ADW-Cleaner ---Reinigungs probleme. unerwünschte Browser url´s werden nicht dauerhaft entfernt

mikon · 28.07.2016, 23:01

adw Cleaner

Hallo ich habe bestimmt seid nem 3/4 Jahr ein problem mit einem was weis ich namens www.palikan.com/ in meinem Google Browser. Trots regelmäßigen adw cleaner einsatz kommt es immer wieder...mit der zeit werden es immer mehr URLS Extensions und so. Ich bin leider nicht der experte in solchen dingen, ich habe mit meiner Musik genug um die Ohren. Ich glaube das ich bei euch mit solchen dingen gut aufgehoben sein könnte und bitte hiermit um hilfe. Ich habe mal die letzte Protokoll datei hier unten drunter kopiert. Wenn noch mehr infos erforderlich sein sollten, reiche ich sie gern nach.

# AdwCleaner v5.201 - Bericht erstellt am 28/07/2016 um 23:12:28
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-28.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (X64)
# Benutzername : homebase - HOMEBASE-PC
# Gestartet von : C:\Users\homebase\Desktop\adwcleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****

***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\libedajeiljdoodmokbppgapcfbignci

***** [ Dateien ] *****

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Verknüpfungen ] *****

***** [ Aufgabenplanung ] *****

***** [ Registrierungsdatenbank ] *****

***** [ Internetbrowser ] *****

[-] [C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] gelöscht : hxxp://www.palikan.com/?f=7&a=plk_bimmed_15_53&cd=2XzuyEtN2Y1L1Qzu0CyE0EzyzzyEtDyByByC0F0DtBtD0DyDtN0D0Tzu0StCyEyCtAtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2St D0FtCtCtA0DtAtBtGyB0AyDyCtG0B0EtDzytGtB0CzytAtG0FtCzztByEyByB0FtDtCzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtAyD0CtB0C0DyCtGtAzzyBtCtGyEtD0ByCtGzyyD0B0DtGyBzy0 E0A0CtAyByD0F0CtB0E2QtN0A0LzuyE&cr=1289375483&ir=
[-] [C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] gelöscht : hxxp://www.trovi.com/?gd=&ctid=CT3320326&octid=EB_ORIGINAL_CTID&ISID=M297D25D0-35E0-4676-A8C7-0C422BFFF1E0&SearchSource=55&CUI=&UM=8&UP=SPE1461AC8-66C3-4FB2-B070-400D90CD8D55&D=032816&SSPV=
[-] [C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : libedajeiljdoodmokbppgapcfbignci
[-] [C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : ljmibnagodajacnnbifpamhggcohblip
[-] [C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] gelöscht : hxxp://www.trovi.com/?gd=&ctid=CT3320326&octid=EB_ORIGINAL_CTID&ISID=M297D25D0-35E0-4676-A8C7-0C422BFFF1E0&SearchSource=55&CUI=&UM=8&UP=SPE1461AC8-66C3-4FB2-B070-400D90CD8D55&D=032816&SSPV=

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3516 Bytes] - [15/06/2016 16:58:20]
C:\AdwCleaner\AdwCleaner[C2].txt - [2526 Bytes] - [28/07/2016 23:12:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [3345 Bytes] - [15/06/2016 16:55:48]
C:\AdwCleaner\AdwCleaner[S2].txt - [2497 Bytes] - [28/07/2016 22:44:51]
C:\AdwCleaner\AdwCleaner[S3].txt - [2570 Bytes] - [28/07/2016 23:09:35]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2818 Bytes] ##########

M-K-D-B · 29.07.2016, 12:39

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

mikon · 30.07.2016, 09:00

Code:

