SearchProtect im Hintergrund und andere Sucheinstellungen im Firefox

magigstar · 26.08.2016, 19:19

Hallo liebe Trojaner-Jäger-Gemeinde,

ich trau mich wirklich gar nicht mehr hier nach Hilfe zu suchen.
Ich könnte die Liste an Software auch selber durchlaufen lassen.
Aber ich bin mir da nie sicher, ob ich was übersehen habe.

Ich habe mir auf jeden Fall was eingefangen.
Habe als Hintergrundprogramm "SearchProtect".
Und die Sucheinstellung wurde auch geändert.
Konnte ich allerdings wieder auf Google bringen, aber das löst ja das Problem nicht.

Könnt ihr mir weiterhelfen?
Vielen Dank

cosinus · 26.08.2016, 21:39

maggistar schon wieder

magigstar · 26.08.2016, 22:29

Zitat:

Zitat von cosinus

maggistar schon wieder

Lieber cosinus,
gerade deswegen habe ich mich fast gar nicht hier getraut mein Problem wiederzugeben.

Wenn Du mir helfen kannst, wäre ich Dir sehr verbunden.
Wenn nicht, hoffe ich, dass es andere versierte Menschen gibt, die mir weiterhelfen können.
Allerdings habe ich jetzt wirklich keine Lust und Zeit für eine endlose Diskussion über mich.

M-K-D-B · 26.08.2016, 22:32

*reinhüpf*

Ich würde dir ja gerne helfen, aber da Cosinus zuerst geantwortet hat, ist es sein Thema.

*raushüpf*

magigstar · 26.08.2016, 22:34

Zitat:

Zitat von M-K-D-B

*reinhüpf*

Ich würde dir ja gerne helfen, aber da Cosinus zuerst geantwortet hat, ist es sein Thema.

*raushüpf*

Achso, so läuft es.
Ja dann übergebe ich mein Schicksal cosinus? Schade, es zweifelhaft, ob er mir helfen wird..

M-K-D-B · 27.08.2016, 10:36

Zitat:

Zitat von magigstar

Ja dann übergebe ich mein Schicksal cosinus? Schade, es zweifelhaft, ob er mir helfen wird..

Wenn nicht, wird er es dir schon sagen.

magigstar · 27.08.2016, 12:44

Zitat:

Zitat von M-K-D-B

Wenn nicht, wird er es dir schon sagen.

Da bin ich ja mal gespannt.
Aber ich bin zuversichtlich. Wenn es drauf ankommt, ist er hilfsbereit.

M-K-D-B · 27.08.2016, 19:54

Cosinus ist wohl nicht da....

