8CA0C191}C:\users\gabriel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gabriel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E85A1E67-9DA1-41F5-8A25-F1C261727C56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{126902C4-08B1-4B84-BFC8-968A674302FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [TCP Query User{6169CF1D-35A4-427A-B572-494EEF1C14D5}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{EBE417A8-5F4C-4F8D-B0C1-B6EDEB3D59C8}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{AFD4042E-D673-4EB1-B304-C05BB4A59960}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{074B930C-8949-430F-BE09-A03306FC8060}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6A47780D-97EE-4C3D-A55A-AA4579C9984A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5096D0FC-F133-482B-A8FD-22FC368001E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4B49AB1E-ACFE-461D-9AFE-C779013535D7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{1861C06B-5931-403C-B205-241B5A776CA2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
==================== Wiederherstellungspunkte =========================
07-03-2016 13:07:03 Removed Windows Phone app for desktop
08-03-2016 12:11:56 Removed Microsoft Office Language Pack 2013 - German/Deutsch
08-03-2016 12:12:02 OMUI.DE-DE
08-03-2016 12:12:56 Removed Microsoft Office Professional Plus 2013
08-03-2016 12:13:01 PROPLUSR
08-03-2016 12:51:49 Entfernt Call of Duty(R) 4 - Modern Warfare(TM)
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/09/2016 10:49:59 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (03/09/2016 10:49:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2016 12:26:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2016 12:16:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2016 11:10:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/07/2016 10:08:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/06/2016 07:49:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7035
Error: (03/06/2016 07:49:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7035
Error: (03/06/2016 07:49:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/06/2016 07:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6037
Systemfehler:
=============
Error: (03/09/2016 11:01:00 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
Error: (03/09/2016 10:48:50 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/08/2016 12:16:20 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/08/2016 11:10:14 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/07/2016 10:07:52 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/06/2016 11:13:06 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/03/2016 11:28:30 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/02/2016 10:26:34 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/02/2016 10:25:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/02/2016 10:25:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 8123.56 MB
Verfügbarer physikalischer RAM: 4586.22 MB
Summe virtueller Speicher: 8321.77 MB
Verfügbarer virtueller Speicher: 4299.86 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:216.63 GB) (Free:81.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.48 GB) (Free:0 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.55 GB) (Free:1.53 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E6D17E37)
Partition 1: (Active) - (Size=228 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=216.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1.6 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
09.03.2016, 14:22
| #11 |
| /// TB-Ausbilder | Spam Nachricht an alle Skype Kontakte "http://bit.ly/21Dc6l3?dazjsugo=XXX" Servus, Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
10.03.2016, 00:23
| #12 |
| | AdwcleanerCode:
ATTFilter # AdwCleaner v5.101 - Bericht erstellt am 09/03/2016 um 23:57:06
# Aktualisiert am 07/03/2016 von Xplode
# Datenbank : 2016-03-08.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Gabriel - GABRIEL-PC
# Gestartet von : C:\Users\Gabriel\Desktop\AdwCleaner_5.101.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
[-] [C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : mobile.1und1.de
[-] [C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : dsl.1und1.de
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1147 Bytes] - [09/03/2016 23:57:06]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1104 Bytes] - [09/03/2016 23:56:12]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1333 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 10.03.2016 Suchlaufzeit: 00:00 Protokolldatei: Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.03.09.06 Rootkit-Datenbank: v2016.02.27.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Gabriel Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 388491 Abgelaufene Zeit: 8 Min., 2 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 7 Professional x64
Ran by Gabriel (Administrator) on 10.03.2016 at 0:18:13,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 34
Successfully deleted: C:\Users\Gabriel\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\00061FXQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1ZCIFUZH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4DHDOH40 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6SN9XFMZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ADPVQOR9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F0DWWTBI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IZM5Z0NP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K0PQH6GH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KEVZ67P1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O00KSGBC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6Q2CB5E (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6NNPIKL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\00061FXQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1ZCIFUZH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4DHDOH40 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6SN9XFMZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ADPVQOR9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F0DWWTBI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IZM5Z0NP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K0PQH6GH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KEVZ67P1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O00KSGBC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6Q2CB5E (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6NNPIKL (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.03.2016 at 0:20:34,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von Gabriel (Administrator) auf GABRIEL-PC (10-03-2016 00:22:10) Gestartet von C:\Users\Gabriel\Desktop Geladene Profile: Gabriel & (Verfügbare Profile: Gabriel) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser nicht gefunden!) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe () C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation) HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Users\Gabriel\AppData\Local\Temp\OfficeDC\_tools\IDMShellExt64.dll [2012-02-08] (Tonec Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) AutoConfigURL: [S-1-5-21-3980449854-420695129-2575981882-1000] => hxxp://127.0.0.1:8445/okayfreedom.pac AutoConfigURL: [S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => hxxp://127.0.0.1:8445/okayfreedom.pac Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{55287400-DE03-44A2-863C-9C0144864978}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{55287400-DE03-44A2-863C-9C0144864978}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{E44E6384-8F8B-421A-8D3A-8A5F1BD97E07}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{E95ECF9B-ABF1-4A94-8E2A-43470FA0EB02}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{EE9C8FEE-8405-4E4F-8B24-B213688943D2}: [DhcpNameServer] 192.168.42.129 ManualProxies: 0hxxp://127.0.0.1:8445/okayfreedom.pac Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Kein Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> Keine Datei BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-03-08] (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-03-08] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-03-08] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-03-08] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-26] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-03-08] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-08] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-26] (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-08] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default FF Homepage: www.google.de FF Session Restore: -> ist aktiviert. