| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: WIN 7 Alle Berechtigungen verändert? Komische Dateien Gehackt?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
28.03.2016, 00:49
| #1 |
| |  WIN 7 Alle Berechtigungen verändert? Komische Dateien Gehackt? Hallo ich bin langsam am verzweifeln, es hat angefangen das ich auf einmal keine Berechtigungen mehr hatte zum öffnen von Dateien und Ordnern. Dann ist mein IE gesperrt. Dann mein Moz. ect, ect jetzt nachdem ich kaspersky andere diverse Programme drüber hab laufen lassen. Habe ich immer noch komische Ordner mit 7 Papierkörben usw. Nachdem ich langsam nicht mehr weiter komme. KANN mir bitte jemand weiterhelfen? Würde gerne wissen ob ich diesen Hacker zurückverfolgen kann. Ob es Spuren gibt. Ob er immer noch Zugriff hat welche Dateien infiziert sind. Ect. Bitte helft mir. |
|
28.03.2016, 01:04
| #2 |
| /// Malwareteam   |  WIN 7 Alle Berechtigungen verändert? Komische Dateien Gehackt? Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Schritt: 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt: 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
28.03.2016, 01:14
| #3 |
| | WIN 7 Alle Berechtigungen verändert? Komische Dateien Gehackt?Code:
ATTFilter ==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Users\Admin\Downloads\adwcleaner_5.106.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RAMDiskForWorkstations] => G:\SoftPerfect RAM Disk\RAMDiskWS.exe [3547856 2014-01-15] (SoftPerfect Research)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573720 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2000-01-01] (Intel Corporation)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [3725328 2015-10-15] (Simply Super Software)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [ApowersoftScreenRecorder] => G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe [3317400 2016-01-19] (Apowersoft)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [MultiSplitter] => C:\Program Files (x86)\MultiSplitter\multisplitter.exe [3561472 2015-02-26] ()
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\MountPoints2: {a881abfc-af15-11e5-9e9b-08606e6a4329} - F:\autorun.exe
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\MountPoints2: {ba37d240-a8c5-11e5-85b6-08606e6a4329} - F:\autorun.exe
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => Keine Datei
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => Keine Datei
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4947F9EA-F57E-4F84-A811-73C4B0F0DC57}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{6371C9D6-4404-412A-9B35-24D5D6F3746D}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-06] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-06] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\8kg0ugwq.default
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-24] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> G:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-01-30] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2014-01-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\8kg0ugwq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-26]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-19]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-19]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-19]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-19]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-19]
CHR Extension: (Google Tabellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-19]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-19]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-19]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-01-29] (SUPERAntiSpyware.com)
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-08] (Kaspersky Lab ZAO)
S2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2014-01-29] (Condusiv Technologies)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-28] (NVIDIA Corporation)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (Visicom Media Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-28] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-28] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-09] ()
S2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 CAMBOXDRV; C:\Windows\System32\DRIVERS\camboxdrv.sys [39472 2015-11-23] (Windows (R) Win 7 DDK provider)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25840 2014-01-29] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [118000 2014-01-29] (Condusiv Technologies)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-06-23] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-26] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-12-08] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-12-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934808 2016-03-26] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-08] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 muspvisr; C:\Windows\System32\DRIVERS\muspvisr.sys [121344 2015-02-16] (saveNtrust GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SPVDPort; C:\Windows\System32\DRIVERS\spvdbus.sys [92664 2014-01-15] ()
R1 SPVVEngine; C:\Windows\system32\Drivers\spvve.sys [342520 2014-01-15] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S1 4474777drv; system32\DRIVERS\4474777drv.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-28 02:12 - 2016-03-28 02:12 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\tdsskiller.exe
2016-03-28 01:52 - 2016-03-28 01:52 - 01538560 _____ C:\Users\Admin\Downloads\adwcleaner_5.106.exe
2016-03-28 00:44 - 2016-03-28 00:44 - 00000300 _____ C:\Users\Admin\Desktop\system123.reg
2016-03-27 23:14 - 2016-03-27 23:17 - 283348992 _____ C:\Users\Admin\Downloads\kav_rescue_10.iso
2016-03-27 23:10 - 2016-03-27 23:10 - 15258612 _____ C:\Users\Admin\Downloads\Rootkit_Remover_3022.zip
2016-03-27 23:09 - 2016-03-27 23:10 - 01475080 _____ C:\Users\Admin\Downloads\Bitdefender Rootkit Remover - CHIP-Installer.exe
2016-03-27 23:06 - 2016-03-27 23:07 - 00000000 ____D C:\Users\Admin\Pavark
2016-03-27 23:06 - 2007-07-24 10:27 - 00744853 _____ C:\Users\Admin\Desktop\PAVARK.exe
2016-03-27 23:04 - 2016-03-27 23:04 - 00066707 _____ C:\Users\Admin\Downloads\Addition.txt
2016-03-27 23:03 - 2016-03-28 02:12 - 00020609 _____ C:\Users\Admin\Downloads\FRST.txt
2016-03-27 23:03 - 2016-03-28 02:12 - 00000000 ____D C:\FRST
2016-03-27 23:02 - 2016-03-27 23:03 - 02374144 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2016-03-27 22:39 - 2016-03-27 21:27 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-223943.backup
2016-03-27 21:27 - 2016-03-27 19:45 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-212753.backup
2016-03-27 19:45 - 2016-03-27 19:27 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-194538.backup
2016-03-27 19:00 - 2016-03-27 12:22 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-190043.backup
2016-03-27 12:22 - 2014-11-13 17:33 - 00450713 _____ C:\Windows\system32\Drivers\etc\hosts.20160327-122233.backup
2016-03-27 11:47 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-03-27 11:45 - 2016-03-27 11:45 - 00001395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-03-27 11:45 - 2016-03-27 11:45 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-03-27 11:45 - 2016-03-27 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-03-27 11:45 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-03-26 21:25 - 2016-03-26 21:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-26 21:25 - 2016-03-26 21:25 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-26 21:25 - 2016-03-26 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-03-26 21:25 - 2016-03-26 21:25 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-03-26 21:25 - 2014-05-12 08:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-26 21:25 - 2014-05-12 08:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-26 21:25 - 2014-05-12 08:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2016-03-26 21:13 - 2016-03-26 21:14 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Admin\Downloads\spybot-2.4.exe
2016-03-26 20:52 - 2016-03-26 20:52 - 00002450 _____ C:\Users\Admin\Desktop\Sicherer Zahlungsverkehr.lnk
2016-03-26 20:52 - 2016-03-26 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-03-26 20:52 - 2016-03-26 20:51 - 00002140 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-03-26 20:51 - 2016-03-26 21:06 - 00934808 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-03-26 20:51 - 2016-03-26 20:51 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-03-26 20:51 - 2015-12-08 22:34 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-03-26 20:51 - 2015-12-08 22:34 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-03-26 20:51 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-03-26 20:39 - 2016-03-26 20:52 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-03-26 20:37 - 2016-03-26 20:39 - 163129864 _____ (Kaspersky Lab) C:\Users\Admin\Downloads\kis16.0.0.614abcdde_9991.exe
2016-03-26 20:34 - 2016-03-26 20:34 - 00000419 _____ C:\Users\Admin\Downloads\admhelper(1)
2016-03-26 20:34 - 2016-03-26 20:34 - 00000419 _____ C:\Users\Admin\Downloads\admhelper
2016-03-26 20:31 - 2016-03-27 19:30 - 00000000 ____D C:\Users\Admin\AppData\Local\Audible
2016-03-26 20:31 - 2016-03-26 20:31 - 00255352 _____ (Audible, Inc.) C:\Windows\SysWOW64\awrdscdc.ax
2016-03-26 20:31 - 2016-03-26 20:31 - 00000816 _____ C:\Users\CUCD\Desktop\Audible Manager.lnk
2016-03-26 20:31 - 2016-03-26 20:31 - 00000816 _____ C:\Users\Administrator\Desktop\Audible Manager.lnk
2016-03-26 20:31 - 2016-03-26 20:31 - 00000816 _____ C:\Users\Admin\Desktop\Audible Manager.lnk
2016-03-26 20:31 - 2016-03-26 20:31 - 00000000 ____D C:\Users\Public\Documents\Audible
2016-03-26 20:31 - 2016-03-26 20:31 - 00000000 ____D C:\Users\Admin\Documents\Audible
2016-03-26 20:31 - 2016-03-26 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
2016-03-26 20:31 - 2001-08-17 23:43 - 00024576 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2016-03-26 20:30 - 2016-03-26 20:30 - 01730272 _____ (Audible Inc.) C:\Users\Admin\Downloads\ActiveSetupN.exe
2016-03-26 20:30 - 2016-03-26 20:30 - 00000000 ____D C:\Users\Admin\Neuer Ordner
2016-03-23 17:45 - 2016-03-23 17:45 - 00331132 _____ C:\Users\Admin\Downloads\muster_kleinunternehmer.pdf
2016-03-23 03:44 - 2016-03-23 15:00 - 00000000 ____D C:\Users\Admin\Desktop\Neuer Ordner
2016-03-23 03:16 - 2016-03-23 03:16 - 01946484 _____ C:\Users\Admin\Downloads\Hearthstone-Heroes-of-Warcraft-Unlimited-Gold-and-More-Version-3.0.zip
2016-03-21 21:35 - 2016-03-27 22:35 - 00000000 ____D C:\Users\Admin\Desktop\KIK Arbeitszeitaufschreibung
2016-03-20 23:23 - 2016-03-20 23:23 - 00001090 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-03-20 23:23 - 2016-03-20 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-03-20 22:55 - 2016-03-20 22:55 - 20282936 _____ (Gameforge ) C:\Users\Admin\Downloads\Metin2_GameforgeLiveSetup.exe
2016-03-19 04:48 - 2016-03-19 19:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-16 21:49 - 2016-03-16 21:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\.mono
2016-03-16 21:49 - 2016-03-16 21:49 - 00000000 ____D C:\ProgramData\.mono
2016-03-16 21:48 - 2016-03-16 21:48 - 00001159 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2016-03-16 21:48 - 2016-03-16 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2016-03-16 21:43 - 2016-03-27 22:38 - 00000000 ____D C:\Users\Admin\AppData\Local\Battle.net
2016-03-16 21:43 - 2016-03-16 21:43 - 00001122 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-03-16 21:43 - 2016-03-16 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-03-16 21:42 - 2016-03-27 21:18 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-03-16 21:42 - 2016-03-16 23:19 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Battle.net
2016-03-16 21:00 - 2016-03-16 21:00 - 00070742 _____ C:\Users\Admin\Downloads\034095_13.pdf
2016-03-16 20:59 - 2016-03-16 20:59 - 00000269 _____ C:\Users\Admin\Downloads\Anlage_S_2013.xml
2016-03-09 11:13 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 11:13 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 11:13 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 11:13 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 11:13 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 11:13 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 11:13 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 11:13 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 11:13 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 11:13 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 11:13 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 11:13 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 11:13 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 11:13 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 11:13 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 11:13 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 11:13 - 2016-02-09 08:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 11:13 - 2016-02-09 08:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 11:13 - 2016-02-08 23:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 11:13 - 2016-02-08 22:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 11:13 - 2016-02-08 22:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 11:13 - 2016-02-08 22:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 11:13 - 2016-02-08 22:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 11:13 - 2016-02-08 22:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 11:13 - 2016-02-08 22:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 11:13 - 2016-02-08 22:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 11:13 - 2016-02-08 22:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 11:13 - 2016-02-08 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 11:13 - 2016-02-08 22:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 11:13 - 2016-02-08 22:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 11:13 - 2016-02-08 22:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 11:13 - 2016-02-08 22:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 11:13 - 2016-02-08 22:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 11:13 - 2016-02-08 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 11:13 - 2016-02-08 22:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 11:13 - 2016-02-08 22:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 11:13 - 2016-02-08 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 11:13 - 2016-02-08 22:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 11:13 - 2016-02-08 22:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 11:13 - 2016-02-08 22:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 11:13 - 2016-02-08 22:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 11:13 - 2016-02-08 22:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 11:13 - 2016-02-08 22:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 11:13 - 2016-02-08 22:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 11:13 - 2016-02-08 22:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 11:13 - 2016-02-08 22:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 11:13 - 2016-02-08 21:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 11:13 - 2016-02-08 21:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 11:13 - 2016-02-08 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 11:13 - 2016-02-08 20:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 11:13 - 2016-02-08 20:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 11:13 - 2016-02-08 20:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 11:13 - 2016-02-08 20:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 11:13 - 2016-02-08 20:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 11:13 - 2016-02-08 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 11:13 - 2016-02-08 20:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 11:13 - 2016-02-08 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 11:13 - 2016-02-08 20:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 11:13 - 2016-02-08 20:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 11:13 - 2016-02-08 20:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 11:13 - 2016-02-08 20:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 11:13 - 2016-02-08 20:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 11:13 - 2016-02-08 20:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 11:13 - 2016-02-08 20:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 11:13 - 2016-02-08 20:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 11:13 - 2016-02-08 20:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 11:13 - 2016-02-08 20:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 11:13 - 2016-02-08 19:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 11:13 - 2016-02-08 19:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 11:13 - 2016-02-08 19:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 11:13 - 2016-02-08 19:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 11:13 - 2016-02-08 19:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 11:13 - 2016-02-08 19:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 11:13 - 2016-02-08 19:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 11:13 - 2016-02-08 19:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 11:13 - 2016-02-08 19:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 11:13 - 2016-02-08 19:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 11:13 - 2016-02-08 19:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 11:13 - 2016-02-08 19:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 11:13 - 2016-02-08 19:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 11:13 - 2016-02-08 19:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 11:13 - 2016-02-08 18:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 11:13 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 11:13 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 11:13 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 11:13 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 11:13 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 11:13 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 11:13 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 11:13 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 11:12 - 2016-02-19 21:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 11:12 - 2016-02-19 20:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 11:12 - 2016-02-19 16:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 11:12 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 11:12 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 11:12 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 11:12 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 11:12 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 11:12 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 11:12 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 11:12 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 11:12 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 11:12 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 11:12 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 11:12 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 11:12 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 11:12 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 11:12 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 11:12 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 11:12 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 11:12 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 11:12 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 11:12 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 11:12 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 11:12 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 11:12 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 11:12 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 11:12 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 11:12 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 11:12 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 11:12 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 11:12 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 11:12 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 11:12 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 11:12 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 11:12 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 11:12 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 11:12 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 11:12 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 11:12 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 11:12 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 11:12 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 11:12 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 11:12 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 11:12 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 11:12 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 11:12 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 11:12 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 11:12 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 16:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 11:12 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 11:12 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 11:12 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 11:12 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 11:12 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 11:12 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 11:12 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 11:12 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 11:12 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 11:12 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 11:12 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 11:12 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 11:12 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 11:12 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 11:12 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 11:12 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 11:12 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 11:12 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 11:12 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 11:12 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 11:12 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 11:12 - 2016-02-05 16:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 11:12 - 2016-02-05 16:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 11:12 - 2016-02-05 16:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 11:12 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 11:12 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-08 23:19 - 2016-03-08 23:19 - 00091081 _____ C:\Users\Admin\Downloads\Rechnungsvorlage-von-Zervant.xlsx
2016-02-27 15:04 - 2016-02-27 15:04 - 00003231 _____ C:\Users\Admin\Desktop\Microsoft Outlook 2010.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-28 02:05 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-28 02:05 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-28 02:01 - 2014-01-13 23:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-28 01:57 - 2015-12-16 19:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
2016-03-28 01:54 - 2014-01-24 20:22 - 00000000 ____D C:\AdwCleaner
2016-03-28 01:37 - 2016-01-19 21:14 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-28 01:37 - 2016-01-19 21:14 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-28 01:11 - 2014-01-14 00:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-03-28 00:46 - 2011-04-12 09:43 - 00703792 _____ C:\Windows\system32\perfh007.dat
2016-03-28 00:46 - 2011-04-12 09:43 - 00150930 _____ C:\Windows\system32\perfc007.dat
2016-03-28 00:46 - 2009-07-14 07:13 - 01632006 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-28 00:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-03-28 00:41 - 2016-02-10 01:43 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\uTorrent
2016-03-28 00:41 - 2016-01-19 21:37 - 00000000 ____D C:\ProgramData\TEMP
2016-03-28 00:41 - 2014-01-14 00:48 - 00003510 _____ C:\Windows\System32\Tasks\AutoKMS
2016-03-28 00:40 - 2014-01-13 23:06 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-28 00:40 - 2009-07-14 07:08 - 00000378 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-28 00:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-27 23:17 - 2016-01-20 01:18 - 00000000 ____D C:\Program Files\CCleaner
2016-03-27 23:06 - 2014-11-13 17:18 - 00000000 ____D C:\Users\Admin
2016-03-27 22:40 - 2016-02-08 22:46 - 00241090 _____ C:\Windows\ntbtlog.txt
2016-03-27 22:39 - 2009-07-14 04:34 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-231717.backup
2016-03-27 22:05 - 2016-02-25 22:47 - 00000000 ____D C:\Users\Admin\Documents\Outlook-Dateien
2016-03-27 19:30 - 2015-04-21 19:15 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-03-27 19:00 - 2009-07-14 04:34 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-192714.backup
2016-03-27 12:59 - 2014-12-04 21:40 - 00003518 _____ C:\Windows\System32\Tasks\FileAdvisorCheck
2016-03-27 12:59 - 2014-12-04 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
2016-03-27 12:59 - 2014-12-04 21:40 - 00000000 ____D C:\Program Files (x86)\File Type Advisor
2016-03-27 11:47 - 2015-08-04 09:51 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-27 11:47 - 2014-01-14 00:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-27 11:45 - 2014-01-14 00:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-27 11:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-03-26 21:51 - 2015-10-15 04:17 - 00000000 ____D C:\Users\CUCD\Desktop\DRIVERrUpdate
2016-03-26 21:51 - 2014-07-10 21:39 - 00000000 ____D C:\Users\CUCD\AppData\Local\com
2016-03-26 21:19 - 2016-02-15 23:44 - 36408922 _____ C:\Users\Admin\Downloads\social-engineer-toolkit-master.part.zip
2016-03-26 21:14 - 2015-01-29 23:30 - 00000195 _____ C:\Windows\wininit.ini
2016-03-26 21:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-26 21:06 - 2015-06-06 09:51 - 00077728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2016-03-26 21:01 - 2016-01-19 21:15 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-26 21:01 - 2016-01-19 21:15 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-26 20:51 - 2014-01-14 00:40 - 00000000 ____D C:\Windows\ELAMBKUP
2016-03-26 20:49 - 2016-01-19 21:12 - 00000000 ____D C:\ProgramData\AVAST Software
2016-03-25 04:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-25 04:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-21 14:38 - 2015-05-09 15:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-20 23:02 - 2015-12-18 22:09 - 00000000 ____D C:\Users\Admin\Downloads\Gameforge Live
2016-03-20 23:02 - 2015-10-29 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-03-16 21:48 - 2015-04-10 22:58 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-03-16 21:42 - 2015-04-09 19:55 - 00000000 ____D C:\ProgramData\Battle.net
2016-03-14 11:38 - 2015-11-20 16:30 - 00000000 ____D C:\Windows\rescache
2016-03-14 10:39 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-11 15:49 - 2016-02-08 01:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-10 17:00 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-03-10 09:37 - 2016-01-20 01:23 - 00517256 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-10 04:05 - 2014-01-13 23:05 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 04:00 - 2014-12-11 04:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-10 04:00 - 2014-01-13 23:05 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-01-14 00:17 - 2014-01-14 00:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-24 18:48 - 2014-09-17 19:06 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\CUCD\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-21 19:26
==================== Ende von FRST.txt ============================
addition.txt NetSTAT Code:
ATTFilter C:\Windows\system32>netstat -abno
Aktive Verbindungen
Proto Lokale Adresse Remoteadresse Status PID
TCP 0.0.0.0:445 0.0.0.0:0 ABHÖREN 4
Es konnten keine Besitzerinformationen abgerufen werden.
TCP 0.0.0.0:554 0.0.0.0:0 ABHÖREN 5452
[wmpnetwk.exe]
TCP 0.0.0.0:2869 0.0.0.0:0 ABHÖREN 4
Es konnten keine Besitzerinformationen abgerufen werden.
TCP 0.0.0.0:5357 0.0.0.0:0 ABHÖREN 4
Es konnten keine Besitzerinformationen abgerufen werden.
TCP 0.0.0.0:10243 0.0.0.0:0 ABHÖREN 4
Es konnten keine Besitzerinformationen abgerufen werden.
TCP 0.0.0.0:49153 0.0.0.0:0 ABHÖREN 1096
eventlog
[svchost.exe]
TCP 0.0.0.0:49173 0.0.0.0:0 ABHÖREN 948
[lsass.exe]
TCP 0.0.0.0:51005 0.0.0.0:0 ABHÖREN 7564
[spoolsv.exe]
TCP 127.0.0.1:5939 0.0.0.0:0 ABHÖREN 3132
[TeamViewer_Service.exe]
TCP 127.0.0.1:21320 0.0.0.0:0 ABHÖREN 2344
[SDFSSvc.exe]
TCP 127.0.0.1:21321 0.0.0.0:0 ABHÖREN 7936
[SDUpdSvc.exe]
TCP 127.0.0.1:21322 0.0.0.0:0 ABHÖREN 2344
[SDFSSvc.exe]
TCP 127.0.0.1:21323 0.0.0.0:0 ABHÖREN 2344
[SDFSSvc.exe]
TCP 127.0.0.1:49158 0.0.0.0:0 ABHÖREN 1272
[avp.exe]
TCP 127.0.0.1:49159 0.0.0.0:0 ABHÖREN 1272
[avp.exe]
TCP 127.0.0.1:49159 127.0.0.1:51154 HERGESTELLT 1272
[avp.exe]
TCP 127.0.0.1:49159 127.0.0.1:51181 HERGESTELLT 1272
[avp.exe]
TCP 127.0.0.1:49159 127.0.0.1:51192 HERGESTELLT 1272
[avp.exe]
TCP 127.0.0.1:51152 127.0.0.1:51153 HERGESTELLT 1864
[firefox.exe]
TCP 127.0.0.1:51153 127.0.0.1:51152 HERGESTELLT 1864
[firefox.exe]
TCP 127.0.0.1:51154 127.0.0.1:49159 HERGESTELLT 1864
[firefox.exe]
TCP 127.0.0.1:51181 127.0.0.1:49159 HERGESTELLT 1864
[firefox.exe]
TCP 127.0.0.1:51192 127.0.0.1:49159 HERGESTELLT 1864
[firefox.exe]
TCP 192.168.178.20:139 0.0.0.0:0 ABHÖREN 4
Es konnten keine Besitzerinformationen abgerufen werden.
TCP 192.168.178.20:50901 195.154.6.2:80 SCHLIESSEN_WARTEN 4372
[adwcleaner_5.106.exe]
TCP 192.168.178.20:51155 172.217.16.4:443 HERGESTELLT 1864
[firefox.exe]
TCP 192.168.178.20:51156 54.230.200.126:443 WARTEND 0
TCP 192.168.178.20:51157 172.217.16.3:443 HERGESTELLT 1864
[firefox.exe]
TCP 192.168.178.20:51166 216.58.213.238:80 WARTEND 0
TCP 192.168.178.20:51171 23.42.27.27:80 WARTEND 0
TCP 192.168.178.20:51172 216.58.213.241:443 WARTEND 0
TCP 192.168.178.20:51175 216.58.213.241:443 WARTEND 0
TCP 192.168.178.20:51176 216.58.213.241:443 WARTEND 0
TCP 192.168.178.20:51177 216.58.213.241:443 WARTEND 0
TCP 192.168.178.20:51178 216.58.213.232:443 WARTEND 0
TCP 192.168.178.20:51179 216.58.213.241:443 WARTEND 0
TCP 192.168.178.20:51180 74.125.136.156:443 WARTEND 0
TCP 192.168.178.20:51182 54.68.13.12:443 WARTEND 0
TCP 192.168.178.20:51189 172.217.16.3:443 WARTEND 0
TCP 192.168.178.20:51191 216.58.213.227:443 WARTEND 0
TCP 192.168.178.20:51195 81.19.104.87:443 WARTEND 0
TCP 192.168.178.20:51196 172.217.16.3:443 HERGESTELLT 1864
[firefox.exe]
TCP 192.168.178.20:51197 172.217.16.3:443 WARTEND 0
TCP 192.168.178.20:51198 81.19.104.87:443 WARTEND 0
TCP 192.168.178.20:51199 198.148.81.137:443 WARTEND 0
TCP 192.168.178.20:51200 198.148.81.137:443 WARTEND 0
TCP 192.168.178.20:51202 198.148.81.137:443 WARTEND 0
TCP 192.168.178.20:51203 198.148.81.137:443 WARTEND 0
TCP 192.168.178.20:51204 198.148.81.137:443 WARTEND 0
TCP [::]:135 [::]:0 ABHÖREN 712
RpcSs
[svchost.exe]
TCP [::]:445 [::]:0 ABHÖREN 4
Es konnten keine Besitzerinformationen abgerufen werden.
TCP [::]:554 [::]:0 ABHÖREN 5452
[wmpnetwk.exe]
TCP [::]:2869 [::]:0 ABHÖREN 4
Es konnten keine Besitzerinformationen abgerufen werden.
TCP [::]:3587 [::]:0 ABHÖREN 7068
p2pimsvc
[svchost.exe]
TCP [::]:5357 [::]:0 ABHÖREN 4
Es konnten keine Besitzerinformationen abgerufen werden.
TCP [::]:10243 [::]:0 ABHÖREN 4
Es konnten keine Besitzerinformationen abgerufen werden.