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

magigstar · 28.08.2016, 10:45

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-08-2016
durchgeführt von DDDDD CCCCC (Administrator) auf ARBEITSCOMPUTER (28-08-2016 11:18:07)
Gestartet von C:\Users\DDDDD CCCCC\Desktop
Geladene Profile: DDDDD CCCCC (Verfügbare Profile: DDDDD CCCCC & EEEEEE & Versuch & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Â© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\ws.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
(RescueTime, Inc.) C:\Program Files (x86)\RescueTime\RescueTime.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mirko Böer) C:\Program Files (x86)\SSS\SimpleScreenshot.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.227.810.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7167.40721.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-29] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe
HKLM\...\Run: [PLFSetL] => C:\Windows\PLFSetL.exe
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2011-11-13] ()
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-07-23] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SimpleScreenshot] => C:\Program Files (x86)\SSS\SimpleScreenshot.exe [2255360 2008-02-09] (Mirko Böer)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [421768 2016-04-25] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7377936 2016-05-10] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [533568 2014-04-23] (BillP Studios)
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2852128 2016-08-03] (Valve Corporation)
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\RunOnce: [Uninstall C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\RunOnce: [Uninstall C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\RunOnce: [Uninstall C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.6390.0509"
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [249104 2016-06-29] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [221456 2016-06-29] (Client Connect LTD)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
Startup: C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk [2014-09-23]
ShortcutTarget: RescueTime.lnk -> C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.)
Startup: C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5520 series (Netzwerk).lnk [2016-08-28]
ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart 5520 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{15ef09c9-ceb0-425c-a5ac-002b19b46047}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{c020751a-5210-47b5-9035-51239104e46c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c10dcd24-bf50-4b4b-b20c-22407fc328c8}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=1B7744E7-7043-4DBF-99F8-28D521D025C7&SearchSource=55&CUI=&UM=8&UP=SP7018A729-DE12-4C9B-A0FE-933E764F75A9&D=081316&SSPV=
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1242904208-471078349-2963378918-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1242904208-471078349-2963378918-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=1B7744E7-7043-4DBF-99F8-28D521D025C7&SearchSource=58&CUI=&UM=8&UP=SP7018A729-DE12-4C9B-A0FE-933E764F75A9&D=081316&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1242904208-471078349-2963378918-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-08-11] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\DDDDD CCCCC\AppData\Roaming\Mozilla\Firefox\Profiles\bp75l62n.default-1460733121568
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=1B7744E7-7043-4DBF-99F8-28D521D025C7&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP7018A729-DE12-4C9B-A0FE-933E764F75A9&D=081316
FF SelectedSearchEngine: Trovi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1242904208-471078349-2963378918-1000: @citrixonline.com/appdetectorplugin -> C:\Users\DDDDD CCCCC\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-31] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: (FoxyProxy Standard) - C:\Users\DDDDD CCCCC\AppData\Roaming\Mozilla\Firefox\Profiles\bp75l62n.default-1460733121568\extensions\foxyproxy@eric.h.jung [2016-07-03]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-02-16] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR Profile: C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Google Präsentationen) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-10]
CHR Extension: (Google Drive) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]
CHR Extension: (YouTube) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-17]
CHR Extension: (Nanny for Google Chrome (TM)) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\cljcgchbnolheggdgaeclffeagnnmhno [2015-02-22]
CHR Extension: (Google-Suche) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-23]
CHR Extension: (Google Tabellen) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-10]
CHR Extension: (Google Docs Offline) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Google Mail) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AAV UpdateService; C:\Program Files (x86)\Common Files\AAV\aavus.exe [122880 2007-10-04] () [Datei ist nicht signiert]
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1195840 2016-04-26] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463592 2016-06-05] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S4 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2013-10-10] () [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3253008 2016-06-29] (Client Connect LTD)
S4 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [241704 2014-03-25] (Foxit Corporation)
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S4 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [11264 2013-01-24] () [Datei ist nicht signiert]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
R2 Orbiter; C:\Program Files (x86)\ORBTR\orbiter.dll [558544 2016-08-13] (Client Connect LTD)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [Datei ist nicht signiert]
R3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (Â© pdfforge GmbH.)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S4 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [Datei ist nicht signiert]
S4 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\RpcAgentSrv.exe [72344 2008-05-19] (SiSoftware) [Datei ist nicht signiert]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-10-22] (Sandboxie Holdings, LLC)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9698296 2016-04-16] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-07] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S4 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [247152 2010-04-27] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
R2 EkaProt6; C:\Windows\system32\DRIVERS\ekaprot6.sys [27288 2012-03-23] (Ekahau Inc.)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339800 2016-06-05] (Acronis International GmbH)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [192648 2015-10-22] (Sandboxie Holdings, LLC)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267552 2016-06-05] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [193376 2016-06-05] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [601432 2016-06-05] (Acronis International GmbH)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [279392 2016-05-02] (Acronis International GmbH)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-28 11:18 - 2016-08-28 11:18 - 00027399 _____ C:\Users\DDDDD CCCCC\Desktop\FRST.txt
2016-08-28 11:17 - 2016-08-28 11:17 - 04747704 _____ (AO Kaspersky Lab) C:\Users\DDDDD CCCCC\Desktop\tdsskiller.exe
2016-08-28 11:11 - 2016-08-28 11:11 - 02396672 _____ (Farbar) C:\Users\DDDDD CCCCC\Desktop\FRST64.exe
2016-08-27 13:55 - 2016-08-27 14:15 - 00000000 ____D C:\Users\DDDDD CCCCC\Evernote
2016-08-27 13:55 - 2016-08-27 13:55 - 00002523 _____ C:\Users\Public\Desktop\Evernote.lnk
2016-08-27 13:55 - 2016-08-27 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-08-27 11:17 - 2016-08-27 11:17 - 00595275 _____ C:\Users\DDDDD CCCCC\Downloads\4SE9L6.pdf
2016-08-27 10:50 - 2016-08-27 10:50 - 00065585 _____ C:\Users\DDDDD CCCCC\Downloads\Efiliale_Rechnung_3128998518_2016.01.04.pdf
2016-08-24 23:09 - 2016-08-24 23:09 - 00113434 _____ C:\Users\DDDDD CCCCC\Downloads\1713912.pdf
2016-08-24 22:56 - 2016-08-24 22:56 - 00935383 _____ C:\Users\DDDDD CCCCC\Downloads\Plenarprotokoll-908.pdf
2016-08-24 22:56 - 2016-08-24 22:56 - 00154352 _____ C:\Users\DDDDD CCCCC\Downloads\0196-13.pdf
2016-08-23 16:27 - 2016-08-23 16:27 - 00000288 _____ C:\Users\DDDDD CCCCC\Desktop\Professionelle Zahnreinigung - Was Profis übersehen - Test - Stiftung Warentest.URL
2016-08-23 14:19 - 2016-08-23 14:19 - 00125773 _____ C:\Users\DDDDD CCCCC\Downloads\S_2-76_Oktober2013.pdf
2016-08-23 13:53 - 2016-08-23 13:53 - 00809518 _____ C:\Users\DDDDD CCCCC\Downloads\Anmeldebescheinigung_07.2015.pdf
2016-08-23 13:53 - 2016-08-23 13:53 - 00397949 _____ C:\Users\DDDDD CCCCC\Downloads\UniversitätsBeitragszahlung.pdf
2016-08-23 13:53 - 2016-08-23 13:53 - 00294548 _____ C:\Users\DDDDD CCCCC\Downloads\Abmeldebescheinigung Ines_02.2016.pdf
2016-08-23 13:53 - 2016-08-23 13:53 - 00124322 _____ C:\Users\DDDDD CCCCC\Downloads\Universitätsbescheinigung_2015.pdf
2016-08-21 11:50 - 2016-08-21 11:50 - 00765756 _____ C:\Users\DDDDD CCCCC\Downloads\BasicCoupon.pdf
2016-08-21 11:50 - 2016-08-21 11:50 - 00107681 _____ C:\Users\DDDDD CCCCC\Downloads\Zusammenfassung_.pdf
2016-08-20 19:28 - 2016-08-20 23:57 - 00000000 ____D C:\Users\DDDDD CCCCC\Desktop\Lebenslauf
2016-08-20 17:35 - 2016-08-20 17:37 - 00000000 ____D C:\Users\DDDDD CCCCC\Desktop\Neuer Ordner (2)
2016-08-20 16:30 - 2016-08-20 16:30 - 00158950 _____ C:\Users\DDDDD CCCCC\Downloads\flyer_klimatage_2016_druck_web.pdf
2016-08-20 09:57 - 2016-08-20 09:57 - 00593539 _____ C:\Users\DDDDD CCCCC\Downloads\FLT_MCL8WR29124_0.pdf
2016-08-20 09:54 - 2016-08-20 09:54 - 00135658 _____ C:\Users\DDDDD CCCCC\Downloads\FLIX-Ticket-8023432456.pdf
2016-08-19 22:47 - 2016-08-19 22:47 - 00241167 _____ C:\Users\DDDDD CCCCC\Downloads\FLIX-Ticket-8023422190.pdf
2016-08-18 08:35 - 2016-08-18 08:35 - 00003386 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-15 08:50 - 2016-08-15 08:50 - 00008363 _____ C:\Users\DDDDD CCCCC\Downloads\Kreditkarten-Abrechnung_vom_11_08_2016.pdf
2016-08-13 23:05 - 2016-08-14 16:16 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Local\bvyvbvhx
2016-08-13 23:05 - 2016-08-13 23:06 - 00003604 _____ C:\WINDOWS\System32\Tasks\bvyvbvhx
2016-08-13 23:05 - 2016-08-13 23:05 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Local\SearchProtect
2016-08-13 23:04 - 2016-08-13 23:05 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2016-08-13 23:04 - 2016-08-13 23:05 - 00000000 ____D C:\Program Files (x86)\ORBTR
2016-08-13 10:34 - 2016-08-13 10:34 - 00007392 _____ C:\Users\DDDDD CCCCC\Desktop\Steuer.xlsx
2016-08-12 23:53 - 2016-08-12 23:53 - 00000000 ____D C:\Users\Public\Documents\sun
2016-08-12 23:51 - 2016-08-12 23:51 - 00001177 _____ C:\Users\Public\Desktop\LibreOffice 5.1.lnk
2016-08-12 23:51 - 2016-08-12 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1
2016-08-12 23:50 - 2016-08-12 23:51 - 00000000 ____D C:\Program Files\LibreOffice 5
2016-08-12 23:42 - 2016-08-12 23:42 - 00009323 _____ C:\Users\DDDDD CCCCC\Desktop\ESt.odt
2016-08-12 14:15 - 2016-08-12 14:15 - 00002861 _____ C:\Users\DDDDD CCCCC\AppData\Local\recently-used.xbel
2016-08-12 14:10 - 2016-08-12 14:10 - 00007026 _____ C:\Users\DDDDD CCCCC\Downloads\Lidl_schwarz_beteiligungen.svg
2016-08-12 11:36 - 2016-08-12 11:36 - 00390379 _____ C:\Users\DDDDD CCCCC\Downloads\Hin- und Rückflug.pdf
2016-08-12 11:35 - 2016-08-12 11:35 - 00393522 _____ C:\Users\DDDDD CCCCC\Downloads\image2016-08-04-084154.pdf
2016-08-12 11:34 - 2016-08-12 11:34 - 00057093 _____ C:\Users\DDDDD CCCCC\Downloads\Hin- und Rückflug.pdf
2016-08-12 11:33 - 2016-08-12 11:33 - 00369647 _____ C:\Users\DDDDD CCCCC\Downloads\Hin- und Rückflug.pdf
2016-08-12 11:31 - 2016-08-12 11:31 - 00436804 _____ C:\Users\DDDDD CCCCC\Downloads\Bahn-Ticket.pdf
2016-08-12 11:30 - 2016-08-12 11:30 - 00314901 _____ C:\Users\DDDDD CCCCC\Downloads\Hin- und Rückflug.pdf
2016-08-12 11:25 - 2016-08-12 11:25 - 00057620 _____ C:\Users\DDDDD CCCCC\Downloads\Hin- und Rückflug.pdf
2016-08-12 11:18 - 2016-08-12 11:18 - 00137077 _____ C:\Users\DDDDD CCCCC\Downloads\_Ryanair_Hin- und Rückflug.pdf
2016-08-12 11:15 - 2016-08-12 11:15 - 00252018 _____ C:\Users\DDDDD CCCCC\Downloads\Rückflug.pdf
2016-08-12 11:15 - 2016-08-12 11:15 - 00251330 _____ C:\Users\DDDDD CCCCC\Downloads\Matthias_Hinflug.pdf
2016-08-12 10:57 - 2016-08-12 10:57 - 02051441 _____ C:\Users\DDDDD CCCCC\Documents\Zahlungsreklamation.pdf
2016-08-11 17:42 - 2016-08-11 17:42 - 00054283 _____ C:\Users\DDDDD CCCCC\Downloads\20160811-101768265-umsatz.CSV
2016-08-11 15:36 - 2016-08-11 15:38 - 249442304 _____ C:\Users\DDDDD CCCCC\Downloads\LibreOffice_5.1.4_Win_x64.msi
2016-08-10 23:18 - 2016-08-26 21:13 - 00000000 ____D C:\Users\DDDDD CCCCC\Desktop\Weiterbildung
2016-08-10 19:26 - 2016-08-10 19:26 - 00046385 _____ C:\Users\DDDDD CCCCC\Downloads\Kontoauszug_201607.pdf
2016-08-10 19:26 - 2016-08-10 19:26 - 00040105 _____ C:\Users\DDDDD CCCCC\Downloads\Kontoauszug_201606.pdf
2016-08-10 18:48 - 2016-08-10 18:48 - 00000293 _____ C:\Users\DDDDD CCCCC\Desktop\Klettern am steilen Felsen - badische-zeitung.de.URL
2016-08-10 16:45 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 16:45 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 16:45 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 16:45 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 16:45 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 16:45 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 16:45 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 16:45 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 16:45 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 16:45 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 16:45 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 16:45 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 16:45 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 16:45 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 16:45 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 16:45 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 16:45 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 16:45 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 16:45 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 16:45 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 16:45 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 16:45 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 16:45 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 16:45 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 16:45 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 16:45 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 16:45 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 16:45 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 16:45 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 16:45 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 16:45 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 16:45 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 16:45 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 16:45 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 16:45 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 16:45 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 16:45 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 16:45 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 16:45 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 16:45 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 16:45 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 16:45 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 16:45 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 16:45 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 16:45 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 16:45 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 16:45 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 16:45 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 16:45 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 16:45 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 16:45 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 16:45 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 16:45 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 16:45 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 16:45 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 16:45 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 16:45 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 16:45 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 16:44 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 16:44 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 16:44 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 16:44 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 16:44 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 16:44 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 16:44 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 16:44 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 16:44 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 16:44 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 16:44 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 16:44 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 16:44 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 16:44 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 16:44 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 16:44 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 16:44 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 16:44 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 16:44 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 16:44 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 16:44 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 16:44 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 16:44 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 16:44 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 16:44 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 16:44 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 16:44 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 16:44 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 16:44 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 16:44 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 16:44 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 16:44 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 16:44 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 16:44 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 16:44 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 16:44 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 16:44 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 16:44 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 16:44 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 16:44 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 16:44 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 16:44 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 16:44 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 16:44 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 16:44 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 16:44 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 16:44 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 16:44 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 16:44 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 16:44 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 16:44 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 16:44 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 16:44 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 16:44 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 16:44 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 16:44 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 16:44 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 16:44 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 16:44 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 16:44 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 16:44 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 16:44 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 16:44 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 16:44 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 16:44 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 16:44 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 16:44 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 16:44 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 16:44 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 16:44 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 16:44 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 14:53 - 2016-08-10 14:53 - 06633776 _____ C:\Users\DDDDD CCCCC\Downloads\NWB_Karrierefuehrer_2013.pdf
2016-08-09 17:48 - 2016-08-09 17:48 - 00136096 _____ C:\Users\DDDDD CCCCC\Downloads\Kontoauszug-1517643373-2016-07.pdf
2016-08-09 17:47 - 2016-08-09 17:47 - 00136075 _____ C:\Users\DDDDD CCCCC\Downloads\Kontoauszug-1517643373-2016-06.pdf
2016-08-09 15:00 - 2016-08-09 15:00 - 00071558 _____ C:\Users\DDDDD CCCCC\Downloads\RG150283788971.pdf
2016-08-08 10:07 - 2016-08-08 10:08 - 00006122 _____ C:\Users\DDDDD CCCCC\Downloads\Kontoauszug_zum_29_07_2016.pdf
2016-08-07 17:26 - 2016-08-07 17:26 - 00000000 ____D C:\Users\DDDDD CCCCC\Documents\Egosoft
2016-08-07 17:21 - 2016-08-07 17:21 - 00014180 _____ C:\Users\DDDDD CCCCC\Desktop\Intim.odt
2016-08-07 17:20 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-08-07 17:20 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-08-07 17:20 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-08-07 17:20 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-08-07 17:19 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-08-07 17:19 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-08-07 17:19 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-08-07 17:19 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-08-07 17:19 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-08-07 17:19 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-08-07 17:19 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-08-07 17:19 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-08-07 17:19 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-08-07 17:19 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-08-07 17:19 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-08-07 17:19 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-08-07 17:19 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-08-07 17:19 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-08-07 17:19 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-08-07 17:19 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-08-07 17:19 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-08-07 17:19 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-08-07 17:19 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-08-07 17:19 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-08-07 17:19 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-08-07 17:19 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-08-07 17:19 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-08-07 17:19 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-08-07 17:19 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-08-07 17:19 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-08-07 17:19 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-08-07 17:19 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-08-07 17:19 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-08-07 17:19 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-08-07 17:19 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-08-07 17:19 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-08-07 17:19 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-08-07 17:19 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-08-07 17:19 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-08-07 17:19 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-08-07 17:19 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-08-07 17:19 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-08-07 17:19 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-08-07 17:19 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-08-07 17:19 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-08-07 17:19 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-08-07 17:19 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-08-07 17:19 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-08-07 17:19 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-08-07 17:19 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-08-07 17:19 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-08-07 17:19 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-08-07 17:19 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-08-07 17:19 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-08-07 17:19 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-08-07 17:19 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-08-07 17:19 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-08-07 17:19 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-08-07 17:19 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-08-07 17:19 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-08-07 17:19 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-08-07 17:19 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-08-07 17:19 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-08-07 17:19 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-08-07 17:19 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-08-07 17:19 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-08-07 17:19 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-08-07 17:19 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-08-07 17:19 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-08-07 17:19 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-08-07 17:19 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-08-07 17:19 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-08-07 17:19 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-08-07 17:19 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-08-07 17:18 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-08-07 17:18 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-08-07 17:18 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-08-07 17:18 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-08-07 17:18 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-08-07 17:18 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-08-07 17:18 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-08-07 17:18 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-08-07 17:18 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-08-07 17:18 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-08-07 17:18 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-08-07 17:18 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-08-07 17:18 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-08-07 17:18 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-08-07 17:18 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-08-07 17:18 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-08-07 17:18 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-08-07 17:18 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-08-07 17:18 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-08-07 17:18 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-08-07 17:18 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-08-07 17:18 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-08-07 17:18 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-08-07 17:18 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-08-07 17:18 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-08-07 17:18 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-08-07 17:18 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-08-07 17:18 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-08-07 17:18 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-08-07 17:18 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-08-07 17:18 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-08-07 17:18 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-08-07 17:18 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-08-07 16:29 - 2016-08-07 16:29 - 00000220 _____ C:\Users\DDDDD CCCCC\Desktop\X Rebirth.url
2016-08-07 16:29 - 2016-08-07 16:29 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-07 16:22 - 2016-08-07 16:22 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Local\Steam
2016-08-07 16:19 - 2016-08-28 11:10 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-07 16:19 - 2016-08-07 16:19 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk
2016-08-07 16:19 - 2016-08-07 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-04 10:26 - 2016-08-04 10:26 - 00003798 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 41ef4bbbee3b49c3a813725f7b93d37d63ad611e24cd4ecc9aa891fa5366d204
2016-08-03 20:30 - 2016-08-03 20:30 - 00000268 _____ C:\Users\DDDDD CCCCC\Desktop\Kosten.de.URL
2016-08-03 18:50 - 2016-08-03 18:50 - 00118154 _____ C:\Users\DDDDD CCCCC\Downloads\Satzung_BaWue_2011.pdf
2016-08-03 15:46 - 2016-08-03 15:46 - 00000262 _____ C:\Users\DDDDD CCCCC\Downloads\BIB
2016-08-03 13:54 - 2016-08-03 13:54 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\temp
2016-08-03 13:13 - 2016-08-03 13:13 - 00051490 _____ C:\Users\DDDDD CCCCC\Downloads\web_Infoblatt.pdf
2016-08-01 02:09 - 2016-08-01 02:09 - 00000000 ____D C:\Windows.old
2016-08-01 02:08 - 2016-08-01 02:08 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-01 02:05 - 2016-08-01 02:05 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-01 02:05 - 2016-08-01 02:05 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-08-01 02:05 - 2016-08-01 02:05 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-08-01 02:05 - 2016-08-01 02:05 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-01 02:05 - 2016-08-01 02:05 - 00000000 ____D C:\Program Files\MSBuild
2016-08-01 02:05 - 2016-08-01 02:05 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-01 02:05 - 2016-08-01 02:05 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-01 02:05 - 2016-08-01 02:05 - 00000000 ____D C:\inetpub
2016-08-01 02:05 - 2016-05-22 08:26 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-08-01 02:04 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-01 02:04 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-01 02:04 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-01 02:04 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-01 02:04 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-01 02:04 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-08-01 01:46 - 2016-08-01 01:46 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-08-01 01:44 - 2016-08-01 01:44 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-01 01:31 - 2016-08-01 01:31 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-01 01:31 - 2016-08-01 01:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-08-01 01:31 - 2016-08-01 01:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-08-01 01:31 - 2016-08-01 01:31 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-01 01:31 - 2016-08-01 01:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-08-01 01:31 - 2016-08-01 01:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-08-01 01:31 - 2016-08-01 01:31 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-01 01:22 - 2016-08-01 01:22 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-08-01 01:17 - 2016-08-27 13:55 - 00000000 ____D C:\Users\DDDDD CCCCC
2016-08-01 01:17 - 2016-08-09 15:43 - 02086168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-01 01:17 - 2016-08-01 01:36 - 00000000 ____D C:\Users\Versuch
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\Vorlagen
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\Startmenü
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\Netzwerkumgebung
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\Lokale Einstellungen
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\Eigene Dateien
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\Druckumgebung
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\Documents\Eigene Videos
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\Documents\Eigene Musik
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\Documents\Eigene Bilder
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\AppData\Local\Verlauf
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\AppData\Local\Anwendungsdaten
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\Versuch\Anwendungsdaten
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\Vorlagen
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\Startmenü
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\Netzwerkumgebung
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\Lokale Einstellungen
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\Eigene Dateien
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\Druckumgebung
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\Documents\Eigene Videos
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\Documents\Eigene Musik
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\Documents\Eigene Bilder
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\AppData\Local\Verlauf
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\AppData\Local\Anwendungsdaten
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\EEEEEE\Anwendungsdaten
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\Vorlagen
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\Startmenü
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\Netzwerkumgebung
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\Lokale Einstellungen
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\Eigene Dateien
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\Druckumgebung
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\Documents\Eigene Videos
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\Documents\Eigene Musik
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\Documents\Eigene Bilder
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\AppData\Local\Verlauf
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\AppData\Local\Anwendungsdaten
2016-08-01 01:17 - 2016-08-01 01:17 - 00000000 _SHDL C:\Users\DDDDD CCCCC\Anwendungsdaten
2016-08-01 01:17 - 2016-07-18 23:15 - 00000000 ____D C:\Users\EEEEEE
2016-08-01 01:16 - 2016-08-01 01:16 - 01989310 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-08-01 01:14 - 2016-08-01 01:14 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-08-01 01:14 - 2016-08-01 01:14 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01007.Wdf
2016-08-01 01:14 - 2016-08-01 01:14 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-01 01:14 - 2016-08-01 01:14 - 00000000 ____D C:\Program Files\Realtek
2016-08-01 01:14 - 2016-08-01 01:14 - 00000000 ____D C:\Program Files\LSI SoftModem
2016-08-01 01:14 - 2016-08-01 01:14 - 00000000 ____D C:\Program Files\Apoint2K
2016-08-01 00:28 - 2016-08-01 00:41 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-01 00:28 - 2016-05-22 20:17 - 00021214 _____ C:\WINDOWS\diagwrn.xml
2016-08-01 00:28 - 2016-05-22 20:17 - 00020579 _____ C:\WINDOWS\diagerr.xml