ATTFilter

09:49:46.0403 0x0368  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
09:50:50.0229 0x0368  ============================================================
09:50:50.0229 0x0368  Current date / time: 2016/07/30 09:50:50.0229
09:50:50.0229 0x0368  SystemInfo:
09:50:50.0229 0x0368  
09:50:50.0229 0x0368  OS Version: 6.1.7601 ServicePack: 1.0
09:50:50.0229 0x0368  Product type: Workstation
09:50:50.0229 0x0368  ComputerName: HOMEBASE-PC
09:50:50.0229 0x0368  UserName: homebase
09:50:50.0229 0x0368  Windows directory: C:\Windows
09:50:50.0229 0x0368  System windows directory: C:\Windows
09:50:50.0229 0x0368  Running under WOW64
09:50:50.0229 0x0368  Processor architecture: Intel x64
09:50:50.0229 0x0368  Number of processors: 4
09:50:50.0229 0x0368  Page size: 0x1000
09:50:50.0229 0x0368  Boot type: Normal boot
09:50:50.0229 0x0368  ============================================================
09:50:50.0307 0x0368  KLMD registered as C:\Windows\system32\drivers\78620467.sys
09:50:50.0448 0x0368  System UUID: {FC0EAD4F-296A-CF9B-0B4D-BB09E0F40C35}
09:50:50.0962 0x0368  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:50:50.0978 0x0368  Drive \Device\Harddisk1\DR1 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:50:50.0978 0x0368  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:50:50.0978 0x0368  Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:50:50.0978 0x0368  ============================================================
09:50:50.0978 0x0368  \Device\Harddisk0\DR0:
09:50:50.0978 0x0368  MBR partitions:
09:50:50.0978 0x0368  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x60A73
09:50:50.0978 0x0368  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61278, BlocksNum 0x15115800
09:50:50.0978 0x0368  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x15177000, BlocksNum 0x804E170
09:50:50.0978 0x0368  \Device\Harddisk1\DR1:
09:50:50.0978 0x0368  MBR partitions:
09:50:50.0978 0x0368  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
09:50:50.0978 0x0368  \Device\Harddisk2\DR2:
09:50:50.0978 0x0368  MBR partitions:
09:50:50.0978 0x0368  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
09:50:50.0978 0x0368  \Device\Harddisk3\DR3:
09:50:50.0978 0x0368  GPT partitions:
09:50:50.0978 0x0368  \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {5808C8AA-7E8F-42E0-85D2-E1E90434CFB3}, UniqueGUID: {319614E2-7889-11E5-AD32-BC5FF45E81B6}, Name: LDM metadata partition, StartLBA 0x22, BlocksNum 0x800
09:50:50.0978 0x0368  \Device\Harddisk3\DR3\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {319614E3-7889-11E5-AD32-BC5FF45E81B6}, Name: Microsoft reserved partition, StartLBA 0x822, BlocksNum 0x3F800
09:50:50.0978 0x0368  \Device\Harddisk3\DR3\Partition3: GPT, TypeGUID: {AF9B60A0-1431-4F62-BC68-3311714A69AD}, UniqueGUID: {319614EB-7889-11E5-AD32-BC5FF45E81B6}, Name: LDM data partition, StartLBA 0x40022, BlocksNum 0x746C6D6D
09:50:50.0978 0x0368  MBR partitions:
09:50:50.0978 0x0368  ============================================================
09:50:50.0978 0x0368  C: <-> \Device\Harddisk0\DR0\Partition2
09:50:50.0978 0x0368  M: <-> \Device\Harddisk0\DR0\Partition3
09:50:50.0994 0x0368  N: <-> \Device\Harddisk1\DR1\Partition1
09:50:51.0040 0x0368  O: <-> \Device\Harddisk2\DR2\Partition1
09:50:51.0040 0x0368  ============================================================
09:50:51.0040 0x0368  Initialize success
09:50:51.0040 0x0368  ============================================================
09:52:04.0878 0x05f0  ============================================================
09:52:04.0878 0x05f0  Scan started
09:52:04.0878 0x05f0  Mode: Manual; SigCheck; TDLFS; 
09:52:04.0878 0x05f0  ============================================================
09:52:04.0878 0x05f0  KSN ping started
09:52:16.0042 0x05f0  KSN ping finished: true
09:52:16.0660 0x05f0  ================ Scan system memory ========================
09:52:16.0660 0x05f0  System memory - ok
09:52:16.0660 0x05f0  ================ Scan services =============================
09:52:16.0703 0x05f0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
09:52:16.0779 0x05f0  1394ohci - ok
09:52:16.0795 0x05f0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:52:16.0815 0x05f0  ACPI - ok
09:52:16.0819 0x05f0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:52:16.0835 0x05f0  AcpiPmi - ok
09:52:16.0863 0x05f0  [ 5408C05EC720D3A08640259E4E38A32B, E244CC8CF1D5921A3693638535AB28FF5CD4C0B1528C806380063867155FD687 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:52:16.0882 0x05f0  AdobeFlashPlayerUpdateSvc - ok
09:52:16.0896 0x05f0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:52:16.0918 0x05f0  adp94xx - ok
09:52:16.0929 0x05f0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:52:16.0948 0x05f0  adpahci - ok
09:52:16.0956 0x05f0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:52:16.0971 0x05f0  adpu320 - ok
09:52:16.0978 0x05f0  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:52:16.0993 0x05f0  AeLookupSvc - ok
09:52:17.0007 0x05f0  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
09:52:17.0031 0x05f0  AFD - ok
09:52:17.0036 0x05f0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:52:17.0049 0x05f0  agp440 - ok
09:52:17.0054 0x05f0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:52:17.0070 0x05f0  ALG - ok
09:52:17.0074 0x05f0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:52:17.0086 0x05f0  aliide - ok
09:52:17.0094 0x05f0  [ 606C8F129FE18D6E3EA2FD542D43D72D, 1BDB9B1C3C8345429FFF25189DCA16F4174F29B5C5DFD5AEB5C277CD4E6EBCA8 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:52:17.0117 0x05f0  AMD External Events Utility - ok
09:52:17.0128 0x05f0  [ B12D8F8A42080B955D027EE56F5BD1C3, AA4763AF1D77F7F1FF3BFEC5B800E7E38F954C1488B19ED645B04FEC4D771A1C ] AMD FUEL Service C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
09:52:17.0141 0x05f0  AMD FUEL Service - detected UnsignedFile.Multi.Generic ( 1 )
09:52:17.0272 0x05f0  Detect skipped due to KSN trusted
09:52:17.0272 0x05f0  AMD FUEL Service - ok
09:52:17.0280 0x05f0  [ 05120427227F6F088ECA75942ED7ACA9, BD25436EB43C6718F5E6A4C3C24831189D3A893DC87AA0ADED993B7C3126F2E9 ] amdhub30        C:\Windows\system32\DRIVERS\amdhub30.sys
09:52:17.0293 0x05f0  amdhub30 - ok
09:52:17.0297 0x05f0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:52:17.0309 0x05f0  amdide - ok
09:52:17.0313 0x05f0  [ 35D34AD337A1AC46F74C3377B4CCA88E, 046695BDF540EDCA87C36EDC725615ACA99DA57558A54CAC1B49F245D702B406 ] amdide64        C:\Windows\system32\DRIVERS\amdide64.sys
09:52:17.0333 0x05f0  amdide64 - ok
09:52:17.0337 0x05f0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:52:17.0352 0x05f0  AmdK8 - ok
09:52:17.0356 0x05f0  amdkmdag - ok
09:52:17.0374 0x05f0  [ C0C27A1094F6EA978FB2CAACFDE0E594, 9B481D55ED3D55A975CB1EB32DD0DB9AD032D592585A5799F81918EFB7843AAE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
09:52:17.0406 0x05f0  amdkmdap - ok
09:52:17.0412 0x05f0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:52:17.0427 0x05f0  AmdPPM - ok
09:52:17.0432 0x05f0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:52:17.0447 0x05f0  amdsata - ok
09:52:17.0454 0x05f0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:52:17.0470 0x05f0  amdsbs - ok
09:52:17.0474 0x05f0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:52:17.0486 0x05f0  amdxata - ok
09:52:17.0495 0x05f0  [ 7DCA2C59491D420947A0B529DB37C7CF, 4673DD141F02801A61FF057BE9DA7FD214C1F9ED31BCB035A8C4E44C579799E4 ] amdxhc          C:\Windows\system32\DRIVERS\amdxhc.sys
09:52:17.0510 0x05f0  amdxhc - ok
09:52:17.0515 0x05f0  [ 033D09CD953C40B4AFBA9DCB1D1DFB8E, 629BE54E64C8B3FFE9F52820F6BF2802D50F719F63A621C998865FFD61C9F84E ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
09:52:17.0527 0x05f0  amd_sata - ok
09:52:17.0532 0x05f0  [ F32F762E54137925E185E5FDA5F73826, A9CC747C0886628F8A5145FBE09FFCA6B5E4EFC0F4457E4824E004A329DFC765 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
09:52:17.0543 0x05f0  amd_xata - ok
09:52:17.0547 0x05f0  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
09:52:17.0559 0x05f0  AODDriver4.3 - ok
09:52:17.0564 0x05f0  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
09:52:17.0578 0x05f0  AppHostSvc - ok
09:52:17.0583 0x05f0  [ 5F9389D9A2D5A2A7B03DC92914B43A88, CCF08F6BCF2479CA97055A88849CB2E1D7DD32DD87AC3833CB349E788F594AAF ] AppID           C:\Windows\system32\drivers\appid.sys
09:52:17.0598 0x05f0  AppID - ok
09:52:17.0603 0x05f0  [ 4EC449C6A6FE42F2E44F25C17D17C9F1, 24161794DEC599427F370970F7E03548F55BC8A4A58F3B667F565E571BCA0100 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:52:17.0617 0x05f0  AppIDSvc - ok
09:52:17.0622 0x05f0  [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo         C:\Windows\System32\appinfo.dll
09:52:17.0637 0x05f0  Appinfo - ok
09:52:17.0644 0x05f0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:52:17.0661 0x05f0  AppMgmt - ok
09:52:17.0667 0x05f0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
09:52:17.0680 0x05f0  arc - ok
09:52:17.0685 0x05f0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:52:17.0699 0x05f0  arcsas - ok
09:52:17.0704 0x05f0  [ C2E04941AE03F1203A064BCBB319965A, BFB00D45B377857B793663003665A73565DE2AADE397B8A22200765F9C7FDA1B ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
09:52:17.0715 0x05f0  asahci64 - ok
09:52:17.0721 0x05f0  [ 6FE3237C1177E66437E7AD0E8AC1A6E5, 3223D4E57150DE8F768BC1BE0E6DCFFC6CA5B09DC7D7ADF283C90929100B0B7B ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
09:52:17.0740 0x05f0  asmthub3 - ok
09:52:17.0752 0x05f0  [ C4043E39A2ABBC56581CA25DF161E9F7, 1B53A8BEE4823EA842A00F5304428F0B4D14078045CF84ED20D8DF0FB8826040 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
09:52:17.0776 0x05f0  asmtxhci - ok
09:52:17.0796 0x05f0  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:52:17.0812 0x05f0  aspnet_state - ok
09:52:17.0816 0x05f0  [ 30F92A4B666E1E53C418B2D3024FDF6E, 164639CD210201FFEE76E7F63A9484419BF396EA416AAACDECFC501349A790AB ] AsrVDrive       C:\Windows\system32\DRIVERS\AsrVDrive.sys
09:52:17.0827 0x05f0  AsrVDrive - ok
09:52:17.0831 0x05f0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:52:17.0863 0x05f0  AsyncMac - ok
09:52:17.0867 0x05f0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:52:17.0880 0x05f0  atapi - ok
09:52:17.0887 0x05f0  [ F270AFC3848C54C67E3BFB892CE9B9C6, BF5F087D2677E8D75DB34335B54496A3C3AFBCE5A019C52B9EB2B1D19A0803B1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
09:52:17.0902 0x05f0  AtiHDAudioService - ok
09:52:17.0919 0x05f0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:52:17.0948 0x05f0  AudioEndpointBuilder - ok
09:52:17.0966 0x05f0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:52:17.0994 0x05f0  AudioSrv - ok
09:52:17.0999 0x05f0  [ 62656382273E8E8BA91A5351EEB6645A, 80DCC4324C53E2ACDC57C36F060F5CA1CEE762FE98FF40AAB5DBD166095F281A ] automap         C:\Windows\system32\DRIVERS\automap.sys
09:52:18.0010 0x05f0  automap - ok
09:52:18.0015 0x05f0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:52:18.0036 0x05f0  AxInstSV - ok
09:52:18.0049 0x05f0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:52:18.0072 0x05f0  b06bdrv - ok
09:52:18.0082 0x05f0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:52:18.0101 0x05f0  b57nd60a - ok
09:52:18.0109 0x05f0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:52:18.0125 0x05f0  BDESVC - ok
09:52:18.0130 0x05f0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:52:18.0162 0x05f0  Beep - ok
09:52:18.0179 0x05f0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
09:52:18.0208 0x05f0  BFE - ok
09:52:18.0230 0x05f0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
09:52:18.0280 0x05f0  BITS - ok
09:52:18.0286 0x05f0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:52:18.0300 0x05f0  blbdrive - ok
09:52:18.0308 0x05f0  [ 3F56903E124E820AEECE6D471583C6C1, B3C045AFACC8A8F5DC289ADE9ACFB2FE7F9CA24A900BBAED47E2A63837208CB3 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
09:52:18.0323 0x05f0  Bonjour Service - ok
09:52:18.0328 0x05f0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:52:18.0342 0x05f0  bowser - ok
09:52:18.0346 0x05f0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:52:18.0362 0x05f0  BrFiltLo - ok
09:52:18.0366 0x05f0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:52:18.0382 0x05f0  BrFiltUp - ok
09:52:18.0388 0x05f0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
09:52:18.0405 0x05f0  Browser - ok
09:52:18.0414 0x05f0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:52:18.0434 0x05f0  Brserid - ok
09:52:18.0439 0x05f0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:52:18.0456 0x05f0  BrSerWdm - ok
09:52:18.0460 0x05f0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:52:18.0476 0x05f0  BrUsbMdm - ok
09:52:18.0479 0x05f0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:52:18.0493 0x05f0  BrUsbSer - ok
09:52:18.0498 0x05f0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:52:18.0515 0x05f0  BTHMODEM - ok
09:52:18.0522 0x05f0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:52:18.0556 0x05f0  bthserv - ok
09:52:18.0561 0x05f0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:52:18.0595 0x05f0  cdfs - ok
09:52:18.0601 0x05f0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:52:18.0618 0x05f0  cdrom - ok
09:52:18.0624 0x05f0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:52:18.0656 0x05f0  CertPropSvc - ok
09:52:18.0661 0x05f0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:52:18.0677 0x05f0  circlass - ok
09:52:18.0688 0x05f0  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
09:52:18.0708 0x05f0  CLFS - ok
09:52:18.0715 0x05f0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:52:18.0729 0x05f0  clr_optimization_v2.0.50727_32 - ok
09:52:18.0735 0x05f0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:52:18.0749 0x05f0  clr_optimization_v2.0.50727_64 - ok
09:52:18.0760 0x05f0  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:52:18.0777 0x05f0  clr_optimization_v4.0.30319_32 - ok
09:52:18.0783 0x05f0  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:52:18.0800 0x05f0  clr_optimization_v4.0.30319_64 - ok
09:52:18.0804 0x05f0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
09:52:18.0818 0x05f0  CmBatt - ok
09:52:18.0822 0x05f0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:52:18.0834 0x05f0  cmdide - ok
09:52:18.0847 0x05f0  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
09:52:18.0874 0x05f0  CNG - ok
09:52:18.0950 0x05f0  [ 7FFB9B41FF34F3F8D5E6C9634569E866, 8F65CDAE5E176E9621655BCFA910AA383AD9749929EB712A9A61DFB04926A19C ] CodeMeter.exe   C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
09:52:19.0039 0x05f0  CodeMeter.exe - ok
09:52:19.0049 0x05f0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
09:52:19.0061 0x05f0  Compbatt - ok
09:52:19.0066 0x05f0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
09:52:19.0082 0x05f0  CompositeBus - ok
09:52:19.0086 0x05f0  COMSysApp - ok
09:52:19.0095 0x05f0  cpuz136 - ok
09:52:19.0099 0x05f0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:52:19.0112 0x05f0  crcdisk - ok
09:52:19.0121 0x05f0  [ B1962E21F74697AB442FA4432B970E85, DADE4C90624EC928699246785E3DF73D795B5C68834FCD99D3063AD647423D12 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:52:19.0139 0x05f0  CryptSvc - ok
09:52:19.0153 0x05f0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
09:52:19.0177 0x05f0  CSC - ok
09:52:19.0194 0x05f0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
09:52:19.0222 0x05f0  CscService - ok
09:52:19.0230 0x05f0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
09:52:19.0245 0x05f0  dbupdate - ok
09:52:19.0251 0x05f0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
09:52:19.0266 0x05f0  dbupdatem - ok
09:52:19.0282 0x05f0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:52:19.0308 0x05f0  DcomLaunch - ok
09:52:19.0318 0x05f0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:52:19.0357 0x05f0  defragsvc - ok
09:52:19.0362 0x05f0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:52:19.0395 0x05f0  DfsC - ok
09:52:19.0401 0x05f0  [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
09:52:19.0420 0x05f0  dg_ssudbus - ok
09:52:19.0430 0x05f0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:52:19.0451 0x05f0  Dhcp - ok
09:52:19.0483 0x05f0  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
09:52:19.0527 0x05f0  DiagTrack - ok
09:52:19.0533 0x05f0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:52:19.0566 0x05f0  discache - ok
09:52:19.0571 0x05f0  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
09:52:19.0584 0x05f0  Disk - ok
09:52:19.0590 0x05f0  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
09:52:19.0604 0x05f0  dmvsc - ok
09:52:19.0612 0x05f0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:52:19.0629 0x05f0  Dnscache - ok
09:52:19.0637 0x05f0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:52:19.0674 0x05f0  dot3svc - ok
09:52:19.0681 0x05f0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
09:52:19.0715 0x05f0  DPS - ok
09:52:19.0719 0x05f0  DRHARD - ok
09:52:19.0724 0x05f0  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:52:19.0737 0x05f0  drmkaud - ok
09:52:19.0761 0x05f0  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:52:19.0794 0x05f0  DXGKrnl - ok
09:52:19.0802 0x05f0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:52:19.0836 0x05f0  EapHost - ok
09:52:19.0906 0x05f0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:52:19.0990 0x05f0  ebdrv - ok
09:52:20.0000 0x05f0  [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] EFS             C:\Windows\System32\lsass.exe
09:52:20.0014 0x05f0  EFS - ok
09:52:20.0018 0x05f0  [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
09:52:20.0030 0x05f0  ElbyCDIO - ok
09:52:20.0045 0x05f0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:52:20.0068 0x05f0  elxstor - ok
09:52:20.0073 0x05f0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:52:20.0086 0x05f0  ErrDev - ok
09:52:20.0101 0x05f0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:52:20.0142 0x05f0  EventSystem - ok
09:52:20.0150 0x05f0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:52:20.0186 0x05f0  exfat - ok
09:52:20.0194 0x05f0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:52:20.0230 0x05f0  fastfat - ok
09:52:20.0247 0x05f0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
09:52:20.0276 0x05f0  Fax - ok
09:52:20.0281 0x05f0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
09:52:20.0296 0x05f0  fdc - ok
09:52:20.0299 0x05f0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:52:20.0332 0x05f0  fdPHost - ok
09:52:20.0336 0x05f0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:52:20.0368 0x05f0  FDResPub - ok
09:52:20.0373 0x05f0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:52:20.0386 0x05f0  FileInfo - ok
09:52:20.0390 0x05f0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:52:20.0422 0x05f0  Filetrace - ok
09:52:20.0426 0x05f0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:52:20.0440 0x05f0  flpydisk - ok
09:52:20.0449 0x05f0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:52:20.0467 0x05f0  FltMgr - ok
09:52:20.0495 0x05f0  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
09:52:20.0534 0x05f0  FontCache - ok
09:52:20.0541 0x05f0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:52:20.0552 0x05f0  FontCache3.0.0.0 - ok
09:52:20.0557 0x05f0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:52:20.0570 0x05f0  FsDepends - ok
09:52:20.0574 0x05f0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:52:20.0586 0x05f0  Fs_Rec - ok
09:52:20.0595 0x05f0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:52:20.0613 0x05f0  fvevol - ok
09:52:20.0619 0x05f0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:52:20.0632 0x05f0  gagp30kx - ok
09:52:20.0650 0x05f0  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
09:52:20.0679 0x05f0  gpsvc - ok
09:52:20.0687 0x05f0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:52:20.0702 0x05f0  gupdate - ok
09:52:20.0708 0x05f0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:52:20.0723 0x05f0  gupdatem - ok
09:52:20.0728 0x05f0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:52:20.0741 0x05f0  hcw85cir - ok
09:52:20.0752 0x05f0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:52:20.0775 0x05f0  HdAudAddService - ok
09:52:20.0781 0x05f0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:52:20.0800 0x05f0  HDAudBus - ok
09:52:20.0804 0x05f0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:52:20.0818 0x05f0  HidBatt - ok
09:52:20.0823 0x05f0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:52:20.0841 0x05f0  HidBth - ok
09:52:20.0846 0x05f0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:52:20.0862 0x05f0  HidIr - ok
09:52:20.0866 0x05f0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
09:52:20.0899 0x05f0  hidserv - ok
09:52:20.0903 0x05f0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:52:20.0916 0x05f0  HidUsb - ok
09:52:20.0921 0x05f0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:52:20.0954 0x05f0  hkmsvc - ok
09:52:20.0962 0x05f0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:52:20.0980 0x05f0  HomeGroupListener - ok
09:52:20.0988 0x05f0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:52:21.0006 0x05f0  HomeGroupProvider - ok
09:52:21.0012 0x05f0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:52:21.0025 0x05f0  HpSAMD - ok
09:52:21.0043 0x05f0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:52:21.0071 0x05f0  HTTP - ok
09:52:21.0077 0x05f0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:52:21.0089 0x05f0  hwpolicy - ok
09:52:21.0094 0x05f0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:52:21.0110 0x05f0  i8042prt - ok
09:52:21.0122 0x05f0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:52:21.0143 0x05f0  iaStorV - ok
09:52:21.0163 0x05f0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:52:21.0194 0x05f0  idsvc - ok
09:52:21.0200 0x05f0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:52:21.0212 0x05f0  iirsp - ok
09:52:21.0233 0x05f0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
09:52:21.0265 0x05f0  IKEEXT - ok
09:52:21.0274 0x05f0  IntcAzAudAddService - ok
09:52:21.0278 0x05f0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:52:21.0290 0x05f0  intelide - ok
09:52:21.0295 0x05f0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
09:52:21.0310 0x05f0  intelppm - ok
09:52:21.0316 0x05f0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:52:21.0350 0x05f0  IPBusEnum - ok
09:52:21.0355 0x05f0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:52:21.0387 0x05f0  IpFilterDriver - ok
09:52:21.0401 0x05f0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:52:21.0427 0x05f0  iphlpsvc - ok
09:52:21.0434 0x05f0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:52:21.0449 0x05f0  IPMIDRV - ok
09:52:21.0455 0x05f0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:52:21.0489 0x05f0  IPNAT - ok
09:52:21.0493 0x05f0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:52:21.0511 0x05f0  IRENUM - ok
09:52:21.0515 0x05f0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:52:21.0527 0x05f0  isapnp - ok
09:52:21.0536 0x05f0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:52:21.0553 0x05f0  iScsiPrt - ok
09:52:21.0559 0x05f0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:52:21.0571 0x05f0  kbdclass - ok
09:52:21.0575 0x05f0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:52:21.0590 0x05f0  kbdhid - ok
09:52:21.0594 0x05f0  [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] KeyIso          C:\Windows\system32\lsass.exe
09:52:21.0608 0x05f0  KeyIso - ok
09:52:21.0614 0x05f0  [ F2A025E1C513407D0788D8D60DC33E99, CFB07F5C61690A7400D5F2F2522238157E713F70ED13D680A3391215A2B66F30 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:52:21.0627 0x05f0  KSecDD - ok
09:52:21.0633 0x05f0  [ 8F9129F7DC2BC8F4B12BF89385450567, 569BDD92D6359B030372AD63914C4F1E99E3C724619204405E758644237998FD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:52:21.0648 0x05f0  KSecPkg - ok
09:52:21.0653 0x05f0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:52:21.0684 0x05f0  ksthunk - ok
09:52:21.0695 0x05f0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:52:21.0735 0x05f0  KtmRm - ok
09:52:21.0743 0x05f0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:52:21.0780 0x05f0  LanmanServer - ok
09:52:21.0786 0x05f0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:52:21.0820 0x05f0  LanmanWorkstation - ok
09:52:21.0826 0x05f0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:52:21.0858 0x05f0  lltdio - ok
09:52:21.0868 0x05f0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:52:21.0906 0x05f0  lltdsvc - ok
09:52:21.0911 0x05f0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:52:21.0943 0x05f0  lmhosts - ok
09:52:21.0951 0x05f0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:52:21.0965 0x05f0  LSI_FC - ok
09:52:21.0970 0x05f0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:52:21.0984 0x05f0  LSI_SAS - ok
09:52:21.0989 0x05f0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:52:22.0002 0x05f0  LSI_SAS2 - ok
09:52:22.0008 0x05f0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:52:22.0022 0x05f0  LSI_SCSI - ok
09:52:22.0028 0x05f0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:52:22.0062 0x05f0  luafv - ok
09:52:22.0068 0x05f0  [ 1239597BAB7EED2BB16D035AF87E65D9, 67A4F1C8BA77502404629C3411BA76729435012CFA6D7794C46F31BBC118064E ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
09:52:22.0082 0x05f0  mbamchameleon - ok
09:52:22.0086 0x05f0  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:52:22.0098 0x05f0  MBAMProtector - ok
09:52:22.0132 0x05f0  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
09:52:22.0175 0x05f0  MBAMScheduler - ok
09:52:22.0203 0x05f0  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
09:52:22.0238 0x05f0  MBAMService - ok
09:52:22.0248 0x05f0  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
09:52:22.0262 0x05f0  MBAMSwissArmy - ok
09:52:22.0267 0x05f0  [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:52:22.0280 0x05f0  MBAMWebAccessControl - ok
09:52:22.0283 0x05f0  MBfilt - ok
09:52:22.0295 0x05f0  [ 6BEAE38AF3A12C1A91E20F26545ECEAE, EA2713BBA8A431C499D0AE5E9DCD69A0027738BDE978A427694B567157F6B400 ] mc2avs          C:\Windows\system32\Drivers\mc2avs.sys
09:52:22.0313 0x05f0  mc2avs - ok
09:52:22.0319 0x05f0  [ A81566890FFA00D13045DB29B09046A3, 541E520A23566FFBA59CAC908874830BE9D3471DEC9C393521D85F89BDEEFAEF ] mc2usb_svc      C:\Windows\system32\Drivers\mc2usb.sys
09:52:22.0331 0x05f0  mc2usb_svc - ok
09:52:22.0335 0x05f0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:52:22.0348 0x05f0  megasas - ok
09:52:22.0357 0x05f0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:52:22.0375 0x05f0  MegaSR - ok
09:52:22.0381 0x05f0  [ ECBC42D785167BE260F938E72D7B3250, 9AC9DE73DC295689D524F5B3640340AC6DC44FA840E4EA53B7402500C11C765B ] MirayRAMDrive   C:\Windows\system32\DRIVERS\mrdo.sys
09:52:22.0394 0x05f0  MirayRAMDrive - ok
09:52:22.0399 0x05f0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:52:22.0432 0x05f0  MMCSS - ok
09:52:22.0436 0x05f0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:52:22.0469 0x05f0  Modem - ok
09:52:22.0473 0x05f0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:52:22.0490 0x05f0  monitor - ok
09:52:22.0494 0x05f0  [ 914FBA921EF1ABB988A5578348AEBE34, 3B1B41823FD128023B11C1BC0CD29011FA148BBA6EFD93411C00DECF9F795F6B ] motubus         C:\Windows\system32\drivers\MotuBus64.sys
09:52:22.0505 0x05f0  motubus - ok
09:52:22.0510 0x05f0  [ 5808DF7F9D77814B08E29A413AA9C63B, C16B165518AE963699CC09C5A4E32EC248259CFA77C71CE267B20300C305A2F5 ] motumidi64      C:\Windows\system32\drivers\motumidi64.sys
09:52:22.0521 0x05f0  motumidi64 - ok
09:52:22.0526 0x05f0  [ E646C94CE24B2E5F243F490F1D46319C, 88BB6FD9BC93BB3A665F382FCF43EAE1A4322F4DC3180854485D3CA1A9C45C53 ] MotuUsb64       C:\Windows\system32\Drivers\MotuUsb64.sys
09:52:22.0538 0x05f0  MotuUsb64 - ok
09:52:22.0543 0x05f0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:52:22.0555 0x05f0  mouclass - ok
09:52:22.0560 0x05f0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:52:22.0574 0x05f0  mouhid - ok
09:52:22.0579 0x05f0  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:52:22.0593 0x05f0  mountmgr - ok
09:52:22.0600 0x05f0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:52:22.0614 0x05f0  mpio - ok
09:52:22.0620 0x05f0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:52:22.0653 0x05f0  mpsdrv - ok
09:52:22.0673 0x05f0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:52:22.0722 0x05f0  MpsSvc - ok
09:52:22.0731 0x05f0  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:52:22.0746 0x05f0  MRxDAV - ok
09:52:22.0753 0x05f0  [ 15734008BB9E11AC603B3F4187B91FF1, 39A3B6DBC0DC68A3767D03537DF15AF600C6DFA2448338B5BE08B43AC2ABFC49 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:52:22.0770 0x05f0  mrxsmb - ok
09:52:22.0779 0x05f0  [ 6DFF8C84C6BA5CF58811B5F4AFD28AF0, 79ABA1E96FC072E816B754F2B33B9E613D4E82A0F9C0276A87922C0238DBCFDC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:52:22.0799 0x05f0  mrxsmb10 - ok
09:52:22.0805 0x05f0  [ 2D5C914682813F166FA1DA0FFCCF757E, 4FE2411CC0D57727E454CE2A456C1F70916682E4648EACCC394B97D45E0F36A6 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:52:22.0821 0x05f0  mrxsmb20 - ok
09:52:22.0826 0x05f0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:52:22.0838 0x05f0  msahci - ok
09:52:22.0845 0x05f0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:52:22.0858 0x05f0  msdsm - ok
09:52:22.0864 0x05f0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:52:22.0883 0x05f0  MSDTC - ok
09:52:22.0890 0x05f0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:52:22.0922 0x05f0  Msfs - ok
09:52:22.0926 0x05f0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:52:22.0957 0x05f0  mshidkmdf - ok
09:52:22.0961 0x05f0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:52:22.0974 0x05f0  msisadrv - ok
09:52:22.0980 0x05f0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:52:23.0016 0x05f0  MSiSCSI - ok
09:52:23.0020 0x05f0  msiserver - ok
09:52:23.0024 0x05f0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:52:23.0055 0x05f0  MSKSSRV - ok
09:52:23.0059 0x05f0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:52:23.0091 0x05f0  MSPCLOCK - ok
09:52:23.0094 0x05f0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:52:23.0126 0x05f0  MSPQM - ok
09:52:23.0138 0x05f0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:52:23.0159 0x05f0  MsRPC - ok
09:52:23.0165 0x05f0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:52:23.0177 0x05f0  mssmbios - ok
09:52:23.0181 0x05f0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:52:23.0212 0x05f0  MSTEE - ok
09:52:23.0216 0x05f0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:52:23.0230 0x05f0  MTConfig - ok
09:52:23.0235 0x05f0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:52:23.0248 0x05f0  Mup - ok
09:52:23.0261 0x05f0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:52:23.0302 0x05f0  napagent - ok
09:52:23.0313 0x05f0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:52:23.0337 0x05f0  NativeWifiP - ok
09:52:23.0359 0x05f0  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:52:23.0392 0x05f0  NDIS - ok
09:52:23.0398 0x05f0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:52:23.0430 0x05f0  NdisCap - ok
09:52:23.0434 0x05f0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:52:23.0466 0x05f0  NdisTapi - ok
09:52:23.0471 0x05f0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:52:23.0502 0x05f0  Ndisuio - ok
09:52:23.0509 0x05f0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:52:23.0543 0x05f0  NdisWan - ok
09:52:23.0548 0x05f0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:52:23.0579 0x05f0  NDProxy - ok
09:52:23.0584 0x05f0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:52:23.0616 0x05f0  NetBIOS - ok
09:52:23.0625 0x05f0  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:52:23.0643 0x05f0  NetBT - ok
09:52:23.0648 0x05f0  [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] Netlogon        C:\Windows\system32\lsass.exe
09:52:23.0662 0x05f0  Netlogon - ok
09:52:23.0672 0x05f0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:52:23.0712 0x05f0  Netman - ok
09:52:23.0718 0x05f0  [ 9D0157074866FCF3EA2A07185D93FC72, C4107EE60ADA7E326DF7B27602166E9D57CB9982717605730BF7C7D2401E30A9 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:52:23.0732 0x05f0  NetMsmqActivator - ok
09:52:23.0737 0x05f0  [ 9D0157074866FCF3EA2A07185D93FC72, C4107EE60ADA7E326DF7B27602166E9D57CB9982717605730BF7C7D2401E30A9 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:52:23.0750 0x05f0  NetPipeActivator - ok
09:52:23.0764 0x05f0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:52:23.0806 0x05f0  netprofm - ok
09:52:23.0811 0x05f0  [ 9D0157074866FCF3EA2A07185D93FC72, C4107EE60ADA7E326DF7B27602166E9D57CB9982717605730BF7C7D2401E30A9 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:52:23.0825 0x05f0  NetTcpActivator - ok
09:52:23.0831 0x05f0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:52:23.0848 0x05f0  NetTcpPortSharing - ok
09:52:23.0853 0x05f0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:52:23.0866 0x05f0  nfrd960 - ok
09:52:24.0211 0x05f0  [ 51863664507D84D42DCDA30EE6F284FB, 655DFB2E019E3E5EEF69C90B796F40D74986951BA4A6EA7CDDAE73DAE420FCE9 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
09:52:24.0527 0x05f0  NIHardwareService - ok
09:52:24.0559 0x05f0  [ EEECC4C67144A39BA5B9B6E351932606, C3CB9042D00559893EA37969898840D3D437703E6B13BCF21253AB40F6071446 ] NIWinCDEmu      C:\Windows\system32\DRIVERS\NIWinCDEmu.sys
09:52:24.0571 0x05f0  NIWinCDEmu - ok
09:52:24.0581 0x05f0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:52:24.0603 0x05f0  NlaSvc - ok
09:52:24.0608 0x05f0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:52:24.0640 0x05f0  Npfs - ok
09:52:24.0644 0x05f0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:52:24.0677 0x05f0  nsi - ok
09:52:24.0680 0x05f0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:52:24.0711 0x05f0  nsiproxy - ok
09:52:24.0750 0x05f0  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:52:24.0803 0x05f0  Ntfs - ok
09:52:24.0809 0x05f0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:52:24.0841 0x05f0  Null - ok
09:52:24.0846 0x05f0  [ 9ECD0F0C8D58CF1ADE27A35EDED2AB38, 0A3A0B9BB28C7A23D19541A6F9E0F3D80A41D2D33A4641F48B15042607401403 ] NvnUsbAudio     C:\Windows\system32\DRIVERS\nvnusbaudio.sys
09:52:24.0859 0x05f0  NvnUsbAudio - ok
09:52:24.0865 0x05f0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:52:24.0880 0x05f0  nvraid - ok
09:52:24.0887 0x05f0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:52:24.0903 0x05f0  nvstor - ok
09:52:24.0909 0x05f0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:52:24.0923 0x05f0  nv_agp - ok
09:52:24.0928 0x05f0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:52:24.0944 0x05f0  ohci1394 - ok
09:52:24.0954 0x05f0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:52:24.0975 0x05f0  p2pimsvc - ok
09:52:24.0988 0x05f0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:52:25.0012 0x05f0  p2psvc - ok
09:52:25.0018 0x05f0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:52:25.0033 0x05f0  Parport - ok
09:52:25.0039 0x05f0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:52:25.0052 0x05f0  partmgr - ok
09:52:25.0059 0x05f0  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:52:25.0078 0x05f0  PcaSvc - ok
09:52:25.0085 0x05f0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
09:52:25.0101 0x05f0  pci - ok
09:52:25.0105 0x05f0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:52:25.0117 0x05f0  pciide - ok
09:52:25.0125 0x05f0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:52:25.0142 0x05f0  pcmcia - ok
09:52:25.0146 0x05f0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:52:25.0159 0x05f0  pcw - ok
09:52:25.0175 0x05f0  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:52:25.0200 0x05f0  PEAUTH - ok
09:52:25.0233 0x05f0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
09:52:25.0276 0x05f0  PeerDistSvc - ok
09:52:25.0303 0x05f0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:52:25.0318 0x05f0  PerfHost - ok
09:52:25.0356 0x05f0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
09:52:25.0417 0x05f0  pla - ok
09:52:25.0431 0x05f0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:52:25.0454 0x05f0  PlugPlay - ok
09:52:25.0459 0x05f0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:52:25.0473 0x05f0  PNRPAutoReg - ok
09:52:25.0483 0x05f0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:52:25.0504 0x05f0  PNRPsvc - ok
09:52:25.0518 0x05f0  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:52:25.0543 0x05f0  PolicyAgent - ok
09:52:25.0552 0x05f0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:52:25.0588 0x05f0  Power - ok
09:52:25.0594 0x05f0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:52:25.0626 0x05f0  PptpMiniport - ok
09:52:25.0632 0x05f0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
09:52:25.0647 0x05f0  Processor - ok
09:52:25.0655 0x05f0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:52:25.0674 0x05f0  ProfSvc - ok
09:52:25.0678 0x05f0  [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] ProtectedStorage C:\Windows\system32\lsass.exe
09:52:25.0692 0x05f0  ProtectedStorage - ok
09:52:25.0697 0x05f0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:52:25.0731 0x05f0  Psched - ok
09:52:25.0766 0x05f0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:52:25.0808 0x05f0  ql2300 - ok
09:52:25.0817 0x05f0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:52:25.0831 0x05f0  ql40xx - ok
09:52:25.0840 0x05f0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:52:25.0863 0x05f0  QWAVE - ok
09:52:25.0868 0x05f0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:52:25.0886 0x05f0  QWAVEdrv - ok
09:52:25.0890 0x05f0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:52:25.0922 0x05f0  RasAcd - ok
09:52:25.0926 0x05f0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:52:25.0959 0x05f0  RasAgileVpn - ok
09:52:25.0965 0x05f0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:52:26.0000 0x05f0  RasAuto - ok
09:52:26.0006 0x05f0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:52:26.0039 0x05f0  Rasl2tp - ok
09:52:26.0050 0x05f0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
09:52:26.0088 0x05f0  RasMan - ok
09:52:26.0094 0x05f0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:52:26.0126 0x05f0  RasPppoe - ok
09:52:26.0133 0x05f0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:52:26.0166 0x05f0  RasSstp - ok
09:52:26.0176 0x05f0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:52:26.0213 0x05f0  rdbss - ok
09:52:26.0218 0x05f0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:52:26.0234 0x05f0  rdpbus - ok
09:52:26.0237 0x05f0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:52:26.0269 0x05f0  RDPCDD - ok
09:52:26.0278 0x05f0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:52:26.0294 0x05f0  RDPDR - ok
09:52:26.0298 0x05f0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:52:26.0330 0x05f0  RDPENCDD - ok
09:52:26.0335 0x05f0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:52:26.0367 0x05f0  RDPREFMP - ok
09:52:26.0373 0x05f0  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:52:26.0387 0x05f0  RdpVideoMiniport - ok
09:52:26.0395 0x05f0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:52:26.0414 0x05f0  RDPWD - ok
09:52:26.0422 0x05f0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:52:26.0439 0x05f0  rdyboost - ok
09:52:26.0444 0x05f0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:52:26.0479 0x05f0  RemoteAccess - ok
09:52:26.0486 0x05f0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:52:26.0522 0x05f0  RemoteRegistry - ok
09:52:26.0528 0x05f0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:52:26.0562 0x05f0  RpcEptMapper - ok
09:52:26.0566 0x05f0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:52:26.0580 0x05f0  RpcLocator - ok
09:52:26.0594 0x05f0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
09:52:26.0619 0x05f0  RpcSs - ok
09:52:26.0625 0x05f0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:52:26.0658 0x05f0  rspndr - ok
09:52:26.0671 0x05f0  [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
09:52:26.0691 0x05f0  RTL8167 - ok
09:52:26.0695 0x05f0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
09:52:26.0708 0x05f0  s3cap - ok
09:52:26.0717 0x05f0  [ D174C61D55A64EE909720C0B15A7BF7B, 6294B66D8097864A8223FD055B04890AF916A10898237059B6088E12743EB851 ] Saffire         C:\Windows\system32\Drivers\Saffire.sys
09:52:26.0733 0x05f0  Saffire - ok
09:52:26.0737 0x05f0  [ D7FBE1F0FF621F41C1DB16722F14250A, C41575B509E4FC757CF236AB8C2499941282B9A02F9C4D9408AFCF9A2929A19F ] SaffireAudio    C:\Windows\system32\drivers\SaffireAudio.sys
09:52:26.0749 0x05f0  SaffireAudio - ok
09:52:26.0753 0x05f0  [ C8A462C4136EA82F539344619A8DD749, BE1767FCD0B855C5E13D0855F5F412954BE90584E423A36F759A1653BBECA119 ] SaffireMidi     C:\Windows\system32\drivers\SaffireMidi.sys
09:52:26.0765 0x05f0  SaffireMidi - ok
09:52:26.0769 0x05f0  [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] SamSs           C:\Windows\system32\lsass.exe
09:52:26.0783 0x05f0  SamSs - ok
09:52:26.0792 0x05f0  [ BC99D12CE9DB8DB55E231F8D195FC67B, F348D35D3F43366DBEEC864495458041326A7D1951A78E18AF89179D7FC87AB0 ] SamsungRapidDiskFltr C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys
09:52:26.0810 0x05f0  SamsungRapidDiskFltr - ok
09:52:26.0816 0x05f0  [ AF482EF7743667400875C7B9470BFD4D, 8C07C2DA2EB921160FD02B4BF86F0636B317EC32C1841581BEC25A0909EC7EF0 ] SamsungRapidFSFltr C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys
09:52:26.0830 0x05f0  SamsungRapidFSFltr - ok
09:52:26.0834 0x05f0  [ 3763C406CB735D044373C50FF95167E3, BBAA92881A9A1A12C87A59C157F0661B847D23E8275DF712DA4AB0DAF62227E5 ] SamsungRapidSvc C:\Windows\system32\RAPID\SamsungRapidSvc.exe
09:52:26.0846 0x05f0  SamsungRapidSvc - ok
09:52:26.0852 0x05f0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:52:26.0866 0x05f0  sbp2port - ok
09:52:26.0874 0x05f0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:52:26.0910 0x05f0  SCardSvr - ok
09:52:26.0914 0x05f0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:52:26.0945 0x05f0  scfilter - ok
09:52:26.0970 0x05f0  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
09:52:27.0009 0x05f0  Schedule - ok
09:52:27.0016 0x05f0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:52:27.0048 0x05f0  SCPolicySvc - ok
09:52:27.0055 0x05f0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:52:27.0073 0x05f0  SDRSVC - ok
09:52:27.0077 0x05f0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:52:27.0091 0x05f0  secdrv - ok
09:52:27.0095 0x05f0  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
09:52:27.0109 0x05f0  seclogon - ok
09:52:27.0114 0x05f0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
09:52:27.0148 0x05f0  SENS - ok
09:52:27.0152 0x05f0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:52:27.0167 0x05f0  SensrSvc - ok
09:52:27.0171 0x05f0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:52:27.0187 0x05f0  Serenum - ok
09:52:27.0193 0x05f0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:52:27.0208 0x05f0  Serial - ok
09:52:27.0212 0x05f0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:52:27.0226 0x05f0  sermouse - ok
09:52:27.0238 0x05f0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:52:27.0272 0x05f0  SessionEnv - ok
09:52:27.0276 0x05f0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:52:27.0292 0x05f0  sffdisk - ok
09:52:27.0296 0x05f0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:52:27.0311 0x05f0  sffp_mmc - ok
09:52:27.0315 0x05f0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:52:27.0331 0x05f0  sffp_sd - ok
09:52:27.0338 0x05f0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:52:27.0358 0x05f0  sfloppy - ok
09:52:27.0372 0x05f0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:52:27.0414 0x05f0  SharedAccess - ok
09:52:27.0426 0x05f0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:52:27.0465 0x05f0  ShellHWDetection - ok
09:52:27.0470 0x05f0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:52:27.0483 0x05f0  SiSRaid2 - ok
09:52:27.0488 0x05f0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:52:27.0501 0x05f0  SiSRaid4 - ok
09:52:27.0507 0x05f0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:52:27.0541 0x05f0  Smb - ok
09:52:27.0551 0x05f0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:52:27.0566 0x05f0  SNMPTRAP - ok
09:52:27.0570 0x05f0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:52:27.0582 0x05f0  spldr - ok
09:52:27.0597 0x05f0  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
09:52:27.0641 0x05f0  Spooler - ok
09:52:27.0716 0x05f0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:52:27.0823 0x05f0  sppsvc - ok
09:52:27.0834 0x05f0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:52:27.0869 0x05f0  sppuinotify - ok
09:52:27.0884 0x05f0  [ F2F4B895296EE3ECCE781CC2A296A5D1, 126321EDDA8141A42DBE7C90675948433063E6D5B6DEFD805AA0797C95A461EE ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:52:27.0907 0x05f0  srv - ok
09:52:27.0919 0x05f0  [ FD0008BEDD2723170CCA7D61837DFD52, F9F576FA7B84CAB5180B9080D62B8A00B3E5D5BC73199B11C63193742529227D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:52:27.0941 0x05f0  srv2 - ok
09:52:27.0949 0x05f0  [ 63B5845D9379262083655D5C6AB8DFC5, 1813D2FC41ADCDAC6E3A522373B9DB934CC27B89E7185E0E4FC26E30CDAF1523 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:52:27.0965 0x05f0  srvnet - ok
09:52:27.0973 0x05f0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:52:28.0010 0x05f0  SSDPSRV - ok
09:52:28.0016 0x05f0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:52:28.0051 0x05f0  SstpSvc - ok
09:52:28.0059 0x05f0  [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
09:52:28.0080 0x05f0  ssudmdm - ok
09:52:28.0141 0x05f0  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service N:\USB Drivers\27_ssconn\conn\ss_conn_service.exe
09:52:28.0171 0x05f0  ss_conn_service - ok
09:52:28.0177 0x05f0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:52:28.0189 0x05f0  stexstor - ok
09:52:28.0204 0x05f0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:52:28.0236 0x05f0  stisvc - ok
09:52:28.0241 0x05f0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:52:28.0258 0x05f0  storflt - ok
09:52:28.0263 0x05f0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:52:28.0275 0x05f0  storvsc - ok
09:52:28.0279 0x05f0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:52:28.0291 0x05f0  swenum - ok
09:52:28.0304 0x05f0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:52:28.0348 0x05f0  swprv - ok
09:52:28.0355 0x05f0  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
09:52:28.0368 0x05f0  Synth3dVsc - ok
09:52:28.0407 0x05f0  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
09:52:28.0459 0x05f0  SysMain - ok
09:52:28.0468 0x05f0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:52:28.0489 0x05f0  TabletInputService - ok
09:52:28.0499 0x05f0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:52:28.0536 0x05f0  TapiSrv - ok
09:52:28.0578 0x05f0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:52:28.0631 0x05f0  Tcpip - ok
09:52:28.0677 0x05f0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:52:28.0729 0x05f0  TCPIP6 - ok
09:52:28.0739 0x05f0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:52:28.0753 0x05f0  tcpipreg - ok
09:52:28.0759 0x05f0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:52:28.0773 0x05f0  TDPIPE - ok
09:52:28.0777 0x05f0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:52:28.0790 0x05f0  TDTCP - ok
09:52:28.0796 0x05f0  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:52:28.0812 0x05f0  tdx - ok
09:52:28.0817 0x05f0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:52:28.0830 0x05f0  TermDD - ok
09:52:28.0834 0x05f0  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
09:52:28.0848 0x05f0  terminpt - ok
09:52:28.0865 0x05f0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
09:52:28.0894 0x05f0  TermService - ok
09:52:28.0900 0x05f0  [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes          C:\Windows\system32\themeservice.dll
09:52:28.0907 0x05f0  Themes - detected UnsignedFile.Multi.Generic ( 1 )
09:52:29.0038 0x05f0  Detect skipped due to KSN trusted
09:52:29.0038 0x05f0  Themes - ok
09:52:29.0042 0x05f0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:52:29.0077 0x05f0  THREADORDER - ok
09:52:29.0084 0x05f0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:52:29.0120 0x05f0  TrkWks - ok
09:52:29.0127 0x05f0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:52:29.0161 0x05f0  TrustedInstaller - ok
09:52:29.0168 0x05f0  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:52:29.0181 0x05f0  tssecsrv - ok
09:52:29.0186 0x05f0  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:52:29.0200 0x05f0  TsUsbFlt - ok
09:52:29.0204 0x05f0  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:52:29.0218 0x05f0  TsUsbGD - ok
09:52:29.0224 0x05f0  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
09:52:29.0240 0x05f0  tsusbhub - ok
09:52:29.0246 0x05f0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:52:29.0279 0x05f0  tunnel - ok
09:52:29.0284 0x05f0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:52:29.0297 0x05f0  uagp35 - ok
09:52:29.0307 0x05f0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:52:29.0342 0x05f0  udfs - ok
09:52:29.0351 0x05f0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:52:29.0366 0x05f0  UI0Detect - ok
09:52:29.0372 0x05f0  [ 6D5E0269F2B97011800B788ACCF2EAF6, 1F1B0B161BC85F04863FA4383FCC9A1AAAD939394D39D02F061FA7F314719233 ] UimBus          C:\Windows\system32\DRIVERS\uimx64.sys
09:52:29.0385 0x05f0  UimBus - ok
09:52:29.0400 0x05f0  [ A30AC921D38E6F3EACFF0D0FF5510F1A, 1888455F4B42A0D183F26B8A1C68E2D6DCB2C5F47B4C6E59B0EA568971510D03 ] Uim_IM          C:\Windows\system32\Drivers\Uim_IMx64.sys
09:52:29.0424 0x05f0  Uim_IM - ok
09:52:29.0430 0x05f0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:52:29.0443 0x05f0  uliagpkx - ok
09:52:29.0448 0x05f0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:52:29.0462 0x05f0  umbus - ok
09:52:29.0466 0x05f0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:52:29.0480 0x05f0  UmPass - ok
09:52:29.0487 0x05f0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:52:29.0506 0x05f0  UmRdpService - ok
09:52:29.0517 0x05f0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:52:29.0558 0x05f0  upnphost - ok
09:52:29.0564 0x05f0  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:52:29.0580 0x05f0  usbaudio - ok
09:52:29.0586 0x05f0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:52:29.0601 0x05f0  usbccgp - ok
09:52:29.0607 0x05f0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:52:29.0622 0x05f0  usbcir - ok
09:52:29.0627 0x05f0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:52:29.0641 0x05f0  usbehci - ok
09:52:29.0651 0x05f0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:52:29.0672 0x05f0  usbhub - ok
09:52:29.0677 0x05f0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
09:52:29.0690 0x05f0  usbohci - ok
09:52:29.0695 0x05f0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:52:29.0711 0x05f0  usbprint - ok
09:52:29.0716 0x05f0  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:52:29.0731 0x05f0  USBSTOR - ok
09:52:29.0736 0x05f0  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:52:29.0750 0x05f0  usbuhci - ok
09:52:29.0754 0x05f0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:52:29.0788 0x05f0  UxSms - ok
09:52:29.0792 0x05f0  [ 8BECC6BBB746523C9ADF547249012402, 134052B4141BF68416CB422A407E2352B4AA373F75E88BCD48E3E80AE8E914F1 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
09:52:29.0804 0x05f0  UxTuneUp - ok
09:52:29.0809 0x05f0  [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] VaultSvc        C:\Windows\system32\lsass.exe
09:52:29.0823 0x05f0  VaultSvc - ok
09:52:29.0827 0x05f0  [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
09:52:29.0840 0x05f0  VClone - ok
09:52:29.0844 0x05f0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:52:29.0857 0x05f0  vdrvroot - ok
09:52:29.0871 0x05f0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
09:52:29.0914 0x05f0  vds - ok
09:52:29.0919 0x05f0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:52:29.0935 0x05f0  vga - ok
09:52:29.0939 0x05f0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:52:29.0971 0x05f0  VgaSave - ok
09:52:29.0974 0x05f0  VGPU - ok
09:52:29.0983 0x05f0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:52:29.0999 0x05f0  vhdmp - ok
09:52:30.0003 0x05f0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:52:30.0016 0x05f0  viaide - ok
09:52:30.0023 0x05f0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:52:30.0039 0x05f0  vmbus - ok
09:52:30.0043 0x05f0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
09:52:30.0056 0x05f0  VMBusHID - ok
09:52:30.0061 0x05f0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:52:30.0074 0x05f0  volmgr - ok
09:52:30.0085 0x05f0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:52:30.0104 0x05f0  volmgrx - ok
09:52:30.0114 0x05f0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:52:30.0132 0x05f0  volsnap - ok
09:52:30.0140 0x05f0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:52:30.0155 0x05f0  vsmraid - ok
09:52:30.0191 0x05f0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
09:52:30.0257 0x05f0  VSS - ok
09:52:30.0264 0x05f0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:52:30.0280 0x05f0  vwifibus - ok
09:52:30.0291 0x05f0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:52:30.0332 0x05f0  W32Time - ok
09:52:30.0345 0x05f0  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
09:52:30.0369 0x05f0  W3SVC - ok
09:52:30.0373 0x05f0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:52:30.0388 0x05f0  WacomPen - ok
09:52:30.0394 0x05f0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:52:30.0426 0x05f0  WANARP - ok
09:52:30.0431 0x05f0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:52:30.0463 0x05f0  Wanarpv6 - ok
09:52:30.0476 0x05f0  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
09:52:30.0499 0x05f0  WAS - ok
09:52:30.0534 0x05f0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:52:30.0581 0x05f0  wbengine - ok
09:52:30.0591 0x05f0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:52:30.0614 0x05f0  WbioSrvc - ok
09:52:30.0625 0x05f0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:52:30.0650 0x05f0  wcncsvc - ok
09:52:30.0655 0x05f0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:52:30.0670 0x05f0  WcsPlugInService - ok
09:52:30.0674 0x05f0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
09:52:30.0686 0x05f0  Wd - ok
09:52:30.0705 0x05f0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:52:30.0734 0x05f0  Wdf01000 - ok
09:52:30.0741 0x05f0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:52:30.0757 0x05f0  WdiServiceHost - ok
09:52:30.0762 0x05f0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:52:30.0778 0x05f0  WdiSystemHost - ok
09:52:30.0786 0x05f0  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
09:52:30.0806 0x05f0  WebClient - ok
09:52:30.0814 0x05f0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:52:30.0853 0x05f0  Wecsvc - ok
09:52:30.0858 0x05f0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:52:30.0893 0x05f0  wercplsupport - ok
09:52:30.0898 0x05f0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:52:30.0933 0x05f0  WerSvc - ok
09:52:30.0937 0x05f0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:52:30.0969 0x05f0  WfpLwf - ok
09:52:30.0973 0x05f0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:52:30.0985 0x05f0  WIMMount - ok
09:52:30.0989 0x05f0  WinDefend - ok
09:52:30.0995 0x05f0  WinHttpAutoProxySvc - ok
09:52:31.0009 0x05f0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:52:31.0046 0x05f0  Winmgmt - ok
09:52:31.0091 0x05f0  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
09:52:31.0149 0x05f0  WinRM - ok
09:52:31.0160 0x05f0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:52:31.0177 0x05f0  WinUsb - ok
09:52:31.0198 0x05f0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:52:31.0235 0x05f0  Wlansvc - ok
09:52:31.0241 0x05f0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:52:31.0255 0x05f0  WmiAcpi - ok
09:52:31.0265 0x05f0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:52:31.0284 0x05f0  wmiApSrv - ok
09:52:31.0288 0x05f0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:52:31.0302 0x05f0  WPCSvc - ok
09:52:31.0309 0x05f0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:52:31.0327 0x05f0  WPDBusEnum - ok
09:52:31.0331 0x05f0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:52:31.0364 0x05f0  ws2ifsl - ok
09:52:31.0369 0x05f0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
09:52:31.0390 0x05f0  wscsvc - ok
09:52:31.0394 0x05f0  WSearch - ok
09:52:31.0453 0x05f0  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:52:31.0524 0x05f0  wuauserv - ok
09:52:31.0535 0x05f0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:52:31.0549 0x05f0  WudfPf - ok
09:52:31.0557 0x05f0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:52:31.0575 0x05f0  WUDFRd - ok
09:52:31.0580 0x05f0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:52:31.0596 0x05f0  wudfsvc - ok
09:52:31.0604 0x05f0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:52:31.0623 0x05f0  WwanSvc - ok
09:52:31.0628 0x05f0  ================ Scan global ===============================
09:52:31.0631 0x05f0  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
09:52:31.0639 0x05f0  [ 9A4F78635634A939EF3B02003E44657B, F24359B8ECB3EF506C190928B81830CCE0D8C3C4B420A8149379DC6F03042A4C ] C:\Windows\system32\winsrv.dll
09:52:31.0652 0x05f0  [ 9A4F78635634A939EF3B02003E44657B, F24359B8ECB3EF506C190928B81830CCE0D8C3C4B420A8149379DC6F03042A4C ] C:\Windows\system32\winsrv.dll
09:52:31.0660 0x05f0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:52:31.0671 0x05f0  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
09:52:31.0678 0x05f0  [ Global ] - ok
09:52:31.0679 0x05f0  ================ Scan MBR ==================================
09:52:31.0681 0x05f0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:52:31.0970 0x05f0  \Device\Harddisk0\DR0 - ok
09:52:31.0984 0x05f0  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
09:52:32.0047 0x05f0  \Device\Harddisk1\DR1 - ok
09:52:32.0050 0x05f0  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk2\DR2
09:52:32.0186 0x05f0  \Device\Harddisk2\DR2 - ok
09:52:32.0189 0x05f0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
09:52:32.0258 0x05f0  \Device\Harddisk3\DR3 - ok
09:52:32.0259 0x05f0  ================ Scan VBR ==================================
09:52:32.0261 0x05f0  [ A686B829A0599AE4EA60B0BB23E882E4 ] \Device\Harddisk0\DR0\Partition1
09:52:32.0262 0x05f0  \Device\Harddisk0\DR0\Partition1 - ok
09:52:32.0265 0x05f0  [ DCB3AB7989AB3D6DCFC83F0DDA7F92ED ] \Device\Harddisk0\DR0\Partition2
09:52:32.0266 0x05f0  \Device\Harddisk0\DR0\Partition2 - ok
09:52:32.0269 0x05f0  [ C654B599178EA19F73B1BB62427CFE9C ] \Device\Harddisk0\DR0\Partition3
09:52:32.0270 0x05f0  \Device\Harddisk0\DR0\Partition3 - ok
09:52:32.0273 0x05f0  [ 1347AD238851AD27AA4DA20EEAADF7DC ] \Device\Harddisk1\DR1\Partition1
09:52:32.0274 0x05f0  \Device\Harddisk1\DR1\Partition1 - ok
09:52:32.0277 0x05f0  [ F424D59E2C1DAF19296DBBF9873C8E9F ] \Device\Harddisk2\DR2\Partition1
09:52:32.0298 0x05f0  \Device\Harddisk2\DR2\Partition1 - ok
09:52:32.0300 0x05f0  [ 376ACBE056870CEC153D9634D39C642E ] \Device\Harddisk3\DR3\Partition1
09:52:32.0300 0x05f0  \Device\Harddisk3\DR3\Partition1 - ok
09:52:32.0324 0x05f0  [ 7DDD0F1B2C7FC7CFA767A4501875EFE7 ] \Device\Harddisk3\DR3\Partition2
09:52:32.0325 0x05f0  \Device\Harddisk3\DR3\Partition2 - ok
09:52:32.0329 0x05f0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk3\DR3\Partition3
09:52:32.0329 0x05f0  \Device\Harddisk3\DR3\Partition3 - ok
09:52:32.0329 0x05f0  ================ Scan generic autorun ======================
09:52:32.0339 0x05f0  [ 3B1C6FDA44883B810BF48BACFFEE862D, F0AFF9FAEA9D2912F5ACD40ADAA97A920848243B36BE9B0297D8622B76B44FB8 ] C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
09:52:32.0355 0x05f0  SamsungRapidApp - ok
09:52:32.0382 0x05f0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:52:32.0424 0x05f0  Sidebar - ok
09:52:32.0430 0x05f0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:52:32.0451 0x05f0  mctadmin - ok
09:52:32.0477 0x05f0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:52:32.0515 0x05f0  Sidebar - ok
09:52:32.0522 0x05f0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:52:32.0541 0x05f0  mctadmin - ok
09:52:32.0542 0x05f0  drhard.exe - ok
09:52:32.0544 0x05f0  Waiting for KSN requests completion. In queue: 128
09:52:33.0611 0x05f0  Win FW state via NFP2: enabled ( trusted )
09:52:33.0767 0x05f0  ============================================================
09:52:33.0767 0x05f0  Scan finished
09:52:33.0767 0x05f0  ============================================================
09:52:33.0776 0x1344  Detected object count: 0
09:52:33.0776 0x1344  Actual detected object count: 0

mikon · 30.07.2016, 09:04

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-07-2016
durchgeführt von homebase (2016-07-30 09:34:27)
Gestartet von C:\Users\homebase\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-05-09 12:42:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-302714957-2580015752-1539367651-500 - Administrator - Disabled)
Gast (S-1-5-21-302714957-2580015752-1539367651-501 - Limited - Disabled)
homebase (S-1-5-21-302714957-2580015752-1539367651-1000 - Administrator - Enabled) => C:\Users\homebase