TCP [::]:49152 [::]:0 ABHÖREN 812
[wininit.exe]
TCP [::]:49153 [::]:0 ABHÖREN 1096
eventlog
[svchost.exe]
TCP [::]:49154 [::]:0 ABHÖREN 1192
Schedule
[svchost.exe]
TCP [::]:49163 [::]:0 ABHÖREN 884
[services.exe]
TCP [::]:49173 [::]:0 ABHÖREN 948
[lsass.exe]
TCP [::]:51005 [::]:0 ABHÖREN 7564
[spoolsv.exe]
UDP 0.0.0.0:500 *:* 1192
IKEEXT
[svchost.exe]
UDP 0.0.0.0:3702 *:* 1160
EventSystem
[svchost.exe]
UDP 0.0.0.0:3702 *:* 3632
FDResPub
[svchost.exe]
UDP 0.0.0.0:3702 *:* 3632
FDResPub
[svchost.exe]
UDP 0.0.0.0:3702 *:* 1160
EventSystem
[svchost.exe]
UDP 0.0.0.0:4500 *:* 1192
IKEEXT
[svchost.exe]
UDP 0.0.0.0:5004 *:* 5452
[wmpnetwk.exe]
UDP 0.0.0.0:5005 *:* 5452
[wmpnetwk.exe]
UDP 0.0.0.0:5355 *:* 1492
Dnscache
[svchost.exe]
UDP 0.0.0.0:21328 *:* 2344
[SDFSSvc.exe]
UDP 0.0.0.0:52493 *:* 3632
FDResPub
[svchost.exe]
UDP 0.0.0.0:52495 *:* 1160
EventSystem
[svchost.exe]
UDP 0.0.0.0:52497 *:* 1160
EventSystem
[svchost.exe]
UDP 0.0.0.0:53209 *:* 2344
[SDFSSvc.exe]
UDP 0.0.0.0:53213 *:* 3132
[TeamViewer_Service.exe]
UDP 127.0.0.1:1900 *:* 3632
SSDPSRV
[svchost.exe]
UDP 127.0.0.1:5353 *:* 3132
[TeamViewer_Service.exe]
UDP 127.0.0.1:53218 *:* 3632
SSDPSRV
[svchost.exe]
UDP 192.168.178.20:137 *:* 4
Es konnten keine Besitzerinformationen abgerufen werden.
UDP 192.168.178.20:138 *:* 4
Es konnten keine Besitzerinformationen abgerufen werden.
UDP 192.168.178.20:1900 *:* 3632
SSDPSRV
[svchost.exe]
UDP 192.168.178.20:53217 *:* 3632
SSDPSRV
[svchost.exe]
UDP [::]:500 *:* 1192
IKEEXT
[svchost.exe]
UDP [::]:3540 *:* 7068
p2pimsvc
[svchost.exe]
UDP [::]:3702 *:* 3632
FDResPub
[svchost.exe]
UDP [::]:3702 *:* 3632
FDResPub
[svchost.exe]
UDP [::]:3702 *:* 1160
EventSystem
[svchost.exe]
UDP [::]:3702 *:* 1160
EventSystem
[svchost.exe]
UDP [::]:4500 *:* 1192
IKEEXT
[svchost.exe]
UDP [::]:5004 *:* 5452
[wmpnetwk.exe]
UDP [::]:5005 *:* 5452
[wmpnetwk.exe]
UDP [::]:5355 *:* 1492
Dnscache
[svchost.exe]
UDP [::]:52494 *:* 3632
FDResPub
[svchost.exe]
UDP [::]:52496 *:* 1160
EventSystem
[svchost.exe]
UDP [::]:52498 *:* 1160
EventSystem
[svchost.exe]
UDP [::]:53214 *:* 3132
[TeamViewer_Service.exe]
UDP [::1]:1900 *:* 3632
SSDPSRV
[svchost.exe]
UDP [::1]:53216 *:* 3632
SSDPSRV
[svchost.exe]
UDP [fe80::c0f9:bd5f:6bbf:5de1%11]:1900 *:*
3632
SSDPSRV
[svchost.exe]
UDP [fe80::c0f9:bd5f:6bbf:5de1%11]:5353 *:*
3132
[TeamViewer_Service.exe]
UDP [fe80::c0f9:bd5f:6bbf:5de1%11]:53215 *:*
3632
SSDPSRV
[svchost.exe]
Geändert von cucd23666 (28.03.2016 um 01:28 Uhr) |
|
28.03.2016, 01:28
| #4 |
| | addition.txtCode:
ATTFilter ==================== Konten: =============================
Admin (S-1-5-21-2646704350-2578061303-3144910229-1005 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2646704350-2578061303-3144910229-500 - Administrator - Disabled) => C:\Users\Administrator
CUCD (S-1-5-21-2646704350-2578061303-3144910229-1000 - Administrator - Enabled) => C:\Users\CUCD
Gast (S-1-5-21-2646704350-2578061303-3144910229-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Ableton Live 9 Trial (HKLM-x32\...\{09016382-0996-4764-A7DA-B6AF18162672}) (Version: 9.0.0.0 - Ableton)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{FF2A5498-4EFE-430F-A138-7EB365DBEBAD}) (Version: 12.0.0.112 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.5 - Sereby Corporation)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
Any Video Converter 5.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apowersoft Bildschirmrekorder Pro V2.1.1 (HKLM-x32\...\{dc9006db-6b05-4f0f-833b-79ef3f284c24}_is1) (Version: 2.1.1 - APOWERSOFT LIMITED)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{12450631-3289-40F7-AEC3-F6DCB6E1BDCF}) (Version: 4.0.20.365 - ArcSoft)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version: - Ubisoft Montreal)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2010461505.48.56.4134130 - Audible, Inc.)
Audio Recorder Pro 3.70 (HKLM-x32\...\Audio Recorder Pro_is1) (Version: - )
AutoIt v3.3.12.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.12.0 - AutoIt Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - DE (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ExpressCache (HKLM\...\{9EB0073B-20D4-4C03-A931-C8A105B948D3}) (Version: 1.3.112.0 - Condusiv Technologies)
ExpressCacheApp (HKLM-x32\...\ExpressCacheApp) (Version: 1.3.2 - SanDisk Corporation)
File Type Advisor 1.6 (HKLM-x32\...\File Type Advisor_is1) (Version: - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 4.0.9.6 - )
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube to MP3 Converter version 3.12.56.301 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.56.301 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.10 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.10 - Gameforge)
GitHub (HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\5f7eb300e2ea4ebf) (Version: 3.0.12.0 - GitHub, Inc.)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.108 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Heroes of the Storm Public Test (HKLM-x32\...\Heroes of the Storm Public Test) (Version: - Blizzard Entertainment)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
JasminCam 3.0.5.12 (HKLM-x32\...\JasminCam) (Version: 3.0.5.12 - DuoDecad ITS)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1019 - Marvell)
Metin2 (HKLM-x32\...\Metin2_DE_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
MultiSplitter v1.4.2 (HKLM-x32\...\{43B988F4-DDA0-401E-A094-07F998CD7003}_is1) (Version: 1.4.2 - saveNtrust GmbH)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version: - Robot Entertainment)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version: - PopCap Games, Inc.)
Pinball FX2 (HKLM-x32\...\Steam App 226980) (Version: - Zen Studios)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco)
RT 7 Lite x64 (Version: 2.6.0 - Rockers Team) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
SoftPerfect RAM Disk 3.4.4 (HKLM\...\{33A14ED9-0340-4193-BEDB-B95BC8196182}_is1) (Version: - SoftPerfect Research)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer)
Tor (remove only) (HKLM-x32\...\Tor) (Version: - )
Trojan Remover 6.9.3 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.3 - Simply Super Software)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ubuntu (HKLM-x32\...\Wubi) (Version: 14.04-rev286 - Ubuntu)
Virtual Casino (HKLM-x32\...\{740ed830-8014-4714-abc4-dd98b8549419}) (Version: 16.01.0-RTG - RealTimeGaming Software)
VISIT-X Video Splitter 9.0.1.4 (HKLM-x32\...\VISIT-X Video Splitter_is1) (Version: 9.0.1.4 - Visit-X B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VX-Software 9 v.9.1.8.3 (HKLM-x32\...\{54DDB1B0-5E5B-4637-99DD-7A364CE6A75B}}_is1) (Version: - )
VX-Tool Uploader 1.0.0.0 (HKLM-x32\...\VX-Tool Uploader) (Version: 1.0.0.0 - VISIT-X)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0A27C6E6-BCF8-4A7B-B69C-7466326C12AC} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe
Task: {1D87EC58-FCD7-4E2D-9388-03C3AAEFE2D8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-01-14] ()
Task: {1EB72401-5EB4-4723-B165-8936C4DA7FFC} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-1 -> Keine Datei <==== ACHTUNG
Task: {2A251594-7C18-46B1-84A5-4EFBE25EA483} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19] (Google Inc.)
Task: {2E4D1E86-DDBD-4C70-96F6-14B33A833A0E} - \SpeedUpMyPC Startup -> Keine Datei <==== ACHTUNG
Task: {446ED920-F695-49E3-990E-093EAECFF917} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-5 -> Keine Datei <==== ACHTUNG
Task: {48BA633D-90E6-456C-BA12-BD51C838B17A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19] (Google Inc.)
Task: {50F5ED74-D6C2-4A24-87D9-788B038130D5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5DB3E237-ACB5-4D79-836A-CF1F154EF94D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-24] (Adobe Systems Incorporated)
Task: {612DE302-B268-4B01-912F-E0D8070744E3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {63AE5B03-B091-4B83-B70B-787387465B18} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-01-06] (Symantec Corporation)
Task: {7CEAA206-3DEC-4724-A134-775B932F971C} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-5_user -> Keine Datei <==== ACHTUNG
Task: {83362F89-B90F-4B78-B8E1-D037D5C3BCAF} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-4 -> Keine Datei <==== ACHTUNG
Task: {88B55181-DAA5-4BB3-9338-57B6119EAB39} - System32\Tasks\{AC1511A9-D1D2-45AD-88F0-2460DDA177D2} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.17.0.106&LastError=1168
Task: {89A2FF48-D9FF-4384-A34E-34ED70573988} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2014-02-24] (File Type Advisor)
Task: {92C87A1C-4F7A-4397-B549-6A214269A055} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2014-02-24] ( )
Task: {9504E47E-6A1F-4C99-8824-7E73E7F260F9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\WSCStub.exe
Task: {A223F13B-1DBA-4D56-AEC5-D6BFBA4EFAC1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {ABFC3DBD-2466-48EA-B11F-767490FFC6EB} - \SpeedUpMyPC Maintenance -> Keine Datei <==== ACHTUNG
Task: {BE4C72D1-C68E-4977-B36C-B8D186841152} - System32\Tasks\{DBF9A57B-4BDB-4C87-A615-2A6955D4034F} => pcalua.exe -a "G:\Program Files (x86)\RT7LitePIlaunch.exe" -d "G:\Program Files (x86)"
Task: {C92C5BB4-839A-40D5-8916-62015206F348} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {CEF2B4EE-618D-4455-8384-6BED666ECAFC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {DF3C763D-B276-4915-9B84-C3EF00AB8C18} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3 -> Keine Datei <==== ACHTUNG
Task: {E116AD0D-430E-4059-B17C-936A7AB3FD5C} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {E39DF62F-0CB8-4461-A639-165C2ADA7396} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe
Task: {E72C6DB3-C807-485E-9809-67B06D50AE59} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-11 -> Keine Datei <==== ACHTUNG
Task: {F5669C08-1372-487C-B414-96368326E294} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {FAB5E6B4-CF6C-47E2-A53A-B9C7A7199465} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-2 -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-03-28 01:52 - 2016-03-28 01:52 - 01538560 _____ () C:\Users\Admin\Downloads\adwcleaner_5.106.exe
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-03-27 11:45 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-03-27 11:45 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-03-27 11:45 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-03-27 11:45 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-03-27 11:45 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [150]
AlternateDataStreams: C:\Users\CUCD\Local Settings:init [1554422]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7883 mehr Seiten.
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123simsen.com -> www.123simsen.com
Da befinden sich 7882 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-03-27 23:17 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15491 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: Steam => "G:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{81B5964C-976F-4607-924C-851B6F5D4AC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C0450181-68D9-4267-B706-C821E82AF723}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3EE2FD11-059D-44F9-A709-28C95CCC92AE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8465572E-FCBF-4993-B3DD-3D5C38BE7B10}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B66B6427-9BBF-4833-9DC7-4957ACDC4982}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{832691C7-6D6C-474E-BE50-DAF160B4F430}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{422B4892-74DD-4DBF-B343-94D7B086FB93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8E3FECA9-B09D-4B61-93A6-5C8D41326876}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{D6E18B31-C48D-4668-89F7-EB3B196A809C}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{38FE5D2F-E386-485B-B900-50B6C096C9F5}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe
FirewallRules: [{E3C24470-8650-44C7-B1A9-DF4B2FDA8C55}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E6F40F3B-8102-484C-AF7E-ED78ED4957FD}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0D0755B4-6CF1-4D0F-B05A-5DDAF245211C}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{0F958FB1-0409-47EC-99D6-3EAD3B2DCF35}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{DC688926-7891-465C-B9AE-38F07948AC3E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{618E55DD-E05C-49A8-8071-3DFF94494E4E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2FBFFBA-75FF-4EB9-953F-42948FD9A9F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5A5A12FF-7E4D-43E9-8624-51F6BA942E63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E8CF0BC8-B912-4EFB-843E-50B7946D8466}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{31269037-7B51-41CE-815A-11A3ECC781E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0FB327C0-8AD0-4658-8E08-A27066918029}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{B9399578-68A8-45E2-A35D-46C24218C17B}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{63C8E9D0-B176-4DFA-8B13-FD2F9646D7E9}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D97C72A8-9263-43A5-A114-18A08BEDF8AB}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CCE4C19D-124E-4CDE-9A6E-AA5353CA60EA}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{67225A9C-993C-4087-951E-F0BF7956C720}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{E00E4F11-DBD9-4A01-B75B-43C551B50FDF}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{A37F9B07-6557-4DB9-B6FF-2E8EC0B22735}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [TCP Query User{6B6BB29E-A5F5-4AEB-B2CA-7A1C2B43E639}G:\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{1EEC3DB7-894A-49D9-B520-4B2BB9E9680C}G:\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{2C3C2BC0-3D0F-4553-AD48-37CD90E8E812}] => (Block) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{A39FE2D4-B6FE-407F-8F94-A93582282B16}] => (Block) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{46FF5554-4193-4A1E-8897-98168BA40B28}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{5DE0375E-D5B1-43D0-AAAE-AD1469F5FCF6}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{4F32D424-790C-4BCE-A800-F033B72B7163}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{B517208A-BBD0-471C-AFE2-75AF02B0D50D}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{2AACBB30-C3C8-4F01-969C-757819F7B00A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FD58E739-E5FE-41D4-8232-444F84614109}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0C7E89FC-73FE-4208-9352-5BAEA30DE55A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{13CA217B-6753-45FC-8B24-0BCDA56EB695}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1EC5F0E8-9274-4E3E-ACEB-ACD4B85FFFE3}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{055BAE76-1968-4E16-8934-E169FB5E54E0}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{7FF71712-625F-44D5-997A-96A88D283DAB}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{F9ACF49B-1220-427B-8922-9340F7E1A297}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{3CDEBEB6-B31A-41CE-9382-CE2152A81979}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{B7F3CD86-1853-4ED4-86C0-F9648A98E1E4}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{ACA52837-3907-416E-976A-DFD6DB520DC5}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{3399B5DC-04F9-4364-9CFC-8D4954F26D69}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [TCP Query User{0F56BB8F-F8CC-40F8-A6D5-F2FEBA8935E4}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1161C18C-AFEA-4EC4-ABD9-831C064882E7}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{4CDFA00C-6B8D-4356-9271-3D3319E8595D}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{2E562699-E885-4A7A-B116-52789FFE9952}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [{F5F21743-5D12-4162-8670-B7C137F14ED6}] => (Allow) G:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{22F72DD6-D2AE-4508-B163-352F805AF9E9}] => (Allow) G:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F0D180D0-45BC-4F39-8542-0B77DE2C6E7C}] => (Allow) LPort=80
FirewallRules: [{90DFD718-3D2E-489D-B7B7-359333C24DAE}] => (Allow) LPort=443
FirewallRules: [{9B6C02DD-319C-4436-AEAA-0E556C014077}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{E88E644E-6B22-45CB-94CC-FB3C072F7424}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [TCP Query User{01CBE90A-A64B-4213-AF72-7B6F81852C24}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Block) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{0FA5804B-192D-4365-8CFC-2D0D1F07CC37}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Block) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{1DF8A8C4-D29D-408F-BC25-D0DC2AD71390}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{00572D6E-F873-43DD-951A-2CF06C8A9893}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{EE02DBB9-4491-452A-8038-79336ECB3969}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E0673296-60C0-4EA1-81D6-17B90C56C4B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C60F0F14-FE89-4231-9B22-FDCF282FDEB3}] => (Block) g:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{6434B8A0-82C7-4195-998C-4BC9978C9F0E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7DBE669D-7BC4-41F1-9234-181116AE57D9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E47153A-8A0D-487E-8D60-1771F2229FDE}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7C9CCA25-17AD-4147-B1F1-0ADFE50CD859}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{99C8FE67-3B1B-4CA7-B5EA-EF1E790B76CF}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{31ED3923-425D-418F-A179-CB6DC5E306C2}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{A2C8AC17-C025-45FA-9844-E5B5D832340B}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{AE8EB422-842F-48A5-9FBC-7884678E41A1}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{B9FC474F-D7AF-4426-B5DF-2E2E7AE1F04F}] => (Allow) G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{8828C736-4811-46F7-8D24-4F20B867D820}] => (Allow) G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{11840102-EC51-4B06-ADC4-1278786B9BFE}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5373847F-D084-46EE-ADED-6A78F67F1166}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5814EC28-A0E6-4193-BADE-F48A492AD451}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{950C95FB-34F7-44D8-9602-9A3879E17690}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{558DDC6B-E854-412B-84D4-555CF6CE8E42}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6112811B-B85D-4822-820F-9DB1D2BB6B87}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D7E6037A-994F-4843-8E67-5BFD3B7B3B3D}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe
FirewallRules: [{B688EE73-CEAB-4ED1-A7FC-A11740D368E7}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe
FirewallRules: [{63FF78D1-E3C2-42BC-B5BB-749A308E9160}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{0B4D94B8-F638-4583-8358-2777CF3DD7E8}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{E0BBF08F-3D5D-4632-93F9-02E0A1FC8DB6}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{32FE316C-2EC5-4E75-9DE1-F56ADF28F0BD}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{8F059E96-B319-46E8-8C24-6F87482C097C}] => (Allow) G:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{31288BA8-463A-4138-80B8-D12001E0879C}C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe] => (Allow) C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe
FirewallRules: [UDP Query User{4599AAAF-DB47-4E08-9DDE-0BFA235400D1}C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe] => (Allow) C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe
FirewallRules: [{E8578201-18B9-4B66-95E4-0303E8BAA3BA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/28/2016 01:23:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Eraser.exe, Version: 6.0.10.2620, Zeitstempel: 0x4fbad9e6
Name des fehlerhaften Moduls: mscorwks.dll, Version: 2.0.50727.5485, Zeitstempel: 0x53a11d6c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001ad520
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xEraser.exe0
Pfad der fehlerhaften Anwendung: Eraser.exe1
Pfad des fehlerhaften Moduls: Eraser.exe2
Berichtskennung: Eraser.exe3
Error: (03/28/2016 01:23:08 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Fatal Execution Engine Error (000007FEE947600A) (80131506)
Error: (03/28/2016 12:59:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Eraser.exe, Version: 6.0.10.2620, Zeitstempel: 0x4fbad9e6
Name des fehlerhaften Moduls: mscorwks.dll, Version: 2.0.50727.5485, Zeitstempel: 0x53a11d6c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001ad520
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xEraser.exe0
Pfad der fehlerhaften Anwendung: Eraser.exe1
Pfad des fehlerhaften Moduls: Eraser.exe2
Berichtskennung: Eraser.exe3
Error: (03/28/2016 12:59:26 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Schwerwiegender Fehler im Ausführungsmodul (000007FEE9E1600A) (80131506).
Error: (03/28/2016 12:40:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2016 11:11:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2016 10:42:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2016 09:53:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.4760.1000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 520
Startzeit: 01d18862361b4470
Endzeit: 4
Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
Berichts-ID: 8f83bbdf-f455-11e5-8329-08606e6a4329
Error: (03/27/2016 07:30:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Manager.exe, Version: 5.5.0.8, Zeitstempel: 0x558844e5
Name des fehlerhaften Moduls: MFC71.DLL, Version: 7.10.6101.0, Zeitstempel: 0x4a592fb6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000873d9
ID des fehlerhaften Prozesses: 0x75c
Startzeit der fehlerhaften Anwendung: 0xManager.exe0
Pfad der fehlerhaften Anwendung: Manager.exe1
Pfad des fehlerhaften Moduls: Manager.exe2
Berichtskennung: Manager.exe3
Error: (03/27/2016 11:45:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (03/28/2016 01:55:02 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (03/28/2016 01:54:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/28/2016 01:54:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/28/2016 01:54:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/28/2016 01:54:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Office Software Protection Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/28/2016 01:54:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/28/2016 01:54:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/28/2016 01:54:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Corel License Validation Service V2 x64, Powered by arvato" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/28/2016 01:54:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/28/2016 01:54:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2014-10-15 00:03:56.300
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:03:56.299
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:02:02.518
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:00:17.258
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:00:17.257
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:00:17.256
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 04:24:33.541
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 04:24:33.540
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 04:24:18.402
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 00:16:51.177
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 16333.65 MB
Verfügbarer physikalischer RAM: 12495.01 MB
Summe virtueller Speicher: 30993.68 MB
Verfügbarer virtueller Speicher: 27135.88 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:15.75 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (KRD10) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS
Drive e: (Backups Wichtig!!) (Fixed) (Total:465.76 GB) (Free:421.58 GB) NTFS
Drive g: (Programme Installationen) (Fixed) (Total:465.76 GB) (Free:134.22 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3D6C58F9)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: 7B135942)
Partition 1: (Not Active) - (Size=29.8 GB) - (Type=73)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F3671383)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D3519421)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
29.03.2016, 01:41
| #5 |
| /// Malwareteam | WIN 7 Alle Berechtigungen verändert? Komische Dateien Gehackt? Leider hast du unsere Anleitung nicht richtig befolgt. Bei beiden Logfiles ist ein Teil abgeschnitten und fehlt. Deshalb erstelle bitte neue, komplette Logfiles. Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Außerdem fehlt das Logfile von TDSSKiller komplett.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
29.03.2016, 15:37
| #6 |
| | NochmalCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Admin (2016-03-29 16:31:17)
Gestartet von C:\Users\Admin\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-01-13 19:27:24)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-2646704350-2578061303-3144910229-1005 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2646704350-2578061303-3144910229-500 - Administrator - Disabled) => C:\Users\Administrator
CUCD (S-1-5-21-2646704350-2578061303-3144910229-1000 - Administrator - Enabled) => C:\Users\CUCD
Gast (S-1-5-21-2646704350-2578061303-3144910229-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Ableton Live 9 Trial (HKLM-x32\...\{09016382-0996-4764-A7DA-B6AF18162672}) (Version: 9.0.0.0 - Ableton)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{FF2A5498-4EFE-430F-A138-7EB365DBEBAD}) (Version: 12.0.0.112 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.5 - Sereby Corporation)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
Any Video Converter 5.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apowersoft Bildschirmrekorder Pro V2.1.1 (HKLM-x32\...\{dc9006db-6b05-4f0f-833b-79ef3f284c24}_is1) (Version: 2.1.1 - APOWERSOFT LIMITED)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{12450631-3289-40F7-AEC3-F6DCB6E1BDCF}) (Version: 4.0.20.365 - ArcSoft)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version: - Ubisoft Montreal)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2010461505.48.56.4134130 - Audible, Inc.)
Audio Recorder Pro 3.70 (HKLM-x32\...\Audio Recorder Pro_is1) (Version: - )
AutoIt v3.3.12.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.12.0 - AutoIt Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - DE (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ExpressCache (HKLM\...\{9EB0073B-20D4-4C03-A931-C8A105B948D3}) (Version: 1.3.112.0 - Condusiv Technologies)
ExpressCacheApp (HKLM-x32\...\ExpressCacheApp) (Version: 1.3.2 - SanDisk Corporation)
File Type Advisor 1.6 (HKLM-x32\...\File Type Advisor_is1) (Version: - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 4.0.9.6 - )
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube to MP3 Converter version 3.12.56.301 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.56.301 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.10 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.10 - Gameforge)
Genesis (HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\tiodjx) (Version: - ) <==== ACHTUNG
GitHub (HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\5f7eb300e2ea4ebf) (Version: 3.0.12.0 - GitHub, Inc.)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Heroes of the Storm Public Test (HKLM-x32\...\Heroes of the Storm Public Test) (Version: - Blizzard Entertainment)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
JasminCam 3.0.5.12 (HKLM-x32\...\JasminCam) (Version: 3.0.5.12 - DuoDecad ITS)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1019 - Marvell)
Metin2 (HKLM-x32\...\Metin2_DE_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
MultiSplitter v1.4.2 (HKLM-x32\...\{43B988F4-DDA0-401E-A094-07F998CD7003}_is1) (Version: 1.4.2 - saveNtrust GmbH)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version: - Robot Entertainment)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version: - PopCap Games, Inc.)
Pinball FX2 (HKLM-x32\...\Steam App 226980) (Version: - Zen Studios)
PlanetSide 2 (HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco)
RT 7 Lite (64-Bit) (HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\RT 7 Lite x64) (Version: 2.6.0 - Rockers Team)
RT 7 Lite x64 (Version: 2.6.0 - Rockers Team) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
SoftPerfect RAM Disk 3.4.4 (HKLM\...\{33A14ED9-0340-4193-BEDB-B95BC8196182}_is1) (Version: - SoftPerfect Research)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer)
Tor (remove only) (HKLM-x32\...\Tor) (Version: - )
Trojan Remover 6.9.3 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.3 - Simply Super Software)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ubuntu (HKLM-x32\...\Wubi) (Version: 14.04-rev286 - Ubuntu)
Virtual Casino (HKLM-x32\...\{740ed830-8014-4714-abc4-dd98b8549419}) (Version: 16.01.0-RTG - RealTimeGaming Software)
VISIT-X Video Splitter 9.0.1.4 (HKLM-x32\...\VISIT-X Video Splitter_is1) (Version: 9.0.1.4 - Visit-X B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VX-Software 9 v.9.1.8.3 (HKLM-x32\...\{54DDB1B0-5E5B-4637-99DD-7A364CE6A75B}}_is1) (Version: - )
VX-Tool Uploader 1.0.0.0 (HKLM-x32\...\VX-Tool Uploader) (Version: 1.0.0.0 - VISIT-X)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0A27C6E6-BCF8-4A7B-B69C-7466326C12AC} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe
Task: {1D87EC58-FCD7-4E2D-9388-03C3AAEFE2D8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-01-14] ()
Task: {1EB72401-5EB4-4723-B165-8936C4DA7FFC} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-1 -> Keine Datei <==== ACHTUNG
Task: {2A251594-7C18-46B1-84A5-4EFBE25EA483} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19] (Google Inc.)