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-28 11:18 - 2016-01-15 12:24 - 00000000 ____D C:\FRST
2016-08-28 11:17 - 2012-09-20 05:21 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-28 11:17 - 2012-09-20 05:21 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-28 11:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-28 11:13 - 2016-05-22 07:59 - 00004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01E0E035-8801-47A3-8026-B8DAA69A5C75}
2016-08-27 15:32 - 2015-05-31 14:23 - 00000660 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1242904208-471078349-2963378918-1000.job
2016-08-27 15:30 - 2016-02-21 12:07 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-27 13:39 - 2015-06-08 17:32 - 00000756 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1242904208-471078349-2963378918-1000.job
2016-08-26 23:41 - 2015-11-29 23:25 - 00003566 _____ C:\WINDOWS\Sandboxie.ini
2016-08-26 20:27 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-25 08:42 - 2015-08-28 22:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-23 18:35 - 2016-06-18 00:47 - 00006264 _____ C:\Users\DDDDD CCCCC\Desktop\1822direct-Sparquote.xlsx
2016-08-23 18:05 - 2012-03-25 12:40 - 00000000 ____D C:\Users\DDDDD CCCCC\Documents\Steuerfälle
2016-08-22 20:40 - 2015-08-07 22:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-18 08:35 - 2016-05-22 08:07 - 00002465 _____ C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-18 08:35 - 2016-05-22 08:07 - 00000000 ___RD C:\Users\DDDDD CCCCC\OneDrive
2016-08-18 08:33 - 2013-11-02 10:43 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Skype
2016-08-14 23:05 - 2016-05-22 20:03 - 00001024 ____H C:\AMTAG.BIN
2016-08-14 23:05 - 2016-05-22 20:03 - 00000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0
2016-08-12 14:15 - 2014-06-15 20:34 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Local\gtk-2.0
2016-08-12 14:15 - 2012-08-29 11:11 - 00000000 ____D C:\Users\DDDDD CCCCC\.gimp-2.8
2016-08-12 12:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-11 11:25 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-11 11:23 - 2015-06-08 17:32 - 00003946 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1242904208-471078349-2963378918-1000
2016-08-11 11:23 - 2015-05-31 14:23 - 00003850 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1242904208-471078349-2963378918-1000
2016-08-11 11:20 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 11:19 - 2014-09-23 19:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-11 11:17 - 2016-02-13 19:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-11 02:40 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-11 02:38 - 2016-02-13 19:12 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-11 02:38 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-11 02:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-11 01:28 - 2014-08-15 16:44 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Local\Adobe
2016-08-10 19:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 19:08 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 19:08 - 2013-07-13 09:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 18:58 - 2011-11-18 20:58 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-09 15:43 - 2016-02-13 18:59 - 00889404 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-09 15:43 - 2016-02-13 18:59 - 00197452 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-09 15:39 - 2012-04-07 12:49 - 00000000 ____D C:\Users\DDDDD CCCCC\Documents\Finanzen
2016-08-09 12:18 - 2016-03-15 15:58 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-09 12:18 - 2015-08-02 17:38 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 11:29 - 2016-05-22 07:50 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Local\Packages
2016-08-04 13:35 - 2016-05-02 14:08 - 00000000 ____D C:\Users\DDDDD CCCCC\Desktop\Desktop2
2016-08-04 11:18 - 2015-12-06 13:57 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-01 11:11 - 2011-11-14 00:22 - 00004208 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-01 11:11 - 2011-11-14 00:22 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-01 10:56 - 2012-03-30 18:59 - 00000000 ____D C:\Users\EEEEEE\AppData\Roaming\SimpleScreenshot
2016-08-01 02:11 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-01 02:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-01 02:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-08-01 02:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-01 02:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-08-01 02:05 - 2015-10-30 09:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-08-01 02:05 - 2015-10-30 09:19 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-08-01 02:05 - 2015-10-30 09:19 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-08-01 02:05 - 2015-10-30 09:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-08-01 02:05 - 2015-10-30 09:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-08-01 02:05 - 2015-10-30 09:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-08-01 02:05 - 2015-10-30 09:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-08-01 02:05 - 2015-10-30 09:19 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-08-01 02:05 - 2015-10-30 09:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-08-01 02:05 - 2015-10-30 09:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-08-01 02:05 - 2015-10-30 09:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-08-01 02:05 - 2015-10-30 09:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-08-01 02:05 - 2015-10-30 09:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-08-01 02:05 - 2015-10-30 09:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-08-01 02:05 - 2015-10-30 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-08-01 02:05 - 2015-10-30 09:19 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-08-01 02:05 - 2015-10-30 09:18 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-08-01 02:05 - 2015-10-30 09:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-08-01 02:05 - 2015-10-30 09:18 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-08-01 02:05 - 2015-10-30 09:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-08-01 02:05 - 2015-10-30 09:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-08-01 02:05 - 2015-10-30 09:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-08-01 02:05 - 2015-10-30 09:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-08-01 02:05 - 2015-10-30 09:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-08-01 02:05 - 2015-10-30 09:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-08-01 02:05 - 2015-10-30 09:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-08-01 01:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-01 01:46 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-08-01 01:45 - 2015-11-20 17:50 - 00003698 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 1f34e1c96e2441c2954c4ee9bad5d9a7c0a8147dcd0a401485574ee6cc4342d5
2016-08-01 01:45 - 2015-11-13 12:25 - 00003698 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 35705e1cf9504357848dc302c9669a5caa95e00a3e9f4a8d9f6ab1f8a3caa919
2016-08-01 01:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-08-01 01:45 - 2015-02-12 22:02 - 00003698 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - aa75a83ba0e54f469f9229056b3523d0eb35faeb3e174ec898b456f50bbc2c60
2016-08-01 01:45 - 2014-01-19 16:30 - 00003152 _____ C:\WINDOWS\System32\Tasks\{581487AC-8AAF-40E1-A997-6B8519F0C5EC}
2016-08-01 01:45 - 2014-01-19 16:29 - 00003152 _____ C:\WINDOWS\System32\Tasks\{AC797CD7-B058-4AC8-84B2-B2307D6AFF9B}
2016-08-01 01:45 - 2012-11-04 21:55 - 00003290 _____ C:\WINDOWS\System32\Tasks\{8D77E667-A31C-4EB4-B209-1E559B732CBC}
2016-08-01 01:45 - 2012-10-03 19:16 - 00003594 _____ C:\WINDOWS\System32\Tasks\{4781B96F-C3F4-45CF-AB6F-C64C9AD3E88D}
2016-08-01 01:45 - 2012-09-15 14:07 - 00003388 _____ C:\WINDOWS\System32\Tasks\{2E665153-C229-4C02-9699-2F4EF08B1807}
2016-08-01 01:45 - 2012-05-05 00:01 - 00003478 _____ C:\WINDOWS\System32\Tasks\{A2A68590-5CAE-4C98-8B98-D18CC5E4C073}
2016-08-01 01:45 - 2012-05-05 00:01 - 00003380 _____ C:\WINDOWS\System32\Tasks\{239C0599-E784-4910-B228-5D5AB8D346A6}
2016-08-01 01:45 - 2012-03-31 11:31 - 00003494 _____ C:\WINDOWS\System32\Tasks\hpUrlLauncher.exe_{4AF7A75F-FDE8-41B8-80D9-5C3EBC32D019}
2016-08-01 01:45 - 2012-03-31 11:27 - 00003790 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series
2016-08-01 01:45 - 2011-11-13 23:50 - 00003382 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2016-08-01 01:44 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-01 01:44 - 2015-10-22 18:14 - 00003698 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 854d1af6a1324f42910f1f8b74b2b3f41fb51fedf01b43d1a63e88c9a6f21790
2016-08-01 01:44 - 2015-07-05 10:17 - 00003698 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 80a8e838e6934cd8b655baa83b9a353e1c06edcb6d694a43b472cfefd87bcfc5
2016-08-01 01:44 - 2015-05-23 11:59 - 00003698 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - c77186144c9e4d9887733fcbfeb43c949342edc65b3a40a69306946f2a856eae
2016-08-01 01:44 - 2015-03-29 08:49 - 00003698 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 86702d7e2b234fe0ac4104c075da5675aa9e3e32525c4609a8c1d9652126c508
2016-08-01 01:44 - 2015-02-15 19:57 - 00003316 _____ C:\WINDOWS\System32\Tasks\{F3B963CB-BFF7-43C8-ADEF-9881996EFE34}
2016-08-01 01:44 - 2015-02-15 19:56 - 00003316 _____ C:\WINDOWS\System32\Tasks\{75A20F51-DAD0-4F5F-919E-84B2AB233F5B}
2016-08-01 01:44 - 2014-09-07 16:35 - 00003472 _____ C:\WINDOWS\System32\Tasks\{144D2C4F-2583-452B-AC74-C64839CF03CC}
2016-08-01 01:44 - 2014-01-19 16:32 - 00003384 _____ C:\WINDOWS\System32\Tasks\{6A246FB0-E753-4188-9543-22389AB30F4E}
2016-08-01 01:44 - 2012-11-04 22:27 - 00003162 _____ C:\WINDOWS\System32\Tasks\HPCustPartic.exe_{96420065-3C4E-4B3E-96DB-DB0760F51DDD}
2016-08-01 01:44 - 2012-08-08 09:48 - 00003398 _____ C:\WINDOWS\System32\Tasks\{9B880EC1-DC3B-45D7-A7BB-4E131A7A884F}
2016-08-01 01:32 - 2016-03-11 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-01 01:32 - 2016-03-03 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-08-01 01:32 - 2016-02-20 01:19 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-08-01 01:32 - 2016-02-16 09:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4
2016-08-01 01:32 - 2016-02-16 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2016-08-01 01:32 - 2015-12-06 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AllDup
2016-08-01 01:32 - 2015-11-29 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-08-01 01:32 - 2015-11-21 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2016-08-01 01:32 - 2015-11-19 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2016-08-01 01:32 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-01 01:32 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-01 01:32 - 2014-12-23 22:57 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-08-01 01:32 - 2014-10-31 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-08-01 01:32 - 2014-09-06 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-08-01 01:32 - 2014-08-08 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2016-08-01 01:32 - 2014-08-08 19:13 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kassenbuch
2016-08-01 01:32 - 2014-08-05 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-08-01 01:32 - 2014-07-11 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Safe 14
2016-08-01 01:32 - 2014-06-28 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2016-08-01 01:32 - 2014-06-26 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2016-08-01 01:32 - 2014-06-15 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2016-08-01 01:32 - 2014-06-12 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2016-08-01 01:32 - 2014-06-10 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-08-01 01:32 - 2014-06-10 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-08-01 01:32 - 2014-06-08 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2016-08-01 01:32 - 2014-06-08 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2016-08-01 01:32 - 2014-06-08 14:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2016-08-01 01:32 - 2014-01-06 15:59 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-08-01 01:32 - 2014-01-01 18:33 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alle meine Passworte
2016-08-01 01:32 - 2013-12-23 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Time Stamp
2016-08-01 01:32 - 2013-12-23 17:18 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2016-08-01 01:32 - 2013-11-25 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allway Sync
2016-08-01 01:32 - 2013-09-19 08:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2016-08-01 01:32 - 2013-08-07 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-01 01:32 - 2013-08-07 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ekahau
2016-08-01 01:32 - 2013-05-22 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RescueTime
2016-08-01 01:32 - 2013-03-30 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
2016-08-01 01:32 - 2013-03-30 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2016-08-01 01:32 - 2013-03-30 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2016-08-01 01:32 - 2013-03-30 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2016-08-01 01:32 - 2013-03-30 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2016-08-01 01:32 - 2013-03-30 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2016-08-01 01:32 - 2013-03-30 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avi2Dvd
2016-08-01 01:32 - 2012-09-30 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2016-08-01 01:32 - 2012-09-22 18:09 - 00000000 ____D C:\WINDOWS\system32\oodag
2016-08-01 01:32 - 2012-09-22 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BatteryCare
2016-08-01 01:32 - 2012-08-07 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2016-08-01 01:32 - 2012-04-29 18:05 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5
2016-08-01 01:32 - 2012-04-16 18:33 - 00000000 ____D C:\WINDOWS\SysWOW64\SupportAppCB
2016-08-01 01:32 - 2012-04-16 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Join Air
2016-08-01 01:32 - 2012-04-11 06:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shutdown Manager
2016-08-01 01:32 - 2012-03-31 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-08-01 01:32 - 2012-03-19 11:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind
2016-08-01 01:32 - 2012-02-04 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2016-08-01 01:32 - 2011-12-25 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-08-01 01:32 - 2011-12-14 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-08-01 01:32 - 2011-12-11 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restorer2000
2016-08-01 01:32 - 2011-11-20 17:01 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SimpleScreenshot
2016-08-01 01:32 - 2011-11-17 22:04 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Random Dresser
2016-08-01 01:32 - 2011-11-15 22:00 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-01 01:32 - 2011-11-15 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-01 01:32 - 2011-11-14 00:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW
2016-08-01 01:32 - 2011-11-14 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2016-08-01 01:32 - 2011-11-13 23:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
2016-08-01 01:32 - 2011-11-13 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Launch Manager
2016-08-01 01:32 - 2011-11-13 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye webcam
2016-08-01 01:32 - 2011-11-13 22:43 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-08-01 01:32 - 2009-11-05 05:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2016-08-01 01:32 - 2009-11-05 05:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2016-08-01 01:32 - 2009-11-05 05:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2016-08-01 01:32 - 2009-11-05 05:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
2016-08-01 01:32 - 2009-11-05 05:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-01 01:32 - 2009-11-05 02:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-08-01 01:32 - 2009-11-05 02:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GridVista
2016-08-01 01:32 - 2009-11-05 02:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Backup Now 5
2016-08-01 01:32 - 2009-11-05 02:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 8
2016-08-01 01:32 - 2009-11-05 02:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSobi v2
2016-08-01 01:32 - 2009-11-05 02:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2016-08-01 01:32 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-01 01:31 - 2016-06-14 22:57 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-08-01 01:31 - 2016-06-14 22:57 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2016-08-01 01:31 - 2016-06-14 22:57 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2016-08-01 01:31 - 2009-07-14 05:20 - 00000000 ____D C:\Users\Default.migrated
2016-08-01 01:25 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-08-01 01:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-08-01 01:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-08-01 01:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-01 01:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-01 01:25 - 2011-11-20 14:40 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-08-01 01:25 - 2011-11-20 14:40 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-08-01 01:23 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-08-01 01:23 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\schemas
2016-08-01 01:23 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Resources
2016-08-01 01:23 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-01 01:22 - 2015-11-23 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2016-08-01 01:22 - 2015-11-21 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2016-08-01 01:22 - 2015-10-30 09:24 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-08-01 01:22 - 2015-10-30 09:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-08-01 01:22 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-01 01:22 - 2014-10-11 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2016-08-01 01:22 - 2014-09-23 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-01 01:22 - 2014-07-18 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BBG Entertainment GmbH
2016-08-01 01:22 - 2014-06-28 08:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2016-08-01 01:22 - 2014-02-23 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2016-08-01 01:22 - 2013-12-31 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiat
2016-08-01 01:22 - 2013-11-24 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman
2016-08-01 01:22 - 2012-09-22 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2016-08-01 01:22 - 2012-03-25 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps
2016-08-01 01:22 - 2009-11-05 05:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2016-08-01 01:22 - 2009-11-05 02:49 - 00000000 ____D C:\Program Files (x86)\Acer
2016-08-01 01:22 - 2009-11-05 02:26 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-08-01 01:22 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-08-01 01:22 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-08-01 01:19 - 2012-04-07 11:17 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sfr-software-fuers-heim
2016-08-01 01:16 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-01 00:44 - 2009-07-14 06:45 - 00025840 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-01 00:44 - 2009-07-14 06:45 - 00025840 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-06-28 08:10 - 2014-07-23 22:30 - 14159872 _____ () C:\Users\DDDDD CCCCC\AppData\Roaming\Sandra.mdb
2015-01-30 21:51 - 2016-01-14 05:21 - 0000600 _____ () C:\Users\DDDDD CCCCC\AppData\Roaming\winscp.rnd
2012-04-20 19:28 - 2014-07-07 02:20 - 0006656 _____ () C:\Users\DDDDD CCCCC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-22 22:07 - 2014-09-22 22:07 - 0001482 _____ () C:\Users\DDDDD CCCCC\AppData\Local\RecConfig.xml
2016-08-12 14:15 - 2016-08-12 14:15 - 0002861 _____ () C:\Users\DDDDD CCCCC\AppData\Local\recently-used.xbel
2013-08-12 22:15 - 2016-04-30 09:53 - 0007603 _____ () C:\Users\DDDDD CCCCC\AppData\Local\Resmon.ResmonCfg
2012-03-31 11:26 - 2012-03-31 11:26 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-11-13 23:53 - 2011-11-13 23:57 - 0008282 _____ () C:\ProgramData\ArcadeDeluxe3.log
2014-09-22 20:19 - 2014-10-06 20:45 - 0008737 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\DDDDD CCCCC\AppData\Local\Temp\AcronisProductUpdateUtility.exe
C:\Users\DDDDD CCCCC\AppData\Local\Temp\dlLogic.exe
C:\Users\DDDDD CCCCC\AppData\Local\Temp\offer-439E92CA-12B1-427D-BCCE-77BBC2FA4674.exe
C:\Users\DDDDD CCCCC\AppData\Local\Temp\spstub.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-26 20:31