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4K YouTube to MP3 3.0 (HKLM-x32\...\4K YouTube to MP3_is1) (Version: 3.0.1.1636 - Open Media LLC)
Ableton Live 9 Suite (HKLM\...\{629C521E-5C03-4A17-9851-F8313A41BB20}) (Version: 9.0.0.0 - Ableton)
Ableton Live 9 Trial (HKLM\...\{1B679E85-4D36-4EDD-953C-6D2D2BBE2D84}) (Version: 9.0.0.0 - Ableton)
Acustica Audio REDEQ (HKLM-x32\...\REDEQ Acqua Library) (Version:  - Acustica Audio)
ADM 1.2.2 Beat (HKLM-x32\...\AudioRealism Drum Machine_is1) (Version:  - AudioRealism)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{1C819A99-37D1-DE8C-68DF-3AEB5A2C9BE6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Arturia Software Center 1.1.9 (HKLM-x32\...\Arturia Software Center_is1) (Version: 1.1.9 - Arturia)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.1.9.000 - Asmedia Technology)
ASRock 3TB+ Unlocker v1.1.1 (HKLM\...\ASRock 3TB+ Unlocker_is1) (Version: 1.1.1 - ASRock Inc.)
Authorizer 2.9.1d8 (HKLM\...\{F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1) (Version: 2.9.1d8 - Propellerhead Software AB)
Automap 4.9 (HKLM\...\Automap Universal_is1) (Version: 4.9 - Focusrite Audio Engineering Ltd.)
Automap ReWire 1.0 (HKLM-x32\...\Automap Universal ReWire_is1) (Version: 4.9 - Focusrite Audio Engineering Ltd.)
Bass Station 2.0 (HKLM-x32\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 2.0 - Novation)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
CodeMeter Runtime Kit v5.21 (HKLM\...\{05CA69B3-6699-425F-8223-39E4E00B6581}) (Version: 5.21.1478.500 - WIBU-SYSTEMS AG)
Dropbox (HKLM-x32\...\Dropbox) (Version: 7.3.29 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.41.1 - Dropbox, Inc.) Hidden
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MIDI Control Center 1.3.0 (HKLM-x32\...\MIDI Control Center_is1) (Version: 1.3.0 - Arturia)
MOTU Hardware (HKLM\...\{0B7000EF-C9FC-49F3-B5D3-69A16124AFAB}) (Version: 4.0.5.7483 - MOTU)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.11.0.465 - Native Instruments)
Native Instruments Drum Lab (HKLM-x32\...\Native Instruments Drum Lab) (Version: 1.2.0.6 - Native Instruments)
Native Instruments Grey Forge (HKLM-x32\...\Native Instruments Grey Forge) (Version: 1.0.0.6 - Native Instruments)
Native Instruments Guitar Rig Factory Selection for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Factory Selection for Maschine) (Version:  - Native Instruments)
Native Instruments Komplete Kontrol (HKLM-x32\...\Native Instruments Komplete Kontrol) (Version: 1.6.2.5 - Native Instruments)
Native Instruments Komplete Select (HKLM-x32\...\Native Instruments Komplete Select) (Version: 1.0.0.0 - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.2.880 - Native Instruments)
Native Instruments Maschine (HKLM-x32\...\Native Instruments Maschine) (Version:  - Native Instruments)
Native Instruments Maschine 2 (HKLM-x32\...\Native Instruments Maschine 2) (Version: 2.4.6.4 - Native Instruments)
Native Instruments Maschine 2 Factory Library (HKLM-x32\...\Native Instruments Maschine 2 Factory Library) (Version: 1.2.0.4 - Native Instruments)
Native Instruments Maschine Controller MK2 Driver (HKLM-x32\...\Native Instruments Maschine Controller MK2 Driver) (Version:  - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.1.637 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.3.1344 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.0.1.1526 - Native Instruments)
Native Instruments Reaktor Blocks Wired (HKLM-x32\...\Native Instruments Reaktor Blocks Wired) (Version: 1.0.0.3 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.6.0.2 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: 1.3.0.4 - Native Instruments)
Native Instruments Scarbee Mark I (HKLM-x32\...\Native Instruments Scarbee Mark I) (Version: 1.4.0.15 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.3.0.1145 - Native Instruments)
Native Instruments The Gentleman (HKLM-x32\...\Native Instruments The Gentleman) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: 1.4.0.6 - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.3.0.3 - Native Instruments)
Novation USB Audio Driver 2.7 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.7 - Novation DMS Ltd.)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
PROMARS(64bit) (HKLM\...\{5A583C6E-A8CD-4BC5-910A-0347E9F15ACE}) (Version: 1.02.0000 - Roland Corporation)
RAPID Mode (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Reason 9 9.0.0d399 (HKLM\...\Reason9.0Stable_64_is1) (Version: 9.0.0d399 - Propellerhead Software AB)
Rob Papen Prisma 1.0.1 (HKLM\...\Rob Papen Prisma_is1) (Version:  - Prisma)
Rob Papen Punch / Punch-BD 1.0.5c (HKLM\...\Rob Papen Punch_is1) (Version:  - Rob Papen)
Rob Papen RP-AMod 1.0.0d (HKLM\...\Rob Papen RP-AMod_is1) (Version:  - RP-AMod)
Saffire MixControl 3.4 (HKLM\...\Saffire PRO 40_is1) (Version: 3.4 - Focusrite Audio Engineering Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Spark 2.1.1 (HKLM-x32\...\Spark_is1) (Version:  - Arturia)
Spectrasonics Trilian VSTi Plug-In version 1.4 (HKLM-x32\...\Spectrasonics Trilian VSTi Plug-In_is1) (Version:  - Copyright (C) 2009-2011 Spectrasonics)
Sugar Bytes Artillery2 2.3.1 (HKLM\...\Artillery2_is1) (Version: 2.3.1 - Sugar Bytes)
Sugar Bytes Turnado 1.5.1 (HKLM\...\Turnado_is1) (Version: 1.5.1 - Sugar Bytes)
Sugar Bytes Unique 1.2.1 (HKLM\...\Unique_is1) (Version: 1.2.1 - Sugar Bytes)
SYSTEM-100(64bit) (HKLM\...\{FFC77356-2AEB-4B26-8B0B-BA865B802314}) (Version: 1.01.0000 - Roland Corporation)
u-he Filterscape (HKLM-x32\...\u-he Filterscape) (Version: 1.4.1.3898 - u-he)
u-he MFM2 (HKLM-x32\...\u-he MFM2) (Version: 2.2.1.3898 - u-he)
u-he Satin (HKLM-x32\...\u-he Satin) (Version: 1.2.0.2577 - u-he)
u-he Zebra2 (HKLM-x32\...\u-he Zebra2) (Version: 2.7.2.3898 - u-he)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
V-Station 2.3 (HKLM-x32\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 2.3 - Novation)
WEB.DE Online-Speicher 1.32.1.0 (HKU\S-1-5-21-302714957-2580015752-1539367651-1000\...\WEB.DE Application {sync-000021}) (Version: 1.32.1.0 - 1&1 Mail & Media GmbH)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WWAYM - NWEQ V1.21 (HKLM-x32\...\WWAYM - NWEQ V1.21) (Version:  - )
Your Uninstaller! 2010 (HKLM-x32\...\YU2010_is1) (Version: 7.3.2010.33 - URSoft, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00FA7BA8-7016-4AC2-A0BE-714BA84D3DEF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {05B24C10-3ECE-4724-8EC3-74E61EDD4A4A} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe [2014-12-03] (Samsung Electronics)
Task: {0D15EA68-ADB5-4259-A8CA-CEB5B1F20AA3} - System32\Tasks\{9DE11DC4-FE9D-44B9-B948-68A9059C54C9} => C:\Program Files (x86)\EPSON\Creativity Suite\File Manager\EFileManager.exe
Task: {0E2DBD59-6107-4E25-81AB-486FF92E7E26} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {32FE5E11-7AF9-43F4-B2A1-9D7A779DD8BF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {4FCEB699-DF69-4EFC-AF88-FABE71C39A2E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-26] (Dropbox, Inc.)
Task: {537AEEB7-E40C-498A-9147-E8FBF6B06FE6} - System32\Tasks\{0B58E04B-48E2-434E-89BC-3293F1543B1A} => C:\Users\homebase\Desktop\epson327610eu.exe
Task: {624D020C-174A-488A-AC9E-3196BC69099A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-26] (Dropbox, Inc.)
Task: {7AFDEB86-77D8-4F8D-9D96-FC0ED08AC11A} - System32\Tasks\SafeZone scheduled Autoupdate 1462894115 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {7D0898DB-032E-4708-8A58-59F442ED68FB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {84D1B918-C3FA-4CF2-8615-28F6083B477E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09] (Google Inc.)
Task: {91B18C8D-0002-49BC-B333-4EAC117F9F4C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {9663C8A3-3F92-418A-A7AF-A624C24C9180} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09] (Google Inc.)
Task: {ABB4DFF1-8EB6-4363-A5FC-9812DB2BD748} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)
Task: {C0905720-58A7-44FD-93ED-9F7D89F834CC} - System32\Tasks\asrRd => C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
Task: {C8E349D3-B137-4E95-98F5-7F0DB3FC98B0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Floating for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jjphmlaoffndcnecccgemfdaaoighkel

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-04 00:25 - 2015-08-04 00:25 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2016-06-30 10:23 - 2016-06-30 10:23 - 00592384 ____C () C:\ProgramData\MEGAsync\ShellExtX64.dll
2016-06-30 13:24 - 2016-06-30 13:24 - 00564224 ____C () C:\ProgramData\MEGAsync\ShellExtX32.dll
2016-07-02 10:41 - 2016-05-13 01:35 - 00021600 ____C () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-06-17 01:33 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 01:33 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:CM_df9ff6e9c92dec62d18f961c19f3a22f10398914a353693b4b8c8ddd9a8dc849 [74]
AlternateDataStreams: C:\Windows:CM_f5613536b4930b3cf5b9e75c4b4d845879cd43bd1ad1590b0132b005529167d8 [74]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [105]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-302714957-2580015752-1539367651-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: drhard.exe => "C:\Program Files (x86)\Dr. Hardware 2016\drhard.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{EA50703B-9F62-4EBE-96EE-F855F051CD9A}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{3D7B60F4-BD39-43B1-882E-0D78A341C1B9}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{6A1C0149-72A9-4234-8862-E0AE8D03DBA5}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{0B63C404-F85B-431D-A861-60E23CEA7B66}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8315F100-7502-42D1-8754-90AE99BDB735}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{1CDFE44B-C587-4BE7-923F-95E210F232D4}C:\program files (x86)\novation\automap\automapserver.exe] => (Allow) C:\program files (x86)\novation\automap\automapserver.exe
FirewallRules: [UDP Query User{A64E596D-CFC1-4C95-9DC7-91E54D0AAE89}C:\program files (x86)\novation\automap\automapserver.exe] => (Allow) C:\program files (x86)\novation\automap\automapserver.exe
FirewallRules: [{078DF91F-3F21-4E73-A80E-DBFABA7182CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E84B7785-A20B-4A9B-9FF9-900F4D600050}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{2024A493-E720-47A4-9278-9D4001076060}C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe] => (Allow) C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe
FirewallRules: [UDP Query User{B0C4B8B4-3D18-4027-9C49-B1B3D3CD1B86}C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe] => (Allow) C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : This device is disabled because the firmware of the device did not give it the required resources. (Code 29)
Resolution: Enable the device in the BIOS of the device.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/30/2016 08:55:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2016 07:41:36 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\servicing\TrustedInstaller.exe; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).

Error: (07/29/2016 07:41:35 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).

Error: (07/29/2016 07:27:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (07/29/2016 07:27:08 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (07/29/2016 06:59:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2016 05:56:36 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\servicing\TrustedInstaller.exe; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).

Error: (07/29/2016 05:56:36 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).

Error: (07/29/2016 02:33:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2016 01:13:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cpuz_x64.exe, Version: 1.6.2.0, Zeitstempel: 0x508c246e
Name des fehlerhaften Moduls: cpuz_x64.exe, Version: 1.6.2.0, Zeitstempel: 0x508c246e
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000020b69
ID des fehlerhaften Prozesses: 0x498
Startzeit der fehlerhaften Anwendung: 0xcpuz_x64.exe0
Pfad der fehlerhaften Anwendung: cpuz_x64.exe1
Pfad des fehlerhaften Moduls: cpuz_x64.exe2
Berichtskennung: cpuz_x64.exe3


Systemfehler:
=============
Error: (07/30/2016 08:53:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
UimBus
Uim_IM

Error: (07/30/2016 08:53:12 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (07/29/2016 07:41:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Kumulatives Sicherheitsupdate für Internet Explorer 10 für Windows 7 für x64-Systeme (KB3124275)

Error: (07/29/2016 06:58:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
UimBus
Uim_IM

Error: (07/29/2016 06:57:34 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (07/29/2016 05:56:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Kumulatives Sicherheitsupdate für Internet Explorer 10 für Windows 7 für x64-Systeme (KB3124275)

Error: (07/29/2016 02:32:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
UimBus
Uim_IM

Error: (07/29/2016 02:31:50 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (07/29/2016 01:07:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
UimBus
Uim_IM

Error: (07/29/2016 01:07:04 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.


CodeIntegrity:
===================================
  Date: 2016-07-27 16:55:00.760
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-27 16:55:00.697
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-27 16:54:56.282
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-27 16:54:56.251
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-25 19:36:38.338
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-25 19:36:38.276
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-25 19:36:33.861
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-25 19:36:33.830
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-25 18:56:20.432
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-25 18:56:20.354
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: AMD A8-3870 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 16360.44 MB
Verfügbarer physikalischer RAM: 12982.36 MB
Summe virtueller Speicher: 16358.62 MB
Verfügbarer virtueller Speicher: 12828.06 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:168.54 GB) (Free:43.99 GB) NTFS
Drive i: (Idea Akustika) (Fixed) (Total:49.13 GB) (Free:29.94 GB) NTFS
Drive j: (Propellerhead) (Fixed) (Total:97.66 GB) (Free:53.55 GB) NTFS
Drive k: (maschine speicherungen) (Fixed) (Total:48.6 GB) (Free:37.55 GB) NTFS
Drive l: (Ableton) (Fixed) (Total:540.69 GB) (Free:132.06 GB) NTFS
Drive m: (plugins) (Fixed) (Total:64.15 GB) (Free:54.93 GB) NTFS
Drive n: (Laufwerk) (Fixed) (Total:465.76 GB) (Free:461 GB) NTFS
Drive o: (USB-HDD) (Fixed) (Total:931.51 GB) (Free:388.31 GB) NTFS
Drive t: (Tracks) (Fixed) (Total:195.31 GB) (Free:13.64 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 7CBA875C)
Partition 1: (Active) - (Size=193 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=168.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=64.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: DC33D9A9)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: AC2A3FE9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 070AFE15)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
durchgeführt von homebase (Administrator) auf HOMEBASE-PC (30-07-2016 09:33:59)
Gestartet von C:\Users\homebase\Desktop
Geladene Profile: homebase (Verfügbare Profile: homebase)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(DEVGURU Co., LTD.) N:\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281696 2015-09-04] (Samsung Electronics Co., Ltd.)
HKLM\...\runonceex: [Flags] => 128
HKLM\...\runonceex: [Title] => RAPID uninstall cleanup using key [0001]
HKU\S-1-5-21-302714957-2580015752-1539367651-1000\...\Run: [drhard.exe] => "C:\Program Files (x86)\Dr. Hardware 2016\drhard.exe"
HKU\S-1-5-21-302714957-2580015752-1539367651-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoThumbnailCache] 1
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-07-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-07-19] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{73580C72-6D2D-46A6-B863-8C0051B8F067}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\.DEFAULT -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-302714957-2580015752-1539367651-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-302714957-2580015752-1539367651-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-302714957-2580015752-1539367651-1000 -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3320326&octid=EB_ORIGINAL_CTID&ISID=M297D25D0-35E0-4676-A8C7-0C422BFFF1E0&SearchSource=55&CUI=&UM=8&UP=SPE1461AC8-66C3-4FB2-B070-400D90CD8D55&D=032816&SSPV=
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006","hxxps://www.google.com/","hxxp://www.palikan.com/?f=7&a=plk_bimmed_15_53&cd=2XzuyEtN2Y1L1Qzu0CyE0EzyzzyEtDyByByC0F0DtBtD0DyDtN0D0Tzu0StCyEyCtAtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StD0FtCtCtA0DtAtBtGyB0AyDyCtG0B0EtDzytGtB0CzytAtG0FtCzztByEyByB0FtDtCzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtAyD0CtB0C0DyCtGtAzzyBtCtGyEtD0ByCtGzyyD0B0DtGyBzy0E0A0CtAyByD0F0CtB0E2QtN0A0LzuyE&cr=1289375483&ir=","hxxp://www.trovi.com/?gd=&ctid=CT3320326&octid=EB_ORIGINAL_CTID&ISID=M297D25D0-35E0-4676-A8C7-0C422BFFF1E0&SearchSource=55&CUI=&UM=8&UP=SPE1461AC8-66C3-4FB2-B070-400D90CD8D55&D=032816&SSPV="
CHR Profile: C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (MEGA) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-07-27]
CHR Extension: (Hoher Kontrast) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2016-07-05]
CHR Extension: (Dropbox für Gmail) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2016-07-05]
CHR Extension: (ANNO Online) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\edlfafigoeaoafhcodgjgagjpibckpmk [2016-07-05]
CHR Extension: (Floating for YouTube™ Extension) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\egncdnniomonjgpjbapalkckojhkfddk [2016-07-05]
CHR Extension: (Mixcloud) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcenekolminfbkcbchinlcgfhpmggpk [2016-07-05]
CHR Extension: (AdBlock) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-28]
CHR Extension: (Dropbox) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-07-05]
CHR Extension: (SoundCloud) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2016-07-05]
CHR Extension: (Color Enhancer) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkjmjaledkapilfdigkgfmpekpfnkih [2016-07-05]
CHR Extension: (WEB.DE MailCheck) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2016-07-08]
CHR Extension: (Floating for YouTube™) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2016-07-05]
CHR Extension: (FRQc - Flash Render Quality changer) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\jklnclajhlcbghmgkljidaofhcnmjffo [2016-07-05]
CHR Extension: (Mailvelope) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajibbejlbohfaggdiogboambcijhkke [2016-07-13]
CHR Extension: (Webcam Toy) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2016-07-05]
CHR Extension: (SoundCloud Downloader Free) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\libedajeiljdoodmokbppgapcfbignci [2016-07-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-04]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-26] (Dropbox, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd.)
R2 ss_conn_service; N:\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2011-06-16] (Microsoft Corporation) [Datei ist nicht signiert]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2000-01-01] (Advanced Micro Devices Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-01-30] (Asmedia Technology)
R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2015-02-03] (ASRock Inc.)
R3 automap; C:\Windows\System32\DRIVERS\automap.sys [18776 2012-04-19] (Focusrite Audio Engineering Limited)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-30] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mc2avs; C:\Windows\System32\Drivers\mc2avs.sys [358520 2012-06-06] (Native Instruments GmbH)
R3 mc2usb_svc; C:\Windows\System32\Drivers\mc2usb.sys [81016 2012-06-06] (Native Instruments GmbH)
S3 MirayRAMDrive; C:\Windows\System32\DRIVERS\mrdo.sys [65488 2014-11-26] (Miray)
R3 motubus; C:\Windows\System32\drivers\MotuBus64.sys [30288 2013-04-30] (Mark of the Unicorn)
R3 motumidi64; C:\Windows\System32\drivers\motumidi64.sys [44112 2013-04-30] (MOTU)
R3 MotuUsb64; C:\Windows\System32\Drivers\MotuUsb64.sys [65104 2013-04-30] (MOTU)
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [112408 2016-05-27] ()
R3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [54000 2015-06-10] (Novation DMS Ltd.)
R3 Saffire; C:\Windows\System32\Drivers\Saffire.sys [226640 2014-03-17] (Focusrite A.E.)
R3 SaffireAudio; C:\Windows\System32\drivers\SaffireAudio.sys [47824 2014-03-17] (Focusrite A.E.)
R3 SaffireMidi; C:\Windows\System32\drivers\SaffireMidi.sys [38608 2014-03-17] (Focusrite A.E.)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90928 2012-03-01] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [632752 2012-03-01] (Paragon)
S3 cpuz136; \??\C:\Users\homebase\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 MBfilt; system32\drivers\MBfilt64.sys [X]
U4 SR; kein ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-30 09:33 - 2016-07-30 09:34 - 00020626 _____ C:\Users\homebase\Desktop\FRST.txt
2016-07-30 09:33 - 2016-07-30 09:33 - 00000000 ____D C:\FRST
2016-07-30 09:32 - 2016-07-30 09:32 - 02394112 _____ (Farbar) C:\Users\homebase\Desktop\FRST64.exe
2016-07-30 09:28 - 2016-07-30 09:28 - 03712064 _____ C:\Users\homebase\Desktop\AdwCleaner_5.201 (1).exe
2016-07-30 08:53 - 2016-07-30 08:53 - 00000004 ____H C:\ProgramData\cm-lock
2016-07-29 16:41 - 2016-07-29 16:41 - 00786484 _____ C:\Users\homebase\Documents\bester rythm muit ableton.reason
2016-07-29 16:39 - 2016-07-29 16:40 - 00000000 ___RD C:\Users\homebase\Desktop\bester rhytmuss im sommer 2016 Project
2016-07-29 13:08 - 2016-07-29 13:08 - 00000000 ____D C:\Users\homebase\AppData\Local\ElevatedDiagnostics
2016-07-29 10:16 - 2016-07-29 10:16 - 00000000 ___RD C:\Users\homebase\Desktop\Unbenannt-1 Project
2016-07-29 03:06 - 2016-07-29 03:06 - 00000000 ___RD C:\Users\homebase\Desktop\Unbenannt Project
2016-07-29 01:12 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2016-07-29 01:12 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2016-07-29 01:12 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2016-07-29 01:12 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2016-07-29 01:12 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2016-07-29 01:12 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2016-07-29 01:12 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2016-07-29 01:12 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2016-07-29 01:12 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2016-07-29 01:12 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2016-07-29 01:12 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2016-07-29 01:12 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2016-07-29 01:05 - 2016-07-29 01:05 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-29 01:03 - 2016-07-29 01:03 - 00083132 _____ C:\Users\homebase\Desktop\mailware rechnung.pdf
2016-07-28 23:39 - 2016-07-28 23:39 - 00002882 _____ C:\Users\homebase\Desktop\Neues Textdokument.txt
2016-07-28 17:28 - 2016-07-28 17:28 - 03712064 _____ C:\Users\homebase\Desktop\adwcleaner_5.201.exe
2016-07-28 15:25 - 2016-07-28 15:25 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-07-28 15:25 - 2016-07-28 15:25 - 00000000 ____D C:\Windows\system32\BestPractices
2016-07-28 15:25 - 2016-07-28 15:25 - 00000000 ____D C:\inetpub
2016-07-28 12:25 - 2016-07-28 12:25 - 00019213 _____ C:\Users\homebase\Desktop\Dienstplan Nachtbereitschaften August 2016.ods
2016-07-28 09:18 - 2016-07-28 09:18 - 00000000 __HDC C:\ProgramData\{F142EE57-68C1-4CB1-8798-C465F706CCDC}
2016-07-28 07:54 - 2016-07-28 07:54 - 00000000 ____D C:\ProgramData\Spectrasonics
2016-07-28 04:41 - 2016-07-28 04:41 - 01775022 _____ C:\Users\homebase\Documents\cc_20160728_044101.reg
2016-07-28 04:36 - 2016-07-28 13:36 - 00000000 ____D C:\Program Files\CCleaner
2016-07-28 04:15 - 2016-06-10 20:51 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-28 04:15 - 2016-06-10 20:51 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-28 04:15 - 2016-06-10 20:46 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-07-28 04:15 - 2016-06-10 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-28 04:15 - 2016-06-10 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-28 04:15 - 2016-06-10 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-28 04:15 - 2016-06-10 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-28 04:15 - 2016-06-10 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-07-28 04:15 - 2016-06-10 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-28 04:15 - 2016-06-10 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-07-28 04:15 - 2016-06-06 18:50 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-07-28 04:15 - 2016-06-06 18:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-07-28 04:15 - 2016-06-06 18:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-07-28 04:15 - 2016-06-06 18:50 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-07-28 04:15 - 2016-06-06 17:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-07-28 04:15 - 2016-06-06 17:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-07-28 04:15 - 2016-06-06 17:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-07-28 04:15 - 2016-06-06 17:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-07-28 02:53 - 2016-07-28 02:53 - 00000000 __HDC C:\ProgramData\{3A633AE9-5307-4E4D-ACED-C8739F84CB10}
2016-07-28 02:53 - 2016-07-28 02:53 - 00000000 ____D C:\Users\Public\Documents\Guitar Rig Factory Selection for Maschine
2016-07-27 22:17 - 2016-07-27 22:18 - 00000000 ____D C:\Users\homebase\Documents\arbeitsschriftverker
2016-07-27 21:49 - 2016-07-27 21:49 - 00000000 ___DC C:\ProgramData\pdfforge
2016-07-27 21:36 - 2016-07-27 21:36 - 00000000 __HDC C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC}
2016-07-25 20:17 - 2016-07-25 20:17 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-07-25 20:17 - 2016-07-25 20:17 - 00000000 ____D C:\Users\homebase\AppData\Roaming\OpenOffice
2016-07-25 20:17 - 2016-07-25 20:17 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-07-25 19:08 - 2016-07-25 19:08 - 00000000 __HDC C:\ProgramData\{8B7384C8-25C4-47E6-AFA3-C50A8840FD88}
2016-07-25 19:08 - 2016-07-25 19:08 - 00000000 ____D C:\Users\Public\Documents\Grey Forge Library
2016-07-25 18:20 - 2016-07-25 18:20 - 00000000 ____D C:\Users\Public\Documents\Reaktor Blocks Wired
2016-07-25 17:56 - 2016-07-22 18:52 - 05133063 _____ C:\Users\homebase\Desktop\Shituations - Kopie.mprj
2016-07-25 17:55 - 2016-06-11 14:02 - 01908634 _____ C:\Users\homebase\Desktop\Kick 808X 1_160611_140202.wav
2016-07-22 09:47 - 2016-07-22 09:47 - 00000000 ____D C:\Users\homebase\AppData\Local\Retro Machines Mk2
2016-07-21 19:29 - 2016-07-22 18:08 - 00000000 __HDC C:\ProgramData\{F1BD1DB3-F88E-4A13-A4B4-090CFEE6A6A3}
2016-07-21 19:27 - 2016-07-21 19:27 - 00000000 __HDC C:\ProgramData\{57A6988A-FD18-4C1A-BD00-FEEC744D4CD4}
2016-07-21 19:26 - 2016-07-21 19:26 - 00000000 __HDC C:\ProgramData\{AA454A3E-618B-4FA7-8742-D31B75115C43}
2016-07-21 19:25 - 2016-07-25 19:32 - 00000000 __HDC C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
2016-07-21 19:12 - 2016-07-21 19:12 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-21 19:12 - 2016-07-21 19:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-21 19:12 - 2016-07-21 19:12 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-21 19:12 - 2016-07-21 19:12 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-21 19:12 - 2016-07-21 19:12 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-07-21 19:12 - 2016-07-21 19:12 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-07-21 19:12 - 2016-07-21 19:12 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-21 19:12 - 2016-07-21 19:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-21 19:12 - 2016-07-21 19:12 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-07-21 19:12 - 2016-07-21 19:12 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-07-21 19:12 - 2016-07-21 19:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-07-21 19:12 - 2016-07-21 19:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-07-21 19:12 - 2016-07-21 19:12 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-07-21 19:03 - 2016-07-21 19:03 - 00000000 ____D C:\Users\Public\Documents\Maschine 2 Library
2016-07-21 18:41 - 2016-07-21 18:41 - 00000000 __HDC C:\ProgramData\{F5271FB0-B5A4-420D-90D3-FF2900A84AA7}
2016-07-21 18:40 - 2016-07-21 18:40 - 00000000 ____D C:\Users\Public\Documents\Vintage Organs Library
2016-07-21 18:39 - 2016-07-21 18:39 - 00000000 ____D C:\Users\Public\Documents\The Gentleman Library
2016-07-21 18:39 - 2016-07-21 18:39 - 00000000 ____D C:\Users\Public\Documents\Scarbee Mark I Library
2016-07-21 18:38 - 2016-07-21 18:38 - 00000000 ____D C:\Users\Public\Documents\Retro Machines Mk2 Library
2016-07-21 18:37 - 2016-07-21 18:37 - 00000000 ____D C:\Users\Public\Documents\Prism Library
2016-07-21 18:37 - 2016-07-21 18:37 - 00000000 ____D C:\Users\Public\Documents\Monark Library
2016-07-21 18:32 - 2016-07-21 18:32 - 00000000 ____D C:\Users\Public\Documents\Drum Lab Library
2016-07-21 18:15 - 2016-07-21 18:15 - 00000000 ____D C:\Users\Public\Documents\West Africa Library
2016-07-21 18:13 - 2016-07-21 18:39 - 00000000 __HDC C:\ProgramData\{306A1EF4-D27D-4F5A-BA93-F05B10576F40}
2016-07-21 18:13 - 2016-07-21 18:39 - 00000000 __HDC C:\ProgramData\{20C7291D-0FE3-4567-86A5-795DA8DD43DC}
2016-07-21 18:06 - 2016-07-21 18:32 - 00000000 __HDC C:\ProgramData\{55AEE408-DC39-477F-B7A7-07C6498E734D}
2016-07-21 14:11 - 2016-07-27 21:49 - 00000000 ___DC C:\ProgramData\PDF Architect 4
2016-07-21 14:11 - 2016-07-21 14:11 - 00000000 ____D C:\Users\homebase\AppData\Roaming\PDF Architect 4
2016-07-21 14:09 - 2016-07-29 16:44 - 00000000 ____D C:\Users\homebase\AppData\Roaming\vlc
2016-07-21 14:09 - 2016-07-21 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-07-21 14:09 - 2016-07-21 14:09 - 00000000 ____D C:\Program Files\VideoLAN
2016-07-21 11:28 - 2016-07-21 11:28 - 00000000 ____D C:\Users\homebase\AppData\Local\CyanCor GmbH
2016-07-21 11:13 - 2016-07-21 11:13 - 00003028 _____ C:\Windows\System32\Tasks\{9DE11DC4-FE9D-44B9-B948-68A9059C54C9}
2016-07-21 11:12 - 2016-07-21 11:12 - 00002964 _____ C:\Windows\System32\Tasks\{0B58E04B-48E2-434E-89BC-3293F1543B1A}
2016-07-21 10:57 - 2016-07-21 17:32 - 00000000 ____D C:\Users\homebase\AppData\Roaming\EPSON
2016-07-21 10:57 - 2016-07-21 10:57 - 00000029 _____ C:\Windows\DEBUGSM.INI
2016-07-21 10:30 - 2016-07-21 10:31 - 00000000 ____D C:\Users\homebase\WEB.DE Online-Speicher
2016-07-21 10:30 - 2016-07-21 10:31 - 00000000 ____D C:\Users\homebase\AppData\Local\WEB.DE Application {sync-000021}
2016-07-21 10:30 - 2016-07-21 10:30 - 00001293 _____ C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB.DE Online-Speicher.lnk
2016-07-21 10:30 - 2016-07-21 10:30 - 00000000 ____D C:\Users\homebase\AppData\Local\IsolatedStorage
2016-07-21 10:30 - 2016-07-21 10:30 - 00000000 ____D C:\ProgramData\1&1 Sync
2016-07-21 10:30 - 2016-07-21 10:30 - 00000000 ____D C:\Program Files\Common Files\1&1 Sync
2016-07-21 09:30 - 2016-07-21 09:30 - 00000000 ___DC C:\ProgramData\www.rene-zeidler.de
2016-07-21 09:30 - 2016-07-21 09:30 - 00000000 ____D C:\Users\homebase\AppData\Roaming\www.rene-zeidler.de
2016-07-21 09:30 - 2016-07-21 09:30 - 00000000 ____D C:\Users\homebase\AppData\Local\www.rene-zeidler.de
2016-07-20 02:49 - 2016-07-27 22:01 - 00000000 ____D C:\Users\homebase\AppData\Roaming\Softube
2016-07-19 20:43 - 2016-07-25 18:20 - 00000000 __HDC C:\ProgramData\{AC8F26C0-3B02-4AF3-9273-FBA6B76AB966}
2016-07-19 11:19 - 2016-07-19 11:19 - 00003038 _____ C:\Windows\System32\Tasks\asrRd
2016-07-19 10:02 - 2016-07-28 17:27 - 00000000 ____D C:\Program Files (x86)\Dr. Hardware 2016
2016-07-19 10:02 - 2013-07-21 18:41 - 00013760 _____ C:\Windows\system32\Drivers\DRHMSR64.sys
2016-07-19 09:56 - 2011-11-03 19:05 - 00021984 _____ (Licensed for Gebhard Software) C:\Windows\system32\Drivers\DRHARD64.sys
2016-07-19 09:55 - 2016-07-30 08:59 - 00762336 _____ C:\Windows\system32\perfh00C.dat
2016-07-19 09:55 - 2016-07-30 08:59 - 00542958 _____ C:\Windows\system32\perfh001.dat
2016-07-19 09:55 - 2016-07-30 08:59 - 00160828 _____ C:\Windows\system32\perfc00C.dat
2016-07-19 09:55 - 2016-07-30 08:59 - 00120484 _____ C:\Windows\system32\perfc001.dat
2016-07-19 09:55 - 2016-07-19 09:54 - 00344522 _____ C:\Windows\system32\perfi00C.dat
2016-07-19 09:55 - 2016-07-19 09:54 - 00289060 _____ C:\Windows\system32\perfi001.dat
2016-07-19 09:55 - 2016-07-19 09:54 - 00042056 _____ C:\Windows\system32\perfd001.dat
2016-07-19 09:55 - 2016-07-19 09:54 - 00038160 _____ C:\Windows\system32\perfd00C.dat
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\SysWOW64\fr
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\SysWOW64\ar
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\SysWOW64\040C
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\SysWOW64\0409
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\system32\fr
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\system32\ar
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\system32\040C
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\system32\0409
2016-07-19 09:12 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-19 09:12 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-19 09:12 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-19 09:12 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-19 09:12 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-19 09:12 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-19 09:12 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-19 09:12 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-19 09:12 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-19 09:12 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-19 09:12 - 2016-06-14 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-19 08:54 - 2016-07-19 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-17 14:51 - 2016-07-17 14:51 - 00000000 ____D C:\Users\homebase\AppData\Roaming\DigitalSuburban
2016-07-17 11:15 - 2016-07-28 08:43 - 00000000 ____D C:\Users\homebase\AppData\Roaming\Audacity
2016-07-17 11:13 - 2016-07-21 05:53 - 00000000 ____D C:\Users\homebase\Documents\MEGAsync Downloads
2016-07-17 10:27 - 2016-07-17 10:27 - 00000000 ____D C:\Users\homebase\Documents\MEGA
2016-07-17 10:26 - 2016-07-21 04:33 - 00000000 ___DC C:\ProgramData\MEGAsync
2016-07-17 10:26 - 2016-07-17 10:26 - 00000000 ____D C:\Users\homebase\AppData\Local\Mega Limited
2016-07-17 10:26 - 2016-07-17 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-07-08 18:34 - 2016-07-08 18:34 - 00000881 _____ C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
2016-07-08 18:34 - 2016-07-08 18:34 - 00000000 ____D C:\ProgramData\Ableton
2016-07-08 18:25 - 2016-07-08 18:27 - 00000869 _____ C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Trial.lnk
2016-07-08 12:26 - 2016-07-08 12:26 - 00003124 _____ C:\Windows\System32\Tasks\Samsung_PSSD_Registration
2016-07-08 12:26 - 2016-07-08 12:26 - 00000000 ___DC C:\ProgramData\Samsung Apps
2016-07-08 12:23 - 2016-07-08 12:23 - 00000000 ____D C:\Users\homebase\Samsung
2016-07-08 11:49 - 2016-07-08 11:49 - 00000000 ____D C:\Windows\system32\RAPID
2016-07-08 11:49 - 2015-09-04 12:08 - 00271968 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SamsungRapidDiskFltr.sys
2016-07-05 20:33 - 2016-07-21 11:19 - 00000000 ____D C:\Windows\EOONotify
2016-07-05 20:33 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-05 20:33 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-05 20:33 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-05 20:12 - 2016-07-30 09:29 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-05 20:12 - 2016-07-29 17:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-05 20:12 - 2016-07-13 09:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-05 20:12 - 2016-07-13 09:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-05 20:12 - 2016-07-13 09:44 - 00003952 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-07-05 20:12 - 2016-07-13 09:44 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-05 20:12 - 2016-07-13 09:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-05 20:12 - 2016-07-13 09:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-05 20:12 - 2016-07-05 20:12 - 00000000 ____D C:\Users\homebase\AppData\Local\Adobe
2016-07-05 12:31 - 2016-07-05 12:31 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2016-07-05 12:17 - 2016-07-05 12:17 - 00000000 ____D C:\Program Files\Samsung
2016-07-05 12:09 - 2016-07-05 12:09 - 00000000 ____D C:\Users\homebase\Documents\Samsung
2016-07-05 12:06 - 2016-07-05 12:06 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-07-05 12:03 - 2016-07-05 12:06 - 00000000 ____D C:\Users\homebase\AppData\Roaming\Samsung
2016-07-05 12:03 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2016-07-05 11:39 - 2016-07-21 18:40 - 00000000 __HDC C:\ProgramData\{81FF46FD-55BF-4932-A9A8-86FF2C15E0ED}
2016-07-05 11:32 - 2016-07-21 18:40 - 00000000 __HDC C:\ProgramData\{93EAA4DB-27EC-4331-A128-E3891121AA47}
2016-07-05 11:10 - 2016-07-21 18:39 - 00000000 __HDC C:\ProgramData\{F181A575-31C9-49F7-9294-3AEE1E3123C3}
2016-07-05 10:39 - 2016-07-21 18:37 - 00000000 __HDC C:\ProgramData\{CFDD872E-E643-48CF-82E8-8889713D990D}
2016-07-05 10:39 - 2016-07-21 18:37 - 00000000 __HDC C:\ProgramData\{BBD6476E-3DD8-447E-ACC3-81C30FC4A118}
2016-07-05 10:39 - 2016-07-21 18:37 - 00000000 __HDC C:\ProgramData\{87AEDB84-EF6C-4240-A009-B8FA027D1315}
2016-07-05 10:31 - 2016-07-21 18:34 - 00000000 __HDC C:\ProgramData\{2036C023-27B2-4C52-A8B8-52A35A7A52FC}
2016-07-05 07:28 - 2016-07-21 18:24 - 00000000 __HDC C:\ProgramData\{57B10C8A-9A38-45B2-B696-92DA7712A65C}
2016-07-04 22:55 - 2016-07-04 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
2016-07-03 02:20 - 2016-07-03 02:20 - 00000000 ____D C:\Users\homebase\AppData\Roaming\epm
2016-07-02 18:33 - 2016-07-03 03:03 - 00002090 ____H C:\Windows\EPMBatch.ept
2016-07-02 16:20 - 2016-07-02 16:20 - 00000000 ____D C:\Users\homebase\AppData\Local\CEF
2016-07-02 12:24 - 2016-07-03 03:12 - 00000031 _____ C:\Windows\script.txt
2016-07-02 12:17 - 2016-07-05 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-07-02 10:42 - 2016-07-02 10:42 - 00003286 _____ C:\Windows\System32\Tasks\SamsungMagician
2016-07-02 10:42 - 2016-07-02 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2016-07-02 10:41 - 2016-07-08 11:49 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-07-02 10:41 - 2016-07-05 12:09 - 00000000 ___DC C:\ProgramData\Samsung