Task: {2E4D1E86-DDBD-4C70-96F6-14B33A833A0E} - \SpeedUpMyPC Startup -> Keine Datei <==== ACHTUNG
Task: {446ED920-F695-49E3-990E-093EAECFF917} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-5 -> Keine Datei <==== ACHTUNG
Task: {48BA633D-90E6-456C-BA12-BD51C838B17A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19] (Google Inc.)
Task: {50F5ED74-D6C2-4A24-87D9-788B038130D5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5DB3E237-ACB5-4D79-836A-CF1F154EF94D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-24] (Adobe Systems Incorporated)
Task: {612DE302-B268-4B01-912F-E0D8070744E3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {63AE5B03-B091-4B83-B70B-787387465B18} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-01-06] (Symantec Corporation)
Task: {7CEAA206-3DEC-4724-A134-775B932F971C} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-5_user -> Keine Datei <==== ACHTUNG
Task: {83362F89-B90F-4B78-B8E1-D037D5C3BCAF} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-4 -> Keine Datei <==== ACHTUNG
Task: {88B55181-DAA5-4BB3-9338-57B6119EAB39} - System32\Tasks\{AC1511A9-D1D2-45AD-88F0-2460DDA177D2} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.17.0.106&LastError=1168
Task: {89A2FF48-D9FF-4384-A34E-34ED70573988} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2014-02-24] (File Type Advisor)
Task: {92C87A1C-4F7A-4397-B549-6A214269A055} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2014-02-24] ( )
Task: {9504E47E-6A1F-4C99-8824-7E73E7F260F9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\WSCStub.exe
Task: {A223F13B-1DBA-4D56-AEC5-D6BFBA4EFAC1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {ABFC3DBD-2466-48EA-B11F-767490FFC6EB} - \SpeedUpMyPC Maintenance -> Keine Datei <==== ACHTUNG
Task: {BE4C72D1-C68E-4977-B36C-B8D186841152} - System32\Tasks\{DBF9A57B-4BDB-4C87-A615-2A6955D4034F} => pcalua.exe -a "G:\Program Files (x86)\RT7LitePIlaunch.exe" -d "G:\Program Files (x86)"
Task: {C92C5BB4-839A-40D5-8916-62015206F348} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {CEF2B4EE-618D-4455-8384-6BED666ECAFC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {DF3C763D-B276-4915-9B84-C3EF00AB8C18} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3 -> Keine Datei <==== ACHTUNG
Task: {E116AD0D-430E-4059-B17C-936A7AB3FD5C} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {E39DF62F-0CB8-4461-A639-165C2ADA7396} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe
Task: {E72C6DB3-C807-485E-9809-67B06D50AE59} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-11 -> Keine Datei <==== ACHTUNG
Task: {F5669C08-1372-487C-B414-96368326E294} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {FAB5E6B4-CF6C-47E2-A53A-B9C7A7199465} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-2 -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-01-14 00:27 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-15 18:46 - 2014-03-09 17:26 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-24 17:47 - 2014-01-15 15:51 - 00097784 _____ () G:\SoftPerfect RAM Disk\vvlib.dll
2015-12-23 23:34 - 2015-02-26 19:10 - 03561472 _____ () C:\Program Files (x86)\MultiSplitter\MultiSplitter.exe
2015-08-26 09:44 - 2015-08-26 09:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-12-08 21:25 - 2015-12-08 21:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-03-27 11:45 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-03-27 11:45 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-03-27 11:45 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-03-27 11:45 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-03-27 11:45 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-06-23 02:24 - 2015-05-28 09:04 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-08 22:33 - 2016-02-08 22:33 - 00081408 ____T () C:\Users\Admin\AppData\Local\Microsoft\bass_vst.dll
2016-02-08 22:33 - 2016-03-29 16:28 - 01758720 ____T () C:\Users\Admin\AppData\Local\Microsoft\engine_vx.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2015-12-15 13:42 - 2015-12-24 21:55 - 17647296 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [150]
AlternateDataStreams: C:\Users\CUCD\Local Settings:init [1554422]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7883 mehr Seiten.
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7882 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123simsen.com -> www.123simsen.com
Da befinden sich 7882 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-03-28 02:54 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15491 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\CUCD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: Steam => "G:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{81B5964C-976F-4607-924C-851B6F5D4AC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C0450181-68D9-4267-B706-C821E82AF723}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3EE2FD11-059D-44F9-A709-28C95CCC92AE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8465572E-FCBF-4993-B3DD-3D5C38BE7B10}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B66B6427-9BBF-4833-9DC7-4957ACDC4982}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{832691C7-6D6C-474E-BE50-DAF160B4F430}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{422B4892-74DD-4DBF-B343-94D7B086FB93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8E3FECA9-B09D-4B61-93A6-5C8D41326876}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{D6E18B31-C48D-4668-89F7-EB3B196A809C}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{38FE5D2F-E386-485B-B900-50B6C096C9F5}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe
FirewallRules: [{E3C24470-8650-44C7-B1A9-DF4B2FDA8C55}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E6F40F3B-8102-484C-AF7E-ED78ED4957FD}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0D0755B4-6CF1-4D0F-B05A-5DDAF245211C}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{0F958FB1-0409-47EC-99D6-3EAD3B2DCF35}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{DC688926-7891-465C-B9AE-38F07948AC3E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{618E55DD-E05C-49A8-8071-3DFF94494E4E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2FBFFBA-75FF-4EB9-953F-42948FD9A9F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5A5A12FF-7E4D-43E9-8624-51F6BA942E63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E8CF0BC8-B912-4EFB-843E-50B7946D8466}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{31269037-7B51-41CE-815A-11A3ECC781E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0FB327C0-8AD0-4658-8E08-A27066918029}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{B9399578-68A8-45E2-A35D-46C24218C17B}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{63C8E9D0-B176-4DFA-8B13-FD2F9646D7E9}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D97C72A8-9263-43A5-A114-18A08BEDF8AB}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CCE4C19D-124E-4CDE-9A6E-AA5353CA60EA}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{67225A9C-993C-4087-951E-F0BF7956C720}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{E00E4F11-DBD9-4A01-B75B-43C551B50FDF}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{A37F9B07-6557-4DB9-B6FF-2E8EC0B22735}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [TCP Query User{6B6BB29E-A5F5-4AEB-B2CA-7A1C2B43E639}G:\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{1EEC3DB7-894A-49D9-B520-4B2BB9E9680C}G:\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{2C3C2BC0-3D0F-4553-AD48-37CD90E8E812}] => (Block) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{A39FE2D4-B6FE-407F-8F94-A93582282B16}] => (Block) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{46FF5554-4193-4A1E-8897-98168BA40B28}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{5DE0375E-D5B1-43D0-AAAE-AD1469F5FCF6}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{4F32D424-790C-4BCE-A800-F033B72B7163}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{B517208A-BBD0-471C-AFE2-75AF02B0D50D}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{2AACBB30-C3C8-4F01-969C-757819F7B00A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FD58E739-E5FE-41D4-8232-444F84614109}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0C7E89FC-73FE-4208-9352-5BAEA30DE55A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{13CA217B-6753-45FC-8B24-0BCDA56EB695}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1EC5F0E8-9274-4E3E-ACEB-ACD4B85FFFE3}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{055BAE76-1968-4E16-8934-E169FB5E54E0}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{7FF71712-625F-44D5-997A-96A88D283DAB}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{F9ACF49B-1220-427B-8922-9340F7E1A297}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{3CDEBEB6-B31A-41CE-9382-CE2152A81979}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{B7F3CD86-1853-4ED4-86C0-F9648A98E1E4}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{ACA52837-3907-416E-976A-DFD6DB520DC5}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{3399B5DC-04F9-4364-9CFC-8D4954F26D69}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [TCP Query User{0F56BB8F-F8CC-40F8-A6D5-F2FEBA8935E4}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1161C18C-AFEA-4EC4-ABD9-831C064882E7}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{4CDFA00C-6B8D-4356-9271-3D3319E8595D}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{2E562699-E885-4A7A-B116-52789FFE9952}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [{F5F21743-5D12-4162-8670-B7C137F14ED6}] => (Allow) G:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{22F72DD6-D2AE-4508-B163-352F805AF9E9}] => (Allow) G:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F0D180D0-45BC-4F39-8542-0B77DE2C6E7C}] => (Allow) LPort=80
FirewallRules: [{90DFD718-3D2E-489D-B7B7-359333C24DAE}] => (Allow) LPort=443
FirewallRules: [{9B6C02DD-319C-4436-AEAA-0E556C014077}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{E88E644E-6B22-45CB-94CC-FB3C072F7424}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [TCP Query User{01CBE90A-A64B-4213-AF72-7B6F81852C24}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Block) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{0FA5804B-192D-4365-8CFC-2D0D1F07CC37}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Block) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{1DF8A8C4-D29D-408F-BC25-D0DC2AD71390}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{00572D6E-F873-43DD-951A-2CF06C8A9893}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{EE02DBB9-4491-452A-8038-79336ECB3969}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E0673296-60C0-4EA1-81D6-17B90C56C4B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C60F0F14-FE89-4231-9B22-FDCF282FDEB3}] => (Block) g:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{6434B8A0-82C7-4195-998C-4BC9978C9F0E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7DBE669D-7BC4-41F1-9234-181116AE57D9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E47153A-8A0D-487E-8D60-1771F2229FDE}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7C9CCA25-17AD-4147-B1F1-0ADFE50CD859}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{99C8FE67-3B1B-4CA7-B5EA-EF1E790B76CF}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{31ED3923-425D-418F-A179-CB6DC5E306C2}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{A2C8AC17-C025-45FA-9844-E5B5D832340B}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{AE8EB422-842F-48A5-9FBC-7884678E41A1}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{B9FC474F-D7AF-4426-B5DF-2E2E7AE1F04F}] => (Allow) G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{8828C736-4811-46F7-8D24-4F20B867D820}] => (Allow) G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{11840102-EC51-4B06-ADC4-1278786B9BFE}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5373847F-D084-46EE-ADED-6A78F67F1166}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5814EC28-A0E6-4193-BADE-F48A492AD451}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{950C95FB-34F7-44D8-9602-9A3879E17690}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{558DDC6B-E854-412B-84D4-555CF6CE8E42}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6112811B-B85D-4822-820F-9DB1D2BB6B87}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D7E6037A-994F-4843-8E67-5BFD3B7B3B3D}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe
FirewallRules: [{B688EE73-CEAB-4ED1-A7FC-A11740D368E7}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe
FirewallRules: [{63FF78D1-E3C2-42BC-B5BB-749A308E9160}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{0B4D94B8-F638-4583-8358-2777CF3DD7E8}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{E0BBF08F-3D5D-4632-93F9-02E0A1FC8DB6}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{32FE316C-2EC5-4E75-9DE1-F56ADF28F0BD}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{8F059E96-B319-46E8-8C24-6F87482C097C}] => (Allow) G:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{31288BA8-463A-4138-80B8-D12001E0879C}C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe] => (Allow) C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe
FirewallRules: [UDP Query User{4599AAAF-DB47-4E08-9DDE-0BFA235400D1}C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe] => (Allow) C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe
FirewallRules: [{FCB9FDC6-DE01-4CE6-B23C-6023B3F30649}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/29/2016 03:33:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.18231 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1698
Startzeit: 01d189bf963c9305
Endzeit: 0
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID: d8a71bb2-f5b2-11e5-9f98-08606e6a4329
Error: (03/29/2016 03:31:56 PM) (Source: .NET Runtime) (EventID: 0) (User: )
Description: .NET Runtime version : 2.0.50727.5485 - Kein Debugger gefunden.Der registrierte JIT-Debugger ist nicht verfügbar. Das Starten eines JIT-Debuggers mit folgendem Befehl gab folgenden Fehlercode zurück 0x2 (2). Überprüfen Sie die Computereinstellungen.
"C:\Program Files\Soluto\Debugger\x86\ntsd.exe" -p 1884 -d -noio -c ".dump /mFhut /u /o C:\ProgramData\Soluto\Dumps\ApplicationDumps\JIT.dmp; .kill; q"
Klicken Sie auf "Wiederholen", damit der Prozess während dem manuellen Anhängen eines Debuggers angehalten wird.
Klicken Sie auf "Abbrechen", um die JIT-Debuganforderung abzubrechen.
Error: (03/29/2016 03:30:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2016 12:42:21 AM) (Source: .NET Runtime) (EventID: 0) (User: )
Description: .NET Runtime version : 2.0.50727.5485 - Kein Debugger gefunden.Der registrierte JIT-Debugger ist nicht verfügbar. Das Starten eines JIT-Debuggers mit folgendem Befehl gab folgenden Fehlercode zurück 0x2 (2). Überprüfen Sie die Computereinstellungen.
"C:\Program Files\Soluto\Debugger\x86\ntsd.exe" -p 7228 -d -noio -c ".dump /mFhut /u /o C:\ProgramData\Soluto\Dumps\ApplicationDumps\JIT.dmp; .kill; q"
Klicken Sie auf "Wiederholen", damit der Prozess während dem manuellen Anhängen eines Debuggers angehalten wird.
Klicken Sie auf "Abbrechen", um die JIT-Debuganforderung abzubrechen.
Error: (03/28/2016 05:08:13 PM) (Source: .NET Runtime) (EventID: 0) (User: )
Description: .NET Runtime version : 2.0.50727.5485 - Kein Debugger gefunden.Der registrierte JIT-Debugger ist nicht verfügbar. Das Starten eines JIT-Debuggers mit folgendem Befehl gab folgenden Fehlercode zurück 0x2 (2). Überprüfen Sie die Computereinstellungen.
"C:\Program Files\Soluto\Debugger\x86\ntsd.exe" -p 1856 -d -noio -c ".dump /mFhut /u /o C:\ProgramData\Soluto\Dumps\ApplicationDumps\JIT.dmp; .kill; q"
Klicken Sie auf "Wiederholen", damit der Prozess während dem manuellen Anhängen eines Debuggers angehalten wird.
Klicken Sie auf "Abbrechen", um die JIT-Debuganforderung abzubrechen.
Error: (03/28/2016 05:07:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2016 03:07:53 AM) (Source: .NET Runtime) (EventID: 0) (User: )
Description: .NET Runtime version : 2.0.50727.5485 - Kein Debugger gefunden.Der registrierte JIT-Debugger ist nicht verfügbar. Das Starten eines JIT-Debuggers mit folgendem Befehl gab folgenden Fehlercode zurück 0x2 (2). Überprüfen Sie die Computereinstellungen.
"C:\Program Files\Soluto\Debugger\x86\ntsd.exe" -p 1956 -d -noio -c ".dump /mFhut /u /o C:\ProgramData\Soluto\Dumps\ApplicationDumps\JIT.dmp; .kill; q"
Klicken Sie auf "Wiederholen", damit der Prozess während dem manuellen Anhängen eines Debuggers angehalten wird.
Klicken Sie auf "Abbrechen", um die JIT-Debuganforderung abzubrechen.
Error: (03/28/2016 03:06:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2016 01:23:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Eraser.exe, Version: 6.0.10.2620, Zeitstempel: 0x4fbad9e6
Name des fehlerhaften Moduls: mscorwks.dll, Version: 2.0.50727.5485, Zeitstempel: 0x53a11d6c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001ad520
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xEraser.exe0
Pfad der fehlerhaften Anwendung: Eraser.exe1
Pfad des fehlerhaften Moduls: Eraser.exe2
Berichtskennung: Eraser.exe3
Error: (03/28/2016 01:23:08 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Fatal Execution Engine Error (000007FEE947600A) (80131506)
Systemfehler:
=============
Error: (03/29/2016 03:31:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (03/29/2016 03:30:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
4474777drv
Error: (03/29/2016 08:22:18 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (03/28/2016 05:07:43 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (03/28/2016 05:07:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
4474777drv
Error: (03/28/2016 03:07:23 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (03/28/2016 03:06:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
4474777drv
Error: (03/28/2016 01:55:02 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (03/28/2016 01:54:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/28/2016 01:54:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2014-10-15 00:03:56.300
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:03:56.299
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:02:02.518
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:00:17.258
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:00:17.257
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:00:17.256
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 04:24:33.541
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 04:24:33.540
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 04:24:18.402
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 00:16:51.177
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 16333.65 MB
Verfügbarer physikalischer RAM: 12424.36 MB
Summe virtueller Speicher: 31280.81 MB
Verfügbarer virtueller Speicher: 27289.4 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:15.27 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: (Backups Wichtig!!) (Fixed) (Total:465.76 GB) (Free:421.58 GB) NTFS
Drive g: (Programme Installationen) (Fixed) (Total:465.76 GB) (Free:134.22 GB) NTFS
Drive h: () (Fixed) (Total:465.75 GB) (Free:465.62 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3D6C58F9)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: 7B135942)
Partition 1: (Not Active) - (Size=29.8 GB) - (Type=73)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F3671383)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D3519421)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
29.03.2016, 15:38
| #7 |
| | WIN 7 Alle Berechtigungen verändert? Komische Dateien Gehackt?Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Admin (Administrator) auf CUCD-PC (29-03-2016 16:30:26)
Gestartet von C:\Users\Admin\Downloads
Geladene Profile: CUCD & Admin (Verfügbare Profile: CUCD & Admin & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(SoftPerfect Research) G:\SoftPerfect RAM Disk\ramdiskws.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SoftPerfect Research) G:\SoftPerfect RAM Disk\ramdiskws.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apowersoft) G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\MultiSplitter\MultiSplitter.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Simply Super Software) C:\Program Files (x86)\Trojan Remover\Trjscan.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RAMDiskForWorkstations] => G:\SoftPerfect RAM Disk\RAMDiskWS.exe [3547856 2014-01-15] (SoftPerfect Research)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573720 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2000-01-01] (Intel Corporation)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [3725328 2015-10-15] (Simply Super Software)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\MountPoints2: {ba37d231-a8c5-11e5-85b6-08606e6a4329} - F:\autorun.exe
HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\MountPoints2: {ba37d240-a8c5-11e5-85b6-08606e6a4329} - F:\autorun.exe
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [ApowersoftScreenRecorder] => G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe [3317400 2016-01-19] (Apowersoft)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [MultiSplitter] => C:\Program Files (x86)\MultiSplitter\multisplitter.exe [3561472 2015-02-26] ()
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\MountPoints2: {a881abfc-af15-11e5-9e9b-08606e6a4329} - F:\autorun.exe
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\MountPoints2: {ba37d240-a8c5-11e5-85b6-08606e6a4329} - F:\autorun.exe
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => Keine Datei
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => Keine Datei
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [S-1-5-21-2646704350-2578061303-3144910229-1000] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-2646704350-2578061303-3144910229-1000] => 69.175.71.164:80
ProxyEnable: [S-1-5-21-2646704350-2578061303-3144910229-1005] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-2646704350-2578061303-3144910229-1005] => http=127.0.0.1:8895;https=127.0.0.1:8895
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4947F9EA-F57E-4F84-A811-73C4B0F0DC57}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{6371C9D6-4404-412A-9B35-24D5D6F3746D}: [DhcpNameServer] 192.168.178.1
ManualProxies: 1http=127.0.0.1:8895;https=127.0.0.1:8895
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://tvron.net/
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-2646704350-2578061303-3144910229-1000 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP2F16382F-469C-4884-9367-D038BDA48490&q={searchTerms}&SSPV=
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-06] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-06] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\8kg0ugwq.default
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-24] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> G:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-01-30] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2014-01-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2646704350-2578061303-3144910229-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\8kg0ugwq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-26]
FF HKU\S-1-5-21-2646704350-2578061303-3144910229-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-19]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-19]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-19]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-19]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-19]
CHR Extension: (Google Tabellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-19]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-19]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-19]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-01-29] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-08] (Kaspersky Lab ZAO)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2014-01-29] (Condusiv Technologies)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-28] (NVIDIA Corporation)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (Visicom Media Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-28] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-09] ()
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 CAMBOXDRV; C:\Windows\System32\DRIVERS\camboxdrv.sys [39472 2015-11-23] (Windows (R) Win 7 DDK provider)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25840 2014-01-29] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [118000 2014-01-29] (Condusiv Technologies)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-06-23] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-26] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-12-08] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-12-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934808 2016-03-26] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-08] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 muspvisr; C:\Windows\System32\DRIVERS\muspvisr.sys [121344 2015-02-16] (saveNtrust GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SPVDPort; C:\Windows\System32\DRIVERS\spvdbus.sys [92664 2014-01-15] ()
R1 SPVVEngine; C:\Windows\system32\Drivers\spvve.sys [342520 2014-01-15] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S1 4474777drv; system32\DRIVERS\4474777drv.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-28 02:45 - 2016-03-28 02:45 - 00007092 _____ C:\TDSSKiller.3.1.0.9_28.03.2016_02.45.08_log.txt
2016-03-28 02:14 - 2016-03-28 02:16 - 00227770 _____ C:\TDSSKiller.3.1.0.9_28.03.2016_02.14.58_log.txt
2016-03-28 02:12 - 2016-03-28 02:12 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2016-03-28 01:52 - 2016-03-28 01:52 - 01538560 _____ C:\Users\Admin\Downloads\adwcleaner_5.106.exe
2016-03-28 00:44 - 2016-03-28 00:44 - 00000300 _____ C:\Users\Admin\Desktop\system123.reg
2016-03-27 23:14 - 2016-03-27 23:17 - 283348992 _____ C:\Users\Admin\Downloads\kav_rescue_10.iso
2016-03-27 23:10 - 2016-03-27 23:10 - 15258612 _____ C:\Users\Admin\Downloads\Rootkit_Remover_3022.zip
2016-03-27 23:09 - 2016-03-27 23:10 - 01475080 _____ C:\Users\Admin\Downloads\Bitdefender Rootkit Remover - CHIP-Installer.exe
2016-03-27 23:06 - 2016-03-27 23:07 - 00000000 ____D C:\Users\Admin\Pavark
2016-03-27 23:06 - 2007-07-24 10:27 - 00744853 _____ C:\Users\Admin\Desktop\PAVARK.exe
2016-03-27 23:04 - 2016-03-28 02:25 - 00060800 _____ C:\Users\Admin\Downloads\Addition.txt
2016-03-27 23:03 - 2016-03-29 16:30 - 00025417 _____ C:\Users\Admin\Downloads\FRST.txt
2016-03-27 23:03 - 2016-03-29 16:30 - 00000000 ____D C:\FRST
2016-03-27 23:02 - 2016-03-27 23:03 - 02374144 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2016-03-27 22:39 - 2016-03-27 21:27 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-223943.backup
2016-03-27 21:27 - 2016-03-27 19:45 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-212753.backup
2016-03-27 19:45 - 2016-03-27 19:27 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-194538.backup
2016-03-27 19:00 - 2016-03-27 12:22 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-190043.backup
2016-03-27 12:22 - 2014-11-13 17:33 - 00450713 _____ C:\Windows\system32\Drivers\etc\hosts.20160327-122233.backup
2016-03-27 11:47 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-03-27 11:45 - 2016-03-27 11:45 - 00001395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-03-27 11:45 - 2016-03-27 11:45 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-03-27 11:45 - 2016-03-27 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-03-27 11:45 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-03-26 21:25 - 2016-03-26 21:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-26 21:25 - 2016-03-26 21:25 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-26 21:25 - 2016-03-26 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-03-26 21:25 - 2016-03-26 21:25 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-03-26 21:25 - 2014-05-12 08:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-26 21:25 - 2014-05-12 08:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-26 21:25 - 2014-05-12 08:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2016-03-26 21:13 - 2016-03-26 21:14 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Admin\Downloads\spybot-2.4.exe
2016-03-26 20:52 - 2016-03-26 20:52 - 00002450 _____ C:\Users\Admin\Desktop\Sicherer Zahlungsverkehr.lnk
2016-03-26 20:52 - 2016-03-26 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-03-26 20:52 - 2016-03-26 20:51 - 00002140 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-03-26 20:51 - 2016-03-26 21:06 - 00934808 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-03-26 20:51 - 2016-03-26 20:51 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-03-26 20:51 - 2015-12-08 22:34 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-03-26 20:51 - 2015-12-08 22:34 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-03-26 20:51 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-03-26 20:39 - 2016-03-26 20:52 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-03-26 20:37 - 2016-03-26 20:39 - 163129864 _____ (Kaspersky Lab) C:\Users\Admin\Downloads\kis16.0.0.614abcdde_9991.exe
2016-03-26 20:34 - 2016-03-26 20:34 - 00000419 _____ C:\Users\Admin\Downloads\admhelper(1)
2016-03-26 20:34 - 2016-03-26 20:34 - 00000419 _____ C:\Users\Admin\Downloads\admhelper
2016-03-26 20:31 - 2016-03-27 19:30 - 00000000 ____D C:\Users\Admin\AppData\Local\Audible
2016-03-26 20:31 - 2016-03-26 20:31 - 00255352 _____ (Audible, Inc.) C:\Windows\SysWOW64\awrdscdc.ax
2016-03-26 20:31 - 2016-03-26 20:31 - 00000816 _____ C:\Users\CUCD\Desktop\Audible Manager.lnk
2016-03-26 20:31 - 2016-03-26 20:31 - 00000816 _____ C:\Users\Administrator\Desktop\Audible Manager.lnk
2016-03-26 20:31 - 2016-03-26 20:31 - 00000816 _____ C:\Users\Admin\Desktop\Audible Manager.lnk
2016-03-26 20:31 - 2016-03-26 20:31 - 00000000 ____D C:\Users\Public\Documents\Audible
2016-03-26 20:31 - 2016-03-26 20:31 - 00000000 ____D C:\Users\Admin\Documents\Audible
2016-03-26 20:31 - 2016-03-26 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
2016-03-26 20:31 - 2001-08-17 23:43 - 00024576 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2016-03-26 20:30 - 2016-03-26 20:30 - 01730272 _____ (Audible Inc.) C:\Users\Admin\Downloads\ActiveSetupN.exe
2016-03-26 20:30 - 2016-03-26 20:30 - 00000000 ____D C:\Users\Admin\Neuer Ordner
2016-03-23 17:45 - 2016-03-23 17:45 - 00331132 _____ C:\Users\Admin\Downloads\muster_kleinunternehmer.pdf
2016-03-23 03:44 - 2016-03-23 15:00 - 00000000 ____D C:\Users\Admin\Desktop\Neuer Ordner
2016-03-23 03:16 - 2016-03-23 03:16 - 01946484 _____ C:\Users\Admin\Downloads\Hearthstone-Heroes-of-Warcraft-Unlimited-Gold-and-More-Version-3.0.zip
2016-03-21 21:35 - 2016-03-27 22:35 - 00000000 ____D C:\Users\Admin\Desktop\KIK Arbeitszeitaufschreibung