==================== Ende von FRST.txt ============================

magigstar · 28.08.2016, 10:49

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-08-2016
durchgeführt von DDDDDD CCCCCC (28-08-2016 11:20:59)
Gestartet von C:\Users\DDDDDD CCCCCC\Desktop
Windows 10 Home Version 1511 (X64) (2016-05-22 05:50:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1242904208-471078349-2963378918-500 - Administrator - Disabled)
DDDDDD CCCCCC (S-1-5-21-1242904208-471078349-2963378918-1000 - Administrator - Enabled) => C:\Users\DDDDDD CCCCCC
DefaultAccount (S-1-5-21-1242904208-471078349-2963378918-503 - Limited - Disabled)
EEEEEE (S-1-5-21-1242904208-471078349-2963378918-1003 - Limited - Enabled) => C:\Users\EEEEEE
Gast (S-1-5-21-1242904208-471078349-2963378918-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1242904208-471078349-2963378918-1002 - Limited - Enabled)
Versuch (S-1-5-21-1242904208-471078349-2963378918-1004 - Administrator - Enabled) => C:\Users\Versuch

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7112 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7112 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.124.1120 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.124.1120 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.2009.1217 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Acronis True Image (HKLM-x32\...\{43B5FB0A-9900-43B0-BD46-9E7F89C88A98}Visible) (Version: 19.0.6571 - Acronis)
Acronis True Image (x32 Version: 19.0.6571 - Acronis) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.103 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}) (Version: 1.4.17.35005 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.4.17.35005 - Alcor Micro Corp.) Hidden
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
Alle meine Passworte 4.13 (HKLM\...\AllemeinePassworte) (Version:  - Mirko Böer)
Allway Sync version 12.16.9 (HKLM-x32\...\Allway Sync_is1) (Version:  - Botkind Inc)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1105 - Alps Electric)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{11F38253-8940-FFDA-D131-B14120C357E4}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avi2Dvd 0.6.4 (HKLM-x32\...\Avi2Dvd) (Version: 0.6.4 - TrustFm)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
BatteryCare 0.9.10.0 (HKLM-x32\...\{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1) (Version: 0.9.10.0 - Filipe Lourenço)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}) (Version: 12.33.03 - Broadcom Corporation)
Canon MP160 Benutzerregistrierung (HKLM-x32\...\Canon MP160 Benutzerregistrierung) (Version:  - )
ccc-core-static (x32 Version: 2009.1209.2335.42329 - Ihr Firmenname) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
Chandler 1.0.3 (HKLM-x32\...\Chandler) (Version: 1.0.3 - Open Source Applications Foundation)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version:  - )
CrystalDiskInfo 6.8.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.2 - Crystal Dew World)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
EinsteinBrainTrainer (remove only) (HKLM-x32\...\EinsteinBrainTrainer) (Version:  - )
Ekahau HeatMapper (HKLM\...\Heatmapper-1.1.4.39795) (Version: 1.1.4.39795 - Ekahau Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.3.24.20160513 - Landesfinanzdirektion Thüringen)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evernote v. 6.2.4 (HKLM-x32\...\{1F000A98-5FF1-11E6-8BF2-0050569584E9}) (Version: 6.2.4.3244 - Evernote Corp.)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
ffdshow [rev 3299] [2010-03-03] (HKLM-x32\...\ffdshow_is1) (Version: 1.0.0.3299 - )
Fiat eco:Drive (HKLM-x32\...\com.fiat.convergence.385E4263E7379A5D22A7076E99B02868EFF10711.1) (Version: 2.0.2 - Fiat Group Automobiles)
Fiat eco:Drive (x32 Version: 2.0.2 - Fiat Group Automobiles) Hidden
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version:  - Oberon Media)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.3.105.325 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.3.321 - Foxit Corporation)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free DVD Video Burner version 3.0.4.426 (HKLM-x32\...\Free DVD Video Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free System Utilities (HKLM-x32\...\{ad2818b3-1616-4ec8-855d-be6936103e5a}) (Version: 1.1.0.70 - Covus Freemium GmbH)
Free SystemUtilities (x32 Version: 1.1.0.70 - Covus Freemium GmbH) Hidden
Free YouTube Download version 3.1.37.918 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.37.918 - DVDVideoSoft Ltd.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0_RC_10 - )
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version:  - )
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
FrostWire 5.3.5 (HKLM-x32\...\FrostWire 5) (Version: 5.3.5.0 - FrostWire Team)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.21.0.5387 (HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\GoToMeeting) (Version: 7.21.0.5387 - CitrixOnline)
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photosmart 5520 series - Grundlegende Software für das Gerät (HKLM\...\{4F396B08-301D-4E53-A372-95A7E93ABD04}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.007 - HTC Corporation)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - ZTE Corporation)
Kassenbuch (HKLM-x32\...\{29531C6B-7B64-4C53-B54A-6C8AB5DE2159}) (Version: 1.0.0 - Office Consult GmbH)
K-Lite Codec Pack 9.2.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.05 - Acer Inc.)
LibreOffice 5.1.4.2 (HKLM\...\{3D0938AC-CEED-48CF-9649-D433CE8A4AF7}) (Version: 5.1.4.2 - The Document Foundation)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Manager (x32 Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden
MediaHuman YouTube to MP3 Converter Version 3.3 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.3 - )
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (KB971118) (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971118)) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 Language Pack - DEU (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MPC-HC 1.7.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
O&O Defrag Free Edition (HKLM\...\{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}) (Version: 14.1.431 - O&O Software GmbH)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF24 Creator 6.8.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
pomodairo (HKLM-x32\...\{EEBEA077-AB92-5083-ECB1-C15BD842D00B}) (Version: 1.9 - UNKNOWN)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Random Dresser (HKLM-x32\...\RandomDresser) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
RescueTime 2.2.1 (HKLM-x32\...\{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1) (Version:  - RescueTime.com)
Restorer2000 3.3 (HKLM-x32\...\Restorer2000_is1) (Version: 3.3 - Bitmart Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sandboxie 5.06 (64-bit) (HKLM\...\Sandboxie) (Version: 5.06 - Sandboxie Holdings, LLC)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 3.1.3.90 - Client Connect LTD) <==== ACHTUNG
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Shutdown Manager (HKLM-x32\...\{C457BA5F-35F9-480C-90F8-5C91DB443A15}_is1) (Version: 2.0.7 - Daniel Höllig)
SimpleScreenshot 1.40 (HKLM-x32\...\SimpleScreenshot) (Version:  - )
SiSoftware Sandra Lite 2014.SP2a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.35.2014.6 - SiSoftware)
SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steganos Safe 14 (HKLM-x32\...\{13B7FBFB-622E-4002-8570-594798E6167D}) (Version: 14.2.2 - Steganos Software GmbH)
Steuer-Spar-Erklärung 2008 (HKLM-x32\...\{BBE67B86-FCD7-4D3C-8B00-063DEAD8E30C}) (Version: 13.02.0000 - Akademische Arbeitsgemeinschaft)
Steuer-Spar-Erklärung 2009 (HKLM-x32\...\{32E00E5E-22B1-4D5A-9DC2-CD75E087A5E6}) (Version: 14.01.0000 - Akademische Arbeitsgemeinschaft Verlag)
Steuer-Spar-Erklärung 2010 (HKLM-x32\...\{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}) (Version: 15.15 - Akademische Arbeitsgemeinschaft Verlag)
Steuer-Spar-Erklärung 2011 (HKLM-x32\...\{9F5FD796-86F0-4360-85F8-D54C0F5411EB}) (Version: 16.18 - Akademische Arbeitsgemeinschaft Verlag)
Steuer-Spar-Erklärung 2012 (HKLM-x32\...\{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}) (Version: 17.15.11 - Wolters Kluwer Deutschland GmbH)
Steuer-Spar-Erklärung 2013 (HKLM-x32\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.11.11 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.14.99 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.42.175 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.36.103 - Akademische Arbeitsgemeinschaft)
Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version:  - )
Studie zur Verbesserung von HP Deskjet 3070 B611 series Produkten (HKLM\...\{CAD7B6DD-9C82-4D17-BAE8-3E9AE4971B90}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Time Stamp (HKLM-x32\...\Time Stamp_is1) (Version:  - 3.23.2010-0313)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1 - TrueCrypt Foundation)
Tunatic (HKLM-x32\...\Tunatic) (Version:  - )
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinPatrol (HKLM\...\{6E575124-6D34-4E65-9375-7D69468A6089}) (Version: 30.9 - BillP Studios)
WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
X Rebirth (HKLM\...\Steam App 2870) (Version:  - Egosoft)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Zuzahlungsrechner (HKLM-x32\...\{B2C69E77-F209-4B63-8676-4F32B27E162B}) (Version: 3.6.0 - sfr-software-fuers-heim)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1242904208-471078349-2963378918-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\DDDDDD CCCCCC\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A17BE20-076C-42DA-8F99-A26025333D5F} - System32\Tasks\HP AR Program Upload - c77186144c9e4d9887733fcbfeb43c949342edc65b3a40a69306946f2a856eae => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {14876E89-52E5-41AD-A9FC-897754B47003} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {179D579D-D243-4643-8D4F-F5103C0E5452} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1B2187D4-3738-49A9-9552-770B28C5F06F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {1C03E9C3-4B4B-4ACB-A8AB-17B2C42F6D36} - System32\Tasks\HP AR Program Upload - 86702d7e2b234fe0ac4104c075da5675aa9e3e32525c4609a8c1d9652126c508 => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {1C43CA8A-5CBB-4D62-A8A9-59EB5FD5E5BD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {267F9F57-E620-40CA-BFCE-967034F0E2C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {26DA7882-781D-4FC9-B1A5-5F5B1F7227FE} - System32\Tasks\{6A246FB0-E753-4188-9543-22389AB30F4E} => pcalua.exe -a "C:\Users\DDDDDD CCCCCC\Downloads\Chandler_win_1.0.3.exe" -d "C:\Users\DDDDDD CCCCCC\Downloads"
Task: {288F4D1B-C446-4E47-B40D-C768A215BED8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {30426BAB-102E-4584-8737-2F2BAABA303A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {34678CAF-04EE-4B64-B842-C38C8BAA175D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {34A34F92-362A-49E3-9830-EECF17ABB479} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {3AFE5C37-28C2-4B7C-B6A6-1F46F1B946AE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {3EB7AAE6-60CB-4B78-8975-457682CF3EA5} - System32\Tasks\{75A20F51-DAD0-4F5F-919E-84B2AB233F5B} => msiexec.exe /package "C:\Users\DDDDDD CCCCCC\Downloads\HPSupportSolutionsFramework-11.51.0048.msi"
Task: {40978C8B-1D20-43E6-89F1-B1BA719E581E} - System32\Tasks\HP AR Program Upload - 80a8e838e6934cd8b655baa83b9a353e1c06edcb6d694a43b472cfefd87bcfc5 => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {411484AC-BD71-4DE3-8AA4-5473F69B8EA3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {47C46238-A6C4-4C4B-BE85-E6E1425608CB} - System32\Tasks\{144D2C4F-2583-452B-AC74-C64839CF03CC} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: {49723E02-558F-4E12-BD48-8ACD6598EC43} - System32\Tasks\HP AR Program Upload - 854d1af6a1324f42910f1f8b74b2b3f41fb51fedf01b43d1a63e88c9a6f21790 => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {4B2B5EA5-40E6-47DC-9F21-A6720AB1BFE0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {50CD27F6-1FBE-4505-BA99-EFA8D9503159} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {52FE82CE-EC2E-4802-BCC3-4E0421151CFC} - System32\Tasks\{F3B963CB-BFF7-43C8-ADEF-9881996EFE34} => msiexec.exe /package "C:\Users\DDDDDD CCCCCC\Downloads\HPSupportSolutionsFramework-11.51.0048.msi"
Task: {5707B308-736C-43D4-89AE-2FE99CBEAAA0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5A42985A-DC32-4FE1-8210-CA09F67316FC} - System32\Tasks\HPCustPartic.exe_{96420065-3C4E-4B3E-96DB-DB0760F51DDD} => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {5B5D6CC7-9FA7-4441-9A09-8A3C4EA669FD} - System32\Tasks\{9B880EC1-DC3B-45D7-A7BB-4E131A7A884F} => pcalua.exe -a "C:\Users\DDDDDD CCCCCC\Downloads\esetsmartinstaller_enu.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {681029CD-B8CB-42AA-9842-CF7EDBF5E5DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {68134DAF-D093-41B4-81A7-3699F92D4938} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {68E7EBEF-ADBD-46F6-A830-9F150DECC219} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {6F03E5D8-2CC7-427D-BD54-21449EAF961E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {739C86AB-D488-4894-A94A-E1C873D935C4} - System32\Tasks\{239C0599-E784-4910-B228-5D5AB8D346A6} => pcalua.exe -a "C:\Users\DDDDDD CCCCCC\Downloads\HiJackThis204.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {786DB5A0-25AD-4CDC-BB7E-97656C616113} - System32\Tasks\HP AR Program Upload - 1f34e1c96e2441c2954c4ee9bad5d9a7c0a8147dcd0a401485574ee6cc4342d5 => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {792B72B2-C51B-4379-B2AA-007529DB50F0} - System32\Tasks\{8D77E667-A31C-4EB4-B209-1E559B732CBC} => pcalua.exe -a "C:\Program Files (x86)\Canon\IJEREG\MP160\UNINST.EXE"