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-30 09:27 - 2016-05-24 03:44 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-30 09:16 - 2016-05-17 04:48 - 00000068 __RSH C:\Windows\system32\Drivers\wacompen.winsecurity
2016-07-30 09:15 - 2016-05-26 08:10 - 00001218 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-30 09:04 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-30 09:04 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-30 08:59 - 2011-04-12 09:43 - 00787584 _____ C:\Windows\system32\perfh007.dat
2016-07-30 08:59 - 2011-04-12 09:43 - 00181686 _____ C:\Windows\system32\perfc007.dat
2016-07-30 08:59 - 2009-07-14 07:13 - 03430570 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-30 08:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-30 08:53 - 2016-05-26 08:10 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-30 08:53 - 2016-05-17 04:48 - 00000068 __RSH C:\Windows\system32\Drivers\wmilib.winsecurity
2016-07-30 08:53 - 2016-05-09 15:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-30 08:53 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-29 19:39 - 2016-05-09 15:21 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-29 19:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-07-29 14:42 - 2016-06-14 14:56 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-29 13:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-29 03:08 - 2016-05-24 03:43 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-29 03:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-07-29 03:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-07-29 01:05 - 2016-05-24 03:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-29 00:55 - 2016-06-15 16:55 - 00000000 ____D C:\AdwCleaner
2016-07-29 00:34 - 2016-05-09 15:21 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 00:34 - 2016-05-09 15:21 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-28 15:27 - 2016-05-09 15:32 - 00000000 ____D C:\Windows\Panther
2016-07-28 15:27 - 2016-05-09 15:29 - 03193672 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-28 15:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-07-28 09:18 - 2016-05-28 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-07-28 09:10 - 2016-05-28 15:21 - 00000000 ____D C:\Program Files\Native Instruments
2016-07-27 21:58 - 2016-05-27 06:44 - 00000000 ____D C:\Users\homebase\AppData\Roaming\zplane
2016-07-27 21:44 - 2016-05-09 14:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-27 21:39 - 2016-05-17 03:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Propellerhead
2016-07-27 19:28 - 2016-05-17 03:20 - 00000000 ____D C:\Program Files\Propellerhead
2016-07-27 16:55 - 2009-07-14 06:45 - 00306696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-25 21:28 - 2016-05-09 14:42 - 00068752 _____ C:\Users\homebase\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-25 19:35 - 2016-06-15 02:17 - 00045696 _____ C:\Users\homebase\Documents\NI_VSTtool_log.txt
2016-07-25 19:32 - 2016-06-19 11:37 - 00000000 __HDC C:\ProgramData\{29B2BACE-094D-4109-858B-A36BBC2D2443}
2016-07-25 19:32 - 2016-05-28 14:45 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2016-07-25 19:30 - 2016-05-27 04:38 - 00000000 ____D C:\Program Files (x86)\VSTPlugIns
2016-07-25 18:01 - 2016-05-29 10:22 - 00000000 __HDC C:\ProgramData\{F828BFD7-781D-4BD3-AD6C-71D19DC23493}
2016-07-21 18:38 - 2016-06-19 05:50 - 00000000 __HDC C:\ProgramData\{A4240964-232B-4D4C-AE9F-AB84A9948A34}
2016-07-21 18:36 - 2016-06-19 05:59 - 00000000 __HDC C:\ProgramData\{57623A97-E2F4-49B2-86D7-FA0915C77BED}
2016-07-21 18:34 - 2016-06-29 11:18 - 00000000 __HDC C:\ProgramData\{94413B98-D6DD-4BFD-B542-D4C460057AF0}
2016-07-21 14:51 - 2016-06-19 05:04 - 00000000 __HDC C:\ProgramData\{8BDB072C-4D9A-4CE0-8C98-0BD20B85E711}
2016-07-21 11:36 - 2016-05-09 15:21 - 00000000 ____D C:\Users\homebase\AppData\Local\Deployment
2016-07-21 11:19 - 2016-05-20 09:19 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-21 11:19 - 2016-05-20 09:19 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-21 10:55 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-07-21 10:30 - 2016-05-09 14:42 - 00000000 ____D C:\Users\homebase
2016-07-19 20:24 - 2016-05-18 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2016-07-19 20:24 - 2016-05-18 11:42 - 00000000 ____D C:\Program Files\ASRock Utility
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\winrm
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\WCN
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\slmgr
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-07-19 09:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\MUI
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-07-19 09:18 - 2016-05-11 17:29 - 00000000 ____D C:\Windows\system32\MRT
2016-07-19 09:12 - 2016-05-11 17:29 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-19 08:54 - 2016-05-26 08:10 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-19 08:52 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-08 18:27 - 2016-05-10 18:52 - 00000000 ____D C:\Users\homebase\AppData\Roaming\Ableton
2016-07-07 17:54 - 2016-05-29 05:56 - 00000000 ____D C:\Users\homebase\AppData\Local\Native Instruments
2016-07-07 17:54 - 2016-05-28 14:43 - 00000000 ____D C:\Users\homebase\Documents\Native Instruments
2016-07-05 20:33 - 2016-05-20 08:46 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-05 07:57 - 2016-06-22 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOTU
2016-07-05 07:56 - 2016-06-22 19:12 - 00000000 ____D C:\Program Files (x86)\MOTU
2016-07-04 22:55 - 2016-05-24 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
2016-07-04 22:55 - 2016-05-24 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arturia
2016-07-04 22:55 - 2016-05-10 16:51 - 00000000 ____D C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-04 22:55 - 2016-05-10 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-04 22:34 - 2016-06-19 05:46 - 00000000 __HDC C:\ProgramData\{3F0C2AC3-0702-4760-AFC1-157546C32EC1}
2016-07-04 22:34 - 2016-06-19 05:44 - 00000000 __HDC C:\ProgramData\{86A4FE2A-247F-42EF-9C3E-C2551D2529B5}
2016-07-04 22:34 - 2016-06-19 05:44 - 00000000 __HDC C:\ProgramData\{3FD630E4-094C-41D8-8276-77FA452C358F}
2016-07-04 22:34 - 2016-06-14 17:53 - 00000000 __HDC C:\ProgramData\{1EE2F726-1234-41B1-A064-86CD048C4BEB}
2016-07-04 22:34 - 2016-06-14 15:08 - 00000000 __HDC C:\ProgramData\{C7E9FBB1-9CB7-4917-9D0E-7C333B122B2B}
2016-07-04 22:34 - 2016-06-14 14:53 - 00000000 __HDC C:\ProgramData\{DA31E3B5-AD7E-4759-A162-75CF964B70AC}
2016-07-04 05:40 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-07-02 16:19 - 2016-05-10 17:28 - 00003918 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1462894115
2016-07-02 13:25 - 2016-05-10 17:27 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146745872652102
2016-07-02 13:25 - 2016-05-10 17:27 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-07-30 08:53 - 2016-07-30 08:53 - 0000004 ____H () C:\ProgramData\cm-lock

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-27 17:28

==================== Ende von FRST.txt ============================

mikon · 30.07.2016, 09:49

ist fündig geworden

Code:

ATTFilter

~ ZHPDiag v2016.7.29.119 Von Nicolas Coolman (2016/07/29)
~ gestartet von homebase (Administrator)  (2016/07/30 10:37:18)
~ Site: https://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Version des Status:  Version OK
~ Modus: Scanner
~ Bericht: C:\Users\homebase\Desktop\ZHPDiag.txt
~ Bericht: C:\Users\homebase\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Systemstart: Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)

---\\ Internet-browser (2) - 0s
GCIE: Google Chrome v51.0.2704.103
MSIE: Internet Explorer v10.0.9200.17457

---\\ Windows-Produkt-Informationen (4) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : KO

---\\ System-Datenschutz-software (1) - 2s
Malwarebytes Anti-Malware Version 2.2.1.1043

---\\ Monitoring Software (1) - 3s
Adobe Flash Player 22 PPAPI

---\\ Informationen über das system (6) - 0s
~ Operating System: AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD
~ Operating System:  64-bit 
~ Boot mode: Normal (Normal boot)
Total RAM: 16753.088 MB (79% free)
System Restore: Désactivé (Disabled)
System drive C: has 45 GB () free of 172 GB

---\\ Verbindung zu den Systemmodus (3) - 0s
~ Computer Name: HOMEBASE-PC
~ User Name: homebase
~ Logged in as Administrator

---\\ Aufzählung von Disk-Einheiten (12) - 0s
~ Drive C: has 45 GB free of 172 GB  (System)
~ Drive E: has 1 GB free of 19 GB
~ Drive F: has 101 GB free of 102 GB
~ Drive H: has 0 GB free of 0 GB
~ Drive I: has 30 GB free of 50 GB
~ Drive J: has 54 GB free of 99 GB
~ Drive K: has 38 GB free of 49 GB
~ Drive L: has 135 GB free of 553 GB
~ Drive M: has 56 GB free of 65 GB
~ Drive N: has 472 GB free of 476 GB
~ Drive O: has 397 GB free of 953 GB
~ Drive T: has 13 GB free of 199 GB

---\\ Status der Windows-Sicherheitscenter (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Suche generische Systemdateien (26) - 0s
[MD5.9DA3B83F80E205B6C601EEE1312FD0A0] - 09/04/2016 - (.Microsoft Corporation - Windows-Explorer.) -- C:\Windows\Explorer.exe [3231232]  =>.Microsoft Corporation
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows-Hostprozess (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568]  =>.Microsoft Corporation
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows-Startanwendung.) -- C:\Windows\System32\Wininit.exe [129024]  =>.Microsoft Corporation
[MD5.B3AFBD1A76B2C1D924C456F8F35FE531] - 21/07/2016 - (.Microsoft Corporation - Interneterweiterungen für Win32.) -- C:\Windows\System32\wininet.dll [2239488]  =>.Microsoft Corporation
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 17/07/2014 - (.Microsoft Corporation - Windows-Anmeldeanwendung.) -- C:\Windows\System32\Winlogon.exe [455168]  =>.Microsoft Corporation
[MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Softwarelizenzierungsbibliothek.) -- C:\Windows\System32\sppcomapi.dll [232448]  =>.Microsoft Corporation
[MD5.492D07D79E7024CA310867B526D9636D] - 16/06/2011 - (.Microsoft Corporation - DNS-Client-API-DLL.) -- C:\Windows\System32\dnsapi.dll [357888]  =>.Microsoft Corporation
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 16/06/2011 - (.Microsoft Corporation - DNS-Client-API-DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336]  =>.Microsoft Corporation
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - 20/11/2010 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]  =>.Microsoft Corporation
[MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [497664]  =>.Microsoft Corporation
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128]  =>.Microsoft Windows®
[MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160]  =>.Microsoft Corporation
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456]  =>.Microsoft Corporation
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400]  =>.Microsoft Corporation
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368]  =>.Microsoft Corporation
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042-Anschlusstreiber.) -- C:\Windows\System32\drivers\i8042prt.sys [105472]  =>.Microsoft Corporation
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224]  =>.Microsoft Corporation
[MD5.15734008BB9E11AC603B3F4187B91FF1] - 10/06/2016 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159744]  =>.Microsoft Corporation
[MD5.E47D571FEC2C76E867935109AB2A770C] - 11/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [262144]  =>.Microsoft Corporation
[MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - 11/01/2016 - (.Microsoft Corporation - NT-Dateisystemtreiber.) -- C:\Windows\System32\drivers\ntfs.sys [1684416]  =>.Microsoft Windows®
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Treiber für parallelen Anschluss.) -- C:\Windows\System32\drivers\Parport.sys [97280]  =>.Microsoft Corporation
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536]  =>.Microsoft Corporation
[MD5.1B6163C503398B23FF8B939C67747683] - 21/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888]  =>.Microsoft Corporation
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184]  =>.Microsoft Corporation
[MD5.AA77EB517D2F07A947294F260E3ACA83] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [118272]  =>.Microsoft Corporation
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Volumeschattenkopie-Treiber.) -- C:\Windows\System32\drivers\volsnap.sys [295808]  =>.Microsoft Windows®

---\\ Nicht von Microsoft nicht deaktiviert Windows XP/NT/2000-Dienste (11) - 0s
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe  =>.AMD
O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Fusion Utility-Dienst.) - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe  =>.Advanced Micro Devices, Inc.
O23 - Service: Bonjour-Dienst (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe  =>.Apple Inc.®
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe  =>.WIBU-SYSTEMS AG®
O23 - Service: Dropbox-Update-Service (dbupdate) (dbupdate) . (.Dropbox, Inc. - Dropbox Update.) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe  =>.Dropbox, Inc®
O23 - Service: Google Update-Dienst (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc®
O23 - Service:  (MBAMScheduler) . (.Malwarebytes -  Malwarebytes Anti-Malware .) - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe  =>.Malwarebytes Corporation®
O23 - Service:  (MBAMService) . (.Malwarebytes -  Malwarebytes Anti-Malware .) - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe  =>.Malwarebytes Corporation®
O23 - Service: NIHardwareService (NIHardwareService) . (.Native Instruments GmbH - NIHardwareService.) - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe {0647B3142D457C37145046D5BAA10EC6}  =>.Native Instruments GmbH
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) . (.Samsung Electronics Co., Ltd. - Samsung RAPID Mode Service.) - C:\Windows\System32\RAPID\SamsungRapidSvc.exe  =>.Samsung Electronics Co., Ltd.®
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - N:\USB Drivers\27_ssconn\conn\ss_conn_service.exe  =>.Samsung Electronics CO., LTD.®

---\\ Allgemeinzustand der Dienste nicht Microsoft (SR=Running, SS=Stopped) (15) - 25s

SS - Demand [13/07/2016] [  270016]  Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  =>.Adobe Systems Incorporated®
SR - Auto   [04/08/2015] [  246784]   (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe  =>.AMD
SR - Auto   [04/08/2015] [  344064]  AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe  =>.Advanced Micro Devices, Inc.
SR - Auto   [12/12/2008] [  238888]  Bonjour-Dienst (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe  =>.Apple Inc.®
SR - Auto   [21/01/2015] [ 3523448]  CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe  =>.WIBU-SYSTEMS AG®
SS - Auto   [26/05/2016] [  143144]  Dropbox-Update-Service (dbupdate) (dbupdate) . (.Dropbox, Inc..) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe  =>.Dropbox, Inc®
SS - Demand [26/05/2016] [  143144]  Dropbox-Update-Service (dbupdatem) (dbupdatem) . (.Dropbox, Inc..) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe  =>.Dropbox, Inc®
SS - Auto   [09/05/2016] [  154440]  Google Update-Dienst (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SS - Demand [09/05/2016] [  154440]  Google Update-Dienst (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SS - Auto   [10/03/2016] [ 1514464]   (MBAMScheduler) . (.Malwarebytes.) - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe  =>.Malwarebytes Corporation®
SS - Auto   [10/03/2016] [ 1136608]   (MBAMService) . (.Malwarebytes.) - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe  =>.Malwarebytes Corporation®
SR - Auto   [24/05/2016] [14294640]  NIHardwareService (NIHardwareService) . (.Native Instruments GmbH.) - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe {0647B3142D457C37145046D5BAA10EC6}  =>.Native Instruments GmbH
SR - Auto   [04/09/2015] [   28256]  Samsung RAPID Mode Service (SamsungRapidSvc) . (.Samsung Electronics Co., Ltd..) - C:\Windows\System32\RAPID\SamsungRapidSvc.exe  =>.Samsung Electronics Co., Ltd.
SR - Auto   [08/01/2016] [  754784]  SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - N:\USB Drivers\27_ssconn\conn\ss_conn_service.exe  =>.Samsung Electronics CO., LTD.®

---\\ Im Automatikbetrieb geplanten Tasks (32) - 6s
[MD5.00000000000000000000000000000000] [APT] [Aufgabenname] (...) -- Auszufhrende Aufgabe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.3E0C13FF3080B01C3C5DBAE7A8D14507] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe   [1210560] (.Activate.)  =>.Adobe Systems Incorporated®
[MD5.5408C05EC720D3A08640259E4E38A32B] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [270016] (.Activate.)  =>.Adobe Systems Incorporated®
[MD5.00000000000000000000000000000000] [APT] [asrRd] (...) -- C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [avast! Emergency Update] (...) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.A1F58FFF448E4099297D6EE0641D4D0E] [APT] [DropboxUpdateTaskMachineCore] (.Dropbox, Inc..) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe   [143144] (.Activate.)  =>.Dropbox, Inc®
[MD5.A1F58FFF448E4099297D6EE0641D4D0E] [APT] [DropboxUpdateTaskMachineUA] (.Dropbox, Inc..) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe   [143144] (.Activate.)  =>.Dropbox, Inc®
[MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [154440] (.Activate.)  =>.Google Inc®
[MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [154440] (.Activate.)  =>.Google Inc®
[MD5.00000000000000000000000000000000] [APT] [SafeZone scheduled Autoupdate 1462894115] (...) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.DD4252D1D7C983E3E522258E135C0FAC] [APT] [SamsungMagician] (.Samsung Electronics..) -- C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe   [6206048] (.Activate.)  =>.Samsung Electronics Co., Ltd.®
[MD5.3266B65CAABD34E44FB1769722C2F7DA] [APT] [Samsung_PSSD_Registration] (.Samsung Electronics.) -- C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe   [2320288] (.Activate.)  =>.Samsung Electronics Co., Ltd.®
[MD5.00000000000000000000000000000000] [APT] [{0B58E04B-48E2-434E-89BC-3293F1543B1A}] (...) -- C:\Users\homebase\Desktop\epson327610eu.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [{9DE11DC4-FE9D-44B9-B948-68A9059C54C9}] (...) -- C:\Program Files (x86)\EPSON\Creativity Suite\File Manager\EFileManager.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.CD11D500328F07AE1666D046F94179E0] [APT] [AVAST Software] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe   [702056] (.Activate.)  =>.AVAST Software a.s.®
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job  [946]   =>.Adobe Systems Incorporated®
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job  [884]   =>.Adobe Systems Incorporated®
O39 - APT: DropboxUpdateTaskMachineCore - (.Dropbox, Inc..) -- C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job  [1214]   =>.Dropbox, Inc®
O39 - APT: DropboxUpdateTaskMachineUA - (.Dropbox, Inc..) -- C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job  [1218]   =>.Dropbox, Inc®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job  [1106]   =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job  [1110]   =>.Google Inc®
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier  [3952]   =>.Adobe Systems Incorporated®
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater  [3822]   =>.Adobe Systems Incorporated®
O39 - APT: asrRd - (...) -- C:\Windows\System32\Tasks\asrRd  [3038]  (.Orphan.)  =>.Superfluous.Orphan
O39 - APT: avast! Emergency Update - (...) -- C:\Windows\System32\Tasks\avast! Emergency Update  [3922]  (.Orphan.)  =>.Superfluous.Orphan
O39 - APT: DropboxUpdateTaskMachineCore - (.Dropbox, Inc..) -- C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore  [3962]   =>.Dropbox, Inc®
O39 - APT: DropboxUpdateTaskMachineUA - (.Dropbox, Inc..) -- C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA  [4214]   =>.Dropbox, Inc®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore  [3854]   =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA  [4106]   =>.Google Inc®
O39 - APT: SafeZone scheduled Autoupdate 1462894115 - (...) -- C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1462894115  [3918]  (.Orphan.)  =>.Superfluous.Orphan
O39 - APT: SamsungMagician - (.Samsung Electronics..) -- C:\Windows\System32\Tasks\SamsungMagician  [3286]   =>.Samsung Electronics Co., Ltd.®
O39 - APT: Samsung_PSSD_Registration - (.Samsung Electronics.) -- C:\Windows\System32\Tasks\Samsung_PSSD_Registration  [3124]   =>.Samsung Electronics Co., Ltd.®

---\\ Prozess läuft (23) - 0s
[MD5.606C8F129FE18D6E3EA2FD542D43D72D] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [246784] [PID.1000]  =>.AMD
[MD5.CC4356B8859E98ACC8E2A1E7FCAE8315] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [672768] [PID.1288]  =>.AMD
[MD5.B12D8F8A42080B955D027EE56F5BD1C3] - (.Advanced Micro Devices, Inc. - Fusion Utility-Dienst.) -- C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064] [PID.1620]  =>.Advanced Micro Devices, Inc.
[MD5.3F56903E124E820AEECE6D471583C6C1] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe [238888] [PID.1688]  =>.Apple Inc.®
[MD5.51863664507D84D42DCDA30EE6F284FB] - (.Native Instruments GmbH - NIHardwareService.) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [14294640] [PID.2088] {0647B3142D457C37145046D5BAA10EC6}  =>.Native Instruments GmbH
[MD5.3763C406CB735D044373C50FF95167E3] - (.Samsung Electronics Co., Ltd. - Samsung RAPID Mode Service.) -- C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28256] [PID.2144]  =>.Samsung Electronics Co., Ltd.®
[MD5.7DB9E612A2742ACEAB080B882E83141C] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- N:\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784] [PID.2196]  =>.Samsung Electronics CO., LTD.®
[MD5.7FFB9B41FF34F3F8D5E6C9634569E866] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3523448] [PID.2296]  =>.WIBU-SYSTEMS AG®
[MD5.3B1C6FDA44883B810BF48BACFFEE862D] - (.Samsung Electronics Co., Ltd. - Samsung RAPID Mode Notification Utility.) -- C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281696] [PID.3928]  =>.Samsung Electronics Co., Ltd.®
[MD5.58332C83C4A329A744B0B98F934934BB] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe [288920] [PID.3880]  =>.Google Inc®
[MD5.788321A2C0C45F16820E00A8BA8FD3DA] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe [366232] [PID.3108]  =>.Google Inc®
[MD5.3266B65CAABD34E44FB1769722C2F7DA] - (.Samsung Electronics - Samsung Portable SSD Daemon.) -- C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe [2320288] [PID.1072]  =>.Samsung Electronics Co., Ltd.®
[MD5.DD4252D1D7C983E3E522258E135C0FAC] - (.Samsung Electronics. - Samsung Magician Application.) -- C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [6206048] [PID.1048]  =>.Samsung Electronics Co., Ltd.®
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720] [PID.3916]  =>.Google Inc®
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720] [PID.1436]  =>.Google Inc®
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720] [PID.1972]  =>.Google Inc®
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720] [PID.4664]  =>.Google Inc®
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720] [PID.5048]  =>.Google Inc®
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720] [PID.4744]  =>.Google Inc®
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720] [PID.2444]  =>.Google Inc®
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720] [PID.1844]  =>.Google Inc®
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720] [PID.5100]  =>.Google Inc®
[MD5.10BB8AE1443C08239724F0043CED33F0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\homebase\Desktop\ZHPDiag3.exe [2233856] [PID.4796]  =>.Nicolas Coolman

---\\ Google Chrome, Startseite,Seiten of search,Ausdehnung (21) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] hxxp://www.google.com/
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] hxxp://www.google.com
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] hxxp://www.palikan.com/  =>PUP.Optional.GoPalikan
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] hxxp://www.trovi.com/  =>PUP.Optional.Trovigo
G2 - GCE: Preference [User Data\Default] [bigefpfhnfcobdlfbedofhhaibnlghod] MEGA
G2 - GCE: Preference [User Data\Default] [djcfdncoelnlbldjfhinnjlhdjlikmph] __MSG_HIGHCONTRAST_APPNAME__
G2 - GCE: Preference [User Data\Default] [dpdmhfocilnekecfjgimjdeckachfbec] __MSG_name__
G2 - GCE: Preference [User Data\Default] [edlfafigoeaoafhcodgjgagjpibckpmk] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [egncdnniomonjgpjbapalkckojhkfddk] Floating for YouTube™ Extension
G2 - GCE: Preference [User Data\Default] [fdcenekolminfbkcbchinlcgfhpmggpk] Mixcloud
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] __MSG_name__
G2 - GCE: Preference [User Data\Default] [ioekoebejdcmnlefjiknokhhafglcjdl] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ipebkipbeggmmkjjljenoblnfaenambp] SoundCloud  =>PUP.Optional.SoundCloud
G2 - GCE: Preference [User Data\Default] [ipkjmjaledkapilfdigkgfmpekpfnkih] __MSG_COLOR_ENHANCER_APPNAME__
G2 - GCE: Preference [User Data\Default] [jaogepninmlbinccpbiakcgiolijlllo] __MSG_extName__
G2 - GCE: Preference [User Data\Default] [jjphmlaoffndcnecccgemfdaaoighkel] Floating for YouTube™
G2 - GCE: Preference [User Data\Default] [jklnclajhlcbghmgkljidaofhcnmjffo] FRQc
G2 - GCE: Preference [User Data\Default] [kajibbejlbohfaggdiogboambcijhkke] __MSG_ext_name__
G2 - GCE: Preference [User Data\Default] [lfbgimoladefibpklnfmkpknadbklade] Webcam Toy
G2 - GCE: Preference [User Data\Default] [libedajeiljdoodmokbppgapcfbignci] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest  =>.Google Inc.

---\\ Internet Explorer, Startseite,Seiten of search,Ausdehnung (5) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan  =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

---\\ Line Analysis - IniFiles, Auto Laden von Programmen (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)  =>.Microsoft Corporation

---\\ Hosts Datei-Umleitung (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Auto Laden von Programmen vom Register und Ordner (7) - 0s
O4 - HKLM\..\Run: [SamsungRapidApp] . (.Samsung Electronics Co., Ltd. - Samsung RAPID Mode Notification Utility.) -- C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe  =>.Samsung Electronics Co., Ltd.®
O4 - HKCU\..\Run: [drhard.exe] C:\Program Files (x86)\Dr. Hardware 2016\drhard.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows-Minianwendungen.) -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows-Minianwendungen.) -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-302714957-2580015752-1539367651-1000\..\Run: [drhard.exe] C:\Program Files (x86)\Dr. Hardware 2016\drhard.exe (.not file.)