2016-03-20 23:23 - 2016-03-20 23:23 - 00001090 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-03-20 23:23 - 2016-03-20 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-03-20 22:55 - 2016-03-20 22:55 - 20282936 _____ (Gameforge ) C:\Users\Admin\Downloads\Metin2_GameforgeLiveSetup.exe
2016-03-19 04:48 - 2016-03-19 19:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-16 21:49 - 2016-03-16 21:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\.mono
2016-03-16 21:49 - 2016-03-16 21:49 - 00000000 ____D C:\ProgramData\.mono
2016-03-16 21:48 - 2016-03-16 21:48 - 00001159 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2016-03-16 21:48 - 2016-03-16 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2016-03-16 21:43 - 2016-03-29 08:21 - 00000000 ____D C:\Users\Admin\AppData\Local\Battle.net
2016-03-16 21:43 - 2016-03-16 21:43 - 00001122 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-03-16 21:43 - 2016-03-16 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-03-16 21:42 - 2016-03-28 23:56 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-03-16 21:42 - 2016-03-16 23:19 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Battle.net
2016-03-16 21:00 - 2016-03-16 21:00 - 00070742 _____ C:\Users\Admin\Downloads\034095_13.pdf
2016-03-16 20:59 - 2016-03-16 20:59 - 00000269 _____ C:\Users\Admin\Downloads\Anlage_S_2013.xml
2016-03-09 11:13 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 11:13 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 11:13 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 11:13 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 11:13 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 11:13 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 11:13 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 11:13 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 11:13 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 11:13 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 11:13 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 11:13 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 11:13 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 11:13 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 11:13 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 11:13 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 11:13 - 2016-02-09 08:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 11:13 - 2016-02-09 08:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 11:13 - 2016-02-08 23:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 11:13 - 2016-02-08 22:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 11:13 - 2016-02-08 22:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 11:13 - 2016-02-08 22:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 11:13 - 2016-02-08 22:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 11:13 - 2016-02-08 22:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 11:13 - 2016-02-08 22:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 11:13 - 2016-02-08 22:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 11:13 - 2016-02-08 22:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 11:13 - 2016-02-08 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 11:13 - 2016-02-08 22:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 11:13 - 2016-02-08 22:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 11:13 - 2016-02-08 22:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 11:13 - 2016-02-08 22:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 11:13 - 2016-02-08 22:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 11:13 - 2016-02-08 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 11:13 - 2016-02-08 22:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 11:13 - 2016-02-08 22:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 11:13 - 2016-02-08 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 11:13 - 2016-02-08 22:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 11:13 - 2016-02-08 22:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 11:13 - 2016-02-08 22:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 11:13 - 2016-02-08 22:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 11:13 - 2016-02-08 22:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 11:13 - 2016-02-08 22:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 11:13 - 2016-02-08 22:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 11:13 - 2016-02-08 22:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 11:13 - 2016-02-08 22:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 11:13 - 2016-02-08 21:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 11:13 - 2016-02-08 21:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 11:13 - 2016-02-08 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 11:13 - 2016-02-08 20:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 11:13 - 2016-02-08 20:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 11:13 - 2016-02-08 20:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 11:13 - 2016-02-08 20:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 11:13 - 2016-02-08 20:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 11:13 - 2016-02-08 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 11:13 - 2016-02-08 20:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 11:13 - 2016-02-08 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 11:13 - 2016-02-08 20:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 11:13 - 2016-02-08 20:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 11:13 - 2016-02-08 20:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 11:13 - 2016-02-08 20:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 11:13 - 2016-02-08 20:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 11:13 - 2016-02-08 20:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 11:13 - 2016-02-08 20:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 11:13 - 2016-02-08 20:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 11:13 - 2016-02-08 20:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 11:13 - 2016-02-08 20:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 11:13 - 2016-02-08 19:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 11:13 - 2016-02-08 19:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 11:13 - 2016-02-08 19:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 11:13 - 2016-02-08 19:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 11:13 - 2016-02-08 19:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 11:13 - 2016-02-08 19:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 11:13 - 2016-02-08 19:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 11:13 - 2016-02-08 19:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 11:13 - 2016-02-08 19:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 11:13 - 2016-02-08 19:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 11:13 - 2016-02-08 19:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 11:13 - 2016-02-08 19:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 11:13 - 2016-02-08 19:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 11:13 - 2016-02-08 19:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 11:13 - 2016-02-08 18:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 11:13 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 11:13 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 11:13 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 11:13 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 11:13 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 11:13 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 11:13 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 11:13 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 11:12 - 2016-02-19 21:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 11:12 - 2016-02-19 20:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 11:12 - 2016-02-19 16:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 11:12 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 11:12 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 11:12 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 11:12 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 11:12 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 11:12 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 11:12 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 11:12 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 11:12 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 11:12 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 11:12 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 11:12 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 11:12 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 11:12 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 11:12 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 11:12 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 11:12 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 11:12 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 11:12 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 11:12 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 11:12 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 11:12 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 11:12 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 11:12 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 11:12 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 11:12 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 11:12 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 11:12 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 11:12 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 11:12 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 11:12 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 11:12 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 11:12 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 11:12 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 11:12 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 11:12 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 11:12 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 11:12 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 11:12 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 11:12 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 11:12 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 11:12 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 11:12 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 11:12 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 11:12 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 11:12 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 11:12 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 11:12 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 11:12 - 2016-02-11 16:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 11:12 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 11:12 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 11:12 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 11:12 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 11:12 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 11:12 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 11:12 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 11:12 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 11:12 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 11:12 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 11:12 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 11:12 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 11:12 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 11:12 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 11:12 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 11:12 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 11:12 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 11:12 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 11:12 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 11:12 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 11:12 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 11:12 - 2016-02-05 16:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 11:12 - 2016-02-05 16:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 11:12 - 2016-02-05 16:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 11:12 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 11:12 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-08 23:19 - 2016-03-08 23:19 - 00091081 _____ C:\Users\Admin\Downloads\Rechnungsvorlage-von-Zervant.xlsx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-29 16:28 - 2016-01-19 21:14 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-29 16:28 - 2014-01-14 00:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-03-29 16:01 - 2014-01-13 23:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-29 15:42 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-29 15:42 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-29 15:37 - 2016-01-19 21:14 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-29 15:37 - 2011-04-12 09:43 - 00703792 _____ C:\Windows\system32\perfh007.dat
2016-03-29 15:37 - 2011-04-12 09:43 - 00150930 _____ C:\Windows\system32\perfc007.dat
2016-03-29 15:37 - 2009-07-14 07:13 - 01632006 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-29 15:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-03-29 15:31 - 2014-01-13 22:42 - 00141248 _____ C:\Users\CUCD\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-29 15:31 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-29 15:30 - 2014-01-13 23:06 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-29 15:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-28 23:58 - 2014-11-13 17:20 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA Corporation
2016-03-28 23:58 - 2014-11-13 17:19 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA
2016-03-28 22:38 - 2016-01-19 21:15 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-28 22:38 - 2016-01-19 21:15 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-28 01:57 - 2015-12-16 19:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
2016-03-28 01:54 - 2015-03-22 11:38 - 00000000 ____D C:\ProgramData\Lavasoft
2016-03-28 01:54 - 2014-01-24 20:22 - 00000000 ____D C:\AdwCleaner
2016-03-28 00:41 - 2016-02-10 01:43 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\uTorrent
2016-03-28 00:41 - 2016-01-19 21:37 - 00000000 ____D C:\ProgramData\TEMP
2016-03-28 00:41 - 2014-01-14 00:48 - 00003510 _____ C:\Windows\System32\Tasks\AutoKMS
2016-03-28 00:40 - 2009-07-14 07:08 - 00001134 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-27 23:17 - 2016-01-20 01:18 - 00000000 ____D C:\Program Files\CCleaner
2016-03-27 23:17 - 2009-07-14 04:34 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160328-025431.backup
2016-03-27 23:06 - 2014-11-13 17:18 - 00000000 ____D C:\Users\Admin
2016-03-27 22:40 - 2016-02-08 22:46 - 00241090 _____ C:\Windows\ntbtlog.txt
2016-03-27 22:39 - 2009-07-14 04:34 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-231717.backup
2016-03-27 22:05 - 2016-02-25 22:47 - 00000000 ____D C:\Users\Admin\Documents\Outlook-Dateien
2016-03-27 19:30 - 2015-04-21 19:15 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-03-27 19:00 - 2009-07-14 04:34 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-192714.backup
2016-03-27 12:59 - 2014-12-04 21:40 - 00003518 _____ C:\Windows\System32\Tasks\FileAdvisorCheck
2016-03-27 12:59 - 2014-12-04 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
2016-03-27 12:59 - 2014-12-04 21:40 - 00000000 ____D C:\Program Files (x86)\File Type Advisor
2016-03-27 11:47 - 2015-08-04 09:51 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-27 11:47 - 2014-01-14 00:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-27 11:45 - 2014-01-14 00:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-27 11:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-03-26 21:51 - 2015-10-15 04:17 - 00000000 ____D C:\Users\CUCD\Desktop\DRIVERrUpdate
2016-03-26 21:51 - 2014-07-10 21:39 - 00000000 ____D C:\Users\CUCD\AppData\Local\com
2016-03-26 21:19 - 2016-02-15 23:44 - 36408922 _____ C:\Users\Admin\Downloads\social-engineer-toolkit-master.part.zip
2016-03-26 21:14 - 2015-01-29 23:30 - 00000195 _____ C:\Windows\wininit.ini
2016-03-26 21:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-26 21:06 - 2015-06-06 09:51 - 00077728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2016-03-26 20:51 - 2014-01-14 00:40 - 00000000 ____D C:\Windows\ELAMBKUP
2016-03-26 20:49 - 2016-01-19 21:12 - 00000000 ____D C:\ProgramData\AVAST Software
2016-03-25 04:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-25 04:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-21 14:38 - 2015-05-09 15:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-20 23:02 - 2015-12-18 22:09 - 00000000 ____D C:\Users\Admin\Downloads\Gameforge Live
2016-03-20 23:02 - 2015-10-29 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-03-16 21:48 - 2015-04-10 22:58 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-03-16 21:42 - 2015-04-09 19:55 - 00000000 ____D C:\ProgramData\Battle.net
2016-03-14 11:38 - 2015-11-20 16:30 - 00000000 ____D C:\Windows\rescache
2016-03-11 15:49 - 2016-02-08 01:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-10 17:00 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-03-10 09:37 - 2016-01-20 01:23 - 00517256 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-10 04:05 - 2014-01-13 23:05 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 04:00 - 2014-12-11 04:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-10 04:00 - 2014-01-13 23:05 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-01-14 00:17 - 2014-01-14 00:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-24 18:48 - 2014-09-17 19:06 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\CUCD\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-21 19:26
==================== Ende von FRST.txt ============================
|
|
29.03.2016, 16:51
| #8 |
| | TSKKillerCode:
ATTFilter 17:49:54.0197 0x135c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:49:56.0281 0x135c ============================================================
17:49:56.0281 0x135c Current date / time: 2016/03/29 17:49:56.0281
17:49:56.0281 0x135c SystemInfo:
17:49:56.0281 0x135c
17:49:56.0282 0x135c OS Version: 6.1.7601 ServicePack: 1.0
17:49:56.0282 0x135c Product type: Workstation
17:49:56.0282 0x135c ComputerName: CUCD-PC
17:49:56.0282 0x135c UserName: Admin
17:49:56.0282 0x135c Windows directory: C:\Windows
17:49:56.0282 0x135c System windows directory: C:\Windows
17:49:56.0282 0x135c Running under WOW64
17:49:56.0282 0x135c Processor architecture: Intel x64
17:49:56.0282 0x135c Number of processors: 4
17:49:56.0282 0x135c Page size: 0x1000
17:49:56.0282 0x135c Boot type: Normal boot
17:49:56.0282 0x135c ============================================================
17:49:56.0631 0x135c KLMD registered as C:\Windows\system32\drivers\49018875.sys
17:49:56.0856 0x135c System UUID: {1A1DBB04-C977-3600-6AE2-93DEAE6387FC}
17:49:57.0534 0x135c Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:49:57.0535 0x135c Drive \Device\Harddisk1\DR1 - Size: 0x7745D6000 ( 29.82 Gb ), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:49:57.0535 0x135c Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:49:57.0536 0x135c Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:49:57.0536 0x135c Drive \Device\Harddisk4\DR4 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:49:57.0538 0x135c ============================================================
17:49:57.0538 0x135c \Device\Harddisk0\DR0:
17:49:57.0538 0x135c MBR partitions:
17:49:57.0538 0x135c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF9307D
17:49:57.0538 0x135c \Device\Harddisk1\DR1:
17:49:57.0539 0x135c MBR partitions:
17:49:57.0539 0x135c \Device\Harddisk2\DR2:
17:49:57.0539 0x135c MBR partitions:
17:49:57.0539 0x135c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
17:49:57.0539 0x135c \Device\Harddisk3\DR3:
17:49:57.0539 0x135c MBR partitions:
17:49:57.0539 0x135c \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A385FF1
17:49:57.0539 0x135c \Device\Harddisk4\DR4:
17:49:57.0539 0x135c MBR partitions:
17:49:57.0539 0x135c \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
17:49:57.0539 0x135c ============================================================
17:49:57.0541 0x135c C: <-> \Device\Harddisk0\DR0\Partition1
17:49:59.0363 0x135c E: <-> \Device\Harddisk2\DR2\Partition1
17:49:59.0392 0x135c G: <-> \Device\Harddisk3\DR3\Partition1
17:49:59.0820 0x135c H: <-> \Device\Harddisk4\DR4\Partition1
17:49:59.0821 0x135c ============================================================
17:49:59.0821 0x135c Initialize success
17:49:59.0821 0x135c ============================================================
17:50:06.0839 0x1ebc ============================================================
17:50:06.0839 0x1ebc Scan started
17:50:06.0839 0x1ebc Mode: Manual; SigCheck; TDLFS;
17:50:06.0839 0x1ebc ============================================================
17:50:06.0839 0x1ebc KSN ping started
17:50:10.0400 0x1ebc KSN ping finished: false
17:50:12.0097 0x1ebc ================ Scan system memory ========================
17:50:12.0097 0x1ebc System memory - ok
17:50:12.0097 0x1ebc ================ Scan services =============================
17:50:12.0102 0x1ebc [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:50:12.0164 0x1ebc !SASCORE - ok
17:50:12.0208 0x1ebc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:50:12.0220 0x1ebc 1394ohci - ok
17:50:12.0222 0x1ebc 4474777drv - ok
17:50:12.0228 0x1ebc [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:50:12.0237 0x1ebc ACDaemon - ok
17:50:12.0244 0x1ebc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:50:12.0255 0x1ebc ACPI - ok
17:50:12.0257 0x1ebc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:50:12.0265 0x1ebc AcpiPmi - ok
17:50:12.0269 0x1ebc [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:50:12.0275 0x1ebc AdobeARMservice - ok
17:50:12.0301 0x1ebc [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:50:12.0310 0x1ebc AdobeFlashPlayerUpdateSvc - ok
17:50:12.0320 0x1ebc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:50:12.0333 0x1ebc adp94xx - ok
17:50:12.0342 0x1ebc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:50:12.0352 0x1ebc adpahci - ok
17:50:12.0361 0x1ebc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:50:12.0369 0x1ebc adpu320 - ok
17:50:12.0373 0x1ebc [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:50:12.0382 0x1ebc AeLookupSvc - ok
17:50:12.0397 0x1ebc [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
17:50:12.0410 0x1ebc AFD - ok
17:50:12.0419 0x1ebc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:50:12.0425 0x1ebc agp440 - ok
17:50:12.0429 0x1ebc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:50:12.0437 0x1ebc ALG - ok
17:50:12.0439 0x1ebc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:50:12.0445 0x1ebc aliide - ok
17:50:12.0448 0x1ebc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:50:12.0454 0x1ebc amdide - ok
17:50:12.0457 0x1ebc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:50:12.0464 0x1ebc AmdK8 - ok
17:50:12.0467 0x1ebc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:50:12.0475 0x1ebc AmdPPM - ok
17:50:12.0479 0x1ebc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:50:12.0486 0x1ebc amdsata - ok
17:50:12.0491 0x1ebc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:50:12.0499 0x1ebc amdsbs - ok
17:50:12.0502 0x1ebc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:50:12.0508 0x1ebc amdxata - ok
17:50:12.0511 0x1ebc [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
17:50:12.0518 0x1ebc AppID - ok
17:50:12.0521 0x1ebc [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:50:12.0528 0x1ebc AppIDSvc - ok
17:50:12.0531 0x1ebc [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
17:50:12.0539 0x1ebc Appinfo - ok
17:50:12.0544 0x1ebc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
17:50:12.0553 0x1ebc AppMgmt - ok
17:50:12.0556 0x1ebc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
17:50:12.0563 0x1ebc arc - ok
17:50:12.0567 0x1ebc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:50:12.0574 0x1ebc arcsas - ok
17:50:12.0587 0x1ebc [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:50:12.0595 0x1ebc aspnet_state - ok
17:50:12.0601 0x1ebc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:50:12.0620 0x1ebc AsyncMac - ok
17:50:12.0622 0x1ebc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:50:12.0628 0x1ebc atapi - ok
17:50:12.0641 0x1ebc [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:50:12.0657 0x1ebc AudioEndpointBuilder - ok
17:50:12.0669 0x1ebc [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:50:12.0685 0x1ebc AudioSrv - ok
17:50:12.0694 0x1ebc [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
17:50:12.0702 0x1ebc AVP16.0.0 - ok
17:50:12.0706 0x1ebc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:50:12.0717 0x1ebc AxInstSV - ok
17:50:12.0726 0x1ebc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:50:12.0739 0x1ebc b06bdrv - ok
17:50:12.0745 0x1ebc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:50:12.0755 0x1ebc b57nd60a - ok
17:50:12.0760 0x1ebc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:50:12.0768 0x1ebc BDESVC - ok
17:50:12.0770 0x1ebc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:50:12.0789 0x1ebc Beep - ok
17:50:12.0801 0x1ebc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:50:12.0818 0x1ebc BFE - ok
17:50:12.0834 0x1ebc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
17:50:12.0864 0x1ebc BITS - ok
17:50:12.0868 0x1ebc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:50:12.0875 0x1ebc blbdrive - ok
17:50:12.0879 0x1ebc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:50:12.0886 0x1ebc bowser - ok
17:50:12.0889 0x1ebc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:50:12.0897 0x1ebc BrFiltLo - ok
17:50:12.0899 0x1ebc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:50:12.0907 0x1ebc BrFiltUp - ok
17:50:12.0911 0x1ebc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:50:12.0920 0x1ebc Browser - ok
17:50:12.0927 0x1ebc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:50:12.0938 0x1ebc Brserid - ok
17:50:12.0941 0x1ebc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:50:12.0949 0x1ebc BrSerWdm - ok
17:50:12.0951 0x1ebc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:50:12.0959 0x1ebc BrUsbMdm - ok
17:50:12.0962 0x1ebc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:50:12.0969 0x1ebc BrUsbSer - ok
17:50:12.0972 0x1ebc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:50:12.0981 0x1ebc BTHMODEM - ok
17:50:12.0985 0x1ebc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:50:13.0004 0x1ebc bthserv - ok
17:50:13.0007 0x1ebc [ 3E893F15731AF1CB334AE945950435E8, EF9874A0ECFEF532B5B4547D6F9808ACE9BB954040CB7D20A1C8FB037BA1437E ] CAMBOXDRV C:\Windows\system32\DRIVERS\camboxdrv.sys
17:50:13.0014 0x1ebc CAMBOXDRV - ok
17:50:13.0017 0x1ebc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:50:13.0037 0x1ebc cdfs - ok
17:50:13.0042 0x1ebc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:50:13.0051 0x1ebc cdrom - ok
17:50:13.0061 0x1ebc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:50:13.0081 0x1ebc CertPropSvc - ok
17:50:13.0084 0x1ebc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
17:50:13.0093 0x1ebc circlass - ok
17:50:13.0116 0x1ebc [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
17:50:13.0127 0x1ebc CLFS - ok
17:50:13.0132 0x1ebc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:50:13.0139 0x1ebc clr_optimization_v2.0.50727_32 - ok
17:50:13.0144 0x1ebc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:50:13.0151 0x1ebc clr_optimization_v2.0.50727_64 - ok
17:50:13.0161 0x1ebc [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:50:13.0169 0x1ebc clr_optimization_v4.0.30319_32 - ok
17:50:13.0173 0x1ebc [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:50:13.0181 0x1ebc clr_optimization_v4.0.30319_64 - ok
17:50:13.0184 0x1ebc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:50:13.0191 0x1ebc CmBatt - ok
17:50:13.0193 0x1ebc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:50:13.0199 0x1ebc cmdide - ok
17:50:13.0207 0x1ebc [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys
17:50:13.0219 0x1ebc cm_km - ok
17:50:13.0228 0x1ebc [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
17:50:13.0243 0x1ebc CNG - ok
17:50:13.0246 0x1ebc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:50:13.0252 0x1ebc Compbatt - ok
17:50:13.0255 0x1ebc [ 0C5B0DF7EF9F719EBAE9F8FE70E083A9, 3C21F5688D7EF748B7D48625E85FB9D5A6A4ABCE1939AF4D6993D3AD5CE71FD2 ] CompFilter64 C:\Windows\system32\DRIVERS\lvbflt64.sys
17:50:13.0260 0x1ebc CompFilter64 - ok
17:50:13.0263 0x1ebc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:50:13.0272 0x1ebc CompositeBus - ok
17:50:13.0273 0x1ebc COMSysApp - ok
17:50:13.0276 0x1ebc cpuz136 - ok
17:50:13.0278 0x1ebc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:50:13.0284 0x1ebc crcdisk - ok
17:50:13.0290 0x1ebc [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:50:13.0299 0x1ebc CryptSvc - ok
17:50:13.0309 0x1ebc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
17:50:13.0322 0x1ebc CSC - ok
17:50:13.0335 0x1ebc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
17:50:13.0351 0x1ebc CscService - ok
17:50:13.0362 0x1ebc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:50:13.0388 0x1ebc DcomLaunch - ok
17:50:13.0395 0x1ebc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:50:13.0418 0x1ebc defragsvc - ok
17:50:13.0421 0x1ebc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:50:13.0441 0x1ebc DfsC - ok
17:50:13.0446 0x1ebc [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:50:13.0453 0x1ebc dg_ssudbus - ok
17:50:13.0460 0x1ebc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:50:13.0471 0x1ebc Dhcp - ok
17:50:13.0494 0x1ebc [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
17:50:13.0520 0x1ebc DiagTrack - ok
17:50:13.0524 0x1ebc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:50:13.0543 0x1ebc discache - ok
17:50:13.0546 0x1ebc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
17:50:13.0553 0x1ebc Disk - ok
17:50:13.0556 0x1ebc [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:50:13.0563 0x1ebc dmvsc - ok
17:50:13.0569 0x1ebc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:50:13.0578 0x1ebc Dnscache - ok
17:50:13.0584 0x1ebc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:50:13.0606 0x1ebc dot3svc - ok
17:50:13.0614 0x1ebc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:50:13.0634 0x1ebc DPS - ok