Task: {7AEAE564-35D2-434E-8BC2-12BF5BC672DE} - System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {7EF35221-FB0C-46A6-A192-205B5FD553A1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {8D028DE4-21F0-4176-BE00-C92FE5EFD527} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {8DECD6EB-BC12-4FC1-9392-061D691B4EE8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {92533B9B-37E7-4E54-B7DE-F8B0B255CFEE} - System32\Tasks\{4781B96F-C3F4-45CF-AB6F-C64C9AD3E88D} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{319D91C6-3D44-436C-9F79-36C0D22372DC}\setup.exe" -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK" -c -runfromtemp -removeonly
Task: {972BA9DC-7C38-4BB4-8147-9B990B18B4CC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {9871084F-8757-4D3E-9DCE-3D0ECB1129D7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {98D50E70-7C0D-48DC-97D6-0784CA5142DA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {A1D835EF-9220-45A2-811E-2CA5B38166BF} - System32\Tasks\hpUrlLauncher.exe_{4AF7A75F-FDE8-41B8-80D9-5C3EBC32D019} => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\utils\hpUrlLauncher.exe
Task: {A2488771-C70F-410B-ACC7-0C57087007C2} - System32\Tasks\HP AR Program Upload - 35705e1cf9504357848dc302c9669a5caa95e00a3e9f4a8d9f6ab1f8a3caa919 => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {A8E85CF5-280D-463A-87FA-085DDBCDF6B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {AA102638-D3DE-421D-86B6-F2855CAC3F08} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AC577598-18CA-4F02-9CC5-26340D8702A2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AF4EEFF6-7AC7-4FB8-8036-E090A9EB3AFC} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {B07EC441-F3C8-4CFE-88E2-7ECEA30A9C0D} - System32\Tasks\bvyvbvhx => C:\Users\DDDDDD CCCCCC\AppData\Local\bvyvbvhx\bvyvbvhx.exe [2016-06-29] () <==== ACHTUNG
Task: {B084B8EA-32F7-4952-A0E7-6E89CD668254} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {B608EBAA-A759-44B4-B758-5C039701BB1D} - System32\Tasks\G2MUpdateTask-S-1-5-21-1242904208-471078349-2963378918-1000 => C:\Users\DDDDDD CCCCCC\AppData\Local\Citrix\GoToMeeting\5387\g2mupdate.exe [2016-08-11] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {B70DE820-5E4A-4D50-880F-5AF4416A4229} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {B7A342C6-6ABF-492E-9250-2C92CB583846} - System32\Tasks\{A2A68590-5CAE-4C98-8B98-D18CC5E4C073} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -c -runfromtemp -l0x407 -removeonly
Task: {BBBF9E37-C1CD-4CF0-A783-CE021D6D2928} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {BCA4B3B1-FA30-4848-ACEA-33F6EE251923} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {C44C21AC-7636-4955-ACF8-55B6D5C3C6DC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {C5A63EED-4FE6-45F0-A490-AE35FB29B04D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {C787E70A-60D6-48A1-8C4A-0B14D2349CDA} - System32\Tasks\HP AR Program Upload - 41ef4bbbee3b49c3a813725f7b93d37d63ad611e24cd4ecc9aa891fa5366d204 => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {CB52FB1B-F07D-4432-95A2-FA615C1D2138} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\DDDDDD CCCCCC\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation)
Task: {CCD7FED2-E915-4ADA-B3DA-711F2FD9A1A8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D0EC5A44-784C-47AD-AE8A-4BBD63A3B35B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {D0FF530E-CDD0-451F-BBB9-E0062FF2BC5B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-11] (Adobe Systems Incorporated)
Task: {D3C8250E-FAC7-4C67-A7FE-89F284D7F2B0} - System32\Tasks\G2MUploadTask-S-1-5-21-1242904208-471078349-2963378918-1000 => C:\Users\DDDDDD CCCCCC\AppData\Local\Citrix\GoToMeeting\5387\g2mupload.exe [2016-08-11] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {D62D6B07-4BC7-4A35-BDC4-C29537003F93} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {DEB9F23A-78EE-47F2-BFE3-F0202A2F0BB5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {E36CA599-B047-467B-99AF-5E380AFECE05} - System32\Tasks\{AC797CD7-B058-4AC8-84B2-B2307D6AFF9B} => C:\Program Files (x86)\Chandler1.0.3\chandler.exe
Task: {E85DBE85-E344-4E48-A05A-ACF97445121F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {EDD0DC82-5A98-4BDF-B7A4-D62684EFFC55} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {F108FC97-F5B0-4510-9C8E-EB2E8F5AE0EA} - System32\Tasks\HP AR Program Upload - aa75a83ba0e54f469f9229056b3523d0eb35faeb3e174ec898b456f50bbc2c60 => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {F30712C0-5F79-4616-BFEE-8D27E1822469} - System32\Tasks\{581487AC-8AAF-40E1-A997-6B8519F0C5EC} => C:\Program Files (x86)\Chandler1.0.3\chandler.exe
Task: {F880A225-F7DE-4289-90B1-111C5A5F67B1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FC0397BA-8222-41E7-836D-453BA55E74DB} - System32\Tasks\{2E665153-C229-4C02-9699-2F4EF08B1807} => pcalua.exe -a C:\Users\DANIEL~1\AppData\Local\Temp\InstallFlashPlayer.exe -d "C:\Program Files (x86)\Mozilla Firefox" <==== ACHTUNG
Task: {FD4D8ACC-09B4-4FFB-8BEF-4A38EE759CBB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1242904208-471078349-2963378918-1000.job => C:\Users\DDDDDD CCCCCC\AppData\Local\Citrix\GoToMeeting\5387\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1242904208-471078349-2963378918-1000.job => C:\Users\DDDDDD CCCCCC\AppData\Local\Citrix\GoToMeeting\5387\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2016-06-05 08:22 - 2016-06-05 08:22 - 04463592 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2016-04-26 19:41 - 2016-04-26 19:41 - 01195840 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-16 12:56 - 2016-04-16 12:56 - 09698296 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-15 16:16 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-15 16:16 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-18 08:34 - 2016-08-18 08:34 - 01864384 _____ () C:\Users\DDDDDD CCCCCC\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-15 16:17 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-15 16:18 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-15 16:16 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-15 16:17 - 2016-07-01 05:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-15 16:17 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-15 16:16 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2011-11-13 23:52 - 2011-11-13 23:51 - 00200704 _____ () C:\Windows\PLFSetI.exe
2016-05-10 16:23 - 2016-05-10 16:23 - 07377936 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2016-05-22 09:39 - 2016-05-22 09:40 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-05-10 15:35 - 2016-05-10 15:35 - 00037808 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2016-05-10 15:36 - 2016-05-10 15:36 - 00445872 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-05-10 15:31 - 2016-05-10 15:31 - 00115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2014-12-28 15:38 - 2014-04-22 20:39 - 00645592 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2016-08-18 08:34 - 2016-08-18 08:34 - 01383616 _____ () C:\Users\DDDDDD CCCCCC\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-18 08:34 - 2016-08-18 08:34 - 00118976 _____ () C:\Users\DDDDDD CCCCCC\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2015-11-16 18:05 - 2015-11-16 18:05 - 00126928 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2016-05-10 15:37 - 2016-05-10 15:37 - 00333744 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2016-05-10 16:21 - 2016-05-10 16:21 - 20582752 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2016-05-10 15:35 - 2016-05-10 15:35 - 00050096 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2016-04-16 12:45 - 2016-04-16 12:45 - 00248240 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2016-05-22 09:39 - 2016-05-22 09:40 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-22 09:39 - 2016-05-22 09:40 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\google.com -> hxxps://www.google.com
IE trusted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\1-2005-search.com -> www.1-2005-search.com

Da befinden sich 12656 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-11-28 16:42 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1242904208-471078349-2963378918-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AAV UpdateService => 2
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AgereModemAudio => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Avira.ServiceHost => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BotkindSyncService => 2
MSCONFIG\Services: ePowerSvc => 2
MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: Greg_Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: IAANTMON => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NoIPDUCService4 => 2
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: NTIBackupSvc => 3
MSCONFIG\Services: NTISchedulerSvc => 2
MSCONFIG\Services: PassThru Service => 2
MSCONFIG\Services: PDF Architect Helper Service => 2
MSCONFIG\Services: PDF Architect Service => 2
MSCONFIG\Services: RS_Service => 2
MSCONFIG\Services: SandraAgentSrv => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\Services: TurboBoost => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: Updater Service => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^Users^DDDDDD CCCCCC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: adm_tray.exe => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
MSCONFIG\startupreg: APSDaemon => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: HP Photosmart 5520 series (NET) => "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN45U712HT0602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{725B379C-EE2E-4D6E-B42F-EE10E6D4944A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{FE3D990D-B266-48E1-9323-37160A28F9AC}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{41C3E0CA-2976-4A45-A708-8203E573FC91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FCEE98EF-BFD4-498F-A2A6-3C0A3AC43909}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{726D250B-DD66-4445-872D-F079FB22D14D}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{FD0F013A-FB30-4B66-BBAF-B4280D5E1E92}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{61FADD7A-3C7E-4B1C-9400-9BA6AA9BF7BB}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{CCA3BB40-C049-4B41-8925-5D295EC27692}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [{4F84CB76-00A3-45EB-BA8F-4060B3478C31}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [UDP Query User{9183F466-2C5B-48FA-8CBC-55AE1FD9285D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{8336611A-CAB6-4B25-8D44-E713BA1BBFD6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{368D4719-D149-40CC-ABC2-D4BF2EFE8261}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{0B95A0D9-A238-4A55-8391-60059978F210}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [{58E37E38-E114-42D6-8F31-ADC28F97DB20}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{B362279F-DBE6-4209-B1ED-00910F7BB91B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{4C52A5C0-AF9D-4BAD-A87A-A10C9E1B74B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{760E8861-BE59-4CE8-96F4-EB387575E8EC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DF14D894-0EC2-42AE-B2DA-CD729E200EA8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AF6B8378-F5AB-4DA6-8639-B5A5ECE9935E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0F7C2E68-226E-4C92-9ABF-68FF739A8CF5}C:\users\DDDDDD CCCCCC\desktop\dcc_e2.exe] => (Allow) C:\users\DDDDDD CCCCCC\desktop\dcc_e2.exe
FirewallRules: [UDP Query User{F3CFE005-D695-413D-81BF-DC8CC62D95B9}C:\users\DDDDDD CCCCCC\desktop\dcc_e2.exe] => (Allow) C:\users\DDDDDD CCCCCC\desktop\dcc_e2.exe
FirewallRules: [{D627F2CC-7C2A-4AC4-818C-1EBB2BAF8BD2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{73F501DA-899E-4213-B804-4E0D459B89B0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{66EEBCB4-AEA8-400F-BD00-8D33C7C82BD9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5D267A8A-08F2-4E14-B2AA-6AE0BA4555C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AF39EF1A-0FBB-4AF2-BF20-4A06C574697D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\X Rebirth\XRebirth.exe
FirewallRules: [{216D2BBB-96DE-488C-B5B8-19F001D1FE4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\X Rebirth\XRebirth.exe
FirewallRules: [{E2ABE510-801C-4FD0-A28E-6C2FB678546A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F86E8B5F-125E-4CD0-B8B1-CAC16DE498BE}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{F7676655-34DF-4CAF-B7FD-0F86E4DF581C}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe

==================== Wiederherstellungspunkte =========================

18-08-2016 17:13:48 Windows Update
21-08-2016 18:41:46 Windows Update
24-08-2016 22:54:47 Windows Update
27-08-2016 13:54:08 Installed Evernote v. 6.2.4

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/28/2016 11:23:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ARBEITSCOMPUTER)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/27/2016 03:34:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ARBEITSCOMPUTER)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/27/2016 01:54:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (08/26/2016 08:41:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ARBEITSCOMPUTER)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/26/2016 08:41:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ARBEITSCOMPUTER)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/26/2016 08:41:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ARBEITSCOMPUTER)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/26/2016 08:41:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ARBEITSCOMPUTER)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/26/2016 08:41:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ARBEITSCOMPUTER)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/26/2016 08:41:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ARBEITSCOMPUTER)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/26/2016 08:41:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ARBEITSCOMPUTER)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (08/28/2016 11:23:30 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst afcdpsrv erreicht.