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-03-08] (Microsoft Corporation) FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin64.dll [2014-07-24] (Skype) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-26] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-03-08] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-03-08] (Microsoft Corporation) FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin.dll [2014-07-24] (Skype) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-20] (Digital Persona, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\searchplugins\youtube-videosuche.xml [2015-09-02] FF Extension: Adblock Plus Pop-up Addon - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\extensions\adblockpopups@jessehakanen.net.xpi [2015-09-02] FF Extension: Avira Browser Safety - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\abs@avira.com [2016-02-25] FF Extension: Mein Grundeinkommen - CrowdBar - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\jid1-XGbYhwCViPEOUQ@jetpack.xpi [2015-11-26] FF Extension: OpenSC PKCS11 Installer - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\support@hrz.uni-giessen.de.xpi [2015-09-01] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\gAJQHTbB.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-25] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2014-11-11] [ist nicht signiert] FF HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gabriel\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\Gabriel\AppData\Roaming\IDM\idmmzcc5 [2014-11-27] [ist nicht signiert] FF HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gabriel\AppData\Roaming\IDM\idmmzcc5 Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.de/" CHR Session Restore: Default -> ist aktiviert. CHR Profile: C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05] CHR Extension: (Google Docs) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Google Drive) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (YouTube) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27] CHR Extension: (Adblock Plus) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09] CHR Extension: (Google-Suche) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Google Tabellen) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05] CHR Extension: (Avira Browserschutz) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-02-18] CHR Extension: (Google Docs Offline) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19] CHR Extension: (Skype) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-21] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25] CHR Extension: (Google Mail) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Users\Gabriel\AppData\Local\Temp\OfficeDC\_tools\IDMGCExt.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2016-02-18] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1417592 2016-02-18] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-28] (Microsoft Corporation) R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-20] (DigitalPersona, Inc.) R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [346552 2015-11-12] (Steganos Software GmbH) R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd.) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [Datei ist nicht signiert] R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [480472 2014-06-10] (VMware, Inc.) R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [480472 2014-06-10] (VMware, Inc.) R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [480472 2014-06-10] (VMware, Inc.) R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe [14407384 2014-06-12] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2016-02-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG) S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [75344 2013-02-22] (VMware, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-23] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-10] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd.) R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd.) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus) R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33496 2014-06-12] (VMware, Inc.) R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [32472 2014-06-12] (VMware, Inc.) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.) S3 xiringcciddrv3; C:\Windows\System32\DRIVERS\xccid3wdm.sys [36184 2012-06-29] (Ingenico) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-10 00:22 - 2016-03-10 00:22 - 00032700 _____ C:\Users\Gabriel\Desktop\FRST.txt 2016-03-10 00:20 - 2016-03-10 00:20 - 00005964 _____ C:\Users\Gabriel\Desktop\JRT.txt 2016-03-09 23:54 - 2016-03-09 23:57 - 00000000 ____D C:\Program Files (x86)\AdwCleaner 2016-03-09 23:54 - 2016-03-09 23:54 - 01524224 _____ C:\Users\Gabriel\Downloads\AdwCleaner_5.101.exe 2016-03-09 23:54 - 2016-03-09 23:54 - 01524224 _____ C:\Users\Gabriel\Desktop\AdwCleaner_5.101.exe 2016-03-09 23:38 - 2016-03-09 23:38 - 00000000 ___HD C:\OneDriveTemp 2016-03-09 23:36 - 2016-03-09 23:58 - 00001078 _____ C:\Windows\system32dbgraw.bmp 2016-03-09 11:27 - 2016-03-09 11:27 - 00325784 _____ C:\Users\Gabriel\Downloads\Rechnung BERO.pdf 2016-03-08 13:04 - 2016-03-08 13:04 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-03-08 12:36 - 2016-03-08 12:36 - 00002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2016-03-08 12:36 - 2016-03-08 12:36 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2016-03-08 12:36 - 2016-03-08 12:36 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2016-03-08 12:36 - 2016-03-08 12:36 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2016-03-08 12:36 - 2016-03-08 12:36 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2016-03-08 12:36 - 2016-03-08 12:36 - 00002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2016-03-08 12:36 - 2016-03-08 12:36 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2016-03-08 12:36 - 2016-03-08 12:36 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2016-03-08 12:36 - 2016-03-08 12:36 - 00002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-03-08 12:36 - 2016-03-08 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools 2016-03-08 12:26 - 2016-03-08 13:05 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-03-08 12:18 - 2016-03-08 12:18 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-03-08 12:15 - 2016-03-08 12:15 - 04492488 _____ (Microsoft Corporation) C:\Users\Gabriel\Downloads\Setup.X64.de-de_O365ProPlusRetail_71a9fdd8-54cf-4eee-9768-1d64430e3282_TX_PR_b_32_.exe 2016-03-08 12:09 - 2016-03-08 12:09 - 03237576 _____ (Microsoft Corporation) C:\Users\Gabriel\Downloads\Setup.X86.de-DE_O365ProPlusRetail_71a9fdd8-54cf-4eee-9768-1d64430e3282_TX_PR_b_32_.exe 2016-03-08 12:00 - 2016-03-08 12:01 - 00318194 _____ C:\Users\Gabriel\Downloads\12540.pdf 2016-03-07 18:03 - 2016-03-07 18:18 - 00243786 _____ C:\TDSSKiller.3.1.0.9_07.03.2016_18.03.39_log.txt 2016-03-07 18:01 - 2016-03-10 00:22 - 00000000 ____D C:\FRST 2016-03-07 18:00 - 2016-03-07 18:00 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Gabriel\Desktop\tdsskiller.exe 2016-03-07 16:34 - 2016-03-07 16:34 - 02949383 _____ C:\Users\Gabriel\Downloads\Dateiordner_Allgemeiner_Dateiordner.zip 2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\Program Files\iTunes 2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\Program Files\iPod 2016-03-07 14:14 - 2016-03-07 14:14 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-03-06 21:56 - 2016-03-06 21:56 - 01609216 _____ (Malwarebytes) C:\Users\Gabriel\Desktop\JRT.exe 2016-03-06 21:55 - 2016-03-06 21:55 - 02374144 _____ (Farbar) C:\Users\Gabriel\Desktop\FRST64.exe 2016-03-06 20:59 - 2016-03-10 00:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-03-06 20:58 - 2016-03-06 20:58 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-03-06 20:58 - 2016-03-06 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-03-06 20:58 - 2016-03-06 