17:50:13.0637 0x1ebc [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:50:13.0644 0x1ebc drmkaud - ok
17:50:13.0660 0x1ebc [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:50:13.0679 0x1ebc DXGKrnl - ok
17:50:13.0684 0x1ebc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:50:13.0704 0x1ebc EapHost - ok
17:50:13.0753 0x1ebc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:50:13.0805 0x1ebc ebdrv - ok
17:50:13.0810 0x1ebc [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] EFS C:\Windows\System32\lsass.exe
17:50:13.0818 0x1ebc EFS - ok
17:50:13.0832 0x1ebc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:50:13.0849 0x1ebc ehRecvr - ok
17:50:13.0853 0x1ebc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:50:13.0862 0x1ebc ehSched - ok
17:50:13.0872 0x1ebc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:50:13.0885 0x1ebc elxstor - ok
17:50:13.0888 0x1ebc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:50:13.0895 0x1ebc ErrDev - ok
17:50:13.0904 0x1ebc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:50:13.0929 0x1ebc EventSystem - ok
17:50:13.0932 0x1ebc [ 27CE917868B08E8BC04A3CB0A80A43AE, 9DCFD4FC76412DA85FED64295369501DB7A9DBC50C6FD739336C8772BF57845C ] excfs C:\Windows\system32\DRIVERS\excfs.sys
17:50:13.0938 0x1ebc excfs - ok
17:50:13.0942 0x1ebc [ 535A8B1821071019E074FDA912322225, AC798F7DB8E017E3079C0CABDB9D16D79CB5D7191D2A11E598E0FDCD4A5CDFBF ] excsd C:\Windows\system32\DRIVERS\excsd.sys
17:50:13.0949 0x1ebc excsd - ok
17:50:13.0954 0x1ebc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:50:13.0975 0x1ebc exfat - ok
17:50:13.0991 0x1ebc [ A02DACE3AFB4AFC5A5A71BB6ED2ABB7B, 67BDF9AF4DCC59F4B423277D6B9B3FDC87A435F5C0D7FE51CFDDAE9A34583D79 ] ExpressCache C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
17:50:14.0007 0x1ebc ExpressCache - ok
17:50:14.0013 0x1ebc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:50:14.0034 0x1ebc fastfat - ok
17:50:14.0047 0x1ebc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:50:14.0063 0x1ebc Fax - ok
17:50:14.0066 0x1ebc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
17:50:14.0073 0x1ebc fdc - ok
17:50:14.0075 0x1ebc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:50:14.0094 0x1ebc fdPHost - ok
17:50:14.0096 0x1ebc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:50:14.0116 0x1ebc FDResPub - ok
17:50:14.0119 0x1ebc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:50:14.0126 0x1ebc FileInfo - ok
17:50:14.0128 0x1ebc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:50:14.0148 0x1ebc Filetrace - ok
17:50:14.0150 0x1ebc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:50:14.0158 0x1ebc flpydisk - ok
17:50:14.0164 0x1ebc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:50:14.0174 0x1ebc FltMgr - ok
17:50:14.0193 0x1ebc [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
17:50:14.0217 0x1ebc FontCache - ok
17:50:14.0221 0x1ebc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:50:14.0227 0x1ebc FontCache3.0.0.0 - ok
17:50:14.0230 0x1ebc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:50:14.0237 0x1ebc FsDepends - ok
17:50:14.0243 0x1ebc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:50:14.0249 0x1ebc Fs_Rec - ok
17:50:14.0254 0x1ebc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:50:14.0264 0x1ebc fvevol - ok
17:50:14.0267 0x1ebc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:50:14.0274 0x1ebc gagp30kx - ok
17:50:14.0293 0x1ebc [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
17:50:14.0314 0x1ebc GfExperienceService - ok
17:50:14.0329 0x1ebc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:50:14.0358 0x1ebc gpsvc - ok
17:50:14.0363 0x1ebc [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:50:14.0370 0x1ebc gupdate - ok
17:50:14.0374 0x1ebc [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:50:14.0380 0x1ebc gupdatem - ok
17:50:14.0383 0x1ebc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:50:14.0390 0x1ebc hcw85cir - ok
17:50:14.0397 0x1ebc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:50:14.0410 0x1ebc HdAudAddService - ok
17:50:14.0414 0x1ebc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:50:14.0423 0x1ebc HDAudBus - ok
17:50:14.0426 0x1ebc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:50:14.0434 0x1ebc HidBatt - ok
17:50:14.0437 0x1ebc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:50:14.0447 0x1ebc HidBth - ok
17:50:14.0449 0x1ebc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
17:50:14.0458 0x1ebc HidIr - ok
17:50:14.0461 0x1ebc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
17:50:14.0481 0x1ebc hidserv - ok
17:50:14.0484 0x1ebc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:50:14.0490 0x1ebc HidUsb - ok
17:50:14.0493 0x1ebc [ 9918B9C21E2033DD1F1872D3D06B418D, 07C5E4236DE258920DB9F742E750C0B5D85479BD01A6DCF049ADA1F092E07B06 ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys
17:50:14.0499 0x1ebc hitmanpro37 - ok
17:50:14.0503 0x1ebc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:50:14.0522 0x1ebc hkmsvc - ok
17:50:14.0528 0x1ebc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:50:14.0538 0x1ebc HomeGroupListener - ok
17:50:14.0544 0x1ebc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:50:14.0553 0x1ebc HomeGroupProvider - ok
17:50:14.0557 0x1ebc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:50:14.0564 0x1ebc HpSAMD - ok
17:50:14.0577 0x1ebc [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:50:14.0593 0x1ebc HTTP - ok
17:50:14.0596 0x1ebc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:50:14.0602 0x1ebc hwpolicy - ok
17:50:14.0606 0x1ebc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:50:14.0614 0x1ebc i8042prt - ok
17:50:14.0626 0x1ebc [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
17:50:14.0640 0x1ebc iaStorA - ok
17:50:14.0644 0x1ebc [ 6241810294275CEA59EBA9733080E5EE, F9A1A505B9279CD660CAAF4F8D21BDC34AC75FD86E881632A378B9BF39A3738E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:50:14.0649 0x1ebc IAStorDataMgrSvc - ok
17:50:14.0652 0x1ebc [ 10E79E366FA255318F5D1D0ED07F947D, ED1511334356A582D0CAAB94A22BBA5C90FFB4AF3673D02FE0909D4105FD1191 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
17:50:14.0657 0x1ebc iaStorF - ok
17:50:14.0665 0x1ebc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:50:14.0676 0x1ebc iaStorV - ok
17:50:14.0692 0x1ebc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:50:14.0710 0x1ebc idsvc - ok
17:50:14.0716 0x1ebc IEEtwCollectorService - ok
17:50:14.0719 0x1ebc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:50:14.0725 0x1ebc iirsp - ok
17:50:14.0741 0x1ebc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
17:50:14.0759 0x1ebc IKEEXT - ok
17:50:14.0818 0x1ebc [ F94E2C3BA6D4B57C2E1DD03E950CBBC4, C0C4F779E1BA0A6C68937A2F6A0AEA5F49F0476A8520AC1323775536FA585A3C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:50:14.0878 0x1ebc IntcAzAudAddService - ok
17:50:14.0895 0x1ebc [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:50:14.0909 0x1ebc Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
17:50:18.0219 0x1ebc Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - warning
17:50:18.0234 0x1ebc [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:50:18.0251 0x1ebc Intel(R) Capability Licensing Service TCP IP Interface - ok
17:50:18.0254 0x1ebc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:50:18.0260 0x1ebc intelide - ok
17:50:18.0263 0x1ebc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:50:18.0271 0x1ebc intelppm - ok
17:50:18.0275 0x1ebc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:50:18.0295 0x1ebc IPBusEnum - ok
17:50:18.0299 0x1ebc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:50:18.0318 0x1ebc IpFilterDriver - ok
17:50:18.0330 0x1ebc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:50:18.0345 0x1ebc iphlpsvc - ok
17:50:18.0349 0x1ebc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:50:18.0357 0x1ebc IPMIDRV - ok
17:50:18.0360 0x1ebc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:50:18.0381 0x1ebc IPNAT - ok
17:50:18.0384 0x1ebc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:50:18.0393 0x1ebc IRENUM - ok
17:50:18.0395 0x1ebc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:50:18.0401 0x1ebc isapnp - ok
17:50:18.0408 0x1ebc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:50:18.0417 0x1ebc iScsiPrt - ok
17:50:18.0419 0x1ebc [ EB56D7AC688BCB1171812EF6CBB32193, 3423D53842CAB2473EECE6EF90ED25765B3DB9D85EA5D3A4D2C59A947A959F4D ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
17:50:18.0425 0x1ebc iusb3hcs - ok
17:50:18.0433 0x1ebc [ 3DD76F45DA45CEDCDFC7BF7AB93E6216, 11757969FCAA14C1DCD4CF06C11BA9EA528C2CD4C6F0C2F5C4EFFFA82AAA22A6 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
17:50:18.0443 0x1ebc iusb3hub - ok
17:50:18.0457 0x1ebc [ B0342584DAB73797F584CADD41EEC6BD, 517938881A8395B36847838407E1BDE2C0A982AF544CECC44C86BEEA382E9E63 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
17:50:18.0474 0x1ebc iusb3xhc - ok
17:50:18.0479 0x1ebc [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:50:18.0487 0x1ebc jhi_service - ok
17:50:18.0491 0x1ebc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:50:18.0497 0x1ebc kbdclass - ok
17:50:18.0500 0x1ebc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:50:18.0506 0x1ebc kbdhid - ok
17:50:18.0509 0x1ebc [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] KeyIso C:\Windows\system32\lsass.exe
17:50:18.0516 0x1ebc KeyIso - ok
17:50:18.0525 0x1ebc [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
17:50:18.0538 0x1ebc kl1 - ok
17:50:18.0541 0x1ebc [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys
17:50:18.0549 0x1ebc klbackupdisk - ok
17:50:18.0552 0x1ebc [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys
17:50:18.0560 0x1ebc klbackupflt - ok
17:50:18.0563 0x1ebc [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
17:50:18.0572 0x1ebc kldisk - ok
17:50:18.0578 0x1ebc [ DE7D2DEDE9C9D5219AA439172BA8D21C, B4573553DF8605A6C9417683B6AA12A596E8777175C39567B91BF03CE895D625 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
17:50:18.0587 0x1ebc klflt - ok
17:50:18.0594 0x1ebc [ C62B714428FD30DD7B3115566C3F470B, 991CA0FCA02D744BAB29FF3F0029BC99EF85C7D8B8024EF5EF51589639191B05 ] klhk C:\Windows\system32\DRIVERS\klhk.sys
17:50:18.0603 0x1ebc klhk - ok
17:50:18.0619 0x1ebc [ 16E6DEF683D0EFAC8EED0D0FF4FE00DD, 5DB855A5352C312EE5E1B86DB5038541A3321E225CF5818F536A930E0FEB77CE ] KLIF C:\Windows\system32\DRIVERS\klif.sys
17:50:18.0638 0x1ebc KLIF - ok
17:50:18.0642 0x1ebc [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
17:50:18.0648 0x1ebc KLIM6 - ok
17:50:18.0651 0x1ebc [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
17:50:18.0658 0x1ebc klkbdflt - ok
17:50:18.0661 0x1ebc [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
17:50:18.0668 0x1ebc klmouflt - ok
17:50:18.0671 0x1ebc [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
17:50:18.0679 0x1ebc klpd - ok
17:50:18.0683 0x1ebc [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
17:50:18.0690 0x1ebc kltdi - ok
17:50:18.0693 0x1ebc [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
17:50:18.0701 0x1ebc Klwtp - ok
17:50:18.0706 0x1ebc [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
17:50:18.0715 0x1ebc kneps - ok
17:50:18.0718 0x1ebc [ 211A379BAAB812A7B437319BD85B2435, 4C8B82817B735BEFC0C8E2A42C7EF547D1C179561D3C97B3067B5EA3408F9E4D ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:50:18.0725 0x1ebc KSecDD - ok
17:50:18.0729 0x1ebc [ CC1B3B52F33CBC1CE60867DA4E23537C, A373DBCE6A53B77F59D9C83E243E5C1A2B4C38571CA28198229730D612561978 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:50:18.0737 0x1ebc KSecPkg - ok
17:50:18.0740 0x1ebc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:50:18.0758 0x1ebc ksthunk - ok
17:50:18.0766 0x1ebc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:50:18.0791 0x1ebc KtmRm - ok
17:50:18.0796 0x1ebc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:50:18.0819 0x1ebc LanmanServer - ok
17:50:18.0822 0x1ebc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:50:18.0843 0x1ebc LanmanWorkstation - ok
17:50:18.0847 0x1ebc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:50:18.0866 0x1ebc lltdio - ok
17:50:18.0873 0x1ebc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:50:18.0896 0x1ebc lltdsvc - ok
17:50:18.0898 0x1ebc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:50:18.0918 0x1ebc lmhosts - ok
17:50:18.0925 0x1ebc [ 8939CBB2526CB87C476DB9ABBF243AE0, 6D566EDD2DE07A7F7B27A41BBFD05360BF2FBDD5D265D8061E15785A3EBC0C4E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:50:18.0936 0x1ebc LMS - ok
17:50:18.0941 0x1ebc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:50:18.0948 0x1ebc LSI_FC - ok
17:50:18.0951 0x1ebc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:50:18.0958 0x1ebc LSI_SAS - ok
17:50:18.0962 0x1ebc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:50:18.0968 0x1ebc LSI_SAS2 - ok
17:50:18.0972 0x1ebc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:50:18.0979 0x1ebc LSI_SCSI - ok
17:50:18.0983 0x1ebc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:50:19.0003 0x1ebc luafv - ok
17:50:19.0010 0x1ebc [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
17:50:19.0020 0x1ebc LVRS64 - ok
17:50:19.0089 0x1ebc [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
17:50:19.0159 0x1ebc LVUVC64 - ok
17:50:19.0165 0x1ebc [ C06234DCDB1BFC0CF7E25CFAC5B7F5FE, 149A3880E1D58CC0768A174DF4E884F3A4432F935D134B5AE536B7020788F5D5 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv.sys
17:50:19.0171 0x1ebc ManyCam - ok
17:50:19.0175 0x1ebc [ 59C3DCCDD00E6EC8D16016BF6B02A554, 4D7F0E4CC3AE55377CF60C7F6BFDFD434DF88714DFA398C6E5EAA8EFE228EE9C ] ManyCam Service C:\ProgramData\ManyCam\Service\service.exe
17:50:19.0182 0x1ebc ManyCam Service - ok
17:50:19.0185 0x1ebc [ 88B3BADFB02BE4471655EAF88DDC7EBD, F38D69B80A7670F85A9692A01D2D71A54BB413346C3523726E59D1282D349B83 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
17:50:19.0191 0x1ebc mcaudrv_simple - ok
17:50:19.0194 0x1ebc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:50:19.0203 0x1ebc Mcx2Svc - ok
17:50:19.0205 0x1ebc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
17:50:19.0212 0x1ebc megasas - ok
17:50:19.0218 0x1ebc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:50:19.0228 0x1ebc MegaSR - ok
17:50:19.0233 0x1ebc [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
17:50:19.0240 0x1ebc MEIx64 - ok
17:50:19.0245 0x1ebc Microsoft SharePoint Workspace Audit Service - ok
17:50:19.0248 0x1ebc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:50:19.0268 0x1ebc MMCSS - ok
17:50:19.0270 0x1ebc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:50:19.0290 0x1ebc Modem - ok
17:50:19.0292 0x1ebc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:50:19.0301 0x1ebc monitor - ok
17:50:19.0303 0x1ebc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:50:19.0310 0x1ebc mouclass - ok
17:50:19.0312 0x1ebc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:50:19.0319 0x1ebc mouhid - ok
17:50:19.0323 0x1ebc [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:50:19.0330 0x1ebc mountmgr - ok
17:50:19.0334 0x1ebc [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:50:19.0342 0x1ebc MozillaMaintenance - ok
17:50:19.0347 0x1ebc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:50:19.0354 0x1ebc mpio - ok
17:50:19.0358 0x1ebc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:50:19.0378 0x1ebc mpsdrv - ok
17:50:19.0393 0x1ebc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:50:19.0423 0x1ebc MpsSvc - ok
17:50:19.0428 0x1ebc [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:50:19.0436 0x1ebc MRxDAV - ok
17:50:19.0441 0x1ebc [ 07F8F6B0CAEC7ADD30EBD94940A315D7, 288429A146B74E88D93C5BC19D878A42AC6F411EE31D9A6D36A2A2FFCF7B9436 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:50:19.0450 0x1ebc mrxsmb - ok
17:50:19.0457 0x1ebc [ 8856E45D23BFF4D977BF06D0543BCD96, 0066C061A3516A16C2477590859865E46E522A290CCE17C3EC1B69F81E466E9E ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:50:19.0467 0x1ebc mrxsmb10 - ok
17:50:19.0471 0x1ebc [ 8D383CED28332B5F3894658857472F47, CB3872543D08C6432CF884C11A5897637A6FC7E9AC40F424444BAAA49C9FC32A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:50:19.0480 0x1ebc mrxsmb20 - ok
17:50:19.0483 0x1ebc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:50:19.0489 0x1ebc msahci - ok
17:50:19.0494 0x1ebc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:50:19.0502 0x1ebc msdsm - ok
17:50:19.0507 0x1ebc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:50:19.0517 0x1ebc MSDTC - ok
17:50:19.0521 0x1ebc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:50:19.0541 0x1ebc Msfs - ok
17:50:19.0543 0x1ebc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:50:19.0562 0x1ebc mshidkmdf - ok
17:50:19.0564 0x1ebc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:50:19.0570 0x1ebc msisadrv - ok
17:50:19.0575 0x1ebc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:50:19.0596 0x1ebc MSiSCSI - ok
17:50:19.0598 0x1ebc msiserver - ok
17:50:19.0600 0x1ebc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:50:19.0620 0x1ebc MSKSSRV - ok
17:50:19.0622 0x1ebc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:50:19.0641 0x1ebc MSPCLOCK - ok
17:50:19.0643 0x1ebc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:50:19.0662 0x1ebc MSPQM - ok
17:50:19.0670 0x1ebc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:50:19.0681 0x1ebc MsRPC - ok
17:50:19.0684 0x1ebc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:50:19.0691 0x1ebc mssmbios - ok
17:50:19.0694 0x1ebc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:50:19.0714 0x1ebc MSTEE - ok
17:50:19.0716 0x1ebc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:50:19.0723 0x1ebc MTConfig - ok
17:50:19.0726 0x1ebc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:50:19.0733 0x1ebc Mup - ok
17:50:19.0737 0x1ebc [ 312E22563A1C93D3A0CB071F357310D1, D49DA66BEF52C6A6162A8B50DC38630F275BD0DAD728A6A573CC540EEAB5846A ] muspvisr C:\Windows\system32\DRIVERS\muspvisr.sys
17:50:19.0745 0x1ebc muspvisr - ok
17:50:19.0752 0x1ebc [ 14C7FDC461FBB874B4D2375E95CB76CD, B53F72084F3653A09A69349EBCC34079A8E5FC91FE801F25DE1E000F09868E96 ] mvs91xx C:\Windows\system32\DRIVERS\mvs91xx.sys
17:50:19.0762 0x1ebc mvs91xx - ok
17:50:19.0772 0x1ebc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:50:19.0796 0x1ebc napagent - ok
17:50:19.0804 0x1ebc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:50:19.0817 0x1ebc NativeWifiP - ok
17:50:19.0833 0x1ebc [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:50:19.0853 0x1ebc NDIS - ok
17:50:19.0856 0x1ebc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:50:19.0875 0x1ebc NdisCap - ok
17:50:19.0878 0x1ebc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:50:19.0897 0x1ebc NdisTapi - ok
17:50:19.0900 0x1ebc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:50:19.0919 0x1ebc Ndisuio - ok
17:50:19.0923 0x1ebc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:50:19.0944 0x1ebc NdisWan - ok
17:50:19.0947 0x1ebc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:50:19.0966 0x1ebc NDProxy - ok
17:50:19.0969 0x1ebc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:50:19.0988 0x1ebc NetBIOS - ok
17:50:19.0994 0x1ebc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:50:20.0016 0x1ebc NetBT - ok
17:50:20.0018 0x1ebc [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] Netlogon C:\Windows\system32\lsass.exe
17:50:20.0025 0x1ebc Netlogon - ok
17:50:20.0033 0x1ebc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:50:20.0057 0x1ebc Netman - ok
17:50:20.0062 0x1ebc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:20.0070 0x1ebc NetMsmqActivator - ok
17:50:20.0074 0x1ebc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:20.0083 0x1ebc NetPipeActivator - ok
17:50:20.0092 0x1ebc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:50:20.0117 0x1ebc netprofm - ok
17:50:20.0122 0x1ebc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:20.0130 0x1ebc NetTcpActivator - ok
17:50:20.0135 0x1ebc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:20.0143 0x1ebc NetTcpPortSharing - ok
17:50:20.0146 0x1ebc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:50:20.0153 0x1ebc nfrd960 - ok
17:50:20.0160 0x1ebc [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:50:20.0172 0x1ebc NlaSvc - ok
17:50:20.0174 0x1ebc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:50:20.0194 0x1ebc Npfs - ok
17:50:20.0196 0x1ebc npggsvc - ok
17:50:20.0199 0x1ebc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:50:20.0219 0x1ebc nsi - ok
17:50:20.0222 0x1ebc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:50:20.0241 0x1ebc nsiproxy - ok
17:50:20.0268 0x1ebc [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:50:20.0298 0x1ebc Ntfs - ok
17:50:20.0302 0x1ebc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:50:20.0322 0x1ebc Null - ok
17:50:20.0337 0x1ebc [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:50:20.0346 0x1ebc NVHDA - ok
17:50:20.0503 0x1ebc [ BF769EC1CC472FAD4C6EAEEB96ED857E, BBF8BA2B703BF4C36DFC7F69B4D8E477C8162BEC492C6C5D1A7751C19305ABE8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:50:20.0660 0x1ebc nvlddmkm - ok
17:50:20.0698 0x1ebc [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:50:20.0729 0x1ebc NvNetworkService - ok
17:50:20.0742 0x1ebc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:50:20.0749 0x1ebc nvraid - ok
17:50:20.0755 0x1ebc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:50:20.0762 0x1ebc nvstor - ok
17:50:20.0765 0x1ebc [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:50:20.0771 0x1ebc NvStreamKms - ok
17:50:20.0773 0x1ebc NvStreamSvc - ok
17:50:20.0789 0x1ebc [ 039ACFA07F59DB2109BB6A2C0FA2C0D9, E641179FCDB83BBFFADDDECD646F69D667F494BFC41FCE1F035EE78A944C6D5B ] nvsvc C:\Windows\system32\nvvsvc.exe
17:50:20.0807 0x1ebc nvsvc - ok
17:50:20.0811 0x1ebc [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:50:20.0817 0x1ebc nvvad_WaveExtensible - ok
17:50:20.0821 0x1ebc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:50:20.0828 0x1ebc nv_agp - ok
17:50:20.0831 0x1ebc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:50:20.0839 0x1ebc ohci1394 - ok
17:50:20.0844 0x1ebc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:50:20.0851 0x1ebc ose - ok
17:50:20.0924 0x1ebc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:50:20.0997 0x1ebc osppsvc - ok
17:50:21.0009 0x1ebc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:50:21.0021 0x1ebc p2pimsvc - ok
17:50:21.0031 0x1ebc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:50:21.0044 0x1ebc p2psvc - ok
17:50:21.0048 0x1ebc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:50:21.0056 0x1ebc Parport - ok
17:50:21.0059 0x1ebc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:50:21.0066 0x1ebc partmgr - ok
17:50:21.0071 0x1ebc [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:50:21.0081 0x1ebc PcaSvc - ok
17:50:21.0086 0x1ebc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:50:21.0095 0x1ebc pci - ok
17:50:21.0097 0x1ebc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:50:21.0103 0x1ebc pciide - ok
17:50:21.0109 0x1ebc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:50:21.0118 0x1ebc pcmcia - ok
17:50:21.0120 0x1ebc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:50:21.0127 0x1ebc pcw - ok
17:50:21.0140 0x1ebc [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:50:21.0156 0x1ebc PEAUTH - ok
17:50:21.0179 0x1ebc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:50:21.0205 0x1ebc PeerDistSvc - ok
17:50:21.0245 0x1ebc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:50:21.0253 0x1ebc PerfHost - ok
17:50:21.0301 0x1ebc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:50:21.0339 0x1ebc pla - ok
17:50:21.0348 0x1ebc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:50:21.0361 0x1ebc PlugPlay - ok
17:50:21.0364 0x1ebc PnkBstrA - ok
17:50:21.0366 0x1ebc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:50:21.0374 0x1ebc PNRPAutoReg - ok
17:50:21.0381 0x1ebc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:50:21.0392 0x1ebc PNRPsvc - ok
17:50:21.0401 0x1ebc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:50:21.0427 0x1ebc PolicyAgent - ok
17:50:21.0437 0x1ebc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:50:21.0459 0x1ebc Power - ok
17:50:21.0463 0x1ebc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:50:21.0483 0x1ebc PptpMiniport - ok
17:50:21.0486 0x1ebc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
17:50:21.0494 0x1ebc Processor - ok
17:50:21.0499 0x1ebc [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
17:50:21.0510 0x1ebc ProfSvc - ok
17:50:21.0512 0x1ebc [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:50:21.0520 0x1ebc ProtectedStorage - ok
17:50:21.0525 0x1ebc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:50:21.0545 0x1ebc Psched - ok
17:50:21.0552 0x1ebc [ 6C112DA6C86DB7FB2C50522EFDDA706A, 46BB9970F3C58E47143C133B34423ABE5D19F2A865280852CE672BF57EC2F98A ] PSI_SVC_2_x64 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
17:50:21.0561 0x1ebc PSI_SVC_2_x64 - ok
17:50:21.0586 0x1ebc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:50:21.0613 0x1ebc ql2300 - ok
17:50:21.0618 0x1ebc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:50:21.0625 0x1ebc ql40xx - ok
17:50:21.0631 0x1ebc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:50:21.0644 0x1ebc QWAVE - ok
17:50:21.0647 0x1ebc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:50:21.0657 0x1ebc QWAVEdrv - ok
17:50:21.0660 0x1ebc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:50:21.0679 0x1ebc RasAcd - ok
17:50:21.0682 0x1ebc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:50:21.0702 0x1ebc RasAgileVpn - ok
17:50:21.0706 0x1ebc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:50:21.0727 0x1ebc RasAuto - ok
17:50:21.0731 0x1ebc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:50:21.0751 0x1ebc Rasl2tp - ok
17:50:21.0758 0x1ebc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:50:21.0783 0x1ebc RasMan - ok
17:50:21.0786 0x1ebc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:50:21.0806 0x1ebc RasPppoe - ok
17:50:21.0809 0x1ebc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:50:21.0829 0x1ebc RasSstp - ok
17:50:21.0836 0x1ebc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:50:21.0858 0x1ebc rdbss - ok
17:50:21.0861 0x1ebc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:50:21.0870 0x1ebc rdpbus - ok
17:50:21.0872 0x1ebc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:50:21.0891 0x1ebc RDPCDD - ok
17:50:21.0897 0x1ebc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:50:21.0906 0x1ebc RDPDR - ok
17:50:21.0909 0x1ebc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:50:21.0927 0x1ebc RDPENCDD - ok
17:50:21.0930 0x1ebc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:50:21.0950 0x1ebc RDPREFMP - ok
17:50:21.0954 0x1ebc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:50:21.0961 0x1ebc RdpVideoMiniport - ok
17:50:21.0967 0x1ebc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:50:21.0976 0x1ebc RDPWD - ok
17:50:21.0981 0x1ebc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:50:21.0990 0x1ebc rdyboost - ok
17:50:21.0995 0x1ebc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:50:22.0016 0x1ebc RemoteAccess - ok
17:50:22.0021 0x1ebc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:50:22.0043 0x1ebc RemoteRegistry - ok
17:50:22.0046 0x1ebc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:50:22.0067 0x1ebc RpcEptMapper - ok
17:50:22.0069 0x1ebc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:50:22.0077 0x1ebc RpcLocator - ok
17:50:22.0087 0x1ebc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:50:22.0113 0x1ebc RpcSs - ok
17:50:22.0117 0x1ebc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:50:22.0137 0x1ebc rspndr - ok
17:50:22.0152 0x1ebc [ AC4CA62572CA516945AB92D6C9F501F4, 6CB4178DD1ED3D8224EA1F91CAA00AFBC756DCA2DFD71F399B05E511E79D5150 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:50:22.0170 0x1ebc RTL8167 - ok
17:50:22.0173 0x1ebc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:50:22.0180 0x1ebc s3cap - ok
17:50:22.0182 0x1ebc [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] SamSs C:\Windows\system32\lsass.exe
17:50:22.0189 0x1ebc SamSs - ok
17:50:22.0192 0x1ebc [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:50:22.0197 0x1ebc SASDIFSV - ok
17:50:22.0199 0x1ebc [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:50:22.0204 0x1ebc SASKUTIL - ok
17:50:22.0208 0x1ebc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:50:22.0215 0x1ebc sbp2port - ok
17:50:22.0221 0x1ebc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:50:22.0243 0x1ebc SCardSvr - ok
17:50:22.0250 0x1ebc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:50:22.0269 0x1ebc scfilter - ok
17:50:22.0354 0x1ebc [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
17:50:22.0377 0x1ebc Schedule - ok
17:50:22.0381 0x1ebc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:50:22.0401 0x1ebc SCPolicySvc - ok
17:50:22.0406 0x1ebc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:50:22.0416 0x1ebc SDRSVC - ok
17:50:22.0442 0x1ebc [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
17:50:22.0470 0x1ebc SDScannerService - ok
17:50:22.0503 0x1ebc [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:50:22.0536 0x1ebc SDUpdateService - ok
17:50:22.0542 0x1ebc [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:50:22.0549 0x1ebc SDWSCService - ok
17:50:22.0552 0x1ebc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:50:22.0559 0x1ebc secdrv - ok
17:50:22.0561 0x1ebc [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
17:50:22.0569 0x1ebc seclogon - ok
17:50:22.0572 0x1ebc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
17:50:22.0593 0x1ebc SENS - ok
17:50:22.0596 0x1ebc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:50:22.0603 0x1ebc SensrSvc - ok
17:50:22.0606 0x1ebc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:50:22.0612 0x1ebc Serenum - ok
17:50:22.0616 0x1ebc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:50:22.0624 0x1ebc Serial - ok
17:50:22.0626 0x1ebc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:50:22.0633 0x1ebc sermouse - ok
17:50:22.0642 0x1ebc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:50:22.0662 0x1ebc SessionEnv - ok
17:50:22.0665 0x1ebc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:50:22.0673 0x1ebc sffdisk - ok
17:50:22.0675 0x1ebc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:50:22.0683 0x1ebc sffp_mmc - ok
17:50:22.0686 0x1ebc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:50:22.0694 0x1ebc sffp_sd - ok
17:50:22.0696 0x1ebc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:50:22.0703 0x1ebc sfloppy - ok
17:50:22.0711 0x1ebc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:50:22.0734 0x1ebc SharedAccess - ok