Error: (08/28/2016 11:23:22 AM) (Source: DCOM) (EventID: 10010) (User: ARBEITSCOMPUTER)
Description: App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca

Error: (08/27/2016 03:35:15 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (08/27/2016 03:34:54 PM) (Source: DCOM) (EventID: 10010) (User: ARBEITSCOMPUTER)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (08/27/2016 03:34:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_5d7b6d36" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/27/2016 03:34:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _5d7b6d36" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/27/2016 03:34:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_5d7b6d36" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/27/2016 03:34:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_5d7b6d36" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/27/2016 10:37:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200b fehlgeschlagen: Hewlett-Packard  - Imaging - Null Print - HP Photosmart 5520 series

Error: (08/27/2016 12:10:55 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5


CodeIntegrity:
===================================
  Date: 2016-08-27 10:39:49.552
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-27 10:39:49.538
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-27 10:39:49.480
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-27 10:39:49.420
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-27 10:39:49.406
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-27 10:39:49.375
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-27 10:39:49.356
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-27 10:39:49.341
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-27 10:39:49.302
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-27 10:39:47.616
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 3956.5 MB
Verfügbarer physikalischer RAM: 1644.07 MB
Summe virtueller Speicher: 7924.5 MB
Verfügbarer virtueller Speicher: 5163.19 MB

==================== Laufwerke ================================

Drive c: (ACER) (Fixed) (Total:290.05 GB) (Free:5.79 GB) NTFS
Drive d: (ACER) (Fixed) (Total:625.83 GB) (Free:588.39 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Elements) (Fixed) (Total:931.48 GB) (Free:125.05 GB) NTFS
Drive g: (ESD-USB) (Removable) (Total:31.99 GB) (Free:28.5 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4626722B)
Partition 1: (Not Active) - (Size=15.6 GB) - (Type=27)
Partition 2: (Not Active) - (Size=290.1 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=625.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: CE513C98)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 59.1 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

magigstar · 28.08.2016, 12:02

Code:

ATTFilter

12:39:03.0884 0x2528  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
12:39:09.0170 0x2528  ============================================================
12:39:09.0170 0x2528  Current date / time: 2016/08/28 12:39:09.0170
12:39:09.0170 0x2528  SystemInfo:
12:39:09.0170 0x2528  
12:39:09.0170 0x2528  OS Version: 10.0.10586 ServicePack: 0.0
12:39:09.0170 0x2528  Product type: Workstation
12:39:09.0170 0x2528  ComputerName: ARBEITSCOMPUTER
12:39:09.0170 0x2528  UserName: DDDDD CCCCC
12:39:09.0170 0x2528  Windows directory: C:\WINDOWS
12:39:09.0170 0x2528  System windows directory: C:\WINDOWS
12:39:09.0171 0x2528  Running under WOW64
12:39:09.0171 0x2528  Processor architecture: Intel x64
12:39:09.0171 0x2528  Number of processors: 4
12:39:09.0171 0x2528  Page size: 0x1000
12:39:09.0171 0x2528  Boot type: Normal boot
12:39:09.0171 0x2528  CodeIntegrityOptions = 0x00000001
12:39:09.0171 0x2528  ============================================================
12:39:09.0768 0x2528  KLMD registered as C:\WINDOWS\system32\drivers\03052976.sys
12:39:09.0768 0x2528  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 10586.545, osProperties = 0x19
12:39:11.0220 0x2528  System UUID: {CCAE5744-D600-FB73-EEC5-ED0604A19F5F}
12:39:12.0030 0x2528  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:39:12.0036 0x2528  Drive \Device\Harddisk1\DR3 - Size: 0xE8DED00000 ( 931.48 Gb ), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:39:12.0041 0x2528  Drive \Device\Harddisk2\DR8 - Size: 0xEC5400000 ( 59.08 Gb ), SectorSize: 0x200, Cylinders: 0x1E20, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:39:12.0043 0x2528  ============================================================
12:39:12.0043 0x2528  \Device\Harddisk0\DR0:
12:39:12.0043 0x2528  MBR partitions:
12:39:12.0043 0x2528  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F40800, BlocksNum 0x2441A000
12:39:12.0043 0x2528  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2635A800, BlocksNum 0x4E3AB5A9
12:39:12.0043 0x2528  \Device\Harddisk1\DR3:
12:39:12.0044 0x2528  MBR partitions:
12:39:12.0044 0x2528  \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x746F6000
12:39:12.0044 0x2528  \Device\Harddisk2\DR8:
12:39:12.0045 0x2528  MBR partitions:
12:39:12.0045 0x2528  \Device\Harddisk2\DR8\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x4000000
12:39:12.0045 0x2528  ============================================================
12:39:12.0083 0x2528  C: <-> \Device\Harddisk0\DR0\Partition1
12:39:12.0118 0x2528  D: <-> \Device\Harddisk0\DR0\Partition2
12:39:12.0182 0x2528  F: <-> \Device\Harddisk1\DR3\Partition1
12:39:12.0182 0x2528  ============================================================
12:39:12.0182 0x2528  Initialize success
12:39:12.0182 0x2528  ============================================================
12:39:39.0569 0x2050  ============================================================
12:39:39.0569 0x2050  Scan started
12:39:39.0569 0x2050  Mode: Manual; SigCheck; TDLFS; 
12:39:39.0569 0x2050  ============================================================
12:39:39.0569 0x2050  KSN ping started
12:39:39.0710 0x2050  KSN ping finished: true
12:39:47.0042 0x2050  ================ Scan system memory ========================
12:39:47.0042 0x2050  System memory - ok
12:39:47.0042 0x2050  ================ Scan services =============================
12:39:47.0324 0x2050  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
12:39:47.0530 0x2050  1394ohci - ok
12:39:47.0629 0x2050  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
12:39:47.0654 0x2050  3ware - ok
12:39:47.0741 0x2050  [ F73DB97453B47B805B73A98023961505, 483F82A46AD73B3736F63CC5B473E0D47D04F1B4A3B40A49024165ACC2CC98FD ] AAV UpdateService C:\Program Files (x86)\Common Files\AAV\aavus.exe
12:39:47.0786 0x2050  AAV UpdateService - detected UnsignedFile.Multi.Generic ( 1 )
12:39:47.0904 0x2050  Detect skipped due to KSN trusted
12:39:47.0904 0x2050  AAV UpdateService - ok
12:39:47.0950 0x2050  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
12:39:47.0984 0x2050  ACPI - ok
12:39:48.0002 0x2050  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
12:39:48.0023 0x2050  acpiex - ok
12:39:48.0051 0x2050  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
12:39:48.0076 0x2050  acpipagr - ok
12:39:48.0106 0x2050  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
12:39:48.0154 0x2050  AcpiPmi - ok
12:39:48.0176 0x2050  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
12:39:48.0212 0x2050  acpitime - ok
12:39:48.0307 0x2050  [ 7F5EC8894A08648BA2F0A2E8689D98EF, BC30D993D68F0AA8E6768CF792EB37524A7855B5E9189274772651D837C286DD ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
12:39:48.0349 0x2050  AcrSch2Svc - ok
12:39:48.0411 0x2050  [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:39:48.0423 0x2050  AdobeARMservice - ok
12:39:48.0527 0x2050  [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:39:48.0545 0x2050  AdobeFlashPlayerUpdateSvc - ok
12:39:48.0613 0x2050  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:39:48.0669 0x2050  ADP80XX - ok
12:39:48.0887 0x2050  [ D58AFA917D97BFF073E58763B13E4A65, 5D735F27CC1C17CED976E0996033AF72E3C70BADAE8BFE6506AAF5BD747E6DA2 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
12:39:49.0087 0x2050  afcdpsrv - ok
12:39:49.0125 0x2050  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
12:39:49.0160 0x2050  AFD - ok
12:39:49.0216 0x2050  [ B65F8DBA54F251906BBE8611B5A0E7AB, 9ADE347CB4E7C33D668DAC79A316C97C78D94D296B158F481F3E32F9DA4D647E ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
12:39:49.0327 0x2050  AgereModemAudio - ok
12:39:49.0391 0x2050  [ A6AB6F0ACE87DA76B4C401813D18BE95, 6AE72E0F07DF2164A3198E14A6AE7E15F0B8EB467D2D68960A006E360DBBA891 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\agrsm64.sys
12:39:49.0492 0x2050  AgereSoftModem - ok
12:39:49.0511 0x2050  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
12:39:49.0528 0x2050  agp440 - ok
12:39:49.0545 0x2050  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:39:49.0631 0x2050  ahcache - ok
12:39:49.0662 0x2050  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
12:39:49.0770 0x2050  AJRouter - ok
12:39:49.0799 0x2050  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
12:39:49.0873 0x2050  ALG - ok
12:39:49.0908 0x2050  [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
12:39:49.0932 0x2050  AMD External Events Utility - ok
12:39:49.0964 0x2050  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
12:39:50.0055 0x2050  AmdK8 - ok
12:39:50.0081 0x2050  amdkmdag - ok
12:39:50.0136 0x2050  [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
12:39:50.0173 0x2050  amdkmdap - ok
12:39:50.0185 0x2050  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
12:39:50.0216 0x2050  AmdPPM - ok
12:39:50.0235 0x2050  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
12:39:50.0250 0x2050  amdsata - ok
12:39:50.0278 0x2050  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
12:39:50.0300 0x2050  amdsbs - ok
12:39:50.0331 0x2050  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
12:39:50.0346 0x2050  amdxata - ok
12:39:50.0378 0x2050  [ 39B6FAE7DFE1B70034F253AB0BB96E2F, 477D9788BB1717F966E8E4F776CE52425BB76288A99FF34AE7A24D4221EA5D05 ] ampa            C:\WINDOWS\system32\ampa.sys
12:39:50.0448 0x2050  ampa - detected UnsignedFile.Multi.Generic ( 1 )
12:39:50.0542 0x2050  Detect skipped due to KSN trusted
12:39:50.0542 0x2050  ampa - ok
12:39:50.0586 0x2050  [ 9815014F3E30357168DA272088C6F12F, 4A9832A9C646306CB3F2B3D714EEAE0FD90CDB977BA248A6CD2C9A04CA682040 ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
12:39:50.0613 0x2050  ApfiltrService - ok
12:39:50.0672 0x2050  [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
12:39:50.0765 0x2050  AppHostSvc - ok
12:39:50.0803 0x2050  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\WINDOWS\system32\drivers\appid.sys
12:39:50.0823 0x2050  AppID - ok
12:39:50.0858 0x2050  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
12:39:50.0933 0x2050  AppIDSvc - ok
12:39:50.0946 0x2050  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
12:39:50.0985 0x2050  Appinfo - ok
12:39:51.0053 0x2050  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:39:51.0062 0x2050  Apple Mobile Device Service - ok
12:39:51.0105 0x2050  [ 682F73D86501D75B131A1D59539A475D, 1C3E1728F3995BBFC2BCE90EFD118B0B864103B16F587A1374D8B3A00403B9E3 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
12:39:51.0219 0x2050  AppReadiness - ok
12:39:51.0330 0x2050  [ 736BC0930DF22D535C9667D78F8DEB71, 067337517BD7234FEA999C242C90F74328C0003DDFD24483915F5C1DC5B9C919 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
12:39:51.0528 0x2050  AppXSvc - ok
12:39:51.0557 0x2050  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
12:39:51.0593 0x2050  arcsas - ok
12:39:51.0717 0x2050  [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:39:51.0749 0x2050  aspnet_state - ok
12:39:51.0765 0x2050  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
12:39:51.0829 0x2050  AsyncMac - ok
12:39:51.0843 0x2050  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
12:39:51.0857 0x2050  atapi - ok
12:39:52.0023 0x2050  [ F1F16542AC6404DDC44A447A875AD13A, 0A59586E68EF58A4D791F244B3C34CEF0A6B3B51CB5F3E85856B0F69AA5029E3 ] athr            C:\WINDOWS\System32\drivers\athwnx.sys
12:39:52.0315 0x2050  athr - ok
12:39:52.0409 0x2050  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:39:52.0522 0x2050  AudioEndpointBuilder - ok
12:39:52.0689 0x2050  [ 5C6F3312EACE1409DC2C4C2AD5D2719D, 415955E31458AE56182436EEF5A993BAEF08379C12C182CC073F3D0A3A0DE006 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
12:39:52.0792 0x2050  Audiosrv - ok
12:39:52.0820 0x2050  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
12:39:52.0845 0x2050  AxInstSV - ok
12:39:52.0961 0x2050  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
12:39:53.0003 0x2050  b06bdrv - ok
12:39:53.0043 0x2050  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:39:53.0160 0x2050  BasicDisplay - ok
12:39:53.0190 0x2050  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
12:39:53.0269 0x2050  BasicRender - ok
12:39:53.0288 0x2050  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
12:39:53.0327 0x2050  bcmfn - ok
12:39:53.0345 0x2050  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
12:39:53.0381 0x2050  bcmfn2 - ok
12:39:53.0435 0x2050  [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
12:39:53.0531 0x2050  BDESVC - ok
12:39:53.0559 0x2050  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:39:53.0618 0x2050  Beep - ok
12:39:53.0707 0x2050  [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE             C:\WINDOWS\System32\bfe.dll
12:39:53.0821 0x2050  BFE - ok
12:39:53.0983 0x2050  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
12:39:54.0188 0x2050  BITS - ok
12:39:54.0354 0x2050  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:39:54.0394 0x2050  Bonjour Service - ok
12:39:54.0469 0x2050  BotkindSyncService - ok
12:39:54.0495 0x2050  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
12:39:54.0590 0x2050  bowser - ok
12:39:54.0678 0x2050  [ 453207816AB95A0376887BE01FAE30E1, 102CA59ED06C6A7D69AA3094DDC550400C50CDF5B7F066522BF0031B8EC7B708 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:39:54.0814 0x2050  BrokerInfrastructure - ok
12:39:54.0843 0x2050  [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser         C:\WINDOWS\System32\browser.dll
12:39:54.0926 0x2050  Browser - ok
12:39:54.0964 0x2050  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:39:55.0010 0x2050  BthAvrcpTg - ok
12:39:55.0027 0x2050  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
12:39:55.0063 0x2050  BthHFEnum - ok
12:39:55.0086 0x2050  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
12:39:55.0115 0x2050  bthhfhid - ok
12:39:55.0146 0x2050  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
12:39:55.0185 0x2050  BthHFSrv - ok
12:39:55.0213 0x2050  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
12:39:55.0243 0x2050  BTHMODEM - ok
12:39:55.0279 0x2050  [ CEEC73833A4C6B31E2F376A3FD4DA73E, F09FC6EAB8D9769DBAD0931CC7C7F5DFE1562D3EE09CE0EF086AA73D4B62E076 ] bthserv         C:\WINDOWS\system32\bthserv.dll
12:39:55.0369 0x2050  bthserv - ok
12:39:55.0400 0x2050  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
12:39:55.0470 0x2050  buttonconverter - ok
12:39:55.0676 0x2050  [ C8D931D734FC0097478CE2583A75C4DF, 60C5F97D7E5A8B81A7123A5DB333577B0C7B9302C1D1C98D47BA96C0A3FB7417 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
12:39:55.0762 0x2050  c2cautoupdatesvc - ok
12:39:55.0949 0x2050  [ 8E1CC0517DE17DF83CF80BFCE9F0C000, 13F7929D531914FA2ED1223977E15A7F45E3FF3DA1392ECC4B15F5619B37B754 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
12:39:56.0043 0x2050  c2cpnrsvc - ok
12:39:56.0071 0x2050  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
12:39:56.0176 0x2050  CapImg - ok
12:39:56.0196 0x2050  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:39:56.0234 0x2050  cdfs - ok
12:39:56.0286 0x2050  [ 88E3BA684A7B1247762E1D401076D4C2, 88375BD1970848A71B9CF8C7C73ECA2E4A65E57D80D0C36F41547D381441A552 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
12:39:56.0379 0x2050  CDPSvc - ok
12:39:56.0405 0x2050  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
12:39:56.0449 0x2050  cdrom - ok
12:39:56.0480 0x2050  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
12:39:56.0523 0x2050  CertPropSvc - ok
12:39:56.0549 0x2050  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
12:39:56.0586 0x2050  circlass - ok
12:39:56.0636 0x2050  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
12:39:56.0673 0x2050  CLFS - ok
12:39:56.0804 0x2050  [ E72BB94A4010EBA7074DFEB25D67BDC3, 437F13A1F709B4CC047C9918625C2B5F673218A5141DBC99CD14B008FAB2AA88 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
12:39:56.0847 0x2050  ClipSVC - ok
12:39:57.0084 0x2050  [ 9FF944391DB7F6497A1826EBC32C7482, BD2DF6CBDED49EA9A7A129274E14C08AAA687C0D3E483EF43A0A3BA08D8048EC ] CltMngSvc       C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
12:39:57.0241 0x2050  CltMngSvc - ok
12:39:57.0289 0x2050  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
12:39:57.0339 0x2050  CmBatt - ok
12:39:57.0389 0x2050  [ 570BA8E8E1E3064A7D92F862B7F59B60, 849CE59A0390EB34977471391EF7500506B0B019E5E31CBF264A4926A84C4BEE ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
12:39:57.0433 0x2050  CNG - ok
12:39:57.0463 0x2050  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
12:39:57.0487 0x2050  cnghwassist - ok
12:39:58.0002 0x2050  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
12:39:58.0051 0x2050  CompositeBus - ok
12:39:58.0056 0x2050  COMSysApp - ok
12:39:58.0079 0x2050  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
12:39:58.0097 0x2050  condrv - ok
12:39:58.0145 0x2050  [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
12:39:58.0192 0x2050  CoreMessagingRegistrar - ok
12:39:58.0230 0x2050  [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
12:39:58.0330 0x2050  CryptSvc - ok
12:39:58.0361 0x2050  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
12:39:58.0377 0x2050  dam - ok
12:39:58.0430 0x2050  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:39:58.0577 0x2050  DcomLaunch - ok
12:39:58.0625 0x2050  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
12:39:58.0731 0x2050  DcpSvc - ok
12:39:58.0778 0x2050  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
12:39:58.0831 0x2050  defragsvc - ok
12:39:58.0862 0x2050  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:39:58.0963 0x2050  DeviceAssociationService - ok
12:39:58.0994 0x2050  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
12:39:59.0010 0x2050  DeviceInstall - ok
12:39:59.0047 0x2050  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
12:39:59.0132 0x2050  DevQueryBroker - ok
12:39:59.0163 0x2050  [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
12:39:59.0247 0x2050  Dfsc - ok
12:39:59.0332 0x2050  [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
12:39:59.0448 0x2050  Dhcp - ok
12:39:59.0530 0x2050  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
12:39:59.0611 0x2050  diagnosticshub.standardcollector.service - ok
12:39:59.0748 0x2050  [ 5F1CAF0E823BADD5576555CC876F1067, 53AED2137D1BACA5AA24C265E2591F12D91C4652AF35D52843F045CAE4CDDB2E ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
12:39:59.0810 0x2050  DiagTrack - ok
12:39:59.0864 0x2050  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
12:39:59.0911 0x2050  disk - ok
12:40:00.0248 0x2050  [ D5BCB77BE83CF99F508943945D46343D, 00C5624CE970A05075A19168643BF6E8FA60C764333ECEC088D7FFCA10547833 ] DKbFltr         C:\WINDOWS\SysWOW64\Drivers\DKbFltr.sys
12:40:00.0264 0x2050  DKbFltr - ok
12:40:00.0295 0x2050  [ E32F15E26724F3BB6423FB29FF3E2A8F, E8CF9829D2A74F4423424F8D169E726B88F50734F0B1ADC735691C37C9F32DAA ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
12:40:00.0379 0x2050  DmEnrollmentSvc - ok
12:40:00.0411 0x2050  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
12:40:00.0464 0x2050  dmvsc - ok
12:40:00.0480 0x2050  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
12:40:00.0533 0x2050  dmwappushservice - ok
12:40:00.0564 0x2050  [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:40:00.0627 0x2050  Dnscache - ok
12:40:00.0665 0x2050  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:40:00.0696 0x2050  dot3svc - ok
12:40:00.0733 0x2050  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
12:40:00.0811 0x2050  DPS - ok
12:40:00.0833 0x2050  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
12:40:00.0849 0x2050  drmkaud - ok
12:40:00.0880 0x2050  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
12:40:00.0980 0x2050  DsmSvc - ok
12:40:01.0030 0x2050  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
12:40:01.0150 0x2050  DsSvc - ok
12:40:01.0350 0x2050  [ E5EF652F8C880EC48A4E827698416338, 49F7BD33A1EA1BE996698C0476C92E7C7F7FEC2940ED6018614E3AB18E8FACAC ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:40:01.0450 0x2050  DXGKrnl - ok
12:40:01.0513 0x2050  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
12:40:01.0581 0x2050  Eaphost - ok
12:40:01.0950 0x2050  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
12:40:02.0135 0x2050  ebdrv - ok
12:40:02.0466 0x2050  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
12:40:02.0497 0x2050  EFS - ok
12:40:02.0513 0x2050  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
12:40:02.0535 0x2050  EhStorClass - ok
12:40:02.0551 0x2050  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:40:02.0566 0x2050  EhStorTcgDrv - ok
12:40:02.0631 0x2050  [ 44CE3346DBB530FB4A529854CC68DBFC, D9422E07E3FB8A9895C120F720D6EB7D6484C813E6FF75DDC17B8CB95672F3A9 ] EkaProt6        C:\WINDOWS\system32\DRIVERS\ekaprot6.sys