---\\ Globale Tastenkombinationen Start (32) - 3s
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\homebase\AppData\Roaming\ZHP\ZHPDiag3.exe  =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Smart Switch.lnk . (.Samsung - Smart Switch PC.) N:\SmartSwitchPC\SmartSwitchPC.exe  =>.Samsung Electronics CO., LTD.®
O4 - GS\sendTo [Administrator]: Dropbox.lnk . (...) K:\Dropbox
O4 - GS\TaskBar [Administrator]: 4K YouTube to MP3.lnk . (.Open Media LLC - 4K YouTube to MP3.) C:\Program Files (x86)\4KDownload\4kyoutubetomp3\4kyoutubetomp3.exe  =>.Open Media LLC®
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google Inc®
O4 - GS\TaskBar [Administrator]: Reason 9.lnk . (.Propellerhead Software AB - .) C:\Program Files (x86)\Propellerhead\Reason 9\Reason.exe
O4 - GS\TaskBar [Administrator]: Saffire MixControl.lnk . (...) C:\Program Files (x86)\Focusrite\Saffire MixControl\SaffireCpl.exe
O4 - GS\TaskBar [Administrator]: Spark.lnk . (.Arturia - Spark standalone application.) M:\instrumente\Spark\Spark.exe  =>.Arturia
O4 - GS\Desktop [Gast]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\homebase\AppData\Roaming\ZHP\ZHPDiag3.exe  =>.Nicolas Coolman
O4 - GS\Quicklaunch [Gast]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google Inc®
O4 - GS\Quicklaunch [Gast]: Smart Switch.lnk . (.Samsung - Smart Switch PC.) N:\SmartSwitchPC\SmartSwitchPC.exe  =>.Samsung Electronics CO., LTD.®
O4 - GS\sendTo [Gast]: Dropbox.lnk . (...) K:\Dropbox
O4 - GS\TaskBar [Gast]: 4K YouTube to MP3.lnk . (.Open Media LLC - 4K YouTube to MP3.) C:\Program Files (x86)\4KDownload\4kyoutubetomp3\4kyoutubetomp3.exe  =>.Open Media LLC®
O4 - GS\TaskBar [Gast]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google Inc®
O4 - GS\TaskBar [Gast]: Reason 9.lnk . (.Propellerhead Software AB - .) C:\Program Files (x86)\Propellerhead\Reason 9\Reason.exe
O4 - GS\TaskBar [Gast]: Saffire MixControl.lnk . (...) C:\Program Files (x86)\Focusrite\Saffire MixControl\SaffireCpl.exe
O4 - GS\TaskBar [Gast]: Spark.lnk . (.Arturia - Spark standalone application.) M:\instrumente\Spark\Spark.exe  =>.Arturia
O4 - GS\Desktop [homebase]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\homebase\AppData\Roaming\ZHP\ZHPDiag3.exe  =>.Nicolas Coolman
O4 - GS\Quicklaunch [homebase]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google Inc®
O4 - GS\Quicklaunch [homebase]: Smart Switch.lnk . (.Samsung - Smart Switch PC.) N:\SmartSwitchPC\SmartSwitchPC.exe  =>.Samsung Electronics CO., LTD.®
O4 - GS\sendTo [homebase]: Dropbox.lnk . (...) K:\Dropbox
O4 - GS\TaskBar [homebase]: 4K YouTube to MP3.lnk . (.Open Media LLC - 4K YouTube to MP3.) C:\Program Files (x86)\4KDownload\4kyoutubetomp3\4kyoutubetomp3.exe  =>.Open Media LLC®
O4 - GS\TaskBar [homebase]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google Inc®
O4 - GS\TaskBar [homebase]: Reason 9.lnk . (.Propellerhead Software AB - .) C:\Program Files (x86)\Propellerhead\Reason 9\Reason.exe
O4 - GS\TaskBar [homebase]: Saffire MixControl.lnk . (...) C:\Program Files (x86)\Focusrite\Saffire MixControl\SaffireCpl.exe
O4 - GS\TaskBar [homebase]: Spark.lnk . (.Arturia - Spark standalone application.) M:\instrumente\Spark\Spark.exe  =>.Arturia
O4 - GS\CommonDesktop [Public]:  Malwarebytes Anti-Malware .lnk . (.Malwarebytes -  Malwarebytes Anti-Malware .) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe  =>.Malwarebytes Corporation®
O4 - GS\Programs [Public]: Ableton Live 9 Suite.lnk . (.Ableton - .) C:\ProgramData\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe  =>.Ableton
O4 - GS\Programs [Public]: Ableton Live 9 Trial.lnk . (...) C:\ProgramData\Ableton\Live 9 Trial\Program\Ableton Live 9 Trial.exe
O4 - GS\Programs [Public]: WEB.DE Online-Speicher.lnk . (.1&1 Mail & Media GmbH - WEB.DE Online-Speicher.) C:\Users\homebase\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc

---\\ Lop.com/Domain Entführer (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{73580C72-6D2D-46A6-B863-8C0051B8F067}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{73580C72-6D2D-46A6-B863-8C0051B8F067}: DhcpDomain = local

---\\ Zusätzliche Protokolle (20) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-Anzeige.) -- C:\Windows\SysWOW64\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX-Steuerung für Streamingvideo.) -- C:\Windows\SysWOW64\MSVidCtl.dll  =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll  =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-Anzeige.) -- C:\Windows\SysWOW64\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-Anzeige.) -- C:\Windows\SysWOW64\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll  =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll  =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-Anzeige.) -- C:\Windows\SysWOW64\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX-Steuerung für Streamingvideo.) -- C:\Windows\SysWOW64\MSVidCtl.dll  =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-Anzeige.) -- C:\Windows\SysWOW64\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®

---\\ Installierte Software (114) - 12s
O42 - Logiciel: 4K YouTube to MP3 3.0 - (.Open Media LLC.) [HKLM][64Bits] -- 4K YouTube to MP3_is1  =>.Open Media LLC®
O42 - Logiciel: Ableton Live 9 Suite - (.Ableton.) [HKLM][64Bits] -- {629C521E-5C03-4A17-9851-F8313A41BB20}  =>.Ableton
O42 - Logiciel: Ableton Live 9 Trial - (.Ableton.) [HKLM][64Bits] -- {1B679E85-4D36-4EDD-953C-6D2D2BBE2D84}  =>.Ableton
O42 - Logiciel: Acustica Audio REDEQ - (.Acustica Audio.) [HKLM][64Bits] -- REDEQ Acqua Library
O42 - Logiciel: ADM 1.2.2 Beat - (.AudioRealism.) [HKLM][64Bits] -- AudioRealism Drum Machine_is1
O42 - Logiciel: Adobe Flash Player 22 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI  =>.Adobe Systems Incorporated®
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}  =>.Advanced Micro Devices Inc.
O42 - Logiciel: AMD Catalyst Control Center - (.Ihr Firmenname.) [HKLM][64Bits] -- {20AE3A4E-38CA-C6F8-4E60-5DF41A2CC0AC}
O42 - Logiciel: AMD Fuel - (.Ihr Firmenname.) [HKLM][64Bits] -- {AA20E9E6-96D0-C201-E44D-F7D921F595FD}
O42 - Logiciel: Arturia Software Center 1.1.9 - (.Arturia.) [HKLM][64Bits] -- Arturia Software Center_is1  =>.Arturia
O42 - Logiciel: Asmedia ASM104x USB 3.0 Host Controller Driver - (.Asmedia Technology.) [HKLM][64Bits] -- {E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}  =>.Asmedia Technology
O42 - Logiciel: Asmedia ASM106x SATA Host Controller Driver - (.Asmedia Technology.) [HKLM][64Bits] -- {61942EF5-2CD8-47D4-869C-2E9A8BB085F1}  =>.Asmedia Technology
O42 - Logiciel: ASRock 3TB+ Unlocker v1.1.1 - (.ASRock Inc..) [HKLM][64Bits] -- ASRock 3TB+ Unlocker_is1  =>.ASROCK Incorporation®
O42 - Logiciel: Authorizer 2.9.1d8 - (.Propellerhead Software AB.) [HKLM][64Bits] -- {F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1
O42 - Logiciel: Automap 4.9 - (.Focusrite Audio Engineering Ltd..) [HKLM][64Bits] -- Automap Universal_is1 {0BD57694357C70834D593B6379A4997D}  =>.Focusrite Audio Engineering Ltd.
O42 - Logiciel: Automap ReWire 1.0 - (.Focusrite Audio Engineering Ltd..) [HKLM][64Bits] -- Automap Universal ReWire_is1  =>.Focusrite Audio Engineering Ltd.
O42 - Logiciel: Bass Station 2.0 - (.Novation.) [HKLM][64Bits] -- {ABAF1232-6213-4062-9D52-04E04A730CEA}_is1  =>.Focusrite Audio Engineering Limited®
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {07287123-B8AC-41CE-8346-3D777245C35B}  =>.Apple Inc.
O42 - Logiciel: CodeMeter Runtime Kit v5.21 - (.WIBU-SYSTEMS AG.) [HKLM][64Bits] -- {05CA69B3-6699-425F-8223-39E4E00B6581}  =>.WIBU-SYSTEMS AG
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKLM][64Bits] -- Dropbox  =>.Dropbox, Inc®
O42 - Logiciel: Dropbox Update Helper - (.Dropbox, Inc..) [HKLM][64Bits] -- {099218A5-A723-43DC-8DB5-6173656A1E94}  =>.Dropbox, Inc.
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM][64Bits] -- {20C45B32-5AB6-46A4-94EF-58950CAF05E5}  =>.SEIKO EPSON
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome  =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}  =>.Google Inc.
O42 - Logiciel: HashCheck Shell Extension (x86-32) - (.Kai Liu.) [HKLM][64Bits] -- HashCheck Shell Extension  =>.Kai Liu
O42 - Logiciel: HashCheck Shell Extension (x86-64) - (.Kai Liu.) [HKLM][64Bits] -- HashCheck Shell Extension  =>.Kai Liu
O42 - Logiciel: Malwarebytes Anti-Malware Version 2.2.1.1043 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1  =>.Malwarebytes
O42 - Logiciel: MEGAsync - (.Mega Limited.) [HKLM][64Bits] -- MEGAsync  =>.Mega Limited®
O42 - Logiciel: MIDI Control Center 1.3.0 - (.Arturia.) [HKLM][64Bits] -- MIDI Control Center_is1  =>.Arturia
O42 - Logiciel: MOTU Hardware - (.MOTU.) [HKLM][64Bits] -- {0B7000EF-C9FC-49F3-B5D3-69A16124AFAB}
O42 - Logiciel: Native Instruments Controller Editor - (.Native Instruments.) [HKLM][64Bits] -- {0886900B-B2F3-452C-B580-60F1253F7F80}  =>.Native Instruments
O42 - Logiciel: Native Instruments Controller Editor - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Controller Editor  =>.Native Instruments
O42 - Logiciel: Native Instruments Drum Lab - (.Native Instruments.) [HKLM][64Bits] -- {08E56BCC-7BC4-4326-98BD-42D3D8F6FDED}  =>.Native Instruments
O42 - Logiciel: Native Instruments Drum Lab - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Drum Lab  =>.Native Instruments
O42 - Logiciel: Native Instruments Grey Forge - (.Native Instruments.) [HKLM][64Bits] -- {0899cafb-968f-4d26-ba97-0ad0977dcd9b}  =>.Native Instruments
O42 - Logiciel: Native Instruments Grey Forge - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Grey Forge  =>.Native Instruments
O42 - Logiciel: Native Instruments Guitar Rig Factory Selection for Maschine - (.Native Instruments.) [HKLM][64Bits] -- {8812511F-8D8C-49D3-A711-C9650B2F5566}  =>.Native Instruments
O42 - Logiciel: Native Instruments Guitar Rig Factory Selection for Maschine - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Guitar Rig Factory Selection for Maschine  =>.NATIVE INSTRUMENTS GmbH®
O42 - Logiciel: Native Instruments Guitar Rig Mobile IO Driver - (.Native Instruments.) [HKLM][64Bits] -- {2930FB47-6452-4476-BF16-D77F748646DB}  =>.Native Instruments
O42 - Logiciel: Native Instruments Guitar Rig Session IO Driver - (.Native Instruments.) [HKLM][64Bits] -- {7930FB47-6452-4476-BF16-D77F748646DB}  =>.Native Instruments
O42 - Logiciel: Native Instruments Komplete Kontrol - (.Native Instruments.) [HKLM][64Bits] -- {6D2B175C-770D-4488-851D-674394AE7DF9}  =>.Native Instruments
O42 - Logiciel: Native Instruments Komplete Kontrol - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Komplete Kontrol  =>.Native Instruments
O42 - Logiciel: Native Instruments Komplete Select - (.Native Instruments.) [HKLM][64Bits] -- {2571A6C1-09BD-4717-9EEA-1CA4CC0B11B6}  =>.Native Instruments
O42 - Logiciel: Native Instruments Komplete Select - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Komplete Select  =>.Native Instruments
O42 - Logiciel: Native Instruments Kontakt 5 - (.Native Instruments.) [HKLM][64Bits] -- {5552453B-BB76-45E3-973D-F95E458ED780}  =>.Native Instruments
O42 - Logiciel: Native Instruments Kontakt 5 - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Kontakt 5  =>.Native Instruments
O42 - Logiciel: Native Instruments Maschine - (.Native Instruments.) [HKLM][64Bits] -- {FC6AFD44-EDF9-4A03-AB9E-16A5391FE24F}  =>.Native Instruments
O42 - Logiciel: Native Instruments Maschine - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Maschine  =>.NATIVE INSTRUMENTS GmbH®
O42 - Logiciel: Native Instruments Maschine 2 - (.Native Instruments.) [HKLM][64Bits] -- {B8C8F1E5-763A-4841-ACD2-5CE0A1152949}  =>.Native Instruments
O42 - Logiciel: Native Instruments Maschine 2 - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Maschine 2  =>.Native Instruments
O42 - Logiciel: Native Instruments Maschine 2 Factory Library - (.Native Instruments.) [HKLM][64Bits] -- {16c059dc-2cce-4138-9426-14e371590f08}  =>.Native Instruments
O42 - Logiciel: Native Instruments Maschine 2 Factory Library - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Maschine 2 Factory Library  =>.Native Instruments
O42 - Logiciel: Native Instruments Maschine Controller MK2 Driver - (.Native Instruments.) [HKLM][64Bits] -- {291BF86D-585D-47bb-BB79-86DE9D35A8BA}  =>.Native Instruments
O42 - Logiciel: Native Instruments Maschine Controller MK2 Driver - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Maschine Controller MK2 Driver  =>.NATIVE INSTRUMENTS GmbH®
O42 - Logiciel: Native Instruments Maschine Factory Content - (.Native Instruments.) [HKLM][64Bits] -- {D28571EC-82E4-414D-B09D-BBA1B5B3FE55}  =>.Native Instruments
O42 - Logiciel: Native Instruments Maschine Factory Content 1.5 - (.Native Instruments.) [HKLM][64Bits] -- {4EBE7270-A95A-4A03-82C0-41A6F38A4DB2}  =>.Native Instruments
O42 - Logiciel: Native Instruments Massive - (.Native Instruments.) [HKLM][64Bits] -- {491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}  =>.Native Instruments
O42 - Logiciel: Native Instruments Massive - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Massive  =>.Native Instruments
O42 - Logiciel: Native Instruments Monark - (.Native Instruments.) [HKLM][64Bits] -- {e72f86b6-d2cd-4ec8-a510-286eee52b446}  =>.Native Instruments
O42 - Logiciel: Native Instruments Monark - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Monark  =>.Native Instruments
O42 - Logiciel: Native Instruments Reaktor 5 - (.Native Instruments.) [HKLM][64Bits] -- {E9EA5F38-6299-45A1-9D23-F21729A19357}  =>.Native Instruments
O42 - Logiciel: Native Instruments Reaktor 5 - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Reaktor 5  =>.Native Instruments
O42 - Logiciel: Native Instruments Reaktor 6 - (.Native Instruments.) [HKLM][64Bits] -- {61523CB1-462A-4D6C-80E5-8A2E8C1666AD}  =>.Native Instruments
O42 - Logiciel: Native Instruments Reaktor 6 - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Reaktor 6  =>.Native Instruments
O42 - Logiciel: Native Instruments Reaktor Blocks Wired - (.Native Instruments.) [HKLM][64Bits] -- {e55d6d45-b6c5-45b5-8ac7-67caa929ba03}  =>.Native Instruments
O42 - Logiciel: Native Instruments Reaktor Blocks Wired - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Reaktor Blocks Wired  =>.Native Instruments
O42 - Logiciel: Native Instruments Reaktor Prism - (.Native Instruments.) [HKLM][64Bits] -- {5B841301-3649-4891-BC10-7A66820397C9}  =>.Native Instruments
O42 - Logiciel: Native Instruments Reaktor Prism - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Reaktor Prism  =>.Native Instruments
O42 - Logiciel: Native Instruments Retro Machines Mk2 - (.Native Instruments.) [HKLM][64Bits] -- {86F4B370-079C-4EF9-B727-452B85CFA415}  =>.Native Instruments
O42 - Logiciel: Native Instruments Retro Machines Mk2 - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Retro Machines Mk2  =>.Native Instruments
O42 - Logiciel: Native Instruments Rig Kontrol 3 Driver - (.Native Instruments.) [HKLM][64Bits] -- {B962AD08-335F-46f7-A182-257D37672E5C}  =>.Native Instruments
O42 - Logiciel: Native Instruments Scarbee Mark I - (.Native Instruments.) [HKLM][64Bits] -- {45da1e94-82eb-4778-be0d-47c8d9e8451b}  =>.Native Instruments
O42 - Logiciel: Native Instruments Scarbee Mark I - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Scarbee Mark I  =>.Native Instruments
O42 - Logiciel: Native Instruments Service Center - (.Native Instruments.) [HKLM][64Bits] -- {0B8565BA-BAD5-4732-B122-5FD78EFC50A9}  =>.Native Instruments
O42 - Logiciel: Native Instruments Service Center - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Service Center  =>.Native Instruments
O42 - Logiciel: Native Instruments Solid Bus Comp FX - (.Native Instruments.) [HKLM][64Bits] -- {CF14C576-C523-4754-A46C-F6D16EDE8A0A}  =>.Native Instruments
O42 - Logiciel: Native Instruments Solid Bus Comp FX - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Solid Bus Comp FX  =>.Native Instruments
O42 - Logiciel: Native Instruments The Gentleman - (.Native Instruments.) [HKLM][64Bits] -- {0c8aa431-c9ad-4a3a-9cef-b969f82c4fb3}  =>.Native Instruments
O42 - Logiciel: Native Instruments The Gentleman - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments The Gentleman  =>.Native Instruments
O42 - Logiciel: Native Instruments Vintage Organs - (.Native Instruments.) [HKLM][64Bits] -- {14C1DD2C-D54E-464A-9588-C109E3E39EEF}  =>.Native Instruments
O42 - Logiciel: Native Instruments Vintage Organs - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Vintage Organs  =>.Native Instruments
O42 - Logiciel: Native Instruments West Africa - (.Native Instruments.) [HKLM][64Bits] -- {079419C3-9DFC-4571-BAFC-CD79854C684E}  =>.Native Instruments
O42 - Logiciel: Native Instruments West Africa - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments West Africa  =>.Native Instruments
O42 - Logiciel: Novation USB Audio Driver 2.7 - (.Novation DMS Ltd..) [HKLM][64Bits] -- Novation USB Audio Driver_is1
O42 - Logiciel: OpenOffice 4.1.2 - (.Apache Software Foundation.) [HKLM][64Bits] -- {F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}  =>.Apache Software Foundation
O42 - Logiciel: PROMARS(64bit) - (.Roland Corporation.) [HKLM][64Bits] -- {5A583C6E-A8CD-4BC5-910A-0347E9F15ACE}  =>.Roland Corporation
O42 - Logiciel: RAPID Mode - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {18DF567E-AA9B-434D-BE77-BFE2292712F6}  =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}  =>.Realtek Semiconductor Corp®
O42 - Logiciel: Reason 9 9.0.0d399 - (.Propellerhead Software AB.) [HKLM][64Bits] -- Reason9.0Stable_64_is1
O42 - Logiciel: Rob Papen Prisma 1.0.1 - (.Prisma.) [HKLM][64Bits] -- Rob Papen Prisma_is1
O42 - Logiciel: Rob Papen Punch / Punch-BD 1.0.5c - (.Rob Papen.) [HKLM][64Bits] -- Rob Papen Punch_is1
O42 - Logiciel: Rob Papen RP-AMod 1.0.0d - (.RP-AMod.) [HKLM][64Bits] -- Rob Papen RP-AMod_is1
O42 - Logiciel: Saffire MixControl 3.4 - (.Focusrite Audio Engineering Ltd..) [HKLM][64Bits] -- Saffire PRO 40_is1  =>.Focusrite Audio Engineering Limited®
O42 - Logiciel: Samsung Magician - (.Samsung Electronics.) [HKLM][64Bits] -- {29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1  =>.Samsung Electronics Co., Ltd.®
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}  =>.Samsung Electronics CO., LTD.®
O42 - Logiciel: Smart Switch - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {74FA5314-85C8-4E2A-907D-D9ECCCB770A7}  =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Smart Switch - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}  =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Spark 2.1.1 - (.Arturia.) [HKLM][64Bits] -- Spark_is1  =>.Arturia
O42 - Logiciel: Spectrasonics Trilian VSTi Plug-In version 1.4 - (.Copyright (C) 2009-2011 Spectrasonics.) [HKLM][64Bits] -- Spectrasonics Trilian VSTi Plug-In_is1
O42 - Logiciel: Sugar Bytes Artillery2 2.3.1 - (.Sugar Bytes.) [HKLM][64Bits] -- Artillery2_is1  =>.Sugar Bytes
O42 - Logiciel: Sugar Bytes Turnado 1.5.1 - (.Sugar Bytes.) [HKLM][64Bits] -- Turnado_is1  =>.Sugar Bytes
O42 - Logiciel: Sugar Bytes Unique 1.2.1 - (.Sugar Bytes.) [HKLM][64Bits] -- Unique_is1  =>.Sugar Bytes
O42 - Logiciel: SYSTEM-100(64bit) - (.Roland Corporation.) [HKLM][64Bits] -- {FFC77356-2AEB-4B26-8B0B-BA865B802314}  =>.Roland Corporation
O42 - Logiciel: u-he Filterscape - (.u-he.) [HKLM][64Bits] -- u-he Filterscape
O42 - Logiciel: u-he MFM2 - (.u-he.) [HKLM][64Bits] -- u-he MFM2
O42 - Logiciel: u-he Satin - (.u-he.) [HKLM][64Bits] -- u-he Satin
O42 - Logiciel: u-he Zebra2 - (.u-he.) [HKLM][64Bits] -- u-he Zebra2
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive  =>.Elaborate Bytes
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player  =>.VideoLAN
O42 - Logiciel: V-Station 2.3 - (.Novation.) [HKLM][64Bits] -- {842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1 {0BD57694357C70834D593B6379A4997D}
O42 - Logiciel: WEB.DE Online-Speicher 1.32.1.0 - (.1&1 Mail & Media GmbH.) [HKCU][64Bits] -- WEB.DE Application {sync-000021}
O42 - Logiciel: WinRAR 5.31 (64-Bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver  =>.win.rar GmbH®
O42 - Logiciel: WWAYM - NWEQ V1.21 - (...) [HKLM][64Bits] -- WWAYM - NWEQ V1.21
O42 - Logiciel: Your Uninstaller! 2010 - (.URSoft, Inc..) [HKLM][64Bits] -- YU2010_is1 {20D86DE3316D2F604A4A91753B51F566}

---\\ HKCU & HKLM Software Keys (87) - 12s
HKLM\SOFTWARE\Wow6432Node\1&1 Mail & Media GmbH
HKLM\SOFTWARE\Wow6432Node\AMD
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Arturia
HKLM\SOFTWARE\Wow6432Node\ASIO
HKLM\SOFTWARE\Wow6432Node\ATI
HKLM\SOFTWARE\Wow6432Node\ATI Technologies
HKLM\SOFTWARE\Wow6432Node\Cakewalk Music Software
HKLM\SOFTWARE\Wow6432Node\Dropbox
HKLM\SOFTWARE\Wow6432Node\DropboxUpdate
HKLM\SOFTWARE\Wow6432Node\DVDVideoSoft
HKLM\SOFTWARE\Wow6432Node\Elaborate Bytes
HKLM\SOFTWARE\Wow6432Node\EPSON
HKLM\SOFTWARE\Wow6432Node\Focusrite
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MimarSinan
HKLM\SOFTWARE\Wow6432Node\MOTU
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Native Instruments
HKLM\SOFTWARE\Wow6432Node\Novation
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OpenOffice
HKLM\SOFTWARE\Wow6432Node\Propellerhead Software
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Samsung
HKLM\SOFTWARE\Wow6432Node\Samsung Magician
HKLM\SOFTWARE\Wow6432Node\Softgogo
HKLM\SOFTWARE\Wow6432Node\Trolltech
HKLM\SOFTWARE\Wow6432Node\U-HE
HKLM\SOFTWARE\Wow6432Node\VST
HKLM\SOFTWARE\Wow6432Node\Waves
HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS
HKLM\SOFTWARE\Wow6432Node\WinClon4.0
HKLM\SOFTWARE\Wow6432Node\Wow6432Node
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\1&1 Mail & Media GmbH
HKCU\SOFTWARE\4kdownload.com
HKCU\SOFTWARE\Ableton
HKCU\SOFTWARE\acusticaudio
HKCU\SOFTWARE\AMD
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Arturia
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\Audacity
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\DropboxUpdate
HKCU\SOFTWARE\EaseUS
HKCU\SOFTWARE\Elaborate Bytes
HKCU\SOFTWARE\EPSON
HKCU\SOFTWARE\Focusrite
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Malwarebytes' Anti-Malware
HKCU\SOFTWARE\mlin
HKCU\SOFTWARE\MOTU
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Native Instruments
HKCU\SOFTWARE\Novation
HKCU\SOFTWARE\OpenOffice
HKCU\SOFTWARE\PDF Architect 4
HKCU\SOFTWARE\Propellerhead Software
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Raptr
HKCU\SOFTWARE\Rob Papen
HKCU\SOFTWARE\Roland
HKCU\SOFTWARE\RPCX
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\Seib
HKCU\SOFTWARE\Sugar Bytes
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\UpdateDownloadTool
HKCU\SOFTWARE\URSoft
HKCU\SOFTWARE\WIBU-SYSTEMS
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Inhalt der Ordner Programme (285) - 13s
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files\AMD
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files\ASRock Utility  =>.ASROCK Incorporation®
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files\ATI  =>.Advanced Micro Devices, Inc.®
O43 - CFD: 09/05/2016 - [0] D -- C:\Program Files\ATI Technologies
O43 - CFD: 28/07/2016 - [0] D -- C:\Program Files\CCleaner
O43 - CFD: 17/05/2016 - [] D -- C:\Program Files\CodeMeter
O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files\Focusrite
O43 - CFD: 09/05/2016 - [0] SHD -- C:\Program Files\Gemeinsame Dateien
O43 - CFD: 28/07/2016 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 22/06/2016 - [] D -- C:\Program Files\MOTU
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 28/07/2016 - [] D -- C:\Program Files\Native Instruments  =>.NATIVE INSTRUMENTS GmbH®
O43 - CFD: 17/05/2016 - [] D -- C:\Program Files\Novation
O43 - CFD: 27/07/2016 - [] D -- C:\Program Files\Propellerhead {00DCF0A74C7922FB141F129920576D87}
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 05/07/2016 - [] D -- C:\Program Files\Samsung  =>.Samsung Electronics CO., LTD.®
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files\Softube
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files\Vstplugins
O43 - CFD: 17/05/2016 - [] D -- C:\Program Files\WIBU-SYSTEMS
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 28/07/2016 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files\Windows Photo Viewer  =>.Microsoft Corporation®
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 24/05/2016 - [] D -- C:\Program Files\WinRAR  =>.win.rar GmbH®
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\4KDownload  =>.Open Media LLC®
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files (x86)\AMD
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files (x86)\AMD APP
O43 - CFD: 01/06/2016 - [] D -- C:\Program Files (x86)\Arturia
O43 - CFD: 18/05/2016 - [] D -- C:\Program Files (x86)\ASM104xUSB3
O43 - CFD: 18/05/2016 - [] D -- C:\Program Files (x86)\ASM106xSATA
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 17/05/2016 - [] D -- C:\Program Files (x86)\Bonjour  =>.Apple Inc.®
O43 - CFD: 17/05/2016 - [] D -- C:\Program Files (x86)\CodeMeter  =>.WIBU-SYSTEMS AG®
O43 - CFD: 27/07/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 28/07/2016 - [0] D -- C:\Program Files (x86)\Dr. Hardware 2016
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files (x86)\Dropbox  =>.Dropbox, Inc®
O43 - CFD: 10/05/2016 - [] D -- C:\Program Files (x86)\Elaborate Bytes
O43 - CFD: 01/06/2016 - [0] D -- C:\Program Files (x86)\eLicenser
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files (x86)\Google  =>.Google Inc®
O43 - CFD: 27/07/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information  =>.Waves Inc®
O43 - CFD: 18/06/2011 - [] D -- C:\Program Files (x86)\IntelligentShutdown
O43 - CFD: 28/07/2016 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\KORG  =>.Korg Inc.®
O43 - CFD: 29/07/2016 - [] D -- C:\Program Files (x86)\ Malwarebytes Anti-Malware   =>.Malwarebytes Corporation®
O43 - CFD: 24/05/2016 - [0] D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 05/07/2016 - [] D -- C:\Program Files (x86)\MOTU {222DA80DFFE3FCD6A9F9F2C04F319D85}
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 28/05/2016 - [] D -- C:\Program Files (x86)\Native Instruments
O43 - CFD: 27/05/2016 - [] D -- C:\Program Files (x86)\Novation
O43 - CFD: 25/07/2016 - [] D -- C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 10/05/2016 - [] D -- C:\Program Files (x86)\Paragon Software
O43 - CFD: 27/05/2016 - [] D -- C:\Program Files (x86)\Propellerhead
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files (x86)\Raptr Inc
O43 - CFD: 15/06/2016 - [] D -- C:\Program Files (x86)\Realtek  =>.Realtek Semiconductor Corp®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 27/05/2016 - [] D -- C:\Program Files (x86)\Rob Papen
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\Roland {6392B5B49180B1C1F057CBD7C63924E4}
O43 - CFD: 08/07/2016 - [] D -- C:\Program Files (x86)\Samsung  =>.Samsung Electronics Co., Ltd.®
O43 - CFD: 15/06/2016 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 27/05/2016 - [] D -- C:\Program Files (x86)\Uninstall Information  =>.Focusrite Audio Engineering Limited®
O43 - CFD: 25/07/2016 - [] D -- C:\Program Files (x86)\VSTPlugIns
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files (x86)\Windows Photo Viewer  =>.Microsoft Corporation®
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 01/06/2016 - [] D -- C:\Program Files (x86)\WWAYM
O43 - CFD: 10/05/2016 - [] D -- C:\Program Files (x86)\Your Uninstaller! 2010
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
O43 - CFD: 04/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 28/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 09/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
O43 - CFD: 04/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arturia
O43 - CFD: 18/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
O43 - CFD: 19/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
O43 - CFD: 27/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioRealism Drum Machine
O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour
O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
O43 - CFD: 04/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
O43 - CFD: 19/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 09/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite
O43 - CFD: 18/06/2011 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 04/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 29/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
O43 - CFD: 17/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
O43 - CFD: 05/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOTU
O43 - CFD: 28/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
O43 - CFD: 27/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Novation
O43 - CFD: 25/07/2016 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
O43 - CFD: 27/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Propellerhead
O43 - CFD: 22/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rob Papen Prisma
O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rob Papen Punch
O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rob Papen RP-AMod
O43 - CFD: 05/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 02/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
O43 - CFD: 04/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 01/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voxengo
O43 - CFD: 04/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
O43 - CFD: 04/07/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 2010
O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\1&1 Sync
O43 - CFD: 08/07/2016 - [] D -- C:\ProgramData\Ableton
O43 - CFD: 09/05/2016 - [] D -- C:\ProgramData\AMD
O43 - CFD: 09/05/2016 - [0] SHD -- C:\ProgramData\Anwendungsdaten
O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\Apple
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 22/06/2016 - [] DC -- C:\ProgramData\Applications
O43 - CFD: 01/06/2016 - [] D -- C:\ProgramData\Arturia
O43 - CFD: 09/05/2016 - [] D -- C:\ProgramData\ATI
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\AudioUTOPiA
O43 - CFD: 29/07/2016 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\CodeMeter
O43 - CFD: 10/05/2016 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 09/05/2016 - [0] SHD -- C:\ProgramData\Dokumente
O43 - CFD: 26/05/2016 - [] D -- C:\ProgramData\Dropbox
O43 - CFD: 01/06/2016 - [] D -- C:\ProgramData\eLicenser
O43 - CFD: 09/05/2016 - [0] SHD -- C:\ProgramData\Favoriten
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 27/05/2016 - [] D -- C:\ProgramData\Focusrite
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\KORG
O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\launcher
O43 - CFD: 24/05/2016 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 21/07/2016 - [] DC -- C:\ProgramData\MEGAsync
O43 - CFD: 02/07/2016 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 28/05/2016 - [] D -- C:\ProgramData\Native Instruments
O43 - CFD: 28/05/2016 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 19/06/2016 - [] DC -- C:\ProgramData\Paragon
O43 - CFD: 27/07/2016 - [] DC -- C:\ProgramData\PDF Architect 4
O43 - CFD: 27/07/2016 - [] DC -- C:\ProgramData\pdfforge
O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\Propellerhead Software
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\Relab Development
O43 - CFD: 14/06/2016 - [] D -- C:\ProgramData\Roland
O43 - CFD: 05/07/2016 - [] DC -- C:\ProgramData\Samsung
O43 - CFD: 08/07/2016 - [] DC -- C:\ProgramData\Samsung Apps
O43 - CFD: 28/07/2016 - [0] D -- C:\ProgramData\Spectrasonics
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 09/05/2016 - [0] SHD -- C:\ProgramData\Startmenü
O43 - CFD: 24/05/2016 - [0] D -- C:\ProgramData\Syncrosoft
O43 - CFD: 10/05/2016 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 09/05/2016 - [0] SHD -- C:\ProgramData\Vorlagen
O43 - CFD: 21/07/2016 - [] DC -- C:\ProgramData\www.rene-zeidler.de
O43 - CFD: 29/05/2016 - [] HDC -- C:\ProgramData\{16E6DCE6-1916-4566-A3CF-31880CAA7C63}
O43 - CFD: 04/07/2016 - [] HDC -- C:\ProgramData\{1EE2F726-1234-41B1-A064-86CD048C4BEB}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{2036C023-27B2-4C52-A8B8-52A35A7A52FC}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{20C7291D-0FE3-4567-86A5-795DA8DD43DC}
O43 - CFD: 25/07/2016 - [] HDC -- C:\ProgramData\{29B2BACE-094D-4109-858B-A36BBC2D2443}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{306A1EF4-D27D-4F5A-BA93-F05B10576F40}
O43 - CFD: 28/07/2016 - [] HDC -- C:\ProgramData\{3A633AE9-5307-4E4D-ACED-C8739F84CB10}
O43 - CFD: 04/07/2016 - [] HDC -- C:\ProgramData\{3F0C2AC3-0702-4760-AFC1-157546C32EC1}
O43 - CFD: 04/07/2016 - [] HDC -- C:\ProgramData\{3FD630E4-094C-41D8-8276-77FA452C358F}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{55AEE408-DC39-477F-B7A7-07C6498E734D}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{57623A97-E2F4-49B2-86D7-FA0915C77BED}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{57A6988A-FD18-4C1A-BD00-FEEC744D4CD4}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{57B10C8A-9A38-45B2-B696-92DA7712A65C}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{81FF46FD-55BF-4932-A9A8-86FF2C15E0ED}
O43 - CFD: 04/07/2016 - [] HDC -- C:\ProgramData\{86A4FE2A-247F-42EF-9C3E-C2551D2529B5}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{87AEDB84-EF6C-4240-A009-B8FA027D1315}
O43 - CFD: 25/07/2016 - [] HDC -- C:\ProgramData\{8B7384C8-25C4-47E6-AFA3-C50A8840FD88}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{8BDB072C-4D9A-4CE0-8C98-0BD20B85E711}
O43 - CFD: 25/07/2016 - [] HDC -- C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
O43 - CFD: 29/06/2016 - [0] HDC -- C:\ProgramData\{93B01A16-5DCA-49AF-A837-F7CDC51CA424}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{93EAA4DB-27EC-4331-A128-E3891121AA47}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{94413B98-D6DD-4BFD-B542-D4C460057AF0}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{A4240964-232B-4D4C-AE9F-AB84A9948A34}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{AA454A3E-618B-4FA7-8742-D31B75115C43}
O43 - CFD: 25/07/2016 - [] HDC -- C:\ProgramData\{AC8F26C0-3B02-4AF3-9273-FBA6B76AB966}
O43 - CFD: 19/06/2016 - [] HDC -- C:\ProgramData\{BB5EBCFA-1B53-4EBA-A708-1AC15B03E2AB}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{BBD6476E-3DD8-447E-ACC3-81C30FC4A118}
O43 - CFD: 31/05/2016 - [] HDC -- C:\ProgramData\{C0AE4A98-3E1D-45FB-8465-ECCCB391E633}
O43 - CFD: 04/07/2016 - [] HDC -- C:\ProgramData\{C7E9FBB1-9CB7-4917-9D0E-7C333B122B2B}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{CFDD872E-E643-48CF-82E8-8889713D990D}
O43 - CFD: 04/07/2016 - [] HDC -- C:\ProgramData\{DA31E3B5-AD7E-4759-A162-75CF964B70AC}
O43 - CFD: 31/05/2016 - [] HDC -- C:\ProgramData\{E70386C6-507F-4906-86C2-96C1066BA097}
O43 - CFD: 28/07/2016 - [] HDC -- C:\ProgramData\{F142EE57-68C1-4CB1-8798-C465F706CCDC}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{F181A575-31C9-49F7-9294-3AEE1E3123C3}
O43 - CFD: 22/07/2016 - [] HDC -- C:\ProgramData\{F1BD1DB3-F88E-4A13-A4B4-090CFEE6A6A3}
O43 - CFD: 21/07/2016 - [] HDC -- C:\ProgramData\{F5271FB0-B5A4-420D-90D3-FF2900A84AA7}
O43 - CFD: 27/07/2016 - [] HDC -- C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC}
O43 - CFD: 25/07/2016 - [] HDC -- C:\ProgramData\{F828BFD7-781D-4BD3-AD6C-71D19DC23493}
O43 - CFD: 31/05/2016 - [] HDC -- C:\ProgramData\{FD1615C0-ED4A-4CEB-94C3-1850BF1BAA6A}
O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Common Files\1&1 Sync
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 10/05/2016 - [] D -- C:\Program Files (x86)\Common Files\AV
O43 - CFD: 31/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Avid
O43 - CFD: 24/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Digidesign
O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\Common Files\KORG
O43 - CFD: 09/05/2016 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Common Files\Native Instruments
O43 - CFD: 24/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Propellerhead Software
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 24/05/2016 - [] D -- C:\Program Files (x86)\Common Files\VST3
O43 - CFD: 08/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Ableton
O43 - CFD: 13/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Adobe
O43 - CFD: 24/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\AMD
O43 - CFD: 24/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Arturia
O43 - CFD: 09/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\ATI
O43 - CFD: 28/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Audacity
O43 - CFD: 01/06/2016 - [] D -- C:\Users\homebase\AppData\Roaming\com.onscreentraining.lernkurs.LernkursDesktop
O43 - CFD: 14/06/2016 - [] D -- C:\Users\homebase\AppData\Roaming\com.roland.Activator
O43 - CFD: 17/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\DigitalSuburban
O43 - CFD: 26/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Dropbox
O43 - CFD: 26/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\DVDVideoSoft
O43 - CFD: 03/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\epm
O43 - CFD: 21/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\EPSON
O43 - CFD: 09/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Identities
O43 - CFD: 11/06/2016 - [] D -- C:\Users\homebase\AppData\Roaming\KORG
O43 - CFD: 09/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\library_dir
O43 - CFD: 17/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Line 6
O43 - CFD: 01/06/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Macromedia
O43 - CFD: 24/05/2016 - [0] D -- C:\Users\homebase\AppData\Roaming\Malwarebytes
O43 - CFD: 12/04/2011 - [0] D -- C:\Users\homebase\AppData\Roaming\Media Center Programs
O43 - CFD: 02/07/2016 - [] SD -- C:\Users\homebase\AppData\Roaming\Microsoft
O43 - CFD: 25/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\OpenOffice
O43 - CFD: 21/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\PDF Architect 4
O43 - CFD: 17/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Propellerhead Software
O43 - CFD: 05/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Samsung
O43 - CFD: 27/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Softube
O43 - CFD: 10/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\URSoft
O43 - CFD: 29/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\vlc
O43 - CFD: 24/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Waves Audio
O43 - CFD: 10/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\WinRAR
O43 - CFD: 21/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\www.rene-zeidler.de
O43 - CFD: 30/07/2016 - [] D -- C:\Users\homebase\AppData\Roaming\ZHP
O43 - CFD: 27/07/2016 - [0] D -- C:\Users\homebase\AppData\Roaming\zplane
O43 - CFD: 11/06/2016 - [] D -- C:\Users\homebase\AppData\Local\4kdownload.com
O43 - CFD: 05/07/2016 - [0] D -- C:\Users\homebase\AppData\Local\Adobe
O43 - CFD: 09/05/2016 - [] D -- C:\Users\homebase\AppData\Local\AMD
O43 - CFD: 09/05/2016 - [0] SHD -- C:\Users\homebase\AppData\Local\Anwendungsdaten
O43 - CFD: 09/05/2016 - [] D -- C:\Users\homebase\AppData\Local\Apps
O43 - CFD: 09/05/2016 - [] D -- C:\Users\homebase\AppData\Local\ATI
O43 - CFD: 02/07/2016 - [] D -- C:\Users\homebase\AppData\Local\CEF
O43 - CFD: 21/07/2016 - [] D -- C:\Users\homebase\AppData\Local\CyanCor GmbH
O43 - CFD: 21/07/2016 - [0] D -- C:\Users\homebase\AppData\Local\Deployment
O43 - CFD: 11/06/2016 - [] D -- C:\Users\homebase\AppData\Local\Downloaded Installations
O43 - CFD: 29/05/2016 - [] D -- C:\Users\homebase\AppData\Local\Dropbox
O43 - CFD: 29/07/2016 - [] D -- C:\Users\homebase\AppData\Local\ElevatedDiagnostics
O43 - CFD: 24/05/2016 - [] D -- C:\Users\homebase\AppData\Local\eLicenser
O43 - CFD: 10/05/2016 - [] D -- C:\Users\homebase\AppData\Local\Focusrite
O43 - CFD: 11/05/2016 - [] D -- C:\Users\homebase\AppData\Local\Focusrite Audio Engineering Ltd
O43 - CFD: 17/05/2016 - [] D -- C:\Users\homebase\AppData\Local\Focusrite_Audio_Engineeri
O43 - CFD: 10/05/2016 - [] D -- C:\Users\homebase\AppData\Local\Google
O43 - CFD: 20/05/2016 - [] D -- C:\Users\homebase\AppData\Local\GWX
O43 - CFD: 21/07/2016 - [] D -- C:\Users\homebase\AppData\Local\IsolatedStorage
O43 - CFD: 17/07/2016 - [] D -- C:\Users\homebase\AppData\Local\Mega Limited
O43 - CFD: 21/07/2016 - [] D -- C:\Users\homebase\AppData\Local\Microsoft
O43 - CFD: 07/07/2016 - [] D -- C:\Users\homebase\AppData\Local\Native Instruments
O43 - CFD: 17/05/2016 - [] D -- C:\Users\homebase\AppData\Local\Novation
O43 - CFD: 09/05/2016 - [] D -- C:\Users\homebase\AppData\Local\Programs
O43 - CFD: 22/07/2016 - [] D -- C:\Users\homebase\AppData\Local\Retro Machines Mk2
O43 - CFD: 14/06/2016 - [] D -- C:\Users\homebase\AppData\Local\Roland
O43 - CFD: 30/07/2016 - [] D -- C:\Users\homebase\AppData\Local\Temp
O43 - CFD: 09/05/2016 - [0] SHD -- C:\Users\homebase\AppData\Local\Temporary Internet Files
O43 - CFD: 09/05/2016 - [0] SHD -- C:\Users\homebase\AppData\Local\Verlauf
O43 - CFD: 21/07/2016 - [] D -- C:\Users\homebase\AppData\Local\WEB.DE Application {sync-000021}
O43 - CFD: 21/07/2016 - [] D -- C:\Users\homebase\AppData\Local\www.rene-zeidler.de
O43 - CFD: 09/05/2016 - [0] D -- C:\Users\homebase\AppData\Local\Programs\Common
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 20/05/2016 - [] RD -- C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 11/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
O43 - CFD: 11/06/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KORG
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 27/05/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rob Papen
O43 - CFD: 21/07/2016 - [] RD -- C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 13/06/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sugar Bytes
O43 - CFD: 15/06/2016 - [] D -- C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\u-he
O43 - CFD: 04/07/2016 - [0] D -- C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 18/05/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft

---\\ ShellIconOverlayIdentifiers (SIOI) (17) - 2s
O106 - SIOI:  MEGA (Pending) [ MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C}. (...) -- C:\ProgramData\MEGAsync\ShellExtX32.dll
O106 - SIOI:  MEGA (Synced) [ MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202}. (...) -- C:\ProgramData\MEGAsync\ShellExtX32.dll
O106 - SIOI:  MEGA (Syncing) [ MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637}. (...) -- C:\ProgramData\MEGAsync\ShellExtX32.dll
O106 - SIOI: IconOverlayHandlerInSync Class [ 1&1 Sync Overlay 1] - {02B2B772-B8A8-4DA4-9B18-42551A54A1A8}. (.1&1 Mail & Media GmbH - Shell extension.) -- C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll
O106 - SIOI: IconOverlayHandlerSyncing Class [ 1&1 Sync Overlay 2] - {0575AB16-E932-4160-8936-4DBE195BDBD7}. (.1&1 Mail & Media GmbH - Shell extension.) -- C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll
O106 - SIOI: IconOverlayHandlerError Class [ 1&1 Sync Overlay 3] - {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E}. (.1&1 Mail & Media GmbH - Shell extension.) -- C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll
O106 - SIOI: IconOverlayHandlerInfo Class [ 1&1 Sync Overlay 4] - {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34}. (.1&1 Mail & Media GmbH - Shell extension.) -- C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll
O106 - SIOI: DropboxExt1 Class [ DropboxExt1] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll  =>.Dropbox, Inc®
O106 - SIOI: DropboxExt2 Class [ DropboxExt2] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll  =>.Dropbox, Inc®
O106 - SIOI: DropboxExt5 Class [ DropboxExt3] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll  =>.Dropbox, Inc®
O106 - SIOI: DropboxExt6 Class [ DropboxExt4] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll  =>.Dropbox, Inc®
O106 - SIOI: DropboxExt3 Class [ DropboxExt5] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll  =>.Dropbox, Inc®
O106 - SIOI: DropboxExt7 Class [ DropboxExt6] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll  =>.Dropbox, Inc®
O106 - SIOI: DropboxExt4 Class [ DropboxExt7] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll  =>.Dropbox, Inc®
O106 - SIOI: DropboxExt8 Class [ DropboxExt8] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll  =>.Dropbox, Inc®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows-Shellerweiterungs-DLL für erweitert.) -- C:\Windows\System32\EhStorShell.dll  =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shellerweiterungen für Freigaben.) -- C:\Windows\System32\ntshrui.dll  =>.Microsoft Corporation

---\\ Aufzählung von den Registrierungsschlüssel StartupReg (1) - 0s
O53 - SMSR:HKLM\...\startupreg\drhard.exe  [Key] . (...) -- C:\Program Files (x86)\Dr. Hardware 2016\drhard.exe (.not file.)

---\\ Liste der Treiber des Systems (82) - 4s
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys   [491088]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys   [339536]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys   [182864]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys   [15440]  =>.Microsoft Windows®
O58 - SDL:2015/08/04 08:25:44 A . (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\Windows\System32\drivers\amdacpksd.sys   [297672]  =>.Advanced Micro Devices, Inc.®
O58 - SDL:2000/01/01 02:00:00 A . (.Advanced Micro Devices, INC. - AMD USB 3.0 Hub Driver.) -- C:\Windows\System32\drivers\amdhub30.sys   [106816]  =>.Advanced Micro Devices, Inc.®
O58 - SDL:2000/01/01 02:00:00 A . (.Advanced Micro Devices Inc. - AMD miniIDE Driver.) -- C:\Windows\System32\drivers\amdide64.sys   [11944]  =>.Advanced Micro Devices, Inc.®
O58 - SDL:2011/06/16 19:11:21 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [107904]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys   [194128]  =>.Microsoft Windows®
O58 - SDL:2011/06/16 19:11:21 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [27008]  =>.Microsoft Windows®
O58 - SDL:2000/01/01 02:00:00 A . (.Advanced Micro Devices, INC. - AMD USB 3.0 Host Controller Driver.) -- C:\Windows\System32\drivers\amdxhc.sys   [227648]  =>.Advanced Micro Devices, Inc.®
O58 - SDL:2000/01/01 02:00:00 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amd_sata.sys   [83176]  =>.Advanced Micro Devices, Inc.®
O58 - SDL:2000/01/01 02:00:00 A . (.Advanced Micro Devices - Stor Filter Driver.) -- C:\Windows\System32\drivers\amd_xata.sys   [43240]  =>.Advanced Micro Devices, Inc.®
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys   [87632]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys   [97856]  =>.Microsoft Windows®
O58 - SDL:2011/01/30 13:58:40 A . (.Asmedia Technology - Asmedia 106x SATA Host Controller Driver.) -- C:\Windows\System32\drivers\asahci64.sys   [36448]  =>.ASMedia Technology Inc.®
O58 - SDL:2011/03/04 16:00:14 A . (.ASMedia Technology Inc - ASMedia USB3 Hub Driver.) -- C:\Windows\System32\drivers\asmthub3.sys   [126952]  =>.ASMedia Technology Inc
O58 - SDL:2011/03/04 16:00:14 A . (.ASMedia Technology Inc - ASMEDIA XHCI Host Controller Driver.) -- C:\Windows\System32\drivers\asmtxhci.sys   [390632]  =>.ASMedia Technology Inc
O58 - SDL:2015/02/03 20:28:48 A . (.ASRock Inc. - ASRock V Drive Driver.) -- C:\Windows\System32\drivers\AsrVDrive.sys   [23048]  =>.ASROCK Incorporation®
O58 - SDL:2015/07/15 12:20:32 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdW76.sys   [96256]  =>.Advanced Micro Devices
O58 - SDL:2015/08/04 08:23:28 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys   [21622784]  =>.Advanced Micro Devices, Inc.
O58 - SDL:2015/08/04 03:42:28 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys   [665088]  =>.Advanced Micro Devices, Inc.
O58 - SDL:2012/04/19 12:31:38 A . (.Focusrite Audio Engineering Limited - Virtual MIDI Driver.) -- C:\Windows\System32\drivers\automap.sys   [18776]  =>.Focusrite Audio Engineering Limited®
O58 - SDL:2009/06/10 22:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys   [270848]  =>.Broadcom Corporation
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys   [18432]  =>.Brother Industries, Ltd.
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys   [8704]  =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 03:19:07 A . (.Brother Industries Ltd. - Brother Schnittstellentreiber (WDM) (seriel.) -- C:\Windows\System32\drivers\BrSerId.sys   [286720]  =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys   [47104]  =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys   [14976]  =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys   [14720]  =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 22:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys   [468480]  =>.Broadcom Corporation
O58 - SDL:2009/07/14 03:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys   [17488]  =>.Microsoft Windows®
O58 - SDL:2011/11/03 19:05:40 A . (.Licensed for Gebhard Software - DRHARD driver for Windows XP 64-bit edition.) -- C:\Windows\System32\drivers\DRHARD64.sys   [21984] {0100000000012A0FA49004}
O58 - SDL:2013/07/21 18:41:12 A . (...) -- C:\Windows\System32\drivers\DRHMSR64.sys   [13760] {0100000000012A0FA49004}
O58 - SDL:2010/12/17 00:58:14 A . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\System32\drivers\ElbyCDIO.sys   [40816]  =>.Elaborate Bytes AG®
O58 - SDL:2009/07/14 03:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys   [530496]  =>.Microsoft Windows®
O58 - SDL:2009/06/10 22:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys   [3286016]  =>.Broadcom Corporation
O58 - SDL:2009/06/10 22:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys   [31232]  =>.Hauppauge Computer Works, Inc.
O58 - SDL:2010/11/21 05:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys   [78720]  =>.Microsoft Windows®
O58 - SDL:2011/06/16 19:11:21 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys   [410496]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys   [44112]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys   [114752]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys   [106560]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys   [65600]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys   [115776]  =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:08:54 A . (.Malwarebytes -  Malwarebytes Anti-Malware .) -- C:\Windows\System32\drivers\mbam.sys   [27008]  =>.Malwarebytes Corporation®
O58 - SDL:2016/03/10 14:08:58 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys   [140672]  =>.Malwarebytes Corporation®
O58 - SDL:2016/07/30 09:27:34 A . (.Malwarebytes -  Malwarebytes Anti-Malware .) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys   [192216]  =>.Malwarebytes Corporation®
O58 - SDL:2012/06/06 11:18:54 A . (.Native Instruments GmbH - Maschine Controller MK2.) -- C:\Windows\System32\drivers\mc2avs.sys   [358520]  =>.NATIVE INSTRUMENTS GmbH®
O58 - SDL:2012/06/06 11:18:54 A . (.Native Instruments GmbH - Maschine Controller MK2.) -- C:\Windows\System32\drivers\mc2usb.sys   [81016]  =>.NATIVE INSTRUMENTS GmbH®
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys   [35392]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys   [284736]  =>.Microsoft Windows®
O58 - SDL:2013/04/30 21:06:14 A . (.Mark of the Unicorn - MotuBus.sys.) -- C:\Windows\System32\drivers\motubus64.sys   [30288] {222DA80DFFE3FCD6A9F9F2C04F319D85}  =>.Mark of the Unicorn
O58 - SDL:2013/04/30 21:06:16 A . (.MOTU - MotuMidi64.sys.) -- C:\Windows\System32\drivers\motumidi64.sys   [44112] {222DA80DFFE3FCD6A9F9F2C04F319D85}
O58 - SDL:2013/04/30 21:06:18 A . (.MOTU - motuusb64.sys.) -- C:\Windows\System32\drivers\MotuUsb64.sys   [65104] {222DA80DFFE3FCD6A9F9F2C04F319D85}
O58 - SDL:2014/11/26 14:21:08 A . (.Miray - Miray virtual disk miniport driver.) -- C:\Windows\System32\drivers\mrdo.sys   [65488]  =>.Miray Software AG®
O58 - SDL:2016/03/10 14:09:06 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys   [64896]  =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 03:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys   [51264]  =>.Microsoft Windows®
O58 - SDL:2016/05/27 19:34:47 A . (...) -- C:\Windows\System32\drivers\NIWinCDEmu.sys   [112408]  =>.NATIVE INSTRUMENTS GmbH®
O58 - SDL:2015/06/10 09:58:56 A . (.Novation DMS Ltd. - Novation USB Audio Driver.) -- C:\Windows\System32\drivers\nvnusbaudio.sys   [54000] {0BD57694357C70834D593B6379A4997D}
O58 - SDL:2011/06/16 19:11:21 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [148352]  =>.Microsoft Windows®
O58 - SDL:2011/06/16 19:11:21 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [166272]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys   [1524816]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys   [128592]  =>.Microsoft Windows®
O58 - SDL:2011/04/22 03:17:04 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys   [471144]  =>.Realtek Semiconductor Corp®
O58 - SDL:2014/03/17 11:35:42 A . (.Focusrite A.E. - Saffire.) -- C:\Windows\System32\drivers\Saffire.sys   [226640]  =>.TC Applied Technologies®
O58 - SDL:2014/03/17 11:35:42 A . (.Focusrite A.E. - Saffire.) -- C:\Windows\System32\drivers\SaffireAudio.sys   [47824]  =>.TC Applied Technologies®
O58 - SDL:2014/03/17 11:35:42 A . (.Focusrite A.E. - Saffire.) -- C:\Windows\System32\drivers\SaffireMidi.sys   [38608]  =>.TC Applied Technologies®
O58 - SDL:2015/09/04 12:08:18 A . (.Samsung Electronics Co., Ltd. - Samsung RAPID Mode Disk Filter Driver.) -- C:\Windows\System32\drivers\SamsungRapidDiskFltr.sys   [271968]  =>.Samsung Electronics Co., Ltd.®
O58 - SDL:2015/09/04 12:08:46 A . (.Samsung Electronics Co., Ltd. - Samsung RAPID Mode File Filter Driver.) -- C:\Windows\System32\drivers\SamsungRapidFSFltr.sys   [110688]  =>.Samsung Electronics Co., Ltd.®
O58 - SDL:2009/06/10 22:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys   [23040]  =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 03:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys   [43584]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys   [80464]  =>.Microsoft Windows®
O58 - SDL:2016/04/25 00:35:52 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys   [129152]  =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/04/25 00:35:58 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys   [221824]  =>.Samsung Electronics CO., LTD.®
O58 - SDL:2009/07/14 03:45:55 A . (.Promise Technology - Promise  SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys   [24656]  =>.Microsoft Windows®
O58 - SDL:2012/03/01 15:21:44 A . (.Paragon - Image Mounter File I/O.) -- C:\Windows\System32\drivers\UimFIO.sys   [471728] {0EB698FB496B2D5C02285DFD25499189}  =>.Paragon
O58 - SDL:2012/03/01 15:21:44 A . (.Windows (R) 2000 DDK provider - Image Mounter SCSI Port Driver.) -- C:\Windows\System32\drivers\uimx64.sys   [90928] {0EB698FB496B2D5C02285DFD25499189}
O58 - SDL:2012/03/01 15:21:44 A . (.Paragon - Image Mounter.) -- C:\Windows\System32\drivers\Uim_IMx64.sys   [632752] {0EB698FB496B2D5C02285DFD25499189}  =>.Paragon
O58 - SDL:2011/01/15 18:21:04 A . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\Windows\System32\drivers\VClone.sys   [36352]  =>.Elaborate Bytes AG
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys   [17488]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys   [161872]  =>.Microsoft Windows®

---\\ Neueste Dateien geändert oder erstellt (Benutzer) (2) - 1s
O61 - LFC: 2016/07/28 03:44:12 A . (..) -- C:\Users\homebase\AppData\Roaming\AMD\GLCache\3196a4b708ea07cd_23.bin   [16945]
O61 - LFC: 2016/07/28 17:26:39 A . (..) -- C:\Users\homebase\AppData\Local\Microsoft\Windows\1031\StructuredQuerySchema.bin   [298438]

---\\ Verbände Shell Laichen (9) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Startprogramm für Ereignisanzeige-Snap-In.) -- C:\Windows\System32\eventvwr.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registrierungs-Editor.) -- C:\Windows\regedit.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Startmenü Internet (4) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   =>.Google Inc®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google Inc.
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google Inc.
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google Inc.

---\\ Suche 'Ansteckung in Internet-Browsern (5) - 1s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Google) - hxxp://www.google.com/
O69 - SBI: SearchScopes [HKCU] {758B870D-DF78-4A6A-9955-DEDDCACF94DC} - (Google) - hxxp://www.google.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - hxxp://www.bing.com/
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {758B870D-DF78-4A6A-9955-DEDDCACF94DC} - (Google) - hxxp://www.google.com/
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {758B870D-DF78-4A6A-9955-DEDDCACF94DC} - (Google) - hxxp://www.google.com/

---\\ Liste den Dienststart von Svchost (34) - 0s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Anwendungserfahrungdienst.) -- C:\Windows\System32\aelupsvc.dll   [72192]  =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard-Zertifikatpropagierungs.) -- C:\Windows\System32\certprop.dll   [80384]  =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard-Zertifikatpropagierungs.) -- C:\Windows\System32\certprop.dll   [80384]  =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Serverdienst-DLL.) -- C:\Windows\system32\srvsvc.dll   [236032]  =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Gruppenrichtlinienclient.) -- C:\Windows\System32\gpsvc.dll   [794624]  =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE-Erweiterung.) -- C:\Windows\System32\ikeext.dll   [859648]  =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows-Audiodienst.) -- C:\Windows\System32\Audiosrv.dll   [680960]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - RAS-Verwaltung für automatisches Wählen.) -- C:\Windows\System32\rasauto.dll   [99328]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - RAS-Verbindungsverwaltung.) -- C:\Windows\System32\rasmans.dll   [344064]  =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamischer Schnittstellen-Manager.) -- C:\Windows\System32\mprdim.dll   [97792]  =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Benachrichtigungsdienst für Systemereigniss.) -- C:\Windows\System32\Sens.dll   [64512]  =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT-Hilfskomponenten.) -- C:\Windows\System32\ipnathlp.dll   [359424]  =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft(R) Windows(R) Telefonieserver.) -- C:\Windows\System32\tapisrv.dll   [316928]  =>.Microsoft Corporation
O83 - Search Svchost Services: UxTuneUp (UxTuneUp) . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\System32\uxtuneup.dll   [38200]  =>.AVG Netherlands B.V.®
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remoteverbindungs-Manager für Remotedesktop.) -- C:\Windows\System32\termsrv.dll   [683520]  =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update-Agent.) -- C:\Windows\system32\wuaueng.dll   [2607104]  =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Intelligenter Hintergrundübertragungsdienst.) -- C:\Windows\System32\qmgr.dll   [849920]  =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows-Shelldienste-DLL.) -- C:\Windows\System32\shsvcs.dll   [370688]  =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Dienst, der IPv6-Konnektivität über ein IPv.) -- C:\Windows\System32\iphlpsvc.dll   [569344]  =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL für sekundären Anmeldedienst.) -- C:\Windows\system32\seclogon.dll   [30720]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Anwendungsinformationsdienst.) -- C:\Windows\System32\appinfo.dll   [70144]  =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI-Ermittlungsdienst.) -- C:\Windows\system32\iscsiexe.dll   [156672]  =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimediaklassen-Planungsdienst.) -- C:\Windows\system32\mmcss.dll   [67584]  =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll   [242688]  =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remotedesktop-Konfigurationsdienst.) -- C:\Windows\System32\SessEnv.dll   [121856]  =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computersuchdienst-DLL.) -- C:\Windows\System32\browser.dll   [136704]  =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost-Dienst.) -- C:\Windows\System32\eapsvc.dll   [111104]  =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Aufgabenplanungsdienst.) -- C:\Windows\system32\schedsvc.dll   [1110016]  =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Schlüsselverwaltungsdienst.) -- C:\Windows\system32\kmsvc.dll   [90624]  =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problemberichte und -lösungen.) -- C:\Windows\System32\wercplsupport.dll   [84480]  =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll   [210432]  =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows-Shelldesigndienste-DLL.) -- C:\Windows\system32\themeservice.dll   [44544]  =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE-Dienst.) -- C:\Windows\System32\bdesvc.dll   [100864]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Softwareinstallationsdienst.) -- C:\Windows\System32\appmgmts.dll   [193536]  =>.Microsoft Corporation

---\\ Zusätzliche Scan (O88) (1) - 0s
C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp  =>PUP.Optional.SoundCloud

---\\ Zusammenfassung der Elemente gefunden auf Ihrer workstation (3) - 0s
https://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.GoPalikan
https://www.nicolascoolman.fr/?p=1042  =>PUP.Optional.Trovigo
https://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.SoundCloud

~ End of the scan, 47405 items in 00h02mn18s (924)

M-K-D-B · 30.07.2016, 16:05

Servus,

wir beginnen so:

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
HKLM\...\runonceex: [Flags] => 128
HKLM\...\runonceex: [Title] => RAPID uninstall cleanup using key [0001]
HKU\S-1-5-21-302714957-2580015752-1539367651-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoThumbnailCache] 1
CHR Extension: (SoundCloud) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2016-07-05]
CHR Extension: (SoundCloud Downloader Free) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\libedajeiljdoodmokbppgapcfbignci [2016-07-29]
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3320326&octid=EB_ORIGINAL_CTID&ISID=M297D25D0-35E0-4676-A8C7-0C422BFFF1E0&SearchSource=55&CUI=&UM=8&UP=SPE1461AC8-66C3-4FB2-B070-400D90CD8D55&D=032816&SSPV=
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006","hxxps://www.google.com/","hxxp://www.palikan.com/?f=7&a=plk_bimmed_15_53&cd=2XzuyEtN2Y1L1Qzu0CyE0EzyzzyEtDyByByC0F0DtBtD0DyDtN0D0Tzu0StCyEyCtAtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StD0FtCtCtA0DtAtBtGyB0AyDyCtG0B0EtDzytGtB0CzytAtG0FtCzztByEyByB0FtDtCzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtAyD0CtB0C0DyCtGtAzzyBtCtGyEtD0ByCtGzyyD0B0DtGyBzy0E0A0CtAyByD0F0CtB0E2QtN0A0LzuyE&cr=1289375483&ir=","hxxp://www.trovi.com/?gd=&ctid=CT3320326&octid=EB_ORIGINAL_CTID&ISID=M297D25D0-35E0-4676-A8C7-0C422BFFF1E0&SearchSource=55&CUI=&UM=8&UP=SPE1461AC8-66C3-4FB2-B070-400D90CD8D55&D=032816&SSPV="
AlternateDataStreams: C:\Windows:CM_df9ff6e9c92dec62d18f961c19f3a22f10398914a353693b4b8c8ddd9a8dc849 [74]
AlternateDataStreams: C:\Windows:CM_f5613536b4930b3cf5b9e75c4b4d845879cd43bd1ad1590b0132b005529167d8 [74]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [105]
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Jetzt führen wir AdwCleaner nochmal aus. Da aber Google Chrome infiziert ist, musst du AdwCleaner mit den unter Schritt 2 erwähnten Optionen ausführen. Also bitte genau lesen! Insbesondere die beiden Optionen bezüglich Google Chrome müssen zwingend gesetzt werden!

Schritt 2

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- "Prefetch" Dateien löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Einstellungen zurücksetzen
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 5

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

mikon · 02.08.2016, 12:18

FRST-Fix

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-07-2016
durchgeführt von homebase (2016-08-02 12:47:02) Run:1
Gestartet von C:\Users\homebase\Desktop
Geladene Profile: homebase (Verfügbare Profile: homebase & Classic .NET AppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM\...\runonceex: [Flags] => 128
HKLM\...\runonceex: [Title] => RAPID uninstall cleanup using key [0001]
HKU\S-1-5-21-302714957-2580015752-1539367651-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoThumbnailCache] 1
CHR Extension: (SoundCloud) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2016-07-05]
CHR Extension: (SoundCloud Downloader Free) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\libedajeiljdoodmokbppgapcfbignci [2016-07-29]
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3320326&octid=EB_ORIGINAL_CTID&ISID=M297D25D0-35E0-4676-A8C7-0C422BFFF1E0&SearchSource=55&CUI=&UM=8&UP=SPE1461AC8-66C3-4FB2-B070-400D90CD8D55&D=032816&SSPV=
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006","hxxps://www.google.com/","hxxp://www.palikan.com/?f=7&a=plk_bimmed_15_53&cd=2XzuyEtN2Y1L1Qzu0CyE0EzyzzyEtDyByByC0F0DtBtD0DyDtN0D0Tzu0StCyEyCtAtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StD0FtCtCtA0DtAtBtGyB0AyDyCtG0B0EtDzytGtB0CzytAtG0FtCzztByEyByB0FtDtCzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtAyD0CtB0C0DyCtGtAzzyBtCtGyEtD0ByCtGzyyD0B0DtGyBzy0E0A0CtAyByD0F0CtB0E2QtN0A0LzuyE&cr=1289375483&ir=","hxxp://www.trovi.com/?gd=&ctid=CT3320326&octid=EB_ORIGINAL_CTID&ISID=M297D25D0-35E0-4676-A8C7-0C422BFFF1E0&SearchSource=55&CUI=&UM=8&UP=SPE1461AC8-66C3-4FB2-B070-400D90CD8D55&D=032816&SSPV="
AlternateDataStreams: C:\Windows:CM_df9ff6e9c92dec62d18f961c19f3a22f10398914a353693b4b8c8ddd9a8dc849 [74]
AlternateDataStreams: C:\Windows:CM_f5613536b4930b3cf5b9e75c4b4d845879cd43bd1ad1590b0132b005529167d8 [74]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [105]
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\Microsoft\Windows\CurrentVersion\runonceex\\Flags => Wert erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\runonceex\\Title => Wert erfolgreich entfernt
HKU\S-1-5-21-302714957-2580015752-1539367651-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetOpenWith => Wert erfolgreich entfernt
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => Wert erfolgreich entfernt
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\LinkResolveIgnoreLinkInfo => Wert erfolgreich entfernt
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => Wert erfolgreich entfernt
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetOpenWith => Wert erfolgreich entfernt
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoThumbnailCache => Wert erfolgreich entfernt
C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp => nicht gefunden
C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\libedajeiljdoodmokbppgapcfbignci => nicht gefunden
Chrome HomePage => nicht gefunden.
Chrome StartupUrls => nicht gefunden.
C:\Windows => ":CM_df9ff6e9c92dec62d18f961c19f3a22f10398914a353693b4b8c8ddd9a8dc849" ADS erfolgreich entfernt.
C:\Windows => ":CM_f5613536b4930b3cf5b9e75c4b4d845879cd43bd1ad1590b0132b005529167d8" ADS erfolgreich entfernt.
C:\ProgramData\TEMP => ":1CE11B51" ADS erfolgreich entfernt.