17:50:22.0742 0x1ebc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:50:22.0766 0x1ebc ShellHWDetection - ok
17:50:22.0769 0x1ebc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:50:22.0775 0x1ebc SiSRaid2 - ok
17:50:22.0778 0x1ebc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:50:22.0785 0x1ebc SiSRaid4 - ok
17:50:22.0789 0x1ebc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:50:22.0809 0x1ebc Smb - ok
17:50:22.0813 0x1ebc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:50:22.0822 0x1ebc SNMPTRAP - ok
17:50:22.0824 0x1ebc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:50:22.0830 0x1ebc spldr - ok
17:50:22.0841 0x1ebc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
17:50:22.0856 0x1ebc Spooler - ok
17:50:22.0909 0x1ebc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:50:22.0977 0x1ebc sppsvc - ok
17:50:22.0982 0x1ebc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:50:23.0003 0x1ebc sppuinotify - ok
17:50:23.0006 0x1ebc [ D989636383AF280EEEA1063CC23FB198, 09D43B71161ECB5A6804F37828116D86E903EB6FFA68FAA1CFE70832426E0D08 ] SPVDPort C:\Windows\system32\DRIVERS\spvdbus.sys
17:50:23.0014 0x1ebc SPVDPort - ok
17:50:23.0021 0x1ebc [ B4A458F8C78E7DA66F5B7B4010C55D02, 8D76F414FA335EE9C4BB36EA269ACC9FB396A688517136C138D0E4968704E91E ] SPVVEngine C:\Windows\system32\Drivers\spvve.sys
17:50:23.0031 0x1ebc SPVVEngine - ok
17:50:23.0041 0x1ebc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:50:23.0053 0x1ebc srv - ok
17:50:23.0061 0x1ebc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:50:23.0073 0x1ebc srv2 - ok
17:50:23.0078 0x1ebc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:50:23.0086 0x1ebc srvnet - ok
17:50:23.0091 0x1ebc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:50:23.0114 0x1ebc SSDPSRV - ok
17:50:23.0118 0x1ebc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:50:23.0139 0x1ebc SstpSvc - ok
17:50:23.0144 0x1ebc [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:50:23.0152 0x1ebc ssudmdm - ok
17:50:23.0162 0x1ebc [ 7EE717B9B9F183B236BBE9E25FA497F2, 489611EA72A7BBF593852D5C441B3714CCE2E3E3518B5B569CDF59DD0C60A950 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:50:23.0175 0x1ebc Steam Client Service - ok
17:50:23.0184 0x1ebc [ D2B4376F9F36C5873A6CF99EF5750724, 2A5C12EE3657D4A6819080549ADFA3288E0DAC975114D9466DCCC3ED922D2539 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:50:23.0194 0x1ebc Stereo Service - ok
17:50:23.0197 0x1ebc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:50:23.0203 0x1ebc stexstor - ok
17:50:23.0214 0x1ebc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:50:23.0232 0x1ebc stisvc - ok
17:50:23.0237 0x1ebc [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:50:23.0243 0x1ebc storflt - ok
17:50:23.0246 0x1ebc [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
17:50:23.0254 0x1ebc StorSvc - ok
17:50:23.0256 0x1ebc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:50:23.0262 0x1ebc storvsc - ok
17:50:23.0265 0x1ebc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:50:23.0271 0x1ebc swenum - ok
17:50:23.0280 0x1ebc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:50:23.0307 0x1ebc swprv - ok
17:50:23.0335 0x1ebc [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
17:50:23.0366 0x1ebc SysMain - ok
17:50:23.0371 0x1ebc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:50:23.0383 0x1ebc TabletInputService - ok
17:50:23.0390 0x1ebc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:50:23.0413 0x1ebc TapiSrv - ok
17:50:23.0417 0x1ebc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:50:23.0438 0x1ebc TBS - ok
17:50:23.0467 0x1ebc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:50:23.0499 0x1ebc Tcpip - ok
17:50:23.0530 0x1ebc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:50:23.0562 0x1ebc TCPIP6 - ok
17:50:23.0567 0x1ebc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:50:23.0574 0x1ebc tcpipreg - ok
17:50:23.0577 0x1ebc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:50:23.0584 0x1ebc TDPIPE - ok
17:50:23.0586 0x1ebc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:50:23.0593 0x1ebc TDTCP - ok
17:50:23.0597 0x1ebc [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:50:23.0605 0x1ebc tdx - ok
17:50:23.0710 0x1ebc [ 2E7EFE9F59DA5EF7AAAE5712324FAAFD, 960130B0559F59AF3FF6DA1E6D11CAF663CEA2BCDAC3263699D67D20C1360318 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
17:50:23.0811 0x1ebc TeamViewer - ok
17:50:23.0819 0x1ebc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:50:23.0825 0x1ebc TermDD - ok
17:50:23.0839 0x1ebc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
17:50:23.0856 0x1ebc TermService - ok
17:50:23.0859 0x1ebc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:50:23.0870 0x1ebc Themes - ok
17:50:23.0873 0x1ebc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:50:23.0894 0x1ebc THREADORDER - ok
17:50:23.0898 0x1ebc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:50:23.0920 0x1ebc TrkWks - ok
17:50:23.0925 0x1ebc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:50:23.0947 0x1ebc TrustedInstaller - ok
17:50:23.0950 0x1ebc [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:50:23.0958 0x1ebc tssecsrv - ok
17:50:23.0961 0x1ebc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:50:23.0968 0x1ebc TsUsbFlt - ok
17:50:23.0971 0x1ebc [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:50:23.0978 0x1ebc TsUsbGD - ok
17:50:23.0982 0x1ebc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:50:24.0002 0x1ebc tunnel - ok
17:50:24.0005 0x1ebc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:50:24.0012 0x1ebc uagp35 - ok
17:50:24.0019 0x1ebc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:50:24.0042 0x1ebc udfs - ok
17:50:24.0050 0x1ebc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:50:24.0059 0x1ebc UI0Detect - ok
17:50:24.0062 0x1ebc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:50:24.0068 0x1ebc uliagpkx - ok
17:50:24.0071 0x1ebc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:50:24.0079 0x1ebc umbus - ok
17:50:24.0082 0x1ebc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
17:50:24.0089 0x1ebc UmPass - ok
17:50:24.0095 0x1ebc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
17:50:24.0106 0x1ebc UmRdpService - ok
17:50:24.0113 0x1ebc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:50:24.0138 0x1ebc upnphost - ok
17:50:24.0142 0x1ebc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:50:24.0150 0x1ebc usbaudio - ok
17:50:24.0154 0x1ebc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:50:24.0162 0x1ebc usbccgp - ok
17:50:24.0166 0x1ebc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:50:24.0174 0x1ebc usbcir - ok
17:50:24.0177 0x1ebc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:50:24.0184 0x1ebc usbehci - ok
17:50:24.0192 0x1ebc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:50:24.0203 0x1ebc usbhub - ok
17:50:24.0205 0x1ebc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:50:24.0212 0x1ebc usbohci - ok
17:50:24.0215 0x1ebc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:50:24.0223 0x1ebc usbprint - ok
17:50:24.0225 0x1ebc [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys
17:50:24.0232 0x1ebc usbrndis6 - ok
17:50:24.0236 0x1ebc [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
17:50:24.0243 0x1ebc USBSTOR - ok
17:50:24.0246 0x1ebc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:50:24.0253 0x1ebc usbuhci - ok
17:50:24.0256 0x1ebc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:50:24.0276 0x1ebc UxSms - ok
17:50:24.0278 0x1ebc [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] VaultSvc C:\Windows\system32\lsass.exe
17:50:24.0285 0x1ebc VaultSvc - ok
17:50:24.0288 0x1ebc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:50:24.0294 0x1ebc vdrvroot - ok
17:50:24.0304 0x1ebc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:50:24.0331 0x1ebc vds - ok
17:50:24.0334 0x1ebc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:50:24.0343 0x1ebc vga - ok
17:50:24.0345 0x1ebc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:50:24.0364 0x1ebc VgaSave - ok
17:50:24.0369 0x1ebc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:50:24.0378 0x1ebc vhdmp - ok
17:50:24.0381 0x1ebc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:50:24.0386 0x1ebc viaide - ok
17:50:24.0392 0x1ebc [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:50:24.0401 0x1ebc vmbus - ok
17:50:24.0403 0x1ebc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:50:24.0410 0x1ebc VMBusHID - ok
17:50:24.0413 0x1ebc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:50:24.0420 0x1ebc volmgr - ok
17:50:24.0428 0x1ebc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:50:24.0438 0x1ebc volmgrx - ok
17:50:24.0446 0x1ebc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:50:24.0455 0x1ebc volsnap - ok
17:50:24.0460 0x1ebc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:50:24.0468 0x1ebc vsmraid - ok
17:50:24.0492 0x1ebc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:50:24.0533 0x1ebc VSS - ok
17:50:24.0542 0x1ebc [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
17:50:24.0550 0x1ebc vssbrigde64 - ok
17:50:24.0552 0x1ebc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:50:24.0560 0x1ebc vwifibus - ok
17:50:24.0569 0x1ebc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:50:24.0594 0x1ebc W32Time - ok
17:50:24.0597 0x1ebc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:50:24.0604 0x1ebc WacomPen - ok
17:50:24.0608 0x1ebc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:50:24.0627 0x1ebc WANARP - ok
17:50:24.0630 0x1ebc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:50:24.0650 0x1ebc Wanarpv6 - ok
17:50:24.0671 0x1ebc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:50:24.0694 0x1ebc WatAdminSvc - ok
17:50:24.0720 0x1ebc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:50:24.0748 0x1ebc wbengine - ok
17:50:24.0754 0x1ebc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:50:24.0767 0x1ebc WbioSrvc - ok
17:50:24.0775 0x1ebc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:50:24.0790 0x1ebc wcncsvc - ok
17:50:24.0793 0x1ebc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:50:24.0801 0x1ebc WcsPlugInService - ok
17:50:24.0803 0x1ebc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
17:50:24.0809 0x1ebc Wd - ok
17:50:24.0822 0x1ebc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:50:24.0839 0x1ebc Wdf01000 - ok
17:50:24.0843 0x1ebc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:50:24.0852 0x1ebc WdiServiceHost - ok
17:50:24.0855 0x1ebc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:50:24.0863 0x1ebc WdiSystemHost - ok
17:50:24.0869 0x1ebc [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
17:50:24.0880 0x1ebc WebClient - ok
17:50:24.0886 0x1ebc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:50:24.0909 0x1ebc Wecsvc - ok
17:50:24.0912 0x1ebc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:50:24.0933 0x1ebc wercplsupport - ok
17:50:24.0937 0x1ebc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:50:24.0958 0x1ebc WerSvc - ok
17:50:24.0960 0x1ebc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:50:24.0980 0x1ebc WfpLwf - ok
17:50:24.0983 0x1ebc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:50:24.0989 0x1ebc WIMMount - ok
17:50:24.0990 0x1ebc WinDefend - ok
17:50:24.0994 0x1ebc WinHttpAutoProxySvc - ok
17:50:25.0003 0x1ebc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:50:25.0025 0x1ebc Winmgmt - ok
17:50:25.0057 0x1ebc [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
17:50:25.0093 0x1ebc WinRM - ok
17:50:25.0099 0x1ebc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:50:25.0108 0x1ebc WinUsb - ok
17:50:25.0123 0x1ebc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:50:25.0145 0x1ebc Wlansvc - ok
17:50:25.0150 0x1ebc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:50:25.0157 0x1ebc WmiAcpi - ok
17:50:25.0164 0x1ebc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:50:25.0174 0x1ebc wmiApSrv - ok
17:50:25.0176 0x1ebc WMPNetworkSvc - ok
17:50:25.0178 0x1ebc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:50:25.0186 0x1ebc WPCSvc - ok
17:50:25.0189 0x1ebc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:50:25.0199 0x1ebc WPDBusEnum - ok
17:50:25.0202 0x1ebc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:50:25.0221 0x1ebc ws2ifsl - ok
17:50:25.0225 0x1ebc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
17:50:25.0236 0x1ebc wscsvc - ok
17:50:25.0239 0x1ebc WSearch - ok
17:50:25.0278 0x1ebc [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
17:50:25.0321 0x1ebc wuauserv - ok
17:50:25.0326 0x1ebc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:50:25.0334 0x1ebc WudfPf - ok
17:50:25.0337 0x1ebc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:50:25.0346 0x1ebc wudfsvc - ok
17:50:25.0352 0x1ebc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:50:25.0362 0x1ebc WwanSvc - ok
17:50:25.0366 0x1ebc [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
17:50:25.0374 0x1ebc xusb21 - ok
17:50:25.0376 0x1ebc ================ Scan global ===============================
17:50:25.0378 0x1ebc [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
17:50:25.0383 0x1ebc [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
17:50:25.0391 0x1ebc [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
17:50:25.0396 0x1ebc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:50:25.0403 0x1ebc [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:50:25.0408 0x1ebc [ Global ] - ok
17:50:25.0408 0x1ebc ================ Scan MBR ==================================
17:50:25.0409 0x1ebc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:50:25.0454 0x1ebc \Device\Harddisk0\DR0 - ok
17:50:25.0456 0x1ebc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:50:25.0495 0x1ebc \Device\Harddisk1\DR1 - ok
17:50:26.0275 0x1ebc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
17:50:26.0353 0x1ebc \Device\Harddisk2\DR2 - ok
17:50:26.0355 0x1ebc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
17:50:26.0430 0x1ebc \Device\Harddisk3\DR3 - ok
17:50:26.0431 0x1ebc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk4\DR4
17:50:26.0897 0x1ebc \Device\Harddisk4\DR4 - ok
17:50:26.0897 0x1ebc ================ Scan VBR ==================================
17:50:26.0898 0x1ebc [ D261BE1F652721B66F07FED9897727C5 ] \Device\Harddisk0\DR0\Partition1
17:50:26.0899 0x1ebc \Device\Harddisk0\DR0\Partition1 - ok
17:50:26.0900 0x1ebc [ C4DB493AEB01EC247A9446AA86FF1839 ] \Device\Harddisk2\DR2\Partition1
17:50:26.0901 0x1ebc \Device\Harddisk2\DR2\Partition1 - ok
17:50:26.0902 0x1ebc [ 7606BF47B453325EDF6E5A1E1334B724 ] \Device\Harddisk3\DR3\Partition1
17:50:26.0903 0x1ebc \Device\Harddisk3\DR3\Partition1 - ok
17:50:26.0905 0x1ebc [ 5457DF1A4AE5D1D13B05CCBC71F74C1D ] \Device\Harddisk4\DR4\Partition1
17:50:26.0906 0x1ebc \Device\Harddisk4\DR4\Partition1 - ok
17:50:26.0906 0x1ebc ================ Scan generic autorun ======================
17:50:26.0908 0x1ebc [ E6A3062BDB2E18EBDEB69CF7F7A3A070, 48AB0CCA0230DCBB47CCC765659E390A4A42AC7303A27B835B9FBB1168AC7BF1 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
17:50:26.0912 0x1ebc IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
17:50:26.0912 0x1ebc IAStorIcon ( UnsignedFile.Multi.Generic ) - warning
17:50:26.0912 0x1ebc Force sending object to P2P due to detect: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
17:50:26.0913 0x1ebc Object send P2P result: false
17:50:26.0955 0x1ebc [ A416FBE18A8FF5C942B5E4A65A66EAE0, DC021A544A16BA984A906D235E0E6DA8AC0DF0A7FC8A89D192E427BBE6D2434C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:50:26.0998 0x1ebc NvBackend - ok
17:50:27.0002 0x1ebc [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
17:50:27.0011 0x1ebc ShadowPlay - ok
17:50:27.0151 0x1ebc [ C2B43580D6E036BC050CC3EC565E702E, 67A7DD969079449F85E798D3A4202B400F8128224CDACA474BA3B714F1B4FBEA ] G:\SoftPerfect RAM Disk\RAMDiskWS.exe
17:50:27.0205 0x1ebc RAMDiskForWorkstations - ok
17:50:27.0320 0x1ebc [ 0EC9DDFBBD77C15860887E637DF33288, D4EF0F8F05B59F44A118ACDB6A891CF2E6314A1671594AE5A433CE69058A7F62 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:50:27.0428 0x1ebc RTHDVCPL - ok
17:50:27.0488 0x1ebc [ 9166C1276B296BC78FA816CD8448CD32, 1D2BF20F9EA7665281E5F9FFE50A8127E4618CB76C6A47A27E7ACA196327C395 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
17:50:27.0497 0x1ebc USB3MON - ok
17:50:27.0553 0x1ebc [ E473FCA273E64B72BFDFDC8BBC11FD09, DC2021F04FA0FA008ACF7C9B4B9D586AC529D8740EE5208DB721AA66CEAC97A8 ] C:\Program Files (x86)\Trojan Remover\Trjscan.exe
17:50:27.0610 0x1ebc TrojanScanner - ok
17:50:27.0618 0x1ebc [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
17:50:27.0626 0x1ebc ArcSoft Connection Service - ok
17:50:27.0630 0x1ebc [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
17:50:27.0638 0x1ebc LWS - ok
17:50:27.0698 0x1ebc [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
17:50:27.0758 0x1ebc SDTray - ok
17:50:27.0781 0x1ebc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:50:27.0836 0x1ebc Sidebar - ok
17:50:27.0840 0x1ebc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:50:27.0851 0x1ebc mctadmin - ok
17:50:27.0871 0x1ebc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:50:27.0893 0x1ebc Sidebar - ok
17:50:27.0897 0x1ebc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:50:27.0908 0x1ebc mctadmin - ok
17:50:28.0071 0x1ebc [ 4345E92BA1CBFE86658449E612C10555, 69D8B9998745A921F11EAA4895E1D5297D9F5BA896A33B7B152E17610F7A9704 ] G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
17:50:28.0122 0x1ebc ApowersoftScreenRecorder - ok
17:50:28.0178 0x1ebc [ 8F20BC45BF5346AAF27E273EBE9ACC9A, FD8AB9C6686A9DE0459D99DC8565F40E74E41E46250F08C59962A2BD7AF7F1CA ] C:\Program Files (x86)\MultiSplitter\multisplitter.exe
17:50:28.0230 0x1ebc MultiSplitter - detected UnsignedFile.Multi.Generic ( 1 )
17:50:28.0230 0x1ebc MultiSplitter ( UnsignedFile.Multi.Generic ) - warning
17:50:28.0230 0x1ebc Force sending object to P2P due to detect: C:\Program Files (x86)\MultiSplitter\multisplitter.exe
17:50:28.0239 0x1ebc Object send P2P result: false
17:50:28.0377 0x1ebc [ CE1DEC053DA24927E89D9AA196D31281, 39DD431CFCD10AA4E176062E33A0262FEE5806E192B37037C97439B1CEF232C8 ] C:\Program Files\CCleaner\CCleaner64.exe
17:50:28.0497 0x1ebc CCleaner Monitoring - ok
17:50:28.0519 0x1ebc [ 7AFF1C22E8BC6D8181053FC3590FD0F2, 7AD0BF719597CD4770A45E16C4F45F233F99D473AA1F4F0B0FC0F8D26976F883 ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
17:50:28.0533 0x1ebc OfficeSyncProcess - ok
17:50:28.0550 0x1ebc [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
17:50:28.0567 0x1ebc SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
17:50:28.0567 0x1ebc SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - warning
17:50:28.0567 0x1ebc Force sending object to P2P due to detect: C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
17:50:28.0570 0x1ebc Object send P2P result: false
17:50:28.0816 0x1ebc [ 65212966BD41D0D037E9D27D4B5AE33E, EF77044671EF8F06184603204AAAB58FDD706161CCE20BC49398FE73564A3BD3 ] G:\Program Files (x86)\ManyCam\ManyCam.exe
17:50:28.0957 0x1ebc ManyCam - ok
17:50:28.0985 0x1ebc AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
17:50:28.0986 0x1ebc FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
17:50:28.0987 0x1ebc ============================================================
17:50:28.0987 0x1ebc Scan finished
17:50:28.0987 0x1ebc ============================================================
17:50:28.0991 0x196c Detected object count: 4
17:50:28.0991 0x196c Actual detected object count: 4
17:50:39.0613 0x196c Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:39.0613 0x196c Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:50:39.0613 0x196c IAStorIcon ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:39.0613 0x196c IAStorIcon ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:50:39.0614 0x196c MultiSplitter ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:39.0614 0x196c MultiSplitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:50:39.0615 0x196c SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:39.0615 0x196c SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
30.03.2016, 00:50
| #9 |
| /// Malwareteam | WIN 7 Alle Berechtigungen verändert? Komische Dateien Gehackt? Schritt: 1 Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Hinweis: Falls bei der Deinstallation zu Beginn ein Fehler auftritt oder du den aufgerufenen Uninstaller nicht bedienen kannst, breche dieses Setup einfach ab und fahre mit der Entfernung durch Revo wie oben beschrieben fort. Schritt: 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt: 3 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt: 4 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
30.03.2016, 17:01
| #10 |
| | WIN 7 Alle Berechtigungen verändert? Komische Dateien Gehackt? zu Schritt 1. Genesis wird nicht angezeigt... Spybot wurde deinstalliert zu Schritt 2:Malewarebytes ist meine Testversion abgelaufen, keine chance auf Updates zu Schritt 3: ADW Cleaner findet keine Einträge. Last REPORT AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.010 - Bericht erstellt am 11/07/2014 um 01:21:04
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : CUCD - CUCD-PC
# Gestartet von : E:\Arbeit\USB Stick Sicherung\Programme Software\adwcleaner-3.010.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : BackupStack
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freesofttoday
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\SpeedUpMyPC
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
[#] Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Uniblue\SpeedUpMyPC
Ordner Gelöscht : C:\Program Files (x86)\Wajam
Ordner Gelöscht : C:\Users\CUCD\AppData\Local\Searchprotect
Ordner Gelöscht : C:\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\CUCD\AppData\Roaming\Uniblue\SpeedUpMyPC
Ordner Gelöscht : C:\Users\CUCD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Public\Desktop\speedupmypc.lnk
Datei Gelöscht : C:\Users\CUCD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Users\CUCD\Desktop\MyPC Backup.lnk
Datei Gelöscht : C:\Users\CUCD\AppData\Roaming\Mozilla\Firefox\Profiles\ig1g2hc2.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0059599.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0059599.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0059599.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0059599.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956699}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544954499}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951199}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951199}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955599}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956699}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951199}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Tutorials
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\Software\FreeSoftToday
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\Software\Uniblue\SpeedUpMyPC
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\CUCD\AppData\Roaming\Mozilla\Firefox\Profiles\ig1g2hc2.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.aff8065806db34c09ba06d6caf0e991728453cb257fef4ed58934b08be5605617com59599.59599.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14721c8ef19c8563a0abb83c999d26d7");
-\\ Google Chrome v
[ Datei : C:\Users\CUCD\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1092 octets] - [24/01/2014 20:22:28]
AdwCleaner[R1].txt - [4336 octets] - [10/03/2014 04:22:13]
AdwCleaner[R2].txt - [1265 octets] - [02/04/2014 14:53:29]
AdwCleaner[R3].txt - [1469 octets] - [02/05/2014 14:50:36]
AdwCleaner[R4].txt - [1806 octets] - [09/05/2014 06:21:16]
AdwCleaner[R5].txt - [6438 octets] - [11/07/2014 01:20:48]
AdwCleaner[S0].txt - [3868 octets] - [10/03/2014 04:48:41]
AdwCleaner[S1].txt - [1443 octets] - [02/05/2014 14:50:53]
AdwCleaner[S2].txt - [1821 octets] - [09/05/2014 06:21:38]
AdwCleaner[S3].txt - [5526 octets] - [11/07/2014 01:21:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [5586 octets] ##########
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.107 - Logfile created 30/03/2016 at 17:52:44
# Updated 28/03/2016 by Xplode
# Database : 2016-03-30.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Admin - CUCD-PC
# Running from : C:\Users\Admin\Desktop\AdwCleaner_5.107.exe
# Option : Scan
# Support : hxxp://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
C:\AdwCleaner\AdwCleaner[C12].txt - [4202 bytes] - [10/01/2016 19:28:58]
C:\AdwCleaner\AdwCleaner[C1].txt - [4589 bytes] - [28/03/2016 01:54:32]
C:\AdwCleaner\AdwCleaner[R0].txt - [1092 bytes] - [24/01/2014 20:22:28]
C:\AdwCleaner\AdwCleaner[R10].txt - [3514 bytes] - [23/06/2015 03:39:20]
C:\AdwCleaner\AdwCleaner[R11].txt - [2250 bytes] - [23/06/2015 04:13:00]
C:\AdwCleaner\AdwCleaner[R12].txt - [6681 bytes] - [23/06/2015 04:33:18]
C:\AdwCleaner\AdwCleaner[R13].txt - [2181 bytes] - [23/06/2015 04:36:37]
C:\AdwCleaner\AdwCleaner[R14].txt - [2241 bytes] - [24/06/2015 04:25:41]
C:\AdwCleaner\AdwCleaner[R15].txt - [2703 bytes] - [19/10/2015 00:47:48]
C:\AdwCleaner\AdwCleaner[R16].txt - [2591 bytes] - [16/12/2015 14:44:15]
C:\AdwCleaner\AdwCleaner[R1].txt - [4336 bytes] - [10/03/2014 04:22:13]
C:\AdwCleaner\AdwCleaner[R2].txt - [1265 bytes] - [02/04/2014 14:53:29]
C:\AdwCleaner\AdwCleaner[R3].txt - [1469 bytes] - [02/05/2014 14:50:36]
C:\AdwCleaner\AdwCleaner[R4].txt - [1806 bytes] - [09/05/2014 06:21:16]
C:\AdwCleaner\AdwCleaner[R5].txt - [6438 bytes] - [11/07/2014 01:20:48]
C:\AdwCleaner\AdwCleaner[R6].txt - [13520 bytes] - [11/07/2014 01:38:52]
C:\AdwCleaner\AdwCleaner[R7].txt - [7729 bytes] - [25/08/2014 00:08:11]
C:\AdwCleaner\AdwCleaner[R8].txt - [4529 bytes] - [13/11/2014 16:37:51]
C:\AdwCleaner\AdwCleaner[R9].txt - [2627 bytes] - [30/03/2015 19:19:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [3868 bytes] - [10/03/2014 04:48:41]
C:\AdwCleaner\AdwCleaner[S10].txt - [2653 bytes] - [16/12/2015 14:44:50]
C:\AdwCleaner\AdwCleaner[S18].txt - [3919 bytes] - [10/01/2016 18:49:44]
C:\AdwCleaner\AdwCleaner[S1].txt - [5860 bytes] - [02/05/2014 14:50:53]
C:\AdwCleaner\AdwCleaner[S2].txt - [4842 bytes] - [09/05/2014 06:21:38]
C:\AdwCleaner\AdwCleaner[S3].txt - [8075 bytes] - [11/07/2014 01:21:04]
C:\AdwCleaner\AdwCleaner[S4].txt - [11039 bytes] - [11/07/2014 01:39:17]
C:\AdwCleaner\AdwCleaner[S5].txt - [7689 bytes] - [25/08/2014 00:08:44]
C:\AdwCleaner\AdwCleaner[S6].txt - [4378 bytes] - [13/11/2014 16:38:22]
C:\AdwCleaner\AdwCleaner[S7].txt - [3422 bytes] - [23/06/2015 03:44:36]
C:\AdwCleaner\AdwCleaner[S8].txt - [2312 bytes] - [23/06/2015 04:24:47]