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-06 20:58 - 2016-03-06 20:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-03-06 20:58 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-03-06 20:58 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-03-06 20:58 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-03-06 20:53 - 2016-03-06 20:53 - 22908888 _____ (Malwarebytes ) C:\Users\Gabriel\Downloads\mbam-setup-2.2.0.1024.exe 2016-03-06 11:46 - 2016-03-06 11:46 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\UltraMixer4 2016-03-06 11:45 - 2016-03-06 11:46 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\UltraMixer5 2016-03-06 11:45 - 2016-03-06 11:45 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\AMD 2016-03-06 11:45 - 2016-03-06 11:45 - 00000000 ____D C:\Users\Gabriel\.oracle_jre_usage 2016-03-06 11:43 - 2016-03-06 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMixer5 2016-03-06 11:42 - 2016-03-06 11:43 - 00000000 ____D C:\Program Files\UltraMixer5 2016-03-06 11:24 - 2016-03-06 11:24 - 00000000 ____D C:\Users\Gabriel\AppData\Local\MediaMonkey 2016-03-04 17:24 - 2016-03-04 17:24 - 00000000 ____D C:\Users\Gabriel\AppData\Local\MaxRecorder 2016-03-04 17:24 - 2016-03-04 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder 2016-03-04 17:24 - 2016-03-04 17:24 - 00000000 ____D C:\Program Files (x86)\Max Recorder 2016-03-04 16:04 - 2016-03-06 11:13 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Spotify 2016-03-04 16:04 - 2016-03-04 16:04 - 00001803 _____ C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-03-04 16:03 - 2016-03-06 11:13 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Spotify 2016-03-02 22:59 - 2016-03-02 22:59 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\library_dir 2016-03-02 22:59 - 2016-03-02 22:59 - 00000000 ____D C:\ProgramData\ATI 2016-03-02 22:58 - 2016-03-03 00:13 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Raptr 2016-03-02 22:58 - 2016-03-03 00:12 - 00000000 ____D C:\Program Files (x86)\Raptr 2016-03-02 22:58 - 2016-03-02 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2016-03-02 22:58 - 2016-03-02 22:58 - 00000000 ____D C:\Program Files (x86)\AMD 2016-03-02 22:56 - 2016-03-02 22:57 - 00000000 ____D C:\Program Files\AMD 2016-03-02 21:06 - 2016-03-02 21:06 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Kryptotel_fz_llc 2016-03-02 20:46 - 2016-03-09 23:58 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2016-03-02 16:33 - 2016-03-02 16:33 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Activision 2016-02-28 05:01 - 2016-02-28 05:01 - 00635120 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll 2016-02-28 05:01 - 2016-02-28 05:01 - 00439536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll 2016-02-28 05:01 - 2016-02-28 05:01 - 00390408 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll 2016-02-28 05:01 - 2016-02-28 05:01 - 00333080 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll 2016-02-28 05:01 - 2016-02-28 05:01 - 00267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll 2016-02-28 05:01 - 2016-02-28 05:01 - 00243480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll 2016-02-28 05:01 - 2016-02-28 05:01 - 00088816 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll 2016-02-28 05:01 - 2016-02-28 05:01 - 00085232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll 2016-02-25 20:41 - 2016-02-25 20:49 - 00000000 ____D C:\Users\Gabriel\AppData\Local\BetterDS3 2016-02-25 20:23 - 2016-03-02 23:57 - 00000000 ____D C:\Windows\Minidump 2016-02-25 20:22 - 2016-02-25 20:22 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\MotioninJoy 2016-02-25 20:22 - 2016-02-25 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy 2016-02-25 20:22 - 2016-02-25 20:22 - 00000000 ____D C:\Program Files\MotioninJoy 2016-02-25 20:22 - 2011-12-07 19:42 - 00328712 _____ (Logitech Inc.) C:\Windows\system32\MijFrc.dll 2016-02-25 19:48 - 2016-02-25 22:13 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Unity 2016-02-25 19:48 - 2016-02-25 19:48 - 00000000 ____D C:\Users\Gabriel\AppData\LocalLow\Unity 2016-02-17 22:42 - 2015-11-12 11:51 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys 2016-02-17 22:41 - 2016-03-08 11:49 - 00000000 ____D C:\Users\Gabriel\AppData\Local\LogMeIn Hamachi 2016-02-17 22:41 - 2016-02-17 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2016-02-17 22:41 - 2016-02-17 22:41 - 00000000 ____D C:\Users\Gabriel\AppData\Local\LogMeIn 2016-02-17 22:41 - 2016-02-17 22:41 - 00000000 ____D C:\ProgramData\LogMeIn 2016-02-17 22:41 - 2016-02-17 22:41 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2016-02-17 20:28 - 2016-02-21 21:01 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Hero_Siege 2016-02-17 18:59 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2016-02-17 18:59 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2016-02-17 18:59 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2016-02-17 18:59 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2016-02-17 18:59 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2016-02-17 18:59 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-02-17 18:59 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2016-02-17 18:59 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2016-02-16 19:23 - 2016-02-16 19:23 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\MW2 FoV Changer 2016-02-16 19:12 - 2016-02-17 16:18 - 00000000 ____D C:\Program Files (x86)\MW2CU 2016-02-11 12:14 - 2016-02-11 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-02-11 12:13 - 2016-02-11 12:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-02-11 12:13 - 2016-02-11 12:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-02-11 12:08 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2016-02-11 12:08 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2016-02-11 12:07 - 2015-12-16 19:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2016-02-11 12:07 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll 2016-02-11 12:07 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL 2016-02-11 12:07 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL 2016-02-11 12:07 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL 2016-02-11 12:07 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll 2016-02-11 12:07 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL 2016-02-11 12:07 - 2015-12-16 19:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll 2016-02-10 13:59 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-02-10 13:59 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-02-10 13:59 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-02-10 13:59 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-02-10 13:59 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-02-10 13:59 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-02-10 13:59 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-02-10 13:59 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-02-10 13:59 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-02-10 13:59 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-02-10 13:59 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-02-10 13:59 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-02-10 13:59 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-02-10 13:59 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-02-10 13:59 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-02-10 13:59 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-02-10 13:59 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-02-10 13:59 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-02-10 13:59 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-02-10 13:59 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-02-10 13:59 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-02-10 13:59 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-02-10 13:59 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-02-10 13:59 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-02-10 13:59 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-02-10 13:59 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-02-10 13:59 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-02-10 13:59 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-02-10 13:59 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-02-10 13:59 