========= RemoveProxy: =========

HKU\S-1-5-21-302714957-2580015752-1539367651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-302714957-2580015752-1539367651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende vonCMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende vonCMD: =========

Addition2von2.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-07-2016
durchgeführt von homebase (2016-08-02 13:05:21)
Gestartet von C:\Users\homebase\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-05-09 12:42:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-302714957-2580015752-1539367651-500 - Administrator - Disabled)
Gast (S-1-5-21-302714957-2580015752-1539367651-501 - Limited - Enabled)
homebase (S-1-5-21-302714957-2580015752-1539367651-1000 - Administrator - Enabled) => C:\Users\homebase

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4K YouTube to MP3 3.0 (HKLM-x32\...\4K YouTube to MP3_is1) (Version: 3.0.1.1636 - Open Media LLC)
Ableton Live 9 Suite (HKLM\...\{629C521E-5C03-4A17-9851-F8313A41BB20}) (Version: 9.0.0.0 - Ableton)
Ableton Live 9 Trial (HKLM\...\{1B679E85-4D36-4EDD-953C-6D2D2BBE2D84}) (Version: 9.0.0.0 - Ableton)
Acustica Audio REDEQ (HKLM-x32\...\REDEQ Acqua Library) (Version:  - Acustica Audio)
ADM 1.2.2 Beat (HKLM-x32\...\AudioRealism Drum Machine_is1) (Version:  - AudioRealism)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{1C819A99-37D1-DE8C-68DF-3AEB5A2C9BE6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Arturia Software Center 1.1.9 (HKLM-x32\...\Arturia Software Center_is1) (Version: 1.1.9 - Arturia)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.1.9.000 - Asmedia Technology)
ASRock 3TB+ Unlocker v1.1.1 (HKLM\...\ASRock 3TB+ Unlocker_is1) (Version: 1.1.1 - ASRock Inc.)
Authorizer 2.9.1d8 (HKLM\...\{F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1) (Version: 2.9.1d8 - Propellerhead Software AB)
Automap 4.9 (HKLM\...\Automap Universal_is1) (Version: 4.9 - Focusrite Audio Engineering Ltd.)
Automap ReWire 1.0 (HKLM-x32\...\Automap Universal ReWire_is1) (Version: 4.9 - Focusrite Audio Engineering Ltd.)
Bass Station 2.0 (HKLM-x32\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 2.0 - Novation)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
CodeMeter Runtime Kit v5.21 (HKLM\...\{05CA69B3-6699-425F-8223-39E4E00B6581}) (Version: 5.21.1478.500 - WIBU-SYSTEMS AG)
Dropbox (HKLM-x32\...\Dropbox) (Version: 8.3.16 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.41.1 - Dropbox, Inc.) Hidden
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
ffdshow x64 v1.3.4531 [2014-06-28] (HKLM\...\ffdshow64_is1) (Version: 1.3.4531.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Java(TM) 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MIDI Control Center 1.3.0 (HKLM-x32\...\MIDI Control Center_is1) (Version: 1.3.0 - Arturia)
MOTU Hardware (HKLM\...\{0B7000EF-C9FC-49F3-B5D3-69A16124AFAB}) (Version: 4.0.5.7483 - MOTU)
Mozilla Firefox 5.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 5.0 (x86 de)) (Version: 5.0 - Mozilla)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.11.0.465 - Native Instruments)
Native Instruments Drum Lab (HKLM-x32\...\Native Instruments Drum Lab) (Version: 1.2.0.6 - Native Instruments)
Native Instruments Grey Forge (HKLM-x32\...\Native Instruments Grey Forge) (Version: 1.0.0.6 - Native Instruments)
Native Instruments Guitar Rig Factory Selection for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Factory Selection for Maschine) (Version:  - Native Instruments)
Native Instruments Komplete Kontrol (HKLM-x32\...\Native Instruments Komplete Kontrol) (Version: 1.6.2.5 - Native Instruments)
Native Instruments Komplete Select (HKLM-x32\...\Native Instruments Komplete Select) (Version: 1.0.0.0 - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.2.880 - Native Instruments)
Native Instruments Maschine (HKLM-x32\...\Native Instruments Maschine) (Version:  - Native Instruments)
Native Instruments Maschine 2 (HKLM-x32\...\Native Instruments Maschine 2) (Version: 2.4.6.4 - Native Instruments)
Native Instruments Maschine 2 Factory Library (HKLM-x32\...\Native Instruments Maschine 2 Factory Library) (Version: 1.2.0.4 - Native Instruments)
Native Instruments Maschine Controller MK2 Driver (HKLM-x32\...\Native Instruments Maschine Controller MK2 Driver) (Version:  - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.1.637 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.3.1344 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.0.1.1526 - Native Instruments)
Native Instruments Reaktor Blocks Wired (HKLM-x32\...\Native Instruments Reaktor Blocks Wired) (Version: 1.0.0.3 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.6.0.2 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: 1.3.0.4 - Native Instruments)
Native Instruments Scarbee Mark I (HKLM-x32\...\Native Instruments Scarbee Mark I) (Version: 1.4.0.15 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.3.0.1145 - Native Instruments)
Native Instruments The Gentleman (HKLM-x32\...\Native Instruments The Gentleman) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: 1.4.0.6 - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.3.0.3 - Native Instruments)
Novation USB Audio Driver 2.7 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.7 - Novation DMS Ltd.)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
PROMARS(64bit) (HKLM\...\{5A583C6E-A8CD-4BC5-910A-0347E9F15ACE}) (Version: 1.02.0000 - Roland Corporation)
RAPID Mode (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Reason 9 9.0.0d399 (HKLM\...\Reason9.0Stable_64_is1) (Version: 9.0.0d399 - Propellerhead Software AB)
Rob Papen Prisma 1.0.1 (HKLM\...\Rob Papen Prisma_is1) (Version:  - Prisma)
Rob Papen Punch / Punch-BD 1.0.5c (HKLM\...\Rob Papen Punch_is1) (Version:  - Rob Papen)
Rob Papen RP-AMod 1.0.0d (HKLM\...\Rob Papen RP-AMod_is1) (Version:  - RP-AMod)
Saffire MixControl 3.4 (HKLM\...\Saffire PRO 40_is1) (Version: 3.4 - Focusrite Audio Engineering Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Spark 2.1.1 (HKLM-x32\...\Spark_is1) (Version:  - Arturia)
Spectrasonics Trilian VSTi Plug-In version 1.4 (HKLM-x32\...\Spectrasonics Trilian VSTi Plug-In_is1) (Version:  - Copyright (C) 2009-2011 Spectrasonics)
StartupMonitor (HKLM-x32\...\{76EFAC4F-1712-401F-B2AE-590B170C9BCE}) (Version: 1.0.2.0 - Mike Lin)
Sugar Bytes Artillery2 2.3.1 (HKLM\...\Artillery2_is1) (Version: 2.3.1 - Sugar Bytes)
Sugar Bytes Turnado 1.5.1 (HKLM\...\Turnado_is1) (Version: 1.5.1 - Sugar Bytes)
Sugar Bytes Unique 1.2.1 (HKLM\...\Unique_is1) (Version: 1.2.1 - Sugar Bytes)
SYSTEM-100(64bit) (HKLM\...\{FFC77356-2AEB-4B26-8B0B-BA865B802314}) (Version: 1.01.0000 - Roland Corporation)
u-he Filterscape (HKLM-x32\...\u-he Filterscape) (Version: 1.4.1.3898 - u-he)
u-he MFM2 (HKLM-x32\...\u-he MFM2) (Version: 2.2.1.3898 - u-he)
u-he Satin (HKLM-x32\...\u-he Satin) (Version: 1.2.0.2577 - u-he)
u-he Zebra2 (HKLM-x32\...\u-he Zebra2) (Version: 2.7.2.3898 - u-he)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
V-Station 2.3 (HKLM-x32\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 2.3 - Novation)
WEB.DE Online-Speicher 1.32.1.0 (HKU\S-1-5-21-302714957-2580015752-1539367651-1000\...\WEB.DE Application {sync-000021}) (Version: 1.32.1.0 - 1&1 Mail & Media GmbH)
WEB.DE Online-Speicher 1.32.1.0 (HKU\S-1-5-21-302714957-2580015752-1539367651-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WEB.DE Application {sync-000021}) (Version: 1.32.1.0 - 1&1 Mail & Media GmbH)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WWAYM - NWEQ V1.21 (HKLM-x32\...\WWAYM - NWEQ V1.21) (Version:  - )
Your Uninstaller! 2010 (HKLM-x32\...\YU2010_is1) (Version: 7.3.2010.33 - URSoft, Inc.)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00FA7BA8-7016-4AC2-A0BE-714BA84D3DEF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {05B24C10-3ECE-4724-8EC3-74E61EDD4A4A} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe [2014-12-03] (Samsung Electronics)
Task: {0D15EA68-ADB5-4259-A8CA-CEB5B1F20AA3} - System32\Tasks\{9DE11DC4-FE9D-44B9-B948-68A9059C54C9} => C:\Program Files (x86)\EPSON\Creativity Suite\File Manager\EFileManager.exe
Task: {0E2DBD59-6107-4E25-81AB-486FF92E7E26} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {32FE5E11-7AF9-43F4-B2A1-9D7A779DD8BF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {4FCEB699-DF69-4EFC-AF88-FABE71C39A2E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-26] (Dropbox, Inc.)
Task: {537AEEB7-E40C-498A-9147-E8FBF6B06FE6} - System32\Tasks\{0B58E04B-48E2-434E-89BC-3293F1543B1A} => C:\Users\homebase\Desktop\epson327610eu.exe
Task: {624D020C-174A-488A-AC9E-3196BC69099A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-26] (Dropbox, Inc.)
Task: {7AFDEB86-77D8-4F8D-9D96-FC0ED08AC11A} - System32\Tasks\SafeZone scheduled Autoupdate 1462894115 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {7D0898DB-032E-4708-8A58-59F442ED68FB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {84D1B918-C3FA-4CF2-8615-28F6083B477E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09] (Google Inc.)
Task: {91B18C8D-0002-49BC-B333-4EAC117F9F4C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {9663C8A3-3F92-418A-A7AF-A624C24C9180} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09] (Google Inc.)
Task: {ABB4DFF1-8EB6-4363-A5FC-9812DB2BD748} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)
Task: {C0905720-58A7-44FD-93ED-9F7D89F834CC} - System32\Tasks\asrRd => C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
Task: {C8E349D3-B137-4E95-98F5-7F0DB3FC98B0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Floating for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jjphmlaoffndcnecccgemfdaaoighkel

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-04 00:25 - 2015-08-04 00:25 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2016-06-30 10:23 - 2016-06-30 10:23 - 00592384 ____C () C:\ProgramData\MEGAsync\ShellExtX64.dll
2016-06-30 13:24 - 2016-06-30 13:24 - 00564224 ____C () C:\ProgramData\MEGAsync\ShellExtX32.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:CM_df9ff6e9c92dec62d18f961c19f3a22f10398914a353693b4b8c8ddd9a8dc849 [74]
AlternateDataStreams: C:\Windows:CM_f5613536b4930b3cf5b9e75c4b4d845879cd43bd1ad1590b0132b005529167d8 [74]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2010-12-23 21:08 - 00000780 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-302714957-2580015752-1539367651-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-302714957-2580015752-1539367651-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: drhard.exe => "C:\Program Files (x86)\Dr. Hardware 2016\drhard.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [ScanManagement-WSD-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [ScanManagement-RCWS-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-TCP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-UDP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [{BCA99138-19BF-4729-86B8-2ED3AC57EC66}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{346CBB0F-D37F-4A9B-B399-A52292E2F585}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{A974EB60-0186-4827-9B63-3E68BEBEB66E}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{DAE74CB2-21A2-4790-99A1-E22AB29E8F0C}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/02/2016 12:55:07 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\homebase\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x80070422).

Error: (08/02/2016 12:49:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 12:47:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 12:44:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 11:37:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 11:32:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 10:36:23 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\servicing\TrustedInstaller.exe; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).

Error: (08/02/2016 10:12:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 10:09:12 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\servicing\TrustedInstaller.exe; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).

Error: (08/02/2016 10:05:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (08/02/2016 12:50:41 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (08/02/2016 12:50:34 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (08/02/2016 12:48:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
UimBus
Uim_IM

Error: (08/02/2016 12:48:19 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (08/02/2016 12:48:08 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (08/02/2016 12:47:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069 = Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.


Error: (08/02/2016 12:47:33 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50 = Die Anforderung wird nicht unterstützt.


Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/02/2016 12:47:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/02/2016 12:47:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X64" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/02/2016 12:47:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X86" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-07-30 12:12:41.277
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\homebase\AppData\Local\Temp\mbr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-07-30 12:12:41.229
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\homebase\AppData\Local\Temp\mbr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-07-27 16:55:00.760
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-27 16:55:00.697
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-27 16:54:56.282
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-27 16:54:56.251
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-25 19:36:38.338
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-25 19:36:38.276
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-25 19:36:33.861
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-25 19:36:33.830
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: AMD A8-3870 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 10%
Installierter physikalischer RAM: 32744.44 MB
Verfügbarer physikalischer RAM: 29405.34 MB
Summe virtueller Speicher: 32742.62 MB
Verfügbarer virtueller Speicher: 29298.6 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:168.54 GB) (Free:37.72 GB) NTFS
Drive d: (Win7_eXtreme_V1_1) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF
Drive i: (Idea Akustika) (Fixed) (Total:49.13 GB) (Free:29.94 GB) NTFS
Drive j: (Propellerhead) (Fixed) (Total:97.66 GB) (Free:53.55 GB) NTFS
Drive k: (maschine speicherungen) (Fixed) (Total:48.6 GB) (Free:37.55 GB) NTFS
Drive l: (Ableton) (Fixed) (Total:540.69 GB) (Free:132.06 GB) NTFS
Drive m: (plugins) (Fixed) (Total:64.15 GB) (Free:54.93 GB) NTFS
Drive n: (Laufwerk) (Fixed) (Total:465.76 GB) (Free:461 GB) NTFS
Drive o: (USB-HDD) (Fixed) (Total:931.51 GB) (Free:388.31 GB) NTFS
Drive t: (Tracks) (Fixed) (Total:195.31 GB) (Free:13.64 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 7CBA875C)
Partition 1: (Active) - (Size=193 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=168.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=64.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: DC33D9A9)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: AC2A3FE9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 070AFE15)

Partition: GPT.

==================== Ende von Addition.txt ============================

FRST.1von2txt.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
durchgeführt von homebase (Administrator) auf HOMEBASE-PC (02-08-2016 13:04:58)
Gestartet von C:\Users\homebase\Desktop
Geladene Profile: homebase &  (Verfügbare Profile: homebase & Classic .NET AppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\psxss.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(DEVGURU Co., LTD.) N:\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\nfsclnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281696 2015-09-04] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Run StartupMonitor] => C:\Windows\StartupMonitor.exe [86016 2000-05-20] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23892216 2016-08-01] (Dropbox, Inc.)
HKU\S-1-5-21-302714957-2580015752-1539367651-1000\...\Run: [drhard.exe] => "C:\Program Files (x86)\Dr. Hardware 2016\drhard.exe"
HKU\S-1-5-21-302714957-2580015752-1539367651-1000\...\MountPoints2: {922e8b0c-557c-11e6-b458-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-302714957-2580015752-1539367651-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [drhard.exe] => "C:\Program Files (x86)\Dr. Hardware 2016\drhard.exe"
HKU\S-1-5-21-302714957-2580015752-1539367651-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {922e8b0c-557c-11e6-b458-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-82-1036420768-1044797643-1061213386-2937092688-4282445334-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160721103045042.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.40.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.40.dll [2016-08-01] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{73580C72-6D2D-46A6-B863-8C0051B8F067}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\.DEFAULT -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-302714957-2580015752-1539367651-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-302714957-2580015752-1539367651-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-302714957-2580015752-1539367651-1000 -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-302714957-2580015752-1539367651-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-302714957-2580015752-1539367651-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-302714957-2580015752-1539367651-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-82-1036420768-1044797643-1061213386-2937092688-4282445334-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2016-07-30] (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2016-07-30] (Sun Microsystems, Inc.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2015-12-10] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-12-10] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2015-12-10] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-12-10] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2016-07-30] (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2016-07-30] (Sun Microsystems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-02]
CHR Extension: (Google Docs) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-02]
CHR Extension: (Google Drive) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-02]
CHR Extension: (YouTube) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-02]
CHR Extension: (Google Tabellen) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-02]
CHR Extension: (Google Docs Offline) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-02]
CHR Extension: (Google Mail) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-02]
CHR Extension: (Chrome Media Router) - C:\Users\homebase\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-02]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-26] (Dropbox, Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2011-06-16] (Microsoft Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
R2 NfsClnt; C:\Windows\system32\nfsclnt.exe [65536 2010-11-21] (Microsoft Corporation)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd.)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-21] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-21] (Microsoft Corporation)
R2 ss_conn_service; N:\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2011-06-16] (Microsoft Corporation) [Datei ist nicht signiert]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2000-01-01] (Advanced Micro Devices Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-01-30] (Asmedia Technology)
R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2015-02-03] (ASRock Inc.)
R3 automap; C:\Windows\System32\DRIVERS\automap.sys [18776 2012-04-19] (Focusrite Audio Engineering Limited)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-02] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 mc2avs; C:\Windows\System32\Drivers\mc2avs.sys [358520 2012-06-06] (Native Instruments GmbH)
S3 mc2usb_svc; C:\Windows\System32\Drivers\mc2usb.sys [81016 2012-06-06] (Native Instruments GmbH)
S3 MirayRAMDrive; C:\Windows\System32\DRIVERS\mrdo.sys [65488 2014-11-26] (Miray)
R3 motubus; C:\Windows\System32\drivers\MotuBus64.sys [30288 2013-04-30] (Mark of the Unicorn)
R3 motumidi64; C:\Windows\System32\drivers\motumidi64.sys [44112 2013-04-30] (MOTU)
R3 MotuUsb64; C:\Windows\System32\Drivers\MotuUsb64.sys [65104 2013-04-30] (MOTU)
R3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [246272 2010-11-21] (Microsoft Corporation)
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [112408 2016-05-27] ()
R3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [54000 2015-06-10] (Novation DMS Ltd.)
R3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-14] (Microsoft Corporation)
R3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104960 2010-11-21] (Microsoft Corporation)
R3 Saffire; C:\Windows\System32\Drivers\Saffire.sys [226640 2014-03-17] (Focusrite A.E.)
R3 SaffireAudio; C:\Windows\System32\drivers\SaffireAudio.sys [47824 2014-03-17] (Focusrite A.E.)
R3 SaffireMidi; C:\Windows\System32\drivers\SaffireMidi.sys [38608 2014-03-17] (Focusrite A.E.)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90928 2012-03-01] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [632752 2012-03-01] (Paragon)
S3 cpuz136; \??\C:\Users\homebase\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 MBfilt; system32\drivers\MBfilt64.sys [X]
U4 SR; kein ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-02 13:04 - 2016-08-02 13:05 - 00022995 _____ C:\Users\homebase\Desktop\FRST.txt
2016-08-02 13:01 - 2016-08-02 12:53 - 00002031 _____ C:\Users\homebase\Desktop\AdwCleaner[S12].txt
2016-08-02 12:58 - 2016-08-02 12:59 - 00001934 _____ C:\Users\homebase\Desktop\JRT.txt
2016-08-02 12:54 - 2016-08-02 12:54 - 01610560 _____ (Malwarebytes) C:\Users\homebase\Downloads\JRT.exe
2016-08-02 12:48 - 2016-08-02 12:48 - 00000004 ____H C:\ProgramData\cm-lock
2016-08-02 12:47 - 2016-08-02 12:47 - 00005633 _____ C:\Users\homebase\Desktop\Fixlog.txt
2016-08-02 11:27 - 2016-08-02 11:27 - 00000000 ____H C:\Users\homebase\Documents\Default.rdp
2016-08-02 10:37 - 2016-08-02 10:37 - 00000020 ___SH C:\Users\Classic .NET AppPool\ntuser.ini
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\Vorlagen
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\Startmenü
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\Netzwerkumgebung
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\Lokale Einstellungen
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\Eigene Dateien
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\Druckumgebung
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\Documents\Eigene Videos
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\Documents\Eigene Musik
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\Documents\Eigene Bilder
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\AppData\Local\Verlauf
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\AppData\Local\Anwendungsdaten
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 _SHDL C:\Users\Classic .NET AppPool\Anwendungsdaten
2016-08-02 10:37 - 2016-08-02 10:37 - 00000000 ____D C:\Users\Classic .NET AppPool
2016-08-02 10:36 - 2016-08-02 10:36 - 00000000 ____D C:\Windows\system32\msmq
2016-08-02 10:36 - 2016-08-02 10:36 - 00000000 ____D C:\Windows\system32\0401
2016-08-02 09:37 - 2016-08-02 09:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subsystem for UNIX-based Applications
2016-08-02 09:37 - 2016-08-02 09:37 - 00000000 ____D C:\Windows\SUA
2016-08-02 09:18 - 2016-08-02 10:22 - 00000010 _____ C:\Users\homebase\Desktop\Neues Textdokument.txt
2016-08-02 09:16 - 2016-08-02 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-02 00:35 - 2016-08-02 00:35 - 00000000 ____D C:\Users\homebase\Desktop\Maschine24_Update-Tutorial
2016-08-02 00:34 - 2016-08-02 00:34 - 00000000 ____D C:\Users\homebase\Desktop\Hands_On_Maschine
2016-07-31 19:31 - 2016-07-31 19:31 - 00786484 _____ C:\Users\homebase\Documents\aaaaaa.reason
2016-07-31 17:52 - 2016-07-31 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64
2016-07-31 17:52 - 2016-07-31 17:52 - 00000000 ____D C:\Program Files\ffdshow
2016-07-31 17:46 - 2016-07-31 17:46 - 05023797 _____ (ffdshow ) C:\Users\homebase\Downloads\ffdshow_rev4531_20140628_x64.exe
2016-07-31 17:44 - 2016-07-31 17:45 - 07092637 _____ C:\Users\homebase\Desktop\20160730 212330-1_preview.mp4
2016-07-31 17:43 - 2016-07-31 17:45 - 17167416 _____ C:\Users\homebase\Desktop\20160730 212330-1.mp4
2016-07-31 17:41 - 2016-07-31 17:43 - 64437847 _____ C:\Users\homebase\Desktop\20160730 212330-1.mkv
2016-07-31 17:39 - 2016-07-31 17:41 - 00000000 ____D C:\Users\homebase\AppData\Roaming\HandBrake
2016-07-31 17:39 - 2016-07-31 17:39 - 00000824 _____ C:\Users\homebase\Desktop\Handbrake.lnk
2016-07-31 17:39 - 2016-07-31 17:39 - 00000000 ____D C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-07-31 17:39 - 2016-07-31 17:39 - 00000000 ____D C:\Users\homebase\AppData\Roaming\HandBrake Team
2016-07-31 17:39 - 2016-07-31 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-07-31 17:39 - 2016-07-31 17:39 - 00000000 ____D C:\Program Files\Handbrake
2016-07-31 17:38 - 2016-07-31 17:38 - 16520043 _____ C:\Users\homebase\Downloads\HandBrake-0.10.5-x86_64-Win_GUI-1.exe
2016-07-31 17:34 - 2016-07-31 13:38 - 156230397 ____N C:\Users\homebase\Desktop\20160730_212330.mp4
2016-07-31 16:45 - 2016-07-31 16:48 - 00002031 _____ C:\Users\homebase\Desktop\vorfall sek 31.07.2016 hann münden.txt
2016-07-31 13:51 - 2016-07-31 13:51 - 00193126 _____ C:\Users\homebase\Downloads\DHL_label_2016-7-31_13-51-25.pdf
2016-07-31 13:51 - 2016-07-31 13:51 - 00193126 _____ C:\Users\homebase\Downloads\DHL_label_2016-7-31_13-51-21.pdf
2016-07-30 14:01 - 2016-07-30 14:01 - 00002863 _____ C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stop StartupMonitor.lnk
2016-07-30 13:55 - 2016-07-30 13:55 - 00001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-30 13:55 - 2016-07-30 13:55 - 00001134 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-07-30 13:55 - 2016-07-30 13:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-30 13:54 - 2016-07-30 13:54 - 00525544 _____ (Sun Microsystems, Inc.) C:\Windows\system32\deployJava1.dll
2016-07-30 13:54 - 2016-07-30 13:54 - 00472808 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2016-07-30 13:54 - 2016-07-30 13:54 - 00190752 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaws.exe
2016-07-30 13:54 - 2016-07-30 13:54 - 00171808 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaw.exe
2016-07-30 13:54 - 2016-07-30 13:54 - 00171808 _____ (Sun Microsystems, Inc.) C:\Windows\system32\java.exe
2016-07-30 13:54 - 2016-07-30 13:54 - 00157472 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2016-07-30 13:54 - 2016-07-30 13:54 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2016-07-30 13:54 - 2016-07-30 13:54 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2016-07-30 13:54 - 2016-07-30 13:54 - 00001877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-07-30 13:54 - 2016-07-30 13:54 - 00001865 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2016-07-30 13:54 - 2016-07-30 13:54 - 00000000 ____D C:\Users\homebase\AppData\LocalLow\Sun
2016-07-30 13:54 - 2016-07-30 13:54 - 00000000 ____D C:\ProgramData\Sun
2016-07-30 13:54 - 2016-07-30 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-07-30 13:54 - 2016-07-30 13:54 - 00000000 ____D C:\Program Files\Java
2016-07-30 13:54 - 2016-07-30 13:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-30 13:54 - 2016-07-30 13:54 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-07-30 13:53 - 2016-07-30 14:01 - 00013524 _____ C:\WPI_LOG_2016.07.30_13.53.38.txt
2016-07-30 13:49 - 2016-07-30 13:49 - 00000000 ____D C:\Users\homebase\AppData\Local\Microsoft Corporation
2016-07-30 13:47 - 2016-07-30 13:48 - 00000000 ____D C:\MGADiagToolOutput
2016-07-30 13:47 - 2016-07-30 13:47 - 00000000 ____D C:\ProgramData\Office Genuine Advantage
2016-07-30 13:41 - 2016-07-30 13:41 - 00000000 ____D C:\Users\homebase\Desktop\License Backup
2016-07-30 12:27 - 2016-07-30 12:27 - 00000037 _____ C:\Users\homebase\Downloads\file-not-found.txt
2016-07-30 12:05 - 2016-07-30 12:05 - 00380928 _____ C:\Users\homebase\Desktop\7fffylwj.exe
2016-07-30 11:20 - 2016-07-30 11:20 - 00000934 _____ C:\Users\homebase\AppData\Local\ZHPFixReport.txt
2016-07-30 11:19 - 2016-07-30 11:19 - 00000594 _____ C:\Users\homebase\Desktop\ZHPFixReport.txt
2016-07-30 11:17 - 2016-07-30 12:12 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-07-30 11:17 - 2016-07-30 11:17 - 00001849 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-07-30 11:17 - 2016-07-30 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-07-30 11:15 - 2016-07-30 11:15 - 03521617 _____ (Nicolas Coolman ) C:\Users\homebase\Desktop\ZHPFix.exe
2016-07-30 11:03 - 2016-07-30 12:10 - 00002013 _____ C:\Users\homebase\Desktop\ZHPCleaner.txt
2016-07-30 10:55 - 2016-07-30 11:46 - 00000795 _____ C:\Users\homebase\Desktop\ZHPCleaner.lnk
2016-07-30 10:55 - 2016-07-30 10:55 - 02285568 _____ C:\Users\homebase\Desktop\ZHPCleaner.exe
2016-07-30 10:44 - 2016-07-30 10:44 - 00000836 _____ C:\Users\homebase\Desktop\signature.asc
2016-07-30 10:39 - 2016-07-30 12:20 - 00105024 _____ C:\Users\homebase\Desktop\ZHPDiag.txt
2016-07-30 10:36 - 2016-07-30 12:19 - 00000000 ____D C:\Users\homebase\AppData\Roaming\ZHP
2016-07-30 10:36 - 2016-07-30 12:14 - 00000785 _____ C:\Users\homebase\Desktop\ZHPDiag.lnk
2016-07-30 10:36 - 2016-07-30 10:36 - 02233856 _____ C:\Users\homebase\Desktop\ZHPDiag3.exe
2016-07-30 09:49 - 2016-07-30 10:15 - 00412080 _____ C:\TDSSKiller.3.1.0.9_30.07.2016_09.49.46_log.txt
2016-07-30 09:49 - 2016-07-30 09:49 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\homebase\Desktop\tdsskiller.exe
2016-07-30 09:33 - 2016-08-02 13:04 - 00000000 ____D C:\FRST
2016-07-30 09:32 - 2016-07-30 09:32 - 02394112 _____ (Farbar) C:\Users\homebase\Desktop\FRST64.exe
2016-07-30 09:28 - 2016-07-30 09:28 - 03712064 _____ C:\Users\homebase\Desktop\AdwCleaner_5.201 (1).exe
2016-07-29 16:41 - 2016-07-29 16:41 - 00786484 _____ C:\Users\homebase\Documents\bester rythm muit ableton.reason
2016-07-29 16:39 - 2016-07-31 19:31 - 00000000 ___RD C:\Users\homebase\Desktop\bester rhytmuss im sommer 2016 Project
2016-07-29 13:08 - 2016-08-02 11:25 - 00000000 ____D C:\Users\homebase\AppData\Local\ElevatedDiagnostics
2016-07-29 10:16 - 2016-07-29 10:16 - 00000000 ___RD C:\Users\homebase\Desktop\Unbenannt-1 Project
2016-07-29 03:06 - 2016-07-29 03:06 - 00000000 ___RD C:\Users\homebase\Desktop\Unbenannt Project
2016-07-29 01:12 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2016-07-29 01:12 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2016-07-29 01:12 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2016-07-29 01:12 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2016-07-29 01:12 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2016-07-29 01:12 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2016-07-29 01:12 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2016-07-29 01:12 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2016-07-29 01:12 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2016-07-29 01:12 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2016-07-29 01:12 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2016-07-29 01:12 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2016-07-29 01:05 - 2016-07-29 01:05 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-29 01:03 - 2016-07-29 01:03 - 00083132 _____ C:\Users\homebase\Desktop\mailware rechnung.pdf
2016-07-28 17:28 - 2016-07-28 17:28 - 03712064 _____ C:\Users\homebase\Desktop\adwcleaner_5.201.exe
2016-07-28 15:25 - 2016-08-02 10:36 - 00000000 ____D C:\inetpub
2016-07-28 15:25 - 2016-07-28 15:25 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-07-28 15:25 - 2016-07-28 15:25 - 00000000 ____D C:\Windows\system32\BestPractices
2016-07-28 12:25 - 2016-07-28 12:25 - 00019213 _____ C:\Users\homebase\Desktop\Dienstplan Nachtbereitschaften August 2016.ods
2016-07-28 09:18 - 2016-07-28 09:18 - 00000000 __HDC C:\ProgramData\{F142EE57-68C1-4CB1-8798-C465F706CCDC}
2016-07-28 07:54 - 2016-07-28 07:54 - 00000000 ____D C:\ProgramData\Spectrasonics
2016-07-28 04:41 - 2016-07-28 04:41 - 01775022 _____ C:\Users\homebase\Documents\cc_20160728_044101.reg
2016-07-28 04:36 - 2016-07-28 13:36 - 00000000 ____D C:\Program Files\CCleaner
2016-07-28 04:15 - 2016-06-10 20:51 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-28 04:15 - 2016-06-10 20:51 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-28 04:15 - 2016-06-10 20:46 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-28 04:15 - 2016-06-10 20:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-28 04:15 - 2016-06-10 17:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-07-28 04:15 - 2016-06-10 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-28 04:15 - 2016-06-10 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-28 04:15 - 2016-06-10 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-28 04:15 - 2016-06-10 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-28 04:15 - 2016-06-10 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-07-28 04:15 - 2016-06-10 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-28 04:15 - 2016-06-10 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-07-28 04:15 - 2016-06-06 18:50 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-07-28 04:15 - 2016-06-06 18:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-07-28 04:15 - 2016-06-06 18:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-07-28 04:15 - 2016-06-06 18:50 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-07-28 04:15 - 2016-06-06 17:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-07-28 04:15 - 2016-06-06 17:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-07-28 04:15 - 2016-06-06 17:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-07-28 04:15 - 2016-06-06 17:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-07-28 02:53 - 2016-07-28 02:53 - 00000000 __HDC C:\ProgramData\{3A633AE9-5307-4E4D-ACED-C8739F84CB10}
2016-07-28 02:53 - 2016-07-28 02:53 - 00000000 ____D C:\Users\Public\Documents\Guitar Rig Factory Selection for Maschine
2016-07-27 22:17 - 2016-07-27 22:18 - 00000000 ____D C:\Users\homebase\Documents\arbeitsschriftverker
2016-07-27 21:36 - 2016-07-27 21:36 - 00000000 __HDC C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC}
2016-07-25 20:17 - 2016-07-25 20:17 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-07-25 20:17 - 2016-07-25 20:17 - 00000000 ____D C:\Users\homebase\AppData\Roaming\OpenOffice
2016-07-25 20:17 - 2016-07-25 20:17 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-07-25 19:08 - 2016-07-25 19:08 - 00000000 __HDC C:\ProgramData\{8B7384C8-25C4-47E6-AFA3-C50A8840FD88}
2016-07-25 19:08 - 2016-07-25 19:08 - 00000000 ____D C:\Users\Public\Documents\Grey Forge Library
2016-07-25 18:20 - 2016-07-25 18:20 - 00000000 ____D C:\Users\Public\Documents\Reaktor Blocks Wired
2016-07-25 17:56 - 2016-07-22 18:52 - 05133063 _____ C:\Users\homebase\Desktop\Shituations - Kopie.mprj
2016-07-25 17:55 - 2016-06-11 14:02 - 01908634 _____ C:\Users\homebase\Desktop\Kick 808X 1_160611_140202.wav
2016-07-22 09:47 - 2016-07-22 09:47 - 00000000 ____D C:\Users\homebase\AppData\Local\Retro Machines Mk2
2016-07-21 19:29 - 2016-07-22 18:08 - 00000000 __HDC C:\ProgramData\{F1BD1DB3-F88E-4A13-A4B4-090CFEE6A6A3}
2016-07-21 19:27 - 2016-07-21 19:27 - 00000000 __HDC C:\ProgramData\{57A6988A-FD18-4C1A-BD00-FEEC744D4CD4}
2016-07-21 19:26 - 2016-07-21 19:26 - 00000000 __HDC C:\ProgramData\{AA454A3E-618B-4FA7-8742-D31B75115C43}
2016-07-21 19:25 - 2016-07-25 19:32 - 00000000 __HDC C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
2016-07-21 19:03 - 2016-07-21 19:03 - 00000000 ____D C:\Users\Public\Documents\Maschine 2 Library
2016-07-21 18:41 - 2016-07-21 18:41 - 00000000 __HDC C:\ProgramData\{F5271FB0-B5A4-420D-90D3-FF2900A84AA7}
2016-07-21 18:40 - 2016-07-21 18:40 - 00000000 ____D C:\Users\Public\Documents\Vintage Organs Library
2016-07-21 18:39 - 2016-07-21 18:39 - 00000000 ____D C:\Users\Public\Documents\The Gentleman Library
2016-07-21 18:39 - 2016-07-21 18:39 - 00000000 ____D C:\Users\Public\Documents\Scarbee Mark I Library
2016-07-21 18:38 - 2016-07-21 18:38 - 00000000 ____D C:\Users\Public\Documents\Retro Machines Mk2 Library
2016-07-21 18:37 - 2016-07-21 18:37 - 00000000 ____D C:\Users\Public\Documents\Prism Library
2016-07-21 18:37 - 2016-07-21 18:37 - 00000000 ____D C:\Users\Public\Documents\Monark Library
2016-07-21 18:32 - 2016-07-21 18:32 - 00000000 ____D C:\Users\Public\Documents\Drum Lab Library
2016-07-21 18:15 - 2016-07-21 18:15 - 00000000 ____D C:\Users\Public\Documents\West Africa Library
2016-07-21 18:13 - 2016-07-21 18:39 - 00000000 __HDC C:\ProgramData\{306A1EF4-D27D-4F5A-BA93-F05B10576F40}
2016-07-21 18:13 - 2016-07-21 18:39 - 00000000 __HDC C:\ProgramData\{20C7291D-0FE3-4567-86A5-795DA8DD43DC}
2016-07-21 18:06 - 2016-07-21 18:32 - 00000000 __HDC C:\ProgramData\{55AEE408-DC39-477F-B7A7-07C6498E734D}
2016-07-21 14:11 - 2016-07-27 21:49 - 00000000 ___DC C:\ProgramData\PDF Architect 4
2016-07-21 14:11 - 2016-07-21 14:11 - 00000000 ____D C:\Users\homebase\AppData\Roaming\PDF Architect 4
2016-07-21 14:09 - 2016-07-31 19:31 - 00000000 ____D C:\Users\homebase\AppData\Roaming\vlc
2016-07-21 14:09 - 2016-07-21 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-07-21 14:09 - 2016-07-21 14:09 - 00000000 ____D C:\Program Files\VideoLAN
2016-07-21 11:28 - 2016-07-21 11:28 - 00000000 ____D C:\Users\homebase\AppData\Local\CyanCor GmbH
2016-07-21 11:13 - 2016-07-21 11:13 - 00003028 _____ C:\Windows\System32\Tasks\{9DE11DC4-FE9D-44B9-B948-68A9059C54C9}
2016-07-21 11:12 - 2016-07-21 11:12 - 00002964 _____ C:\Windows\System32\Tasks\{0B58E04B-48E2-434E-89BC-3293F1543B1A}
2016-07-21 10:57 - 2016-07-21 17:32 - 00000000 ____D C:\Users\homebase\AppData\Roaming\EPSON
2016-07-21 10:57 - 2016-07-21 10:57 - 00000029 _____ C:\Windows\DEBUGSM.INI
2016-07-21 10:30 - 2016-07-21 10:31 - 00000000 ____D C:\Users\homebase\WEB.DE Online-Speicher
2016-07-21 10:30 - 2016-07-21 10:31 - 00000000 ____D C:\Users\homebase\AppData\Local\WEB.DE Application {sync-000021}
2016-07-21 10:30 - 2016-07-21 10:30 - 00001293 _____ C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB.DE Online-Speicher.lnk
2016-07-21 10:30 - 2016-07-21 10:30 - 00000000 ____D C:\Users\homebase\AppData\Local\IsolatedStorage
2016-07-21 10:30 - 2016-07-21 10:30 - 00000000 ____D C:\ProgramData\1&1 Sync
2016-07-21 10:30 - 2016-07-21 10:30 - 00000000 ____D C:\Program Files\Common Files\1&1 Sync
2016-07-21 09:30 - 2016-07-21 09:30 - 00000000 ___DC C:\ProgramData\www.rene-zeidler.de
2016-07-21 09:30 - 2016-07-21 09:30 - 00000000 ____D C:\Users\homebase\AppData\Roaming\www.rene-zeidler.de
2016-07-21 09:30 - 2016-07-21 09:30 - 00000000 ____D C:\Users\homebase\AppData\Local\www.rene-zeidler.de
2016-07-20 02:49 - 2016-07-27 22:01 - 00000000 ____D C:\Users\homebase\AppData\Roaming\Softube
2016-07-19 20:43 - 2016-07-25 18:20 - 00000000 __HDC C:\ProgramData\{AC8F26C0-3B02-4AF3-9273-FBA6B76AB966}
2016-07-19 11:19 - 2016-07-19 11:19 - 00003038 _____ C:\Windows\System32\Tasks\asrRd
2016-07-19 10:02 - 2016-07-28 17:27 - 00000000 ____D C:\Program Files (x86)\Dr. Hardware 2016
2016-07-19 10:02 - 2013-07-21 18:41 - 00013760 _____ C:\Windows\system32\Drivers\DRHMSR64.sys
2016-07-19 09:56 - 2011-11-03 19:05 - 00021984 _____ (Licensed for Gebhard Software) C:\Windows\system32\Drivers\DRHARD64.sys
2016-07-19 09:55 - 2016-08-02 12:52 - 00774502 _____ C:\Windows\system32\perfh00C.dat
2016-07-19 09:55 - 2016-08-02 12:52 - 00556442 _____ C:\Windows\system32\perfh001.dat
2016-07-19 09:55 - 2016-08-02 12:52 - 00165934 _____ C:\Windows\system32\perfc00C.dat
2016-07-19 09:55 - 2016-08-02 12:52 - 00125590 _____ C:\Windows\system32\perfc001.dat
2016-07-19 09:55 - 2016-07-19 09:54 - 00344522 _____ C:\Windows\system32\perfi00C.dat
2016-07-19 09:55 - 2016-07-19 09:54 - 00289060 _____ C:\Windows\system32\perfi001.dat
2016-07-19 09:55 - 2016-07-19 09:54 - 00042056 _____ C:\Windows\system32\perfd001.dat
2016-07-19 09:55 - 2016-07-19 09:54 - 00038160 _____ C:\Windows\system32\perfd00C.dat
2016-07-19 09:54 - 2016-08-02 09:37 - 00000000 ____D C:\Windows\system32\ar
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\SysWOW64\fr
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\SysWOW64\ar
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\SysWOW64\040C
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\SysWOW64\0409
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\system32\fr
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\system32\040C
2016-07-19 09:54 - 2016-07-19 09:54 - 00000000 ____D C:\Windows\system32\0409
2016-07-19 09:12 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-19 09:12 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-19 09:12 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-19 09:12 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-19 09:12 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-19 09:12 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-19 09:12 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-19 09:12 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-19 09:12 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-19 09:12 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-19 09:12 - 2016-06-14 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-17 14:51 - 2016-07-17 14:51 - 00000000 ____D C:\Users\homebase\AppData\Roaming\DigitalSuburban
2016-07-17 11:15 - 2016-07-28 08:43 - 00000000 ____D C:\Users\homebase\AppData\Roaming\Audacity
2016-07-17 11:13 - 2016-07-21 05:53 - 00000000 ____D C:\Users\homebase\Documents\MEGAsync Downloads
2016-07-17 10:27 - 2016-07-17 10:27 - 00000000 ____D C:\Users\homebase\Documents\MEGA
2016-07-17 10:26 - 2016-07-21 04:33 - 00000000 ___DC C:\ProgramData\MEGAsync
2016-07-17 10:26 - 2016-07-17 10:26 - 00000000 ____D C:\Users\homebase\AppData\Local\Mega Limited
2016-07-17 10:26 - 2016-07-17 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-07-08 18:34 - 2016-07-08 18:34 - 00000881 _____ C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
2016-07-08 18:34 - 2016-07-08 18:34 - 00000000 ____D C:\ProgramData\Ableton
2016-07-08 18:25 - 2016-07-08 18:27 - 00000869 _____ C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Trial.lnk
2016-07-08 12:26 - 2016-07-08 12:26 - 00003124 _____ C:\Windows\System32\Tasks\Samsung_PSSD_Registration
2016-07-08 12:26 - 2016-07-08 12:26 - 00000000 ___DC C:\ProgramData\Samsung Apps
2016-07-08 12:23 - 2016-07-08 12:23 - 00000000 ____D C:\Users\homebase\Samsung
2016-07-08 11:49 - 2016-07-08 11:49 - 00000000 ____D C:\Windows\system32\RAPID
2016-07-08 11:49 - 2015-09-04 12:08 - 00271968 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SamsungRapidDiskFltr.sys
2016-07-05 20:33 - 2016-07-21 11:19 - 00000000 ____D C:\Windows\EOONotify
2016-07-05 20:33 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-05 20:33 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-05 20:33 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-05 20:33 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-05 20:12 - 2016-08-02 12:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-05 20:12 - 2016-07-30 14:29 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-05 20:12 - 2016-07-13 09:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-05 20:12 - 2016-07-13 09:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-05 20:12 - 2016-07-13 09:44 - 00003952 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-07-05 20:12 - 2016-07-13 09:44 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-05 20:12 - 2016-07-13 09:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-05 20:12 - 2016-07-13 09:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-05 20:12 - 2016-07-05 20:12 - 00000000 ____D C:\Users\homebase\AppData\Local\Adobe
2016-07-05 12:31 - 2016-07-05 12:31 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2016-07-05 12:17 - 2016-07-05 12:17 - 00000000 ____D C:\Program Files\Samsung
2016-07-05 12:09 - 2016-07-05 12:09 - 00000000 ____D C:\Users\homebase\Documents\Samsung
2016-07-05 12:06 - 2016-07-05 12:06 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-07-05 12:03 - 2016-07-05 12:06 - 00000000 ____D C:\Users\homebase\AppData\Roaming\Samsung
2016-07-05 12:03 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2016-07-05 11:39 - 2016-07-21 18:40 - 00000000 __HDC C:\ProgramData\{81FF46FD-55BF-4932-A9A8-86FF2C15E0ED}
2016-07-05 11:32 - 2016-07-21 18:40 - 00000000 __HDC C:\ProgramData\{93EAA4DB-27EC-4331-A128-E3891121AA47}
2016-07-05 11:10 - 2016-07-21 18:39 - 00000000 __HDC C:\ProgramData\{F181A575-31C9-49F7-9294-3AEE1E3123C3}
2016-07-05 10:39 - 2016-07-21 18:37 - 00000000 __HDC C:\ProgramData\{CFDD872E-E643-48CF-82E8-8889713D990D}
2016-07-05 10:39 - 2016-07-21 18:37 - 00000000 __HDC C:\ProgramData\{BBD6476E-3DD8-447E-ACC3-81C30FC4A118}
2016-07-05 10:39 - 2016-07-21 18:37 - 00000000 __HDC C:\ProgramData\{87AEDB84-EF6C-4240-A009-B8FA027D1315}
2016-07-05 10:31 - 2016-07-21 18:34 - 00000000 __HDC C:\ProgramData\{2036C023-27B2-4C52-A8B8-52A35A7A52FC}
2016-07-05 07:28 - 2016-07-21 18:24 - 00000000 __HDC C:\ProgramData\{57B10C8A-9A38-45B2-B696-92DA7712A65C}
2016-07-04 22:55 - 2016-07-04 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
2016-07-03 02:20 - 2016-07-03 02:20 - 00000000 ____D C:\Users\homebase\AppData\Roaming\epm