C:\AdwCleaner\AdwCleaner[S9].txt - [6133 bytes] - [23/06/2015 04:33:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [8587 bytes] ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von Admin (Administrator) auf CUCD-PC (30-03-2016 17:57:47) Gestartet von C:\Users\Admin\Downloads Geladene Profile: Admin (Verfügbare Profile: Admin & Mada & Administrator) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (SoftPerfect Research) G:\SoftPerfect RAM Disk\ramdiskws.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Apowersoft) G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe () C:\Program Files (x86)\MultiSplitter\MultiSplitter.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Users\Admin\Desktop\AdwCleaner_5.107.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RAMDiskForWorkstations] => G:\SoftPerfect RAM Disk\RAMDiskWS.exe [3547856 2014-01-15] (SoftPerfect Research) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573720 2000-01-01] (Realtek Semiconductor) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2000-01-01] (Intel Corporation) HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [3725328 2015-10-15] (Simply Super Software) HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [ApowersoftScreenRecorder] => G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe [3317400 2016-01-19] (Apowersoft) HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [MultiSplitter] => C:\Program Files (x86)\MultiSplitter\multisplitter.exe [3561472 2015-02-26] () HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation) HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\MountPoints2: {a881abfc-af15-11e5-9e9b-08606e6a4329} - F:\autorun.exe HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\MountPoints2: {ba37d240-a8c5-11e5-85b6-08606e6a4329} - F:\autorun.exe ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => Keine Datei ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => Keine Datei ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei BootExecute: autocheck autochk * sdnclean64.exe GroupPolicy: Beschränkung - Chrome <======= ACHTUNG GroupPolicyScripts: Beschränkung <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{4947F9EA-F57E-4F84-A811-73C4B0F0DC57}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{6371C9D6-4404-412A-9B35-24D5D6F3746D}: [DhcpNameServer] 192.168.178.1 ManualProxies: 1http=127.0.0.1:8895;https=127.0.0.1:8895 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-06] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-06] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab) FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\8kg0ugwq.default FF NetworkProxy: "type", 4 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-24] () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-06] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-06] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> G:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-24] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-01-30] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2014-01-14] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\8kg0ugwq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24] FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-26] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-19] CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-19] CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-19] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-19] CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-19] CHR Extension: (Google Tabellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-19] CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-19] CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-19] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-01-29] (SUPERAntiSpyware.com) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-08] (Kaspersky Lab ZAO) R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2014-01-29] (Condusiv Technologies) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-28] (NVIDIA Corporation) S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (Visicom Media Inc.) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-28] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-28] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-09] () R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 CAMBOXDRV; C:\Windows\System32\DRIVERS\camboxdrv.sys [39472 2015-11-23] (Windows (R) Win 7 DDK provider) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25840 2014-01-29] (Condusiv Technologies) R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [118000 2014-01-29] (Condusiv Technologies) U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-06-23] () R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-26] (AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-12-08] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-12-08] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934808 2016-03-26] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-08] (AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2016-03-30] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R3 muspvisr; C:\Windows\System32\DRIVERS\muspvisr.sys [121344 2015-02-16] (saveNtrust GmbH) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-28] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SPVDPort; C:\Windows\System32\DRIVERS\spvdbus.sys [92664 2014-01-15] () R1 SPVVEngine; C:\Windows\system32\Drivers\spvve.sys [342520 2014-01-15] () S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation) S1 4474777drv; system32\DRIVERS\4474777drv.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-30 17:49 - 2016-03-30 17:50 - 03102208 _____ C:\Users\Admin\Desktop\AdwCleaner_5.107.exe 2016-03-30 17:47 - 2016-03-30 17:47 - 11199448 _____ (VS Revo Group ) C:\Users\Admin\Downloads\RevoUninProSetup.exe 2016-03-30 17:42 - 2016-03-30 17:42 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Downloads\revosetup95.exe 2016-03-30 17:42 - 2016-03-30 17:42 - 00001268 _____ C:\Users\Admin\Desktop\Revo Uninstaller.lnk 2016-03-30 17:42 - 2016-03-30 17:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2016-03-30 17:42 - 2016-03-30 17:42 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2016-03-30 17:36 - 2016-03-30 17:36 - 00000000 ____D C:\Users\Admin\AppData\Local\VirtualStore 2016-03-30 09:22 - 2016-03-30 09:22 - 00000000 ____D C:\Users\CUCD\AppData\Local\NPE 2016-03-29 17:49 - 2016-03-29 17:52 - 00229220 _____ C:\TDSSKiller.3.1.0.9_29.03.2016_17.49.54_log.txt 2016-03-29 16:46 - 2016-03-29 16:47 - 00000000 ____D C:\Users\Mada\AppData\Local\NVIDIA Corporation 2016-03-29 16:46 - 2016-03-29 16:46 - 00001425 _____ C:\Users\Mada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-03-29 16:46 - 2016-03-29 16:46 - 00000020 ___SH C:\Users\Mada\ntuser.ini 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\Vorlagen 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\Startmenü 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\Netzwerkumgebung 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\Lokale Einstellungen 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\Eigene Dateien 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\Druckumgebung 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\Documents\Eigene Videos 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\Documents\Eigene Musik 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\Documents\Eigene Bilder 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\AppData\Local\Verlauf 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\AppData\Local\Anwendungsdaten 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 _SHDL C:\Users\Mada\Anwendungsdaten 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 ____D C:\Users\Mada\AppData\Roaming\Adobe 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 ____D C:\Users\Mada\AppData\Local\NVIDIA 2016-03-29 16:46 - 2016-03-29 16:46 - 00000000 ____D C:\Users\Mada 2016-03-29 16:46 - 2011-04-12 09:54 - 00000000 ____D C:\Users\Mada\AppData\Roaming\Media Center Programs 2016-03-28 02:45 - 2016-03-28 02:45 - 00007092 _____ C:\TDSSKiller.3.1.0.9_28.03.2016_02.45.08_log.txt 2016-03-28 02:14 - 2016-03-28 02:16 - 00227770 _____ C:\TDSSKiller.3.1.0.9_28.03.2016_02.14.58_log.txt 2016-03-28 02:12 - 2016-03-28 02:12 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe 2016-03-28 01:52 - 2016-03-28 01:52 - 01538560 _____ C:\Users\Admin\Downloads\adwcleaner_5.106.exe 2016-03-28 00:44 - 2016-03-28 00:44 - 00000300 _____ C:\Users\Admin\Desktop\system123.reg 2016-03-27 23:14 - 2016-03-27 23:17 - 283348992 _____ C:\Users\Admin\Downloads\kav_rescue_10.iso 2016-03-27 23:10 - 2016-03-27 23:10 - 15258612 _____ C:\Users\Admin\Downloads\Rootkit_Remover_3022.zip 2016-03-27 23:09 - 2016-03-27 23:10 - 01475080 _____ C:\Users\Admin\Downloads\Bitdefender Rootkit Remover - CHIP-Installer.exe 2016-03-27 23:06 - 2016-03-27 23:07 - 00000000 ____D C:\Users\Admin\Pavark 2016-03-27 23:06 - 2007-07-24 10:27 - 00744853 _____ C:\Users\Admin\Desktop\PAVARK.exe 2016-03-27 23:04 - 2016-03-29 16:32 - 00066009 _____ C:\Users\Admin\Downloads\Addition.txt 2016-03-27 23:03 - 2016-03-30 17:57 - 00022250 _____ C:\Users\Admin\Downloads\FRST.txt 2016-03-27 23:03 - 2016-03-30 17:57 - 00000000 ____D C:\FRST 2016-03-27 23:02 - 2016-03-27 23:03 - 02374144 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2016-03-27 22:39 - 2016-03-27 21:27 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-223943.backup 2016-03-27 21:27 - 2016-03-27 19:45 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-212753.backup 2016-03-27 19:45 - 2016-03-27 19:27 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-194538.backup 2016-03-27 19:00 - 2016-03-27 12:22 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-190043.backup 2016-03-27 12:22 - 2014-11-13 17:33 - 00450713 _____ C:\Windows\system32\Drivers\etc\hosts.20160327-122233.backup 2016-03-27 11:47 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2016-03-26 21:25 - 2016-03-30 17:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-03-26 21:25 - 2016-03-26 21:25 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-03-26 21:25 - 2016-03-26 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-03-26 21:25 - 2016-03-26 21:25 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-03-26 21:25 - 2014-05-12 08:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-03-26 21:25 - 2014-05-12 08:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-03-26 21:25 - 2014-05-12 08:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2016-03-26 21:13 - 2016-03-26 21:14 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Admin\Downloads\spybot-2.4.exe 2016-03-26 20:52 - 2016-03-26 20:52 - 00002450 _____ C:\Users\Admin\Desktop\Sicherer Zahlungsverkehr.lnk 2016-03-26 20:52 - 2016-03-26 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2016-03-26 20:52 - 2016-03-26 20:51 - 00002140 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk 2016-03-26 20:51 - 2016-03-26 21:06 - 00934808 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2016-03-26 20:51 - 2016-03-26 20:51 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2016-03-26 20:51 - 2015-12-08 22:34 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2016-03-26 20:51 - 2015-12-08 22:34 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2016-03-26 20:51 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2016-03-26 20:39 - 2016-03-26 20:52 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2016-03-26 20:37 - 2016-03-26 20:39 - 163129864 _____ (Kaspersky Lab) C:\Users\Admin\Downloads\kis16.0.0.614abcdde_9991.exe 2016-03-26 20:34 - 2016-03-26 20:34 - 00000419 _____ C:\Users\Admin\Downloads\admhelper(1) 2016-03-26 20:34 - 2016-03-26 20:34 - 00000419 _____ C:\Users\Admin\Downloads\admhelper 2016-03-26 20:31 - 2016-03-27 19:30 - 00000000 ____D C:\Users\Admin\AppData\Local\Audible 2016-03-26 20:31 - 2016-03-26 20:31 - 00255352 _____ (Audible, Inc.) C:\Windows\SysWOW64\awrdscdc.ax 2016-03-26 20:31 - 2016-03-26 20:31 - 00000816 _____ C:\Users\Administrator\Desktop\Audible Manager.lnk 2016-03-26 20:31 - 2016-03-26 20:31 - 00000816 _____ C:\Users\Admin\Desktop\Audible Manager.lnk 2016-03-26 20:31 - 2016-03-26 20:31 - 00000000 ____D C:\Users\Public\Documents\Audible 2016-03-26 20:31 - 2016-03-26 20:31 - 00000000 ____D C:\Users\Admin\Documents\Audible 2016-03-26 20:31 - 2016-03-26 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager 2016-03-26 20:31 - 2001-08-17 23:43 - 00024576 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2016-03-26 20:30 - 2016-03-26 20:30 - 01730272 _____ (Audible Inc.) C:\Users\Admin\Downloads\ActiveSetupN.exe 2016-03-26 20:30 - 2016-03-26 20:30 - 00000000 ____D C:\Users\Admin\Neuer Ordner 2016-03-23 17:45 - 2016-03-23 17:45 - 00331132 _____ C:\Users\Admin\Downloads\muster_kleinunternehmer.pdf 2016-03-23 03:44 - 2016-03-29 18:47 - 00000000 ____D C:\Users\Admin\Desktop\Neuer Ordner 2016-03-23 03:16 - 2016-03-23 03:16 - 01946484 _____ C:\Users\Admin\Downloads\Hearthstone-Heroes-of-Warcraft-Unlimited-Gold-and-More-Version-3.0.zip 2016-03-21 21:35 - 2016-03-27 22:35 - 00000000 ____D C:\Users\Admin\Desktop\KIK Arbeitszeitaufschreibung 2016-03-20 23:23 - 2016-03-20 23:23 - 00001090 _____ C:\Users\Public\Desktop\Metin2.lnk 2016-03-20 23:23 - 2016-03-20 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 2016-03-20 22:55 - 2016-03-20 22:55 - 20282936 _____ (Gameforge ) C:\Users\Admin\Downloads\Metin2_GameforgeLiveSetup.exe 2016-03-19 04:48 - 2016-03-19 19:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-03-16 21:49 - 2016-03-16 21:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\.mono 2016-03-16 21:49 - 2016-03-16 21:49 - 00000000 ____D C:\ProgramData\.mono 2016-03-16 21:48 - 2016-03-16 21:48 - 00001159 _____ C:\Users\Public\Desktop\Hearthstone.lnk 2016-03-16 21:48 - 2016-03-16 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2016-03-16 21:43 - 2016-03-30 09:15 - 00000000 ____D C:\Users\Admin\AppData\Local\Battle.net 2016-03-16 21:43 - 2016-03-16 21:43 - 00001122 _____ C:\Users\Public\Desktop\Battle.net.lnk 2016-03-16 21:43 - 2016-03-16 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2016-03-16 21:42 - 2016-03-29 17:56 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-03-16 21:42 - 2016-03-16 23:19 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Battle.net 2016-03-16 21:00 - 2016-03-16 21:00 - 00070742 _____ C:\Users\Admin\Downloads\034095_13.pdf 2016-03-16 20:59 - 2016-03-16 20:59 - 00000269 _____ C:\Users\Admin\Downloads\Anlage_S_2013.xml 2016-03-09 11:13 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-03-09 11:13 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-03-09 11:13 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-03-09 11:13 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-03-09 11:13 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-03-09 11:13 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-03-09 11:13 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-03-09 11:13 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-03-09 11:13 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-03-09 11:13 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-03-09 11:13 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-03-09 11:13 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-03-09 11:13 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-03-09 11:13 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-03-09 11:13 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-03-09 11:13 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-03-09 11:13 - 2016-02-09 08:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-03-09 11:13 - 2016-02-09 08:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-03-09 11:13 - 2016-02-08 23:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-03-09 11:13 - 2016-02-08 22:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-03-09 11:13 - 2016-02-08 22:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-03-09 11:13 - 2016-02-08 22:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-03-09 11:13 - 2016-02-08 22:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-03-09 11:13 - 2016-02-08 22:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-03-09 11:13 - 2016-02-08 22:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-03-09 11:13 - 2016-02-08 22:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-03-09 11:13 - 2016-02-08 22:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-03-09 11:13 - 2016-02-08 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-03-09 11:13 - 2016-02-08 22:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-03-09 11:13 - 2016-02-08 22:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-03-09 11:13 - 2016-02-08 22:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-03-09 11:13 - 2016-02-08 22:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-03-09 11:13 - 2016-02-08 22:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-03-09 11:13 - 2016-02-08 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-03-09 11:13 - 2016-02-08 22:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-03-09 11:13 - 2016-02-08 22:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-03-09 11:13 - 2016-02-08 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-03-09 11:13 - 2016-02-08 22:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-03-09 11:13 - 2016-02-08 22:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-03-09 11:13 - 2016-02-08 22:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-03-09 11:13 - 2016-02-08 22:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-03-09 11:13 - 2016-02-08 22:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-03-09 11:13 - 2016-02-08 22:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-03-09 11:13 - 2016-02-08 22:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-03-09 11:13 - 2016-02-08 22:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-03-09 11:13 - 2016-02-08 22:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-03-09 11:13 - 2016-02-08 21:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-03-09 11:13 - 2016-02-08 21:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-03-09 11:13 - 2016-02-08 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-03-09 11:13 - 2016-02-08 20:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-03-09 11:13 - 2016-02-08 20:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-03-09 11:13 - 2016-02-08 20:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-03-09 11:13 - 2016-02-08 20:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-03-09 11:13 - 2016-02-08 20:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-03-09 11:13 - 2016-02-08 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-03-09 11:13 - 2016-02-08 20:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-03-09 11:13 - 2016-02-08 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-03-09 11:13 - 2016-02-08 20:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-03-09 11:13 - 2016-02-08 20:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-03-09 11:13 - 2016-02-08 20:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-03-09 11:13 - 2016-02-08 20:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-03-09 11:13 - 2016-02-08 20:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-03-09 11:13 - 2016-02-08 20:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-03-09 11:13 - 2016-02-08 20:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-03-09 11:13 - 2016-02-08 20:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-03-09 11:13 - 2016-02-08 20:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-03-09 11:13 - 2016-02-08 20:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-03-09 11:13 - 2016-02-08 19:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-03-09 11:13 - 2016-02-08 19:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-03-09 11:13 - 2016-02-08 19:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-03-09 11:13 - 2016-02-08 19:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-03-09 11:13 - 2016-02-08 19:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-03-09 11:13 - 2016-02-08 19:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-03-09 11:13 - 2016-02-08 19:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-03-09 11:13 - 2016-02-08 19:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-03-09 11:13 - 2016-02-08 19:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-03-09 11:13 - 2016-02-08 19:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-03-09 11:13 - 2016-02-08 19:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-03-09 11:13 - 2016-02-08 19:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-03-09 11:13 - 2016-02-08 19:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-03-09 11:13 - 2016-02-08 19:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-03-09 11:13 - 2016-02-08 18:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-03-09 11:13 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-03-09 11:13 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-03-09 11:13 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-03-09 11:13 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2016-03-09 11:13 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-03-09 11:13 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2016-03-09 11:13 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2016-03-09 11:13 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2016-03-09 11:13 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2016-03-09 11:12 - 2016-02-19 21:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-03-09 11:12 - 2016-02-19 20:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-03-09 11:12 - 2016-02-19 16:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-03-09 11:12 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-03-09 11:12 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-03-09 11:12 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-03-09 11:12 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-03-09 11:12 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-03-09 11:12 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-03-09 11:12 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-03-09 11:12 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-03-09 11:12 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-03-09 11:12 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-03-09 11:12 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-03-09 11:12 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-03-09 11:12 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-03-09 11:12 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-03-09 11:12 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-03-09 11:12 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-03-09 11:12 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-03-09 11:12 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-03-09 11:12 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-03-09 11:12 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-03-09 11:12 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-03-09 11:12 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-03-09 11:12 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-03-09 11:12 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-03-09 11:12 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-03-09 11:12 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-03-09 11:12 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-03-09 11:12 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-03-09 11:12 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-03-09 11:12 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-03-09 11:12 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-03-09 11:12 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-03-09 11:12 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-03-09 11:12 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-03-09 11:12 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-03-09 11:12 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-03-09 11:12 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-03-09 11:12 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-03-09 11:12 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-03-09 11:12 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-03-09 11:12 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-03-09 11:12 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-03-09 11:12 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-03-09 11:12 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-03-09 11:12 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-03-09 11:12 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-03-09 11:12 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-03-09 11:12 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-03-09 11:12 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-03-09 11:12 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-03-09 11:12 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-03-09 11:12 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-03-09 11:12 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-03-09 11:12 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-03-09 11:12 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-03-09 11:12 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-03-09 11:12 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-03-09 11:12 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-03-09 11:12 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-03-09 11:12 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-03-09 11:12 - 2016-02-11 16:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-03-09 11:12 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-03-09 11:12 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2016-03-09 11:12 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2016-03-09 11:12 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2016-03-09 11:12 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2016-03-09 11:12 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2016-03-09 11:12 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2016-03-09 11:12 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-03-09 11:12 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2016-03-09 11:12 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2016-03-09 11:12 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2016-03-09 11:12 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-03-09 11:12 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-03-09 11:12 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-03-09 11:12 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-03-09 11:12 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2016-03-09 11:12 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2016-03-09 11:12 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2016-03-09 11:12 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-03-09 11:12 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-03-09 11:12 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-03-09 11:12 - 2016-02-05 16:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-03-09 11:12 - 2016-02-05 16:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-03-09 11:12 - 2016-02-05 16:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-03-09 11:12 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2016-03-09 11:12 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2016-03-08 23:19 - 2016-03-08 23:19 - 00091081 _____ C:\Users\Admin\Downloads\Rechnungsvorlage-von-Zervant.xlsx ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-30 17:52 - 2014-01-14 00:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-03-30 17:45 - 2014-01-14 00:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-03-30 17:45 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-03-30 17:45 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-03-30 17:44 - 2015-01-29 23:30 - 00000195 _____ C:\Windows\wininit.ini 2016-03-30 17:42 - 2011-04-12 09:43 - 00703792 _____ C:\Windows\system32\perfh007.dat 2016-03-30 17:42 - 2011-04-12 09:43 - 00150930 _____ C:\Windows\system32\perfc007.dat 2016-03-30 17:42 - 2009-07-14 07:13 - 01632006 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-30 17:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-03-30 17:38 - 2016-01-19 21:14 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-30 17:36 - 2016-01-19 21:14 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-30 17:36 - 2014-01-13 23:06 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-30 17:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-30 09:01 - 2014-01-13 23:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-03-29 17:55 - 2016-02-25 22:47 - 00000000 ____D C:\Users\Admin\Documents\Outlook-Dateien 2016-03-29 16:42 - 2014-01-24 19:43 - 00000000 ____D C:\Windows\system32\appmgmt 2016-03-29 16:42 - 2014-01-13 21:27 - 00000000 ____D C:\Users\CUCD 2016-03-29 15:31 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-03-28 23:58 - 2014-11-13 17:20 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA Corporation 2016-03-28 23:58 - 2014-11-13 17:19 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA 2016-03-28 22:38 - 2016-01-19 21:15 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-03-28 22:38 - 2016-01-19 21:15 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-03-28 02:54 - 2009-07-14 04:34 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160329-175418.backup 2016-03-28 01:57 - 2015-12-16 19:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent 2016-03-28 01:54 - 2015-03-22 11:38 - 00000000 ____D C:\ProgramData\Lavasoft 2016-03-28 01:54 - 2014-01-24 20:22 - 00000000 ____D C:\AdwCleaner 2016-03-28 00:41 - 2016-02-10 01:43 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\uTorrent 2016-03-28 00:41 - 2016-01-19 21:37 - 00000000 ____D C:\ProgramData\TEMP 2016-03-28 00:41 - 2014-01-14 00:48 - 00003510 _____ C:\Windows\System32\Tasks\AutoKMS 2016-03-28 00:40 - 2009-07-14 07:08 - 00001386 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-03-27 23:17 - 2016-01-20 01:18 - 00000000 ____D C:\Program Files\CCleaner 2016-03-27 23:17 - 2009-07-14 04:34 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160328-025431.backup 2016-03-27 23:06 - 2014-11-13 17:18 - 00000000 ____D C:\Users\Admin 2016-03-27 22:40 - 2016-02-08 22:46 - 00241090 _____ C:\Windows\ntbtlog.txt 2016-03-27 22:39 - 2009-07-14 04:34 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-231717.backup 2016-03-27 19:30 - 2015-04-21 19:15 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps 2016-03-27 19:00 - 2009-07-14 04:34 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts.20160327-192714.backup 2016-03-27 12:59 - 2014-12-04 21:40 - 00003518 _____ C:\Windows\System32\Tasks\FileAdvisorCheck 2016-03-27 12:59 - 2014-12-04 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor 2016-03-27 12:59 - 2014-12-04 21:40 - 00000000 ____D C:\Program Files (x86)\File Type Advisor 2016-03-27 11:47 - 2015-08-04 09:51 - 00000000 ____D C:\Program Files\Common Files\AV 2016-03-27 11:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing 2016-03-26 21:19 - 2016-02-15 23:44 - 36408922 _____ C:\Users\Admin\Downloads\social-engineer-toolkit-master.part.zip 2016-03-26 21:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2016-03-26 21:06 - 2015-06-06 09:51 - 00077728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys 2016-03-26 20:51 - 2014-01-14 00:40 - 00000000 ____D C:\Windows\ELAMBKUP 2016-03-26 20:49 - 2016-01-19 21:12 - 00000000 ____D C:\ProgramData\AVAST Software 2016-03-25 04:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-03-25 04:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\system32\GWX 2016-03-21 14:38 - 2015-05-09 15:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-03-20 23:02 - 2015-12-18 22:09 - 00000000 ____D C:\Users\Admin\Downloads\Gameforge Live 2016-03-20 23:02 - 2015-10-29 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2016-03-16 21:48 - 2015-04-10 22:58 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2016-03-16 21:42 - 2015-04-09 19:55 - 00000000 ____D C:\ProgramData\Battle.net 2016-03-14 11:38 - 2015-11-20 16:30 - 00000000 ____D C:\Windows\rescache 2016-03-11 15:49 - 2016-02-08 01:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-03-10 17:00 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-03-10 09:37 - 2016-01-20 01:23 - 00517256 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-10 04:05 - 2014-01-13 23:05 - 00000000 ____D C:\Windows\system32\MRT 2016-03-10 04:00 - 2014-12-11 04:19 - 00000000 ____D C:\Windows\system32\appraiser 2016-03-10 04:00 - 2014-01-13 23:05 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-01-14 00:17 - 2014-01-14 00:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-01-24 18:48 - 2014-09-17 19:06 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Einige Dateien in TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\libeay32.dll C:\Users\Admin\AppData\Local\Temp\msvcr120.dll C:\Users\Admin\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-03-21 19:26 ==================== Ende von FRST.txt ============================ |
|
30.03.2016, 17:02
| #11 |
| | WIN 7 Alle Berechtigungen verändert? Komische Dateien Gehackt?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Admin (2016-03-30 17:58:33)
Gestartet von C:\Users\Admin\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-01-13 19:27:24)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-2646704350-2578061303-3144910229-1005 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2646704350-2578061303-3144910229-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-2646704350-2578061303-3144910229-501 - Limited - Disabled)
Mada (S-1-5-21-2646704350-2578061303-3144910229-1006 - Limited - Enabled) => C:\Users\Mada
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Ableton Live 9 Trial (HKLM-x32\...\{09016382-0996-4764-A7DA-B6AF18162672}) (Version: 9.0.0.0 - Ableton)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{FF2A5498-4EFE-430F-A138-7EB365DBEBAD}) (Version: 12.0.0.112 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.5 - Sereby Corporation)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
Any Video Converter 5.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apowersoft Bildschirmrekorder Pro V2.1.1 (HKLM-x32\...\{dc9006db-6b05-4f0f-833b-79ef3f284c24}_is1) (Version: 2.1.1 - APOWERSOFT LIMITED)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{12450631-3289-40F7-AEC3-F6DCB6E1BDCF}) (Version: 4.0.20.365 - ArcSoft)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version: - Ubisoft Montreal)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2010461505.48.56.4134130 - Audible, Inc.)