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-02-10 13:59 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-02-10 13:59 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-02-10 13:59 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-02-10 13:59 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-02-10 13:59 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-02-10 13:59 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-02-10 13:59 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-02-10 13:59 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-02-10 13:59 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-02-10 13:59 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-02-10 13:59 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-02-10 13:59 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-02-10 13:59 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-02-10 13:59 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-02-10 13:59 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-02-10 13:59 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-02-10 13:59 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-02-10 13:59 - 2016-01-16 20:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-02-10 13:59 - 2016-01-16 19:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-02-10 13:59 - 2016-01-11 15:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-02-10 13:59 - 2016-01-11 15:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-02-10 13:59 - 2016-01-11 15:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-02-10 13:59 - 2016-01-11 15:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-02-10 13:59 - 2016-01-11 15:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-02-10 13:59 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-02-10 13:59 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2016-02-10 13:58 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-02-10 13:58 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-02-10 13:58 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-02-10 13:58 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-02-10 13:58 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-02-10 13:58 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-02-10 13:58 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-02-10 13:58 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-02-10 13:58 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2016-02-10 13:58 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2016-02-10 13:58 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-02-10 13:58 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-02-10 13:58 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2016-02-10 13:58 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2016-02-10 13:58 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-02-10 13:58 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-02-10 13:58 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-02-10 13:58 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-02-10 13:58 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-02-10 13:58 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-02-10 13:58 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-02-10 13:58 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-02-10 13:58 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-02-10 13:58 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-02-10 13:58 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-02-10 13:58 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-02-10 13:58 - 2016-01-11 20:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-02-10 13:58 - 2016-01-11 20:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-02-10 13:58 - 2016-01-11 20:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-02-10 13:58 - 2016-01-11 19:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-02-10 13:58 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-02-10 13:58 - 2016-01-11 19:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-02-10 13:58 - 2016-01-11 19:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-02-10 13:58 - 2016-01-11 19:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-02-10 13:58 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-02-10 13:58 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-02-10 13:58 - 2016-01-11 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-02-10 13:58 - 2016-01-11 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-02-10 13:58 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-02-10 13:58 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-02-10 13:58 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-02-10 13:58 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-02-10 13:58 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-02-10 13:58 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-02-10 13:58 - 2015-12-20 19:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-02-10 13:58 - 2015-12-20 19:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2016-02-10 13:58 - 2015-12-20 15:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-02-10 13:57 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-02-10 13:57 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-02-10 13:57 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-02-10 13:57 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-02-10 13:57 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-02-10 13:57 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-02-10 13:57 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-02-10 13:57 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-02-10 13:57 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-02-10 13:57 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-02-10 13:57 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-02-10 13:57 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-02-10 13:57 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-02-10 13:57 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-02-10 13:57 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-02-10 13:57 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-02-10 13:57 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-02-10 13:57 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-02-10 13:57 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-02-10 13:57 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-02-10 13:57 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-02-10 13:57 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-02-10 13:57 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-02-10 13:57 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-02-10 13:57 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-02-10 13:57 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-02-10 13:57 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-02-10 13:57 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-02-10 13:57 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-02-10 13:57 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-02-10 13:57 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-02-10 13:57 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-02-10 13:57 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-02-10 13:57 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-02-10 13:57 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-02-10 13:57 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-02-10 13:57 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-02-10 13:57 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-02-10 13:57 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-02-10 13:57 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-02-10 13:57 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-02-10 13:57 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-02-10 13:57 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-02-10 13:57 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-02-10 13:57 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-02-10 13:57 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 13:57 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-02-09 23:55 - 2016-02-09 23:55 - 00000000 ____D C:\Windows\SysWOW64\IPM ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-10 