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-02 13:03 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-02 13:03 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-02 13:01 - 2016-05-24 03:44 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-02 12:52 - 2016-06-15 16:55 - 00000000 ____D C:\AdwCleaner
2016-08-02 12:52 - 2011-04-12 09:43 - 00803750 _____ C:\Windows\system32\perfh007.dat
2016-08-02 12:52 - 2011-04-12 09:43 - 00187776 _____ C:\Windows\system32\perfc007.dat
2016-08-02 12:52 - 2009-07-14 07:13 - 03508434 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-02 12:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-08-02 12:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-08-02 12:48 - 2016-05-26 08:10 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-08-02 12:48 - 2016-05-17 04:48 - 00000068 __RSH C:\Windows\system32\Drivers\wmilib.winsecurity
2016-08-02 12:48 - 2016-05-17 04:48 - 00000068 __RSH C:\Windows\system32\Drivers\wacompen.winsecurity
2016-08-02 12:48 - 2016-05-09 15:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-02 12:48 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-02 12:39 - 2016-05-09 15:21 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-02 12:15 - 2016-05-26 08:10 - 00001218 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-08-02 11:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-08-02 10:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2016-08-02 10:36 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\0407
2016-08-02 10:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-08-02 10:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-08-02 09:37 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\de
2016-08-02 09:17 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-02 09:16 - 2016-05-26 08:10 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-31 10:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-07-31 10:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2016-07-30 14:14 - 2016-06-14 14:56 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-30 12:31 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-30 12:07 - 2016-05-09 15:22 - 00000000 ____D C:\Users\homebase\AppData\Local\Google
2016-07-29 19:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-07-29 03:08 - 2016-05-24 03:43 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-29 01:05 - 2016-05-24 03:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-29 00:34 - 2016-05-09 15:21 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 00:34 - 2016-05-09 15:21 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-28 15:27 - 2016-05-09 15:32 - 00000000 ____D C:\Windows\Panther
2016-07-28 15:27 - 2016-05-09 15:29 - 03193672 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-28 09:18 - 2016-05-28 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-07-28 09:10 - 2016-05-28 15:21 - 00000000 ____D C:\Program Files\Native Instruments
2016-07-27 21:58 - 2016-05-27 06:44 - 00000000 ____D C:\Users\homebase\AppData\Roaming\zplane
2016-07-27 21:44 - 2016-05-09 14:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-27 21:39 - 2016-05-17 03:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Propellerhead
2016-07-27 19:28 - 2016-05-17 03:20 - 00000000 ____D C:\Program Files\Propellerhead
2016-07-27 16:55 - 2009-07-14 06:45 - 00306696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-25 21:28 - 2016-05-09 14:42 - 00068752 _____ C:\Users\homebase\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-25 19:35 - 2016-06-15 02:17 - 00045696 _____ C:\Users\homebase\Documents\NI_VSTtool_log.txt
2016-07-25 19:32 - 2016-06-19 11:37 - 00000000 __HDC C:\ProgramData\{29B2BACE-094D-4109-858B-A36BBC2D2443}
2016-07-25 19:32 - 2016-05-28 14:45 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2016-07-25 19:30 - 2016-05-27 04:38 - 00000000 ____D C:\Program Files (x86)\VSTPlugIns
2016-07-25 18:01 - 2016-05-29 10:22 - 00000000 __HDC C:\ProgramData\{F828BFD7-781D-4BD3-AD6C-71D19DC23493}
2016-07-21 18:38 - 2016-06-19 05:50 - 00000000 __HDC C:\ProgramData\{A4240964-232B-4D4C-AE9F-AB84A9948A34}
2016-07-21 18:36 - 2016-06-19 05:59 - 00000000 __HDC C:\ProgramData\{57623A97-E2F4-49B2-86D7-FA0915C77BED}
2016-07-21 18:34 - 2016-06-29 11:18 - 00000000 __HDC C:\ProgramData\{94413B98-D6DD-4BFD-B542-D4C460057AF0}
2016-07-21 14:51 - 2016-06-19 05:04 - 00000000 __HDC C:\ProgramData\{8BDB072C-4D9A-4CE0-8C98-0BD20B85E711}
2016-07-21 11:36 - 2016-05-09 15:21 - 00000000 ____D C:\Users\homebase\AppData\Local\Deployment
2016-07-21 11:19 - 2016-05-20 09:19 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-21 11:19 - 2016-05-20 09:19 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-21 10:55 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-07-21 10:30 - 2016-05-09 14:42 - 00000000 ____D C:\Users\homebase
2016-07-19 20:24 - 2016-05-18 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2016-07-19 20:24 - 2016-05-18 11:42 - 00000000 ____D C:\Program Files\ASRock Utility
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\winrm
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\WCN
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\slmgr
2016-07-19 09:54 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-07-19 09:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-19 09:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\MUI
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2016-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-07-19 09:18 - 2016-05-11 17:29 - 00000000 ____D C:\Windows\system32\MRT
2016-07-19 09:12 - 2016-05-11 17:29 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-08 18:27 - 2016-05-10 18:52 - 00000000 ____D C:\Users\homebase\AppData\Roaming\Ableton
2016-07-08 11:49 - 2016-07-02 10:41 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-07-07 17:54 - 2016-05-29 05:56 - 00000000 ____D C:\Users\homebase\AppData\Local\Native Instruments
2016-07-07 17:54 - 2016-05-28 14:43 - 00000000 ____D C:\Users\homebase\Documents\Native Instruments
2016-07-05 20:33 - 2016-05-20 08:46 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-05 12:09 - 2016-07-02 10:41 - 00000000 ___DC C:\ProgramData\Samsung
2016-07-05 12:06 - 2016-07-02 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-07-05 07:57 - 2016-06-22 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOTU
2016-07-05 07:56 - 2016-06-22 19:12 - 00000000 ____D C:\Program Files (x86)\MOTU
2016-07-04 22:55 - 2016-05-24 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
2016-07-04 22:55 - 2016-05-24 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arturia
2016-07-04 22:55 - 2016-05-10 16:51 - 00000000 ____D C:\Users\homebase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-04 22:55 - 2016-05-10 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-04 22:34 - 2016-06-19 05:46 - 00000000 __HDC C:\ProgramData\{3F0C2AC3-0702-4760-AFC1-157546C32EC1}
2016-07-04 22:34 - 2016-06-19 05:44 - 00000000 __HDC C:\ProgramData\{86A4FE2A-247F-42EF-9C3E-C2551D2529B5}
2016-07-04 22:34 - 2016-06-19 05:44 - 00000000 __HDC C:\ProgramData\{3FD630E4-094C-41D8-8276-77FA452C358F}
2016-07-04 22:34 - 2016-06-14 17:53 - 00000000 __HDC C:\ProgramData\{1EE2F726-1234-41B1-A064-86CD048C4BEB}
2016-07-04 22:34 - 2016-06-14 15:08 - 00000000 __HDC C:\ProgramData\{C7E9FBB1-9CB7-4917-9D0E-7C333B122B2B}
2016-07-04 22:34 - 2016-06-14 14:53 - 00000000 __HDC C:\ProgramData\{DA31E3B5-AD7E-4759-A162-75CF964B70AC}
2016-07-04 05:40 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-07-03 03:12 - 2016-07-02 12:24 - 00000031 _____ C:\Windows\script.txt
2016-07-03 03:03 - 2016-07-02 18:33 - 00002090 ____H C:\Windows\EPMBatch.ept

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-07-30 11:20 - 2016-07-30 11:20 - 0000934 _____ () C:\Users\homebase\AppData\Local\ZHPFixReport.txt
2016-08-02 12:48 - 2016-08-02 12:48 - 0000004 ____H () C:\ProgramData\cm-lock

Einige Dateien in TEMP:
====================
C:\Users\homebase\AppData\Local\Temp\libeay32.dll
C:\Users\homebase\AppData\Local\Temp\msvcr120.dll
C:\Users\homebase\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-27 17:28

==================== Ende von FRST.txt ============================

AdwCleaner[S12].txt

Code:

ATTFilter

# AdwCleaner v5.201 - Bericht erstellt am 02/08/2016 um 12:52:05
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-08-02.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (X64)
# Benutzername : homebase - HOMEBASE-PC
# Gestartet von : C:\Users\homebase\Desktop\AdwCleaner_5.201 (1).exe
# Option : Suchlauf
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3516 Bytes] - [15/06/2016 16:58:20]
C:\AdwCleaner\AdwCleaner[C2].txt - [2897 Bytes] - [28/07/2016 23:12:28]
C:\AdwCleaner\AdwCleaner[C3].txt - [1517 Bytes] - [28/07/2016 23:39:31]
C:\AdwCleaner\AdwCleaner[C4].txt - [3189 Bytes] - [29/07/2016 00:50:54]
C:\AdwCleaner\AdwCleaner[C5].txt - [2580 Bytes] - [02/08/2016 12:41:12]
C:\AdwCleaner\AdwCleaner[S10].txt - [1809 Bytes] - [02/08/2016 10:14:05]
C:\AdwCleaner\AdwCleaner[S11].txt - [2019 Bytes] - [02/08/2016 12:38:43]
C:\AdwCleaner\AdwCleaner[S12].txt - [1220 Bytes] - [02/08/2016 12:52:05]
C:\AdwCleaner\AdwCleaner[S1].txt - [3345 Bytes] - [15/06/2016 16:55:48]
C:\AdwCleaner\AdwCleaner[S2].txt - [2497 Bytes] - [28/07/2016 22:44:51]
C:\AdwCleaner\AdwCleaner[S3].txt - [2570 Bytes] - [28/07/2016 23:09:35]
C:\AdwCleaner\AdwCleaner[S4].txt - [1220 Bytes] - [28/07/2016 23:37:47]
C:\AdwCleaner\AdwCleaner[S5].txt - [2862 Bytes] - [29/07/2016 00:49:38]
C:\AdwCleaner\AdwCleaner[S6].txt - [1511 Bytes] - [29/07/2016 00:53:30]
C:\AdwCleaner\AdwCleaner[S7].txt - [3081 Bytes] - [29/07/2016 00:55:55]
C:\AdwCleaner\AdwCleaner[S8].txt - [3158 Bytes] - [30/07/2016 10:33:13]
C:\AdwCleaner\AdwCleaner[S9].txt - [1735 Bytes] - [30/07/2016 11:38:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S12].txt - [1951 Bytes] ##########

mikon · 02.08.2016, 12:21

protection-log-2016-08-02.xml

Code:

ATTFilter

<?xml version="1.0" encoding="UTF-8" ?>
<logs>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T00:33:32.520845+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="9c39d404-d296-4607-9151-e7f4ea0db544" result="Starting" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T00:33:32.536445+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="7e916825-56b9-4a54-a9f2-d9774e3da44f" result="Started" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T00:33:32.536445+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="9b654c8a-49b2-416a-9f9c-816fa765523f" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T00:33:48.167672+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="6da4c041-052a-43e4-bae2-c93c88fcc215" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T08:47:24.115244+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="5053c615-8bee-4344-bd20-9b1ffc5d960c" result="Starting" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T08:47:24.115244+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="ac76964e-3dc9-436f-b6d9-bd9f66e04978" result="Started" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T08:47:24.130844+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="8989c94f-eb38-4d5d-b6d9-5eda344d27eb" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T08:47:40.300537+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="d7b06d9b-9ee6-423c-ba2e-198cb6864d23" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-08-02T09:27:32.313529+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="HOMEBASE-PC" fromVersion="2016.8.1.9" last_modified_tag="421e46ae-1fee-4aa1-b1e8-3be735ed4a81" name="Malware Database" toVersion="2016.8.2.2"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:27:32.360329+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="5f569a1b-12f9-411e-9fd3-2a660b88006c" result="Starting" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:27:32.360329+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="8f5afd7a-353b-4d56-bb9f-7b654b5381bb" result="Stopping" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:27:32.625529+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="4f09af7f-2977-4fb9-8894-b1a58cb3d0f9" result="Stopped" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:27:38.652148+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="85ed3407-fd00-4a64-a721-5f768b802757" result="Success" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:27:38.683348+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="4698d617-096f-4e32-9f9d-d81641f67135" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:27:40.180950+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="7f23233a-5db3-43e5-8060-fe8af58c3da8" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-08-02T09:30:34.687668+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="HOMEBASE-PC" fromVersion="2016.8.2.2" last_modified_tag="dadc0341-8558-4e0d-980b-26f34a479b59" name="Malware Database" toVersion="2016.8.2.3"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:30:34.734468+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="d00d479a-b664-41c9-a17c-214d4051734d" result="Starting" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:30:34.750068+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="8ea1439a-35b7-494c-996b-0f95175f0cf8" result="Stopping" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:30:34.999669+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="e58a6444-549e-4b3f-9886-7ed6012a9418" result="Stopped" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:30:41.036879+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="aa742036-9c9f-4f38-bdd6-5de062d337e5" result="Success" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:30:41.052479+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="5b67f997-1131-4a7c-894e-0e7f76ffcc67" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T09:30:42.565682+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="d5cf1c1f-47d4-4edd-aa30-90bc6cc569cc" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T10:04:12.564066+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="6b10c93e-2045-4479-a352-07e2357fb67c" result="Starting" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T10:04:12.564066+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="ad63ed10-a3cb-46e6-ba19-078159d99e03" result="Started" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T10:04:12.579666+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="5359baf1-b731-4734-a814-a0ebf8d5f36d" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T10:04:28.132893+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="6e39d13c-8ce1-48f4-b00a-b51bb458156f" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T10:11:24.250850+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="3ee28ad2-a567-443a-ab47-930eb197634d" result="Starting" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T10:11:24.266450+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="fe3ec591-cc56-4890-bf7b-1238ce59727d" result="Started" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T10:11:24.266450+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="96514214-6184-4e75-99df-d2b8501d0f0d" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T10:11:39.835277+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="13002b59-32f5-43ee-819b-e09c6fd87077" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T11:31:06.235250+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="9dfb28a9-985c-4374-a3c9-807b757c2146" result="Starting" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T11:31:06.235250+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="09b1d6d3-3141-4300-b6f2-11a1cecd05ce" result="Started" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T11:31:06.250850+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="e4eb9c39-9bf4-4d2e-8d04-be08ac6633d6" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T11:31:22.329946+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="bba8f8d1-9e69-449b-b482-dd54291202da" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T11:35:55.266450+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="390d1912-3ce0-4874-bd9d-e33ed7dd0fba" result="Starting" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T11:35:55.282050+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="0d6fa6f1-426e-4f82-b8eb-e3d069240f05" result="Started" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T11:35:55.282050+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="1719164d-e468-41b1-9ea7-76eb39c1f766" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T11:36:10.521934+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="291add15-6cf0-4aeb-9bba-da8badad054e" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-08-02T12:14:38.283147+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="HOMEBASE-PC" fromVersion="2016.8.2.3" last_modified_tag="4ef1c449-df22-4e84-8415-8c51d951ac84" name="Malware Database" toVersion="2016.8.2.4"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:14:38.367152+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="97af0af0-112e-413f-b008-f35a57c63578" result="Starting" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:14:38.376152+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="d3c52cf8-9aaa-4322-8450-5823055b2809" result="Stopping" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:14:38.636167+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="e556a46a-66dd-4945-bf1c-8a6b19c2fbdd" result="Stopped" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:14:45.442556+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="5ea1a539-a098-4e95-90fd-63156718e90a" result="Success" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:14:45.467558+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="204e19c5-72bb-4eeb-a58c-071d7512769d" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:14:47.126653+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="89d23ec4-27d1-4f98-9fd0-b54dc664da0a" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-08-02T12:31:10.112876+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="06f70c40-dd3d-4a89-bb1f-aecf1c7a74ab" subtype="Malicious Website Protection" direction="Outbound" domain="terraclicks.com" ip="198.134.112.232" malwaretype="Domain" port="50103"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-08-02T12:31:10.171880+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="e495ad02-b9c2-4803-8595-c192b7bff332" subtype="Malicious Website Protection" direction="Outbound" domain="terraclicks.com" ip="198.134.112.232" malwaretype="Domain" port="50103"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-08-02T12:31:10.269885+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="50131d0a-cfdd-47f0-b1a3-1ca812d5c923" subtype="Malicious Website Protection" direction="Outbound" domain="terraclicks.com" ip="198.134.112.232" malwaretype="Domain" port="50109"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-08-02T12:31:35.142308+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="3a70ab5a-912f-477f-8716-bc254947d4c7" subtype="Malicious Website Protection" direction="Outbound" domain="www.terraclicks.com" ip="198.134.112.232" malwaretype="Domain" port="50149"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-08-02T12:31:35.191311+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="5ff01ef2-9c10-42d7-a969-bc8edbc6ddbd" subtype="Malicious Website Protection" direction="Outbound" domain="www.terraclicks.com" ip="198.134.112.232" malwaretype="Domain" port="50149"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-08-02T12:31:35.499328+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="4e277181-a0cf-44b2-8b41-3036ce1cab17" subtype="Malicious Website Protection" direction="Outbound" domain="www.terraclicks.com" ip="198.134.112.232" malwaretype="Domain" port="50152"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-08-02T12:31:39.002529+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="0857188d-f89a-4b31-b0b3-2e99404b1f7a" subtype="Malicious Website Protection" direction="Outbound" domain="terraclicks.com" ip="198.134.112.232" malwaretype="Domain" port="50200"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-08-02T12:31:39.046531+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="7aaeabc9-54e9-47c7-a2b2-93ec3448f7b2" subtype="Malicious Website Protection" direction="Outbound" domain="terraclicks.com" ip="198.134.112.232" malwaretype="Domain" port="50201"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-08-02T12:31:44.753858+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="68426fd8-8729-4873-b01e-6a7f5e764bd9" subtype="Malicious Website Protection" direction="Outbound" domain="www.terraclicks.com" ip="198.134.112.232" malwaretype="Domain" port="50207"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-08-02T12:31:47.447012+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="565554de-483d-40a8-92ce-6786ed09f9ae" subtype="Malicious Website Protection" direction="Outbound" domain="terraclicks.com" ip="198.134.112.232" malwaretype="Domain" port="50218"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-08-02T12:31:47.498015+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="a7a3fff1-cc65-4bec-b667-45e9984c4d77" subtype="Malicious Website Protection" direction="Outbound" domain="terraclicks.com" ip="198.134.112.232" malwaretype="Domain" port="50219"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:42:32.583245+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="4de3dc47-d304-468a-8849-85eae13d65f7" result="Starting" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:42:32.583245+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="f80d436d-ca22-4677-b305-ae1f8fcc9c58" result="Started" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:42:32.598845+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="f22ee6a7-8705-46ef-9bf7-5f08477708cc" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:42:47.902472+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="4366d2de-09a5-4023-b9ac-884e2000c240" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:48:26.739245+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="79cf6f42-fdac-46db-b989-7dbea83e8bd4" result="Starting" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:48:26.754845+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="96243d36-ddd5-4bb5-991c-b5cf4653436e" result="Started" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:48:26.770445+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="ec7619ff-82c3-450e-b3cc-9fd5380bd3ba" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:48:43.151343+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="a3de96da-5588-429c-a619-fe0f193b3fa9" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-08-02T12:54:58.234626+02:00" source="Manual" type="Update" username="SYSTEM" systemname="HOMEBASE-PC" fromVersion="2016.8.1.8" last_modified_tag="ce3bfaa5-0b21-4645-a1fc-3bf7a4f0550c" name="Domain Database" toVersion="2016.8.2.1"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-08-02T12:55:02.510034+02:00" source="Manual" type="Update" username="SYSTEM" systemname="HOMEBASE-PC" fromVersion="2016.8.2.4" last_modified_tag="7a167356-6ec2-42f0-9ed9-f1a51740087b" name="Malware Database" toVersion="2016.8.2.5"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:55:02.556834+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="81d02855-8aaa-4745-82d4-e0f90af2372c" result="Starting" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:55:02.556834+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="c58c7e83-773d-4839-a929-22be8405e826" result="Stopping" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:55:02.822034+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="f3635244-92e6-4049-a0b2-7e2caa989f1d" result="Stopped" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:55:09.452046+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="20b2b27d-c33c-4c59-9c28-20de93e3f5af" result="Success" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:55:09.467646+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="419ad6c9-8eb0-484f-9423-9a6ac8e2eb7f" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-08-02T12:55:11.012049+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="HOMEBASE-PC" last_modified_tag="c11eba99-4c94-4169-8b8a-6b0f300ee546" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="6" datetime="2016-08-02T13:09:49.536041+02:00" source="Manual" type="Scan" username="SYSTEM" systemname="HOMEBASE-PC" duration="487" last_modified_tag="610d1af7-763f-4225-8d66-bde6eb639522" malwaredetections="0" nonmalwaredetections="0" scanresult="completed" scantype="threat" starttime="2016-08-02T13:01:42+02:00"></record>
</logs>

JRT.txt

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Ultimate x64 
Ran by homebase (Administrator) on 02.08.2016 at 12:55:07,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 9 

Successfully deleted: C:\ProgramData\pdfforge (Folder) 
Successfully deleted: C:\Users\homebase\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1JIE2F92 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\homebase\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\58G2R5FZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\homebase\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7A9NPLT8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\homebase\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7J8ZQQ4G (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1JIE2F92 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\58G2R5FZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7A9NPLT8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7J8ZQQ4G (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.08.2016 at 12:58:18,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

M-K-D-B · 02.08.2016, 12:45

Servus,

wir entfernen die letzten Reste und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

M-K-D-B · 03.08.2016, 22:35

cosinus übernimmt ab hier, ich bin im Urlaub.

03.08.2016, 22:35	#10
M-K-D-B /// TB-Ausbilder	ADW-Cleaner ---Reinigungs probleme. unerwünschte Browser url´s werden nicht dauerhaft entfernt cosinus übernimmt ab hier, ich bin im Urlaub.

ADW-Cleaner ---Reinigungs probleme. unerwünschte Browser url´s werden nicht dauerhaft entfernt

Log-Analyse und Auswertung: ADW-Cleaner ---Reinigungs probleme. unerwünschte Browser url´s werden nicht dauerhaft entfernt