Audio Recorder Pro 3.70 (HKLM-x32\...\Audio Recorder Pro_is1) (Version: - )
AutoIt v3.3.12.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.12.0 - AutoIt Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - DE (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ExpressCache (HKLM\...\{9EB0073B-20D4-4C03-A931-C8A105B948D3}) (Version: 1.3.112.0 - Condusiv Technologies)
ExpressCacheApp (HKLM-x32\...\ExpressCacheApp) (Version: 1.3.2 - SanDisk Corporation)
File Type Advisor 1.6 (HKLM-x32\...\File Type Advisor_is1) (Version: - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 4.0.9.6 - )
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube to MP3 Converter version 3.12.56.301 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.56.301 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.10 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.10 - Gameforge)
GitHub (HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\5f7eb300e2ea4ebf) (Version: 3.0.12.0 - GitHub, Inc.)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Heroes of the Storm Public Test (HKLM-x32\...\Heroes of the Storm Public Test) (Version: - Blizzard Entertainment)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
JasminCam 3.0.5.12 (HKLM-x32\...\JasminCam) (Version: 3.0.5.12 - DuoDecad ITS)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1019 - Marvell)
Metin2 (HKLM-x32\...\Metin2_DE_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
MultiSplitter v1.4.2 (HKLM-x32\...\{43B988F4-DDA0-401E-A094-07F998CD7003}_is1) (Version: 1.4.2 - saveNtrust GmbH)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version: - Robot Entertainment)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version: - PopCap Games, Inc.)
Pinball FX2 (HKLM-x32\...\Steam App 226980) (Version: - Zen Studios)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco)
RT 7 Lite x64 (Version: 2.6.0 - Rockers Team) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
SoftPerfect RAM Disk 3.4.4 (HKLM\...\{33A14ED9-0340-4193-BEDB-B95BC8196182}_is1) (Version: - SoftPerfect Research)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer)
Tor (remove only) (HKLM-x32\...\Tor) (Version: - )
Trojan Remover 6.9.3 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.3 - Simply Super Software)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ubuntu (HKLM-x32\...\Wubi) (Version: 14.04-rev286 - Ubuntu)
Virtual Casino (HKLM-x32\...\{740ed830-8014-4714-abc4-dd98b8549419}) (Version: 16.01.0-RTG - RealTimeGaming Software)
VISIT-X Video Splitter 9.0.1.4 (HKLM-x32\...\VISIT-X Video Splitter_is1) (Version: 9.0.1.4 - Visit-X B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VX-Software 9 v.9.1.8.3 (HKLM-x32\...\{54DDB1B0-5E5B-4637-99DD-7A364CE6A75B}}_is1) (Version: - )
VX-Tool Uploader 1.0.0.0 (HKLM-x32\...\VX-Tool Uploader) (Version: 1.0.0.0 - VISIT-X)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0A27C6E6-BCF8-4A7B-B69C-7466326C12AC} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe
Task: {1D87EC58-FCD7-4E2D-9388-03C3AAEFE2D8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-01-14] ()
Task: {1EB72401-5EB4-4723-B165-8936C4DA7FFC} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-1 -> Keine Datei <==== ACHTUNG
Task: {2A251594-7C18-46B1-84A5-4EFBE25EA483} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19] (Google Inc.)
Task: {2E4D1E86-DDBD-4C70-96F6-14B33A833A0E} - \SpeedUpMyPC Startup -> Keine Datei <==== ACHTUNG
Task: {446ED920-F695-49E3-990E-093EAECFF917} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-5 -> Keine Datei <==== ACHTUNG
Task: {48BA633D-90E6-456C-BA12-BD51C838B17A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19] (Google Inc.)
Task: {5DB3E237-ACB5-4D79-836A-CF1F154EF94D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-24] (Adobe Systems Incorporated)
Task: {63AE5B03-B091-4B83-B70B-787387465B18} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-01-06] (Symantec Corporation)
Task: {7CEAA206-3DEC-4724-A134-775B932F971C} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-5_user -> Keine Datei <==== ACHTUNG
Task: {83362F89-B90F-4B78-B8E1-D037D5C3BCAF} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-4 -> Keine Datei <==== ACHTUNG
Task: {88B55181-DAA5-4BB3-9338-57B6119EAB39} - System32\Tasks\{AC1511A9-D1D2-45AD-88F0-2460DDA177D2} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.17.0.106&LastError=1168
Task: {89A2FF48-D9FF-4384-A34E-34ED70573988} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2014-02-24] (File Type Advisor)
Task: {92C87A1C-4F7A-4397-B549-6A214269A055} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2014-02-24] ( )
Task: {9504E47E-6A1F-4C99-8824-7E73E7F260F9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\WSCStub.exe
Task: {A223F13B-1DBA-4D56-AEC5-D6BFBA4EFAC1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {ABFC3DBD-2466-48EA-B11F-767490FFC6EB} - \SpeedUpMyPC Maintenance -> Keine Datei <==== ACHTUNG
Task: {BE4C72D1-C68E-4977-B36C-B8D186841152} - System32\Tasks\{DBF9A57B-4BDB-4C87-A615-2A6955D4034F} => pcalua.exe -a "G:\Program Files (x86)\RT7LitePIlaunch.exe" -d "G:\Program Files (x86)"
Task: {C92C5BB4-839A-40D5-8916-62015206F348} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {DF3C763D-B276-4915-9B84-C3EF00AB8C18} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3 -> Keine Datei <==== ACHTUNG
Task: {E116AD0D-430E-4059-B17C-936A7AB3FD5C} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {E39DF62F-0CB8-4461-A639-165C2ADA7396} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe
Task: {E72C6DB3-C807-485E-9809-67B06D50AE59} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-11 -> Keine Datei <==== ACHTUNG
Task: {F5669C08-1372-487C-B414-96368326E294} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {FAB5E6B4-CF6C-47E2-A53A-B9C7A7199465} - \2b6328a9-11c8-46e0-8547-2efb3aafcaa4-2 -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-01-14 00:27 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-15 18:46 - 2014-03-09 17:26 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-24 17:47 - 2014-01-15 15:51 - 00097784 _____ () G:\SoftPerfect RAM Disk\vvlib.dll
2015-12-23 23:34 - 2015-02-26 19:10 - 03561472 _____ () C:\Program Files (x86)\MultiSplitter\MultiSplitter.exe
2015-08-26 09:44 - 2015-08-26 09:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-12-08 21:25 - 2015-12-08 21:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-03-30 17:49 - 2016-03-30 17:50 - 03102208 _____ () C:\Users\Admin\Desktop\ADWCLE~1.EXE
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-06-23 02:24 - 2015-05-28 09:04 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-08 22:33 - 2016-02-08 22:33 - 00081408 ____T () C:\Users\Admin\AppData\Local\Microsoft\bass_vst.dll
2016-02-08 22:33 - 2016-03-30 17:36 - 01758720 ____T () C:\Users\Admin\AppData\Local\Microsoft\engine_vx.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [150]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7883 mehr Seiten.
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\...\123simsen.com -> www.123simsen.com
Da befinden sich 7882 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-03-29 17:54 - 00451576 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15491 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2646704350-2578061303-3144910229-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: Steam => "G:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{81B5964C-976F-4607-924C-851B6F5D4AC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C0450181-68D9-4267-B706-C821E82AF723}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3EE2FD11-059D-44F9-A709-28C95CCC92AE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8465572E-FCBF-4993-B3DD-3D5C38BE7B10}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B66B6427-9BBF-4833-9DC7-4957ACDC4982}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{832691C7-6D6C-474E-BE50-DAF160B4F430}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{422B4892-74DD-4DBF-B343-94D7B086FB93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8E3FECA9-B09D-4B61-93A6-5C8D41326876}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{D6E18B31-C48D-4668-89F7-EB3B196A809C}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{38FE5D2F-E386-485B-B900-50B6C096C9F5}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe
FirewallRules: [{E3C24470-8650-44C7-B1A9-DF4B2FDA8C55}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E6F40F3B-8102-484C-AF7E-ED78ED4957FD}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0D0755B4-6CF1-4D0F-B05A-5DDAF245211C}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{0F958FB1-0409-47EC-99D6-3EAD3B2DCF35}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{DC688926-7891-465C-B9AE-38F07948AC3E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{618E55DD-E05C-49A8-8071-3DFF94494E4E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2FBFFBA-75FF-4EB9-953F-42948FD9A9F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5A5A12FF-7E4D-43E9-8624-51F6BA942E63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E8CF0BC8-B912-4EFB-843E-50B7946D8466}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{31269037-7B51-41CE-815A-11A3ECC781E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0FB327C0-8AD0-4658-8E08-A27066918029}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{B9399578-68A8-45E2-A35D-46C24218C17B}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{63C8E9D0-B176-4DFA-8B13-FD2F9646D7E9}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D97C72A8-9263-43A5-A114-18A08BEDF8AB}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CCE4C19D-124E-4CDE-9A6E-AA5353CA60EA}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{67225A9C-993C-4087-951E-F0BF7956C720}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{E00E4F11-DBD9-4A01-B75B-43C551B50FDF}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{A37F9B07-6557-4DB9-B6FF-2E8EC0B22735}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [TCP Query User{6B6BB29E-A5F5-4AEB-B2CA-7A1C2B43E639}G:\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{1EEC3DB7-894A-49D9-B520-4B2BB9E9680C}G:\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{2C3C2BC0-3D0F-4553-AD48-37CD90E8E812}] => (Block) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{A39FE2D4-B6FE-407F-8F94-A93582282B16}] => (Block) G:\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{46FF5554-4193-4A1E-8897-98168BA40B28}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{5DE0375E-D5B1-43D0-AAAE-AD1469F5FCF6}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{4F32D424-790C-4BCE-A800-F033B72B7163}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{B517208A-BBD0-471C-AFE2-75AF02B0D50D}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{2AACBB30-C3C8-4F01-969C-757819F7B00A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FD58E739-E5FE-41D4-8232-444F84614109}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0C7E89FC-73FE-4208-9352-5BAEA30DE55A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{13CA217B-6753-45FC-8B24-0BCDA56EB695}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1EC5F0E8-9274-4E3E-ACEB-ACD4B85FFFE3}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{055BAE76-1968-4E16-8934-E169FB5E54E0}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{7FF71712-625F-44D5-997A-96A88D283DAB}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{F9ACF49B-1220-427B-8922-9340F7E1A297}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{3CDEBEB6-B31A-41CE-9382-CE2152A81979}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{B7F3CD86-1853-4ED4-86C0-F9648A98E1E4}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{ACA52837-3907-416E-976A-DFD6DB520DC5}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{3399B5DC-04F9-4364-9CFC-8D4954F26D69}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [TCP Query User{0F56BB8F-F8CC-40F8-A6D5-F2FEBA8935E4}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1161C18C-AFEA-4EC4-ABD9-831C064882E7}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{4CDFA00C-6B8D-4356-9271-3D3319E8595D}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{2E562699-E885-4A7A-B116-52789FFE9952}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [{F5F21743-5D12-4162-8670-B7C137F14ED6}] => (Allow) G:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{22F72DD6-D2AE-4508-B163-352F805AF9E9}] => (Allow) G:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F0D180D0-45BC-4F39-8542-0B77DE2C6E7C}] => (Allow) LPort=80
FirewallRules: [{90DFD718-3D2E-489D-B7B7-359333C24DAE}] => (Allow) LPort=443
FirewallRules: [{9B6C02DD-319C-4436-AEAA-0E556C014077}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{E88E644E-6B22-45CB-94CC-FB3C072F7424}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [TCP Query User{1DF8A8C4-D29D-408F-BC25-D0DC2AD71390}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{00572D6E-F873-43DD-951A-2CF06C8A9893}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{EE02DBB9-4491-452A-8038-79336ECB3969}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E0673296-60C0-4EA1-81D6-17B90C56C4B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C60F0F14-FE89-4231-9B22-FDCF282FDEB3}] => (Block) g:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{6434B8A0-82C7-4195-998C-4BC9978C9F0E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7DBE669D-7BC4-41F1-9234-181116AE57D9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E47153A-8A0D-487E-8D60-1771F2229FDE}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7C9CCA25-17AD-4147-B1F1-0ADFE50CD859}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{99C8FE67-3B1B-4CA7-B5EA-EF1E790B76CF}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{31ED3923-425D-418F-A179-CB6DC5E306C2}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{A2C8AC17-C025-45FA-9844-E5B5D832340B}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{AE8EB422-842F-48A5-9FBC-7884678E41A1}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{B9FC474F-D7AF-4426-B5DF-2E2E7AE1F04F}] => (Allow) G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{8828C736-4811-46F7-8D24-4F20B867D820}] => (Allow) G:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{11840102-EC51-4B06-ADC4-1278786B9BFE}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5373847F-D084-46EE-ADED-6A78F67F1166}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5814EC28-A0E6-4193-BADE-F48A492AD451}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{950C95FB-34F7-44D8-9602-9A3879E17690}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{558DDC6B-E854-412B-84D4-555CF6CE8E42}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6112811B-B85D-4822-820F-9DB1D2BB6B87}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D7E6037A-994F-4843-8E67-5BFD3B7B3B3D}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe
FirewallRules: [{B688EE73-CEAB-4ED1-A7FC-A11740D368E7}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe
FirewallRules: [{63FF78D1-E3C2-42BC-B5BB-749A308E9160}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{0B4D94B8-F638-4583-8358-2777CF3DD7E8}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{E0BBF08F-3D5D-4632-93F9-02E0A1FC8DB6}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{32FE316C-2EC5-4E75-9DE1-F56ADF28F0BD}] => (Allow) G:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{8F059E96-B319-46E8-8C24-6F87482C097C}] => (Allow) G:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{31288BA8-463A-4138-80B8-D12001E0879C}C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe] => (Allow) C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe
FirewallRules: [UDP Query User{4599AAAF-DB47-4E08-9DDE-0BFA235400D1}C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe] => (Allow) C:\users\admin\desktop\neuer ordner\hearthranger authbypass.exe
FirewallRules: [{FCB9FDC6-DE01-4CE6-B23C-6023B3F30649}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
30-03-2016 17:43:48 Revo Uninstaller's restore point - Spybot - Search & Destroy
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/30/2016 05:38:06 PM) (Source: .NET Runtime) (EventID: 0) (User: )
Description: .NET Runtime version : 2.0.50727.5485 - Kein Debugger gefunden.Der registrierte JIT-Debugger ist nicht verfügbar. Das Starten eines JIT-Debuggers mit folgendem Befehl gab folgenden Fehlercode zurück 0x2 (2). Überprüfen Sie die Computereinstellungen.
"C:\Program Files\Soluto\Debugger\x86\ntsd.exe" -p 1932 -d -noio -c ".dump /mFhut /u /o C:\ProgramData\Soluto\Dumps\ApplicationDumps\JIT.dmp; .kill; q"
Klicken Sie auf "Wiederholen", damit der Prozess während dem manuellen Anhängen eines Debuggers angehalten wird.
Klicken Sie auf "Abbrechen", um die JIT-Debuganforderung abzubrechen.
Error: (03/30/2016 05:36:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2016 03:12:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ExpressCache.exe, Version: 1.3.112.0, Zeitstempel: 0x52e97292
Name des fehlerhaften Moduls: NsNtfsTVE-Ex.dll, Version: 16.0.1014.0, Zeitstempel: 0x52df08f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000022630
ID des fehlerhaften Prozesses: 0x5a4
Startzeit der fehlerhaften Anwendung: 0xExpressCache.exe0
Pfad der fehlerhaften Anwendung: ExpressCache.exe1
Pfad des fehlerhaften Moduls: ExpressCache.exe2
Berichtskennung: ExpressCache.exe3
Error: (03/30/2016 12:42:21 AM) (Source: .NET Runtime) (EventID: 0) (User: )
Description: .NET Runtime version : 2.0.50727.5485 - Kein Debugger gefunden.Der registrierte JIT-Debugger ist nicht verfügbar. Das Starten eines JIT-Debuggers mit folgendem Befehl gab folgenden Fehlercode zurück 0x2 (2). Überprüfen Sie die Computereinstellungen.
"C:\Program Files\Soluto\Debugger\x86\ntsd.exe" -p 900 -d -noio -c ".dump /mFhut /u /o C:\ProgramData\Soluto\Dumps\ApplicationDumps\JIT.dmp; .kill; q"
Klicken Sie auf "Wiederholen", damit der Prozess während dem manuellen Anhängen eines Debuggers angehalten wird.
Klicken Sie auf "Abbrechen", um die JIT-Debuganforderung abzubrechen.
Error: (03/29/2016 04:42:35 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: CUCD-PC)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\CUCD. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden.
DETAIL - Das Verzeichnis ist nicht leer.
Error: (03/29/2016 03:33:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.18231 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1698
Startzeit: 01d189bf963c9305
Endzeit: 0
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID: d8a71bb2-f5b2-11e5-9f98-08606e6a4329
Error: (03/29/2016 03:31:56 PM) (Source: .NET Runtime) (EventID: 0) (User: )
Description: .NET Runtime version : 2.0.50727.5485 - Kein Debugger gefunden.Der registrierte JIT-Debugger ist nicht verfügbar. Das Starten eines JIT-Debuggers mit folgendem Befehl gab folgenden Fehlercode zurück 0x2 (2). Überprüfen Sie die Computereinstellungen.
"C:\Program Files\Soluto\Debugger\x86\ntsd.exe" -p 1884 -d -noio -c ".dump /mFhut /u /o C:\ProgramData\Soluto\Dumps\ApplicationDumps\JIT.dmp; .kill; q"
Klicken Sie auf "Wiederholen", damit der Prozess während dem manuellen Anhängen eines Debuggers angehalten wird.
Klicken Sie auf "Abbrechen", um die JIT-Debuganforderung abzubrechen.
Error: (03/29/2016 03:30:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2016 12:42:21 AM) (Source: .NET Runtime) (EventID: 0) (User: )
Description: .NET Runtime version : 2.0.50727.5485 - Kein Debugger gefunden.Der registrierte JIT-Debugger ist nicht verfügbar. Das Starten eines JIT-Debuggers mit folgendem Befehl gab folgenden Fehlercode zurück 0x2 (2). Überprüfen Sie die Computereinstellungen.
"C:\Program Files\Soluto\Debugger\x86\ntsd.exe" -p 7228 -d -noio -c ".dump /mFhut /u /o C:\ProgramData\Soluto\Dumps\ApplicationDumps\JIT.dmp; .kill; q"
Klicken Sie auf "Wiederholen", damit der Prozess während dem manuellen Anhängen eines Debuggers angehalten wird.
Klicken Sie auf "Abbrechen", um die JIT-Debuganforderung abzubrechen.
Error: (03/28/2016 05:08:13 PM) (Source: .NET Runtime) (EventID: 0) (User: )
Description: .NET Runtime version : 2.0.50727.5485 - Kein Debugger gefunden.Der registrierte JIT-Debugger ist nicht verfügbar. Das Starten eines JIT-Debuggers mit folgendem Befehl gab folgenden Fehlercode zurück 0x2 (2). Überprüfen Sie die Computereinstellungen.
"C:\Program Files\Soluto\Debugger\x86\ntsd.exe" -p 1856 -d -noio -c ".dump /mFhut /u /o C:\ProgramData\Soluto\Dumps\ApplicationDumps\JIT.dmp; .kill; q"
Klicken Sie auf "Wiederholen", damit der Prozess während dem manuellen Anhängen eines Debuggers angehalten wird.
Klicken Sie auf "Abbrechen", um die JIT-Debuganforderung abzubrechen.
Systemfehler:
=============
Error: (03/30/2016 05:42:43 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Programme Installationen" den Befehl "chkdsk" aus.
Error: (03/30/2016 05:37:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (03/30/2016 05:36:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
4474777drv
Error: (03/30/2016 03:12:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ExpressCache" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2016 03:31:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (03/29/2016 03:30:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
4474777drv
Error: (03/29/2016 08:22:18 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (03/28/2016 05:07:43 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (03/28/2016 05:07:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
4474777drv
Error: (03/28/2016 03:07:23 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
CodeIntegrity:
===================================
Date: 2014-10-15 00:03:56.300
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:03:56.299
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:02:02.518
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:00:17.258
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:00:17.257
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:00:17.256
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 04:24:33.541
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 04:24:33.540
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 04:24:18.402
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-14 00:16:51.177
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 16333.65 MB
Verfügbarer physikalischer RAM: 12324.02 MB
Summe virtueller Speicher: 32665.51 MB
Verfügbarer virtueller Speicher: 28817.16 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:30.56 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: (Backups Wichtig!!) (Fixed) (Total:465.76 GB) (Free:421.08 GB) NTFS
Drive g: (Programme Installationen) (Fixed) (Total:465.76 GB) (Free:133.72 GB) NTFS
Drive h: () (Fixed) (Total:465.75 GB) (Free:465.62 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3D6C58F9)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: 7B135942)
Partition 1: (Not Active) - (Size=29.8 GB) - (Type=73)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F3671383)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D3519421)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
30.03.2016, 22:45
| #12 |
| /// Malwareteam | WIN 7 Alle Berechtigungen verändert? Komische Dateien Gehackt? Schritt: 1 Bitte lade die folgendes Tool, um deine bisherige Version von Malwarebytes zu deinstallieren: https://downloads.malwarebytes.org/file/mbam_clean Downloade Dir bitte Malwarebytes Anti-Malware
Schritt: 2 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
| Themen zu WIN 7 Alle Berechtigungen verändert? Komische Dateien Gehackt? |
| admin, andere, berechtigungen, dateien, diverse, gefangen, gehackt, gen, hacker, helft, infiziert, kaspersky, komische, langsam, laufen, nicht mehr, ordner, programme, spuren, verändert, weiterhelfen, win, windows 7 64bit professional, wissen, würde, zugriff, zurückverfolgen, öffnen |
dann auf 
und dann auf 
. 
Hybrid-Darstellung