00:22 - 2014-10-14 20:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-10 00:18 - 2014-11-02 13:10 - 00000000 ___RD C:\Users\Gabriel\OneDrive 2016-03-10 00:13 - 2015-11-19 12:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-03-10 00:06 - 2011-04-12 08:43 - 00702064 _____ C:\Windows\system32\perfh007.dat 2016-03-10 00:06 - 2011-04-12 08:43 - 00150698 _____ C:\Windows\system32\perfc007.dat 2016-03-10 00:06 - 2009-07-14 06:13 - 01627626 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-10 00:06 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-03-10 00:06 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-03-10 00:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-03-09 23:58 - 2015-10-19 19:09 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS 2016-03-09 23:58 - 2014-10-14 23:24 - 00000000 ____D C:\ProgramData\VMware 2016-03-09 23:58 - 2014-10-14 20:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-09 23:58 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-09 23:51 - 2014-10-14 22:43 - 00000000 ____D C:\Users\Gabriel\Tools 2016-03-09 23:49 - 2014-10-15 11:39 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Skype 2016-03-09 13:36 - 2015-04-11 10:47 - 00000000 ____D C:\Users\Gabriel\AppData\Local\CrashDumps 2016-03-09 13:11 - 2014-10-18 18:44 - 00000000 ___RD C:\Users\Gabriel\Documents\Scanned Documents 2016-03-09 11:04 - 2014-10-15 11:05 - 00000000 ____D C:\Program Files\Microsoft Office 2016-03-09 10:48 - 2009-07-14 05:45 - 00514768 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-08 13:05 - 2014-10-14 19:37 - 00151088 _____ C:\Users\Gabriel\AppData\Local\GDIPFONTCACHEV1.DAT 2016-03-08 13:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-03-08 12:14 - 2011-04-12 08:55 - 00000000 ____D C:\Windows\ShellNew 2016-03-08 12:12 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini 2016-03-07 16:00 - 2014-11-19 23:33 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\vlc 2016-03-07 14:14 - 2014-11-30 16:48 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-03-07 00:03 - 2016-01-05 12:33 - 00000000 ____D C:\Program Files (x86)\Steam 2016-03-06 20:13 - 2014-10-11 18:46 - 00000000 ____D C:\AdwCleaner 2016-03-06 16:40 - 2016-02-06 19:46 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\MediaMonkey 2016-03-06 11:45 - 2014-10-14 18:45 - 00000000 ____D C:\Users\Gabriel 2016-03-06 11:19 - 2014-12-29 20:36 - 00000000 ____D C:\Program Files (x86)\Warcraft III 2016-03-02 23:59 - 2015-01-06 22:09 - 00000000 ____D C:\Users\Gabriel\Documents\My Games 2016-03-02 22:57 - 2014-10-14 21:51 - 00000000 ____D C:\Program Files\ATI Technologies 2016-03-02 22:57 - 2014-10-14 20:13 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-02 22:55 - 2014-10-09 17:49 - 00000000 ____D C:\AMD 2016-03-02 22:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing 2016-03-01 21:57 - 2015-04-28 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2016-03-01 21:57 - 2015-04-28 21:57 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2 2016-03-01 21:55 - 2015-04-28 21:56 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Downloaded Installations 2016-03-01 13:00 - 2014-10-14 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-02-28 01:35 - 2015-04-07 15:17 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-02-28 01:35 - 2015-04-07 15:17 - 00000000 ___SD C:\Windows\system32\GWX 2016-02-20 12:24 - 2014-10-14 20:03 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-18 11:27 - 2014-10-14 22:25 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2016-02-18 11:16 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-02-17 20:37 - 2014-10-15 11:39 - 00000000 ____D C:\ProgramData\Skype 2016-02-17 07:31 - 2016-01-12 22:26 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-16 14:25 - 2015-12-28 19:21 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Amazon Music 2016-02-14 17:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-02-13 11:14 - 2015-07-10 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom 2016-02-13 11:14 - 2014-12-25 21:55 - 00000000 ____D C:\Program Files (x86)\OkayFreedom 2016-02-11 23:58 - 2014-11-02 13:10 - 00002184 _____ C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-02-11 15:08 - 2014-12-25 21:56 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Steganos VPN 2016-02-11 13:00 - 2014-10-14 21:54 - 01601906 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-02-11 11:37 - 2014-12-12 09:48 - 00000000 ____D C:\Windows\system32\appraiser 2016-02-11 11:37 - 2014-10-16 15:11 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-02-11 11:21 - 2014-10-18 11:11 - 00000000 ____D C:\Windows\system32\MRT 2016-02-11 11:09 - 2014-10-18 11:11 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-02-09 22:13 - 2015-11-19 12:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-02-09 22:13 - 2014-10-21 21:20 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-02-09 22:13 - 2014-10-21 21:20 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-07-22 14:51 - 2015-07-22 14:51 - 0159200 ____T () C:\Users\Gabriel\AppData\Roaming\CrashRpt1402.dll 2015-09-09 00:33 - 2015-09-09 11:51 - 0007597 _____ () C:\Users\Gabriel\AppData\Local\Resmon.ResmonCfg 2015-06-08 21:29 - 2015-06-08 21:30 - 0000000 _____ () C:\Users\Gabriel\AppData\Local\{B7EE9282-17A0-494E-AB5C-97B2FE8262F4} Einige Dateien in TEMP: ==================== C:\Users\Gabriel\AppData\Local\Temp\avgnt.exe C:\Users\Gabriel\AppData\Local\Temp\jpathwatch-nativelib-v-0-94-jpathwatch-native.dll C:\Users\Gabriel\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-03-09 12:19 ==================== Ende von FRST.txt ============================ |
|
10.03.2016, 00:24
| #13 |
| | Addition.txtCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Gabriel (2016-03-10 00:22:32)
Gestartet von C:\Users\Gabriel\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-10-14 17:45:10)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3980449854-420695129-2575981882-500 - Administrator - Disabled)
Gabriel (S-1-5-21-3980449854-420695129-2575981882-1000 - Administrator - Enabled) => C:\Users\Gabriel
Gast (S-1-5-21-3980449854-420695129-2575981882-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3980449854-420695129-2575981882-1002 - Limited - Enabled)
___VMware_Conv_SA___ (S-1-5-21-3980449854-420695129-2575981882-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Skybox Labs)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
Amazon Music (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Amazon Amazon Music) (Version: 4.1.0.1229 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 4.1.0.1229 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.141 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ElcomPDF (HKLM\...\ElcomPDF) (Version: - )
Foiled (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Foiled) (Version: - )
Foiled (HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Foiled) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hager (HKLM-x32\...\ZPlan21) (Version: - )
Hager prerequisites (HKLM-x32\...\{98C64AD3-6A1D-4737-9ED8-06A73741550C}) (Version: 1.00.0000 - hager)
Hager prerequisites (HKLM-x32\...\{EB733D93-1923-4F2E-97D1-125AAA8DD59D}) (Version: 1.00.0000 - hager)
Hero Siege (HKLM-x32\...\Steam App 269210) (Version: - Elias Viglione)
HP Connection Manager (HKLM-x32\...\{C0ED9561-8312-457C-BB1B-BDC7EE034CED}) (Version: 4.7.4.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{57FA60DA-585F-456A-B80E-17D1CDD22A30}) (Version: 5.0.27.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{682FBA83-2CCA-4CFA-A08A-6767DAB2FC9C}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.2.1213 - Hewlett-Packard Company)
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Max Recorder (HKLM-x32\...\Max Recorder) (Version: 2.006.0.0 - Silver Vine, LLC)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6568.2036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\OneDriveSetup.exe) (Version: 17.3.6301.0127 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.6301.0127 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.6.3 - Steganos Software GmbH)
OpenSC (HKLM-x32\...\{0707CEBF-DD03-4042-B2AF-F48F0DFF6A53}) (Version: 0.13.0.0 - OpenSC Project)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
RAPID Mode (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.2.2 - SAMSUNG Electronics Co., Ltd.)
SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{69F300CB-D6BF-41DD-B7CC-983BAFF4EE15}) (Version: 3.1.15602.22612 - Skype Technologies S.A.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3980449854-420695129-2575981882-1000\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Spotify (HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UltraMixer 5.1.1 (HKLM\...\{272e17ad-75e3-4a72-bee8-45e5e927920f}_is1) (Version: 5.1.1 - UltraMixer Digital Audio Solutions)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VirtualDJ 8 (HKLM-x32\...\{6B8D3A67-346D-410E-81D2-3BFE228D263D}) (Version: 8.1.2587.0 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware vCenter Converter Standalone (HKLM-x32\...\{17C3235A-A4B9-44ED-8794-54D8408F9733}) (Version: 5.1.1.1890470 - VMware, Inc.)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.3 - VMware, Inc)
VMware Workstation (Version: 10.0.3 - VMware, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows-Treiberpaket - XIRING (xiringcciddrv3) SmartCardReader (06/29/2012 3.0.0.3) (HKLM\...\CC5816C152375AF188FA880B1B39AA2B1245E122) (Version: 06/29/2012 3.0.0.3 - XIRING)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3980449854-420695129-2575981882-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3980449854-420695129-2575981882-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E1C33D2-FA5A-438C-9255-3333ED5C2027} - System32\Tasks\{30D93048-8DD3-4E08-A791-F21748378FD1} => pcalua.exe -a C:\Users\Gabriel\Downloads\sp60775.exe -d C:\Users\Gabriel\Downloads
Task: {20EE9B8D-4B86-45AE-9B44-0CF32C15E287} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3980449854-420695129-2575981882-1000
Task: {2B818B35-1AF3-4198-AF12-85ECEEA7942D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {525ADF54-93B7-455C-8F4B-B3AAF73E6B20} - System32\Tasks\{D022BC08-F7C4-4A40-AB58-F701B2077139} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{FE041B02-234C-4AAA-9511-80DF6482A458}\Setup.exe" -c -runfromtemp -l0x0007 anything -removeonly
Task: {5455FBDA-C13B-441A-8640-1BDE4BEC042A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-03-08] (Microsoft Corporation)
Task: {55931D52-303B-4875-84DE-837E84D926DD} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-10-15] ()
Task: {55E35628-895A-497E-8367-C7DF9139DCBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {683BBF82-5582-4209-86DE-1C78FD8D87E2} - System32\Tasks\{ADBCDE11-73EF-4E97-8823-6282628B908F} => pcalua.exe -a C:\Users\Gabriel\Downloads\JLUPruefeChipkarte.exe -d C:\Users\Gabriel\Downloads
Task: {75090E95-D6EB-4187-BD1B-0A0119E8BCFE} - System32\Tasks\{A127F928-3218-4584-8AED-62BD0FD4B3FA} => C:\The Games Page\Gunner 3\gunner3.exe [2000-11-04] (Clickteam)
Task: {8BD9843E-C2D6-438F-83C1-7DA2EF7C17B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-03-08] (Microsoft Corporation)
Task: {9FB00720-67C6-4746-8450-CCEF4E505E90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A8F356BF-120A-46FB-8EC3-A48712BACDEA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {AD3A2732-7A99-431E-8D3C-4876FFC28F85} - System32\Tasks\{83300497-BB56-431B-8B2E-5AA86C038B68} => C:\Users\Gabriel\Downloads\OfficeDC.1.33.exe
Task: {AE4E012A-BDA5-4C9B-96FC-B743A479E174} - System32\Tasks\{EB8BD2C2-A141-43ED-ACAA-5B72BF8BCC86} => C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
Task: {C0744401-F414-4668-B068-EE666BD23471} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {C2E1AC57-8D74-4A37-A7F8-EF99B455D7C6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {C33CDC8F-AB43-46EF-945E-7DF89004BBF3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-03-08] (Microsoft Corporation)
Task: {C376D878-4F2F-4C0B-9197-E0B476335ACA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {CBC28C97-36BB-482A-990E-AC0057AEBA45} - System32\Tasks\{3E33D226-F5A1-40BF-94E3-835631EB3EDB} => C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
Task: {CF425B62-2E2D-48E3-9FDC-0DC130270817} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D4419160-71B7-417C-B9FC-8840DA06E777} - System32\Tasks\{47DA8770-DB3F-49CE-B1A1-7A999E23C9D8} => C:\The Games Page\Gunner 3\gunner3.exe [2000-11-04] (Clickteam)
Task: {D814A807-A0FB-4099-97F1-85C7AD42A6C9} - System32\Tasks\{36A09DAE-4309-4F49-B1FA-476689651A43} => pcalua.exe -a C:\Users\Gabriel\Downloads\sp66402.exe -d C:\Users\Gabriel\Downloads
Task: {DB59D9B8-F946-4197-9A33-601C859458F7} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-11-06] (Samsung Electronics.)
Task: {F540DB13-6D4E-4500-AFF5-CF42588797DB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)
Task: {FCB33D48-5900-4EED-A617-A1222491AE75} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {FF8F448D-2462-423B-846B-DDDE64D4C967} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-01-17 16:57 - 2012-01-17 16:57 - 00298368 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-10-12 00:55 - 2011-10-12 00:55 - 00213328 _____ () C:\Windows\system32\PassThroughOTP.dll
2015-03-08 18:40 - 2008-07-19 15:26 - 00087040 _____ () C:\Windows\System32\custmon64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-08 12:18 - 2016-02-28 02:20 - 00173248 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2014-06-12 16:44 - 2014-06-12 16:44 - 14407384 _____ () C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-02-10 13:26 - 2012-02-10 13:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2013-10-10 22:48 - 2013-10-10 22:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-10-14 20:25 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-14 20:25 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-14 20:25 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-14 20:25 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-14 20:25 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-06-10 19:56 - 2014-06-10 19:56 - 00086744 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\mspack.dll
2014-06-10 19:55 - 2014-06-10 19:55 - 01297624 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\libxml2.dll
2014-06-10 19:54 - 2014-06-10 19:54 - 00542936 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\sqlite3.dll
2014-06-12 17:22 - 2014-06-12 17:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2014-10-14 23:18 - 00450709 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15461 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3980449854-420695129-2575981882-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3980449854-420695129-2575981882-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Amazon Music => "C:\Users\Gabriel\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: SamsungRapidApp => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Gabriel\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Gabriel\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Player\vmware-tray.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BD889D3D-A690-49B3-AA2E-D8ADCBA53300}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{ECE1A4AF-907D-4B2B-A44C-42494757D425}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4C0D6FAD-A54E-4847-8D7C-C75AAAA9AB33}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CF20E5F0-6707-4CDF-9220-D05C1FBA4DEB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{30C11337-998C-4BF2-85F3-710ADF0413AF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{A588E33A-723A-4506-A183-1236643A1AB3}H:\call of duty modern warfare 2 lanserver\iw4mp.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [UDP Query User{479F72ED-ADA8-4124-BA78-5F02C1754392}H:\call of duty modern warfare 2 lanserver\iw4mp.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [{146785B4-2FD5-4D6D-81C3-536E4157CDAC}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [{93A0B2BF-0217-4781-A12C-D67F117C83D4}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.exe
FirewallRules: [TCP Query User{863D9770-572F-4C1E-BE98-94C022CDEAD9}H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [UDP Query User{74108909-43E8-4A91-92E2-C8015C97902E}H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe] => (Allow) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [{B8AC803E-53C3-44C5-8B88-77796C2254DD}] => (Block) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [{71630EED-E6EE-4FD9-A294-A729DBF2040A}] => (Block) H:\call of duty modern warfare 2 lanserver\iwnetserver\iwnetserver.exe
FirewallRules: [TCP Query User{35618C5C-F8A3-4A15-A1F9-0EA3536F1624}H:\call of duty modern warfare 2 lanserver\iw4mp.dat] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [UDP Query User{FED1F4EB-5A18-41E9-9598-0517488D3388}H:\call of duty modern warfare 2 lanserver\iw4mp.dat] => (Allow) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [{F626EE4D-4BBC-466F-B55F-936D086F1FCF}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [{BA97A5D3-8DC9-479E-A4EC-81DCB5D74B71}] => (Block) H:\call of duty modern warfare 2 lanserver\iw4mp.dat
FirewallRules: [{00778EFF-14CA-4D0E-A141-A6EFEF2BA262}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{7E2189A5-498F-4047-915E-BEACCEF6A65D}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{17E5BB5B-9E4A-425D-9117-6BB76BB6BAD5}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
FirewallRules: [{8E94A732-40D8-4C1A-BAE9-839A03F834E4}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
FirewallRules: [{1A57E7C0-22CE-4B04-AF33-E21EDA78C5A6}] => (Allow) LPort=9089
FirewallRules: [{0B865921-0DE7-4F62-8DE0-7500885E341A}] => (Allow) LPort=56789
FirewallRules: [{124A0744-198D-41F7-B3CF-AF9CE4BBB5FB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C27638A-0B97-4C8B-91D5-FCDE2ED59314}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{241298C7-5B03-481E-81F3-A712E57D7407}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{07D87E29-691E-4C5C-9756-9FF92DEBA380}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4C3C541F-2496-44B1-9950-AC60FC64648D}] => (Allow) C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\SkypeWebPlugin.exe
FirewallRules: [{143F0BBE-F991-40A1-B55F-422C4FBA73DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FA773BE8-D4FA-4FDA-BB7D-9AEB1E211118}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE263E50-6FA8-479D-872E-D2F60673A7E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{552C7D46-C458-4406-9678-9C9158F35F45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{C5C69819-8614-4EDE-86AB-45016436752E}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{D4769BE2-ED0C-4485-9B3E-97CC8E1C33AF}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{9CF6E971-6D88-44DD-936D-90D456BDA7C7}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{9B6C0EE3-3793-4B72-9246-294113C601DD}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{00DB28AD-62F9-46AD-81FD-9AB8DBA00E8D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14B14F2F-E995-4B7B-8F43-496D75BBAABA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF1DBBC4-6C4F-46EB-AA3F-67EDF8246DFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{277E9E08-BC4D-46B3-AB30-F484BD2717B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CD80537A-F693-48DF-B7C9-F4CBA03C60BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DD641276-B854-4F67-9C30-E6E8D9DA6045}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C365DE2C-7E09-4C40-8B80-1A1AF5993AAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{191F760E-3CA6-4001-9A26-85893F834538}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{049D3184-88F2-497B-A458-877FE4683D55}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{6BA1621D-C2B5-41EA-A063-83AC91199F7E}C:\elcom\zplan21\apps\rteng9.exe] => (Allow) C:\elcom\zplan21\apps\rteng9.exe
FirewallRules: [UDP Query User{08D20B19-7A32-4C10-9EFC-34913850CF10}C:\elcom\zplan21\apps\rteng9.exe] => (Allow) C:\elcom\zplan21\apps\rteng9.exe
FirewallRules: [{8874AED5-87AD-410A-A6AA-44CF7014F41D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{638B5C96-B087-40DB-B542-EC4A0737610A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{40222547-33EE-41C0-9D3F-3758D995E7B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2E2F1418-7077-4442-B361-EAC7C5691D4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2087A9F4-2BF7-4DE7-83BB-3E28BC70FC59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{930565A8-D500-4D26-ADC0-96D7C702BABC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{6E40B288-3D78-4D87-8059-844FF6817FED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{4AE6992B-7C19-42F9-A6A1-3B92C801B2E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{FC87BD8E-CADB-4F6C-BF24-E1631BFC7B07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{DBE7445C-3C8A-4DBB-9790-187A699D6F08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{E2142C34-AE82-472A-80E6-4574D18A98EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{9727ACC0-A829-4E18-8F05-E4B1FE581658}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{4C92B497-66FA-4520-9159-D15320712A97}] => (Allow) C:\Users\Gabriel\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
FirewallRules: [{6C27D0BF-DDB8-4810-9178-58819DCDCD14}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{49D5A6D9-A3C6-483B-9826-5443DB6A903F}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{4B3EEF91-2386-4316-ACE4-2EC7CF5AFAC8}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{5B6D0EA0-537A-446D-89B4-DC8A9142F04F}] => (Allow) H:\GabrielDaten2015\Saved Games\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{9A718AE9-3C12-42C0-AC28-59F02B98F10C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5204B4D7-1F41-4836-8495-6F2D79C9418C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{E7FEE871-2757-463F-AE3B-61A1E49AA77B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{DF72E38F-1846-426A-A670-6420676FF3D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{156169AA-0A8B-4518-B4B2-4BC4C112CBCB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{7F976C0A-A97A-4A81-9F71-7B16EB4B03BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{9E374EB6-9408-446B-804B-6751CA136B9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{A39878E4-1020-4B64-A4A4-717EFAE1AD40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{414CBCDC-BEA1-421E-9B24-D54F9D3130E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{C036A278-BA22-423B-882B-BB2237AE4354}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{57174513-1B1C-4FF7-9449-754E3046842B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A1F48AA9-A2F5-4E39-A2FD-C27197274403}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{E003C2D1-C34E-4E00-8994-02A5ED0B7777}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3D0B99CC-501F-4E0D-8E63-30566A67E863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{0D3A9B0F-826C-4487-998A-36886B4F3BBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{DC211AE0-E468-47C8-9935-5A3CE61DD515}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{64A345C3-B2D2-4EF1-B70C-9F4D9F95C87B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [TCP Query User{9853A361-1588-447E-A515-8F11FCA9FE09}C:\users\gabriel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gabriel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{53EA0294-74CB-487E-B186-283D8CA0C191}C:\users\gabriel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gabriel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E85A1E67-9DA1-41F5-8A25-F1C261727C56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{126902C4-08B1-4B84-BFC8-968A674302FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [TCP Query User{6169CF1D-35A4-427A-B572-494EEF1C14D5}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{EBE417A8-5F4C-4F8D-B0C1-B6EDEB3D59C8}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{AFD4042E-D673-4EB1-B304-C05BB4A59960}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{074B930C-8949-430F-BE09-A03306FC8060}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6A47780D-97EE-4C3D-A55A-AA4579C9984A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5096D0FC-F133-482B-A8FD-22FC368001E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4B49AB1E-ACFE-461D-9AFE-C779013535D7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{1861C06B-5931-403C-B205-241B5A776CA2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
==================== Wiederherstellungspunkte =========================
07-03-2016 13:07:03 Removed Windows Phone app for desktop
08-03-2016 12:11:56 Removed Microsoft Office Language Pack 2013 - German/Deutsch
08-03-2016 12:12:02 OMUI.DE-DE
08-03-2016 12:12:56 Removed Microsoft Office Professional Plus 2013
08-03-2016 12:13:01 PROPLUSR
08-03-2016 12:51:49 Entfernt Call of Duty(R) 4 - Modern Warfare(TM)
10-03-2016 00:18:13 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/09/2016 11:58:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/09/2016 11:36:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/09/2016 01:36:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.19135, Zeitstempel: 0x56a1c9c5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000183ed
ID des fehlerhaften Prozesses: 0x8f8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (03/09/2016 10:49:59 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (03/09/2016 10:49:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2016 12:26:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2016 12:16:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2016 11:10:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/07/2016 10:08:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/06/2016 07:49:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7035
Systemfehler:
=============
Error: (03/09/2016 11:57:58 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (03/09/2016 11:57:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/09/2016 11:57:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Power Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/09/2016 11:57:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/09/2016 11:57:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Software Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/09/2016 11:57:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/09/2016 11:57:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/09/2016 11:57:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware Workstation Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/09/2016 11:57:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VMware Authorization Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/09/2016 11:57:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 8123.56 MB
Verfügbarer physikalischer RAM: 4600.88 MB
Summe virtueller Speicher: 8321.77 MB
Verfügbarer virtueller Speicher: 4534.79 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:216.63 GB) (Free:83.88 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.48 GB) (Free:0 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.55 GB) (Free:1.53 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E6D17E37)
Partition 1: (Active) - (Size=228 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=216.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1.6 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
10.03.2016, 06:58
| #14 | |
| /// TB-Ausbilder | Spam Nachricht an alle Skype Kontakte "http://bit.ly/21Dc6l3?dazjsugo=XXX" Servus, diesen Proxy-Server hast du bewusst/absichtlich gesetzt? Zitat:
|
|
10.03.2016, 09:31
| #15 |
| | Spam Nachricht an alle Skype Kontakte "http://bit.ly/21Dc6l3?dazjsugo=XXX" Hi, nein nicht wirklich. Das Programm hab ich bewusst installiert um in DE gesperrte Videos zu schauen. Ich wüsste nicht, dass ich einen Proxy Server gesetzt habe. |
|
| Themen zu Spam Nachricht an alle Skype Kontakte "http://bit.ly/21Dc6l3?dazjsugo=XXX" |
| account, aktualisiert, angeklickt, avira, erhalte, erhalten, erstelle, erstellen, gefunde, gemeinde, kontakte, liebe, link, links, nachricht, skype, spam, spamnachricht, spybot, thread, tools, verschicke, verschicken, windows, zwischen, Ähnliche |
Linear-Darstellung