12:40:02.0682 0x2050  EkaProt6 - ok
12:40:02.0735 0x2050  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
12:40:02.0850 0x2050  embeddedmode - ok
12:40:02.0882 0x2050  [ 3182FCAF6AAF478791DE5B430C912D4D, 6044BB8A895F0E5BEAA5390457730AE9DB26A5611DC1CD55CE91F2331D2C3086 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
12:40:02.0982 0x2050  EntAppSvc - ok
12:40:03.0135 0x2050  [ FB67AA8AC61B9365ADD546139A21BED6, DDE2053071ED1F7E634FF1A74DB0ACC7D0D19B0AD0CF37DE989FA91B93C76452 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:40:03.0182 0x2050  ePowerSvc - ok
12:40:03.0197 0x2050  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
12:40:03.0233 0x2050  ErrDev - ok
12:40:03.0266 0x2050  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
12:40:03.0335 0x2050  EventSystem - ok
12:40:03.0367 0x2050  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
12:40:03.0436 0x2050  exfat - ok
12:40:03.0483 0x2050  [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
12:40:03.0498 0x2050  fastfat - ok
12:40:03.0536 0x2050  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
12:40:03.0652 0x2050  Fax - ok
12:40:03.0683 0x2050  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
12:40:03.0714 0x2050  fdc - ok
12:40:04.0232 0x2050  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
12:40:04.0467 0x2050  fdPHost - ok
12:40:04.0898 0x2050  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
12:40:04.0951 0x2050  FDResPub - ok
12:40:04.0967 0x2050  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
12:40:05.0051 0x2050  fhsvc - ok
12:40:05.0083 0x2050  [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
12:40:05.0152 0x2050  FileCrypt - ok
12:40:05.0168 0x2050  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
12:40:05.0199 0x2050  FileInfo - ok
12:40:05.0214 0x2050  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
12:40:05.0268 0x2050  Filetrace - ok
12:40:05.0315 0x2050  [ 27B3C0F193F00D65F2D6B2C8C7FD22FF, B7DFE6D3065091C26085DB661503847F729EC2D2842C3D56D4F003548CC46503 ] file_tracker    C:\WINDOWS\system32\DRIVERS\file_tracker.sys
12:40:05.0500 0x2050  file_tracker - ok
12:40:05.0553 0x2050  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
12:40:05.0600 0x2050  flpydisk - ok
12:40:05.0653 0x2050  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:40:05.0684 0x2050  FltMgr - ok
12:40:05.0715 0x2050  [ 4AD91299304A5E75084434F246DE0F9A, 3617EFEBCCB23F15FC9423544D061AF183E8E87B7E1EA9AA13EAAC5A9F0DE439 ] fltsrv          C:\WINDOWS\system32\DRIVERS\fltsrv.sys
12:40:05.0753 0x2050  fltsrv - ok
12:40:05.0868 0x2050  [ F1BA85CF2AEE08860C8D5BF82C342F44, 109D5E1AA11ECCFB598BBD09E98991F1E4915B2282B72C727F3E2C73678E2593 ] FontCache       C:\WINDOWS\system32\FntCache.dll
12:40:06.0069 0x2050  FontCache - ok
12:40:06.0253 0x2050  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:40:06.0285 0x2050  FontCache3.0.0.0 - ok
12:40:06.0485 0x2050  [ 778C28F62D8C990B38B8584EB481F95B, BA4B3621430ED58AA06A0FA2EEDE458525BD10655E052413A79A9B30C072D68B ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
12:40:06.0500 0x2050  FoxitCloudUpdateService - ok
12:40:06.0538 0x2050  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
12:40:06.0538 0x2050  FsDepends - ok
12:40:06.0570 0x2050  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:40:06.0585 0x2050  Fs_Rec - ok
12:40:06.0639 0x2050  [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:40:06.0670 0x2050  fvevol - ok
12:40:06.0701 0x2050  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
12:40:06.0739 0x2050  gagp30kx - ok
12:40:06.0754 0x2050  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:40:06.0770 0x2050  GEARAspiWDM - ok
12:40:06.0801 0x2050  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
12:40:06.0839 0x2050  gencounter - ok
12:40:06.0855 0x2050  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
12:40:06.0902 0x2050  genericusbfn - ok
12:40:06.0917 0x2050  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:40:06.0939 0x2050  GPIOClx0101 - ok
12:40:07.0171 0x2050  [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
12:40:07.0339 0x2050  gpsvc - ok
12:40:07.0356 0x2050  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
12:40:07.0403 0x2050  GpuEnergyDrv - ok
12:40:07.0503 0x2050  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:40:07.0540 0x2050  gupdate - ok
12:40:07.0556 0x2050  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:40:07.0572 0x2050  gupdatem - ok
12:40:07.0603 0x2050  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
12:40:07.0656 0x2050  HDAudBus - ok
12:40:07.0672 0x2050  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\WINDOWS\System32\drivers\HECIx64.sys
12:40:07.0687 0x2050  HECIx64 - ok
12:40:07.0719 0x2050  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
12:40:07.0741 0x2050  HidBatt - ok
12:40:07.0772 0x2050  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
12:40:07.0803 0x2050  HidBth - ok
12:40:07.0839 0x2050  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
12:40:07.0857 0x2050  hidi2c - ok
12:40:07.0873 0x2050  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
12:40:07.0888 0x2050  hidinterrupt - ok
12:40:07.0904 0x2050  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
12:40:07.0941 0x2050  HidIr - ok
12:40:07.0972 0x2050  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
12:40:08.0004 0x2050  hidserv - ok
12:40:08.0057 0x2050  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
12:40:08.0203 0x2050  HidUsb - ok
12:40:08.0241 0x2050  [ EDE31817FC0A574E7CC3AF7E544C8951, DC8D07A15525E1CA52C5F6DFAEB2585807D45FC3400EAC9E27DC27E46B5B480F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:40:08.0372 0x2050  HomeGroupListener - ok
12:40:08.0488 0x2050  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:40:08.0589 0x2050  HomeGroupProvider - ok
12:40:08.0620 0x2050  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
12:40:08.0642 0x2050  HpSAMD - ok
12:40:08.0689 0x2050  [ B6639BF8236BDD3427B10C581332BE71, A6A9DB37BB83C70F01E7D99CA4891FD32F93A96C84215CFCC85AF41625C1023C ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
12:40:08.0704 0x2050  HPSupportSolutionsFrameworkService - ok
12:40:08.0742 0x2050  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\WINDOWS\system32\DRIVERS\htcnprot.sys
12:40:08.0789 0x2050  htcnprot - ok
12:40:08.0920 0x2050  [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
12:40:08.0989 0x2050  HTTP - ok
12:40:09.0020 0x2050  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
12:40:09.0039 0x2050  hwpolicy - ok
12:40:09.0074 0x2050  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
12:40:09.0105 0x2050  hyperkbd - ok
12:40:09.0148 0x2050  [ 40115A0F8E7FF9E786EBBD1D33D39AD7, 5190D3970950251CD0946521C428BF26BF7D68C2984B990B8EFDD406EC9CDFE1 ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:40:09.0176 0x2050  HyperVideo - ok
12:40:09.0216 0x2050  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
12:40:09.0292 0x2050  i8042prt - ok
12:40:09.0358 0x2050  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:40:09.0379 0x2050  IAANTMON - ok
12:40:09.0396 0x2050  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
12:40:09.0415 0x2050  iai2c - ok
12:40:09.0437 0x2050  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
12:40:09.0474 0x2050  iaLPSS2i_I2C - ok
12:40:09.0492 0x2050  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:40:09.0518 0x2050  iaLPSSi_GPIO - ok
12:40:09.0539 0x2050  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:40:09.0553 0x2050  iaLPSSi_I2C - ok
12:40:09.0668 0x2050  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
12:40:09.0699 0x2050  iaStor - ok
12:40:09.0746 0x2050  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
12:40:09.0768 0x2050  iaStorAV - ok
12:40:09.0831 0x2050  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
12:40:09.0853 0x2050  iaStorV - ok
12:40:09.0950 0x2050  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
12:40:09.0984 0x2050  ibbus - ok
12:40:10.0084 0x2050  [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
12:40:10.0249 0x2050  icssvc - ok
12:40:10.0253 0x2050  IEEtwCollectorService - ok
12:40:10.0353 0x2050  [ 5E5BEC886CC2503C4F18AF2153B169AF, BCC241AEFFFEF0B56909F9141F7EA424D945532B8610E6A3BEF590FEB00FA26D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
12:40:10.0431 0x2050  IKEEXT - ok
12:40:10.0469 0x2050  [ 36FDF367A1DABFF903E2214023D71368, 60468692C1D048428AF25ED87DE23DAE756C7BA2B6CF6AF5EFD2E53C80F5FC68 ] Impcd           C:\WINDOWS\System32\drivers\Impcd.sys
12:40:10.0531 0x2050  Impcd - ok
12:40:10.0754 0x2050  [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:40:10.0885 0x2050  IntcAzAudAddService - ok
12:40:10.0901 0x2050  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
12:40:10.0917 0x2050  intelide - ok
12:40:10.0954 0x2050  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
12:40:10.0970 0x2050  intelpep - ok
12:40:10.0986 0x2050  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
12:40:11.0017 0x2050  intelppm - ok
12:40:11.0053 0x2050  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
12:40:11.0116 0x2050  IoQos - ok
12:40:11.0132 0x2050  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:40:11.0186 0x2050  IpFilterDriver - ok
12:40:11.0232 0x2050  [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
12:40:11.0370 0x2050  iphlpsvc - ok
12:40:11.0401 0x2050  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:40:11.0486 0x2050  IPMIDRV - ok
12:40:11.0502 0x2050  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
12:40:11.0555 0x2050  IPNAT - ok
12:40:11.0671 0x2050  [ 043A93A498B3C4A88CACA3BCBC9B54C7, C08C5A03940806C6CB75ADDCBE6183145AD2AFE84D77BC85E620E7C1542F0893 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:40:11.0702 0x2050  iPod Service - ok
12:40:11.0733 0x2050  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
12:40:11.0770 0x2050  IRENUM - ok
12:40:11.0786 0x2050  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
12:40:11.0802 0x2050  isapnp - ok
12:40:11.0833 0x2050  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
12:40:11.0855 0x2050  iScsiPrt - ok
12:40:11.0886 0x2050  [ 8438B8A45E16258064C19FBEC4EE069F, 9128F825403B26A39BC769A53555DF1FD2B82882AF1384135D0329FCF2BBAC6D ] k57nd60a        C:\WINDOWS\System32\drivers\k57nd60a.sys
12:40:11.0918 0x2050  k57nd60a - ok
12:40:11.0933 0x2050  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
12:40:11.0955 0x2050  kbdclass - ok
12:40:11.0971 0x2050  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
12:40:12.0002 0x2050  kbdhid - ok
12:40:12.0018 0x2050  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
12:40:12.0102 0x2050  kdnic - ok
12:40:12.0118 0x2050  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
12:40:12.0133 0x2050  KeyIso - ok
12:40:12.0171 0x2050  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
12:40:12.0187 0x2050  KSecDD - ok
12:40:12.0218 0x2050  [ C2138FE291C8235C3A26CD04EE629163, 33A840893B104BFCF111C99F8C23B283EF26D8E1BB523BDA0259F6B56B60874D ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:40:12.0234 0x2050  KSecPkg - ok
12:40:12.0255 0x2050  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
12:40:12.0271 0x2050  ksthunk - ok
12:40:12.0318 0x2050  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
12:40:12.0387 0x2050  KtmRm - ok
12:40:12.0455 0x2050  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
12:40:12.0518 0x2050  LanmanServer - ok
12:40:12.0571 0x2050  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:40:12.0603 0x2050  LanmanWorkstation - ok
12:40:12.0634 0x2050  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
12:40:12.0702 0x2050  lfsvc - ok
12:40:12.0718 0x2050  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
12:40:12.0787 0x2050  LicenseManager - ok
12:40:12.0803 0x2050  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
12:40:12.0834 0x2050  lltdio - ok
12:40:12.0871 0x2050  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
12:40:12.0903 0x2050  lltdsvc - ok
12:40:12.0934 0x2050  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
12:40:13.0003 0x2050  lmhosts - ok
12:40:13.0052 0x2050  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:40:13.0056 0x2050  LMS - ok
12:40:13.0087 0x2050  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
12:40:13.0118 0x2050  LSI_SAS - ok
12:40:13.0134 0x2050  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
12:40:13.0156 0x2050  LSI_SAS2i - ok
12:40:13.0172 0x2050  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
12:40:13.0187 0x2050  LSI_SAS3i - ok
12:40:13.0219 0x2050  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
12:40:13.0234 0x2050  LSI_SSS - ok
12:40:13.0272 0x2050  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
12:40:13.0356 0x2050  LSM - ok
12:40:13.0372 0x2050  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
12:40:13.0419 0x2050  luafv - ok
12:40:13.0435 0x2050  [ 98E3D2BB421424B0457F8B7C46113110, 479187820318E9193765ADAA1D2E83E5752D9A2B22941DF3660C413DA029E618 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
12:40:13.0504 0x2050  MapsBroker - ok
12:40:13.0535 0x2050  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
12:40:13.0557 0x2050  megasas - ok
12:40:13.0573 0x2050  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
12:40:13.0604 0x2050  megasr - ok
12:40:13.0635 0x2050  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
12:40:13.0672 0x2050  MessagingService - ok
12:40:13.0819 0x2050  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
12:40:13.0873 0x2050  mlx4_bus - ok
12:40:13.0904 0x2050  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
12:40:13.0973 0x2050  MMCSS - ok
12:40:14.0374 0x2050  [ D9652739D1007B9B5CE34CEF38E095C5, 20AFFEA3B2E7F254A58CDD9F4F9D51D94710C20E98A650BE33FD446A474D7D12 ] mmsminisrv      C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
12:40:14.0611 0x2050  mmsminisrv - ok
12:40:14.0637 0x2050  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
12:40:14.0654 0x2050  Modem - ok
12:40:14.0654 0x2050  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
12:40:14.0739 0x2050  monitor - ok
12:40:14.0754 0x2050  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
12:40:14.0770 0x2050  mouclass - ok
12:40:14.0801 0x2050  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
12:40:14.0870 0x2050  mouhid - ok
12:40:14.0901 0x2050  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
12:40:14.0933 0x2050  mountmgr - ok
12:40:14.0986 0x2050  [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:40:15.0017 0x2050  MozillaMaintenance - ok
12:40:15.0017 0x2050  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
12:40:15.0101 0x2050  mpsdrv - ok
12:40:15.0170 0x2050  [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
12:40:15.0270 0x2050  MpsSvc - ok
12:40:15.0317 0x2050  [ 2B9A1FF2450BAF7A795941BE471F16EF, DD213BACDAE4E3C4F89BFE54BCE77B2F66D12AA85949147AE8A31049876CAA3E ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
12:40:15.0417 0x2050  MQAC - ok
12:40:15.0439 0x2050  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
12:40:15.0502 0x2050  MRxDAV - ok
12:40:15.0540 0x2050  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:40:15.0571 0x2050  mrxsmb - ok
12:40:15.0586 0x2050  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:40:15.0656 0x2050  mrxsmb10 - ok
12:40:15.0687 0x2050  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:40:15.0702 0x2050  mrxsmb20 - ok
12:40:15.0735 0x2050  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
12:40:15.0803 0x2050  MsBridge - ok
12:40:15.0840 0x2050  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
12:40:15.0871 0x2050  MSDTC - ok
12:40:15.0902 0x2050  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:40:15.0971 0x2050  Msfs - ok
12:40:16.0002 0x2050  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:40:16.0018 0x2050  msgpiowin32 - ok
12:40:16.0040 0x2050  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:40:16.0087 0x2050  mshidkmdf - ok
12:40:16.0087 0x2050  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
12:40:16.0102 0x2050  mshidumdf - ok
12:40:16.0118 0x2050  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
12:40:16.0140 0x2050  msisadrv - ok
12:40:16.0171 0x2050  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
12:40:16.0203 0x2050  MSiSCSI - ok
12:40:16.0203 0x2050  msiserver - ok
12:40:16.0237 0x2050  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
12:40:16.0271 0x2050  MSKSSRV - ok
12:40:16.0302 0x2050  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
12:40:16.0355 0x2050  MsLldp - ok
12:40:16.0386 0x2050  [ 30130E99810283026C5FA2F57A4BB488, 3CF97CC2F63A7CDEA19C8B2DD73EED161309A7C334FF80567C18423F2DA34249 ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
12:40:16.0440 0x2050  MSMQ - ok
12:40:16.0471 0x2050  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
12:40:16.0502 0x2050  MSPCLOCK - ok
12:40:16.0518 0x2050  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
12:40:16.0540 0x2050  MSPQM - ok
12:40:16.0571 0x2050  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
12:40:16.0587 0x2050  MsRPC - ok
12:40:16.0603 0x2050  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
12:40:16.0618 0x2050  mssmbios - ok
12:40:16.0640 0x2050  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
12:40:16.0703 0x2050  MSTEE - ok
12:40:16.0718 0x2050  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
12:40:16.0756 0x2050  MTConfig - ok
12:40:16.0772 0x2050  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
12:40:16.0787 0x2050  Mup - ok
12:40:16.0803 0x2050  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
12:40:16.0819 0x2050  mvumis - ok
12:40:16.0841 0x2050  [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter    C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys
12:40:16.0857 0x2050  mwlPSDFilter - ok
12:40:16.0872 0x2050  [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ     C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys
12:40:16.0872 0x2050  mwlPSDNServ - ok
12:40:16.0872 0x2050  [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk     C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys
12:40:16.0888 0x2050  mwlPSDVDisk - ok
12:40:16.0937 0x2050  [ 2F139207F618EC2933830227EEFFDDB4, 2942452EC631BF11CCCDA397C756CBBC0337F58B215A3F02DA263818CB3BE9A9 ] MWLService      C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
12:40:16.0941 0x2050  MWLService - ok
12:40:16.0988 0x2050  [ 549DFD8240CF20BFBD88AD9D89325DBF, D2553AEA91524E7EBCE902D175BCE3A14C594FB0B5E1310E2D9171AF903CF51C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:40:17.0142 0x2050  NativeWifiP - ok
12:40:17.0173 0x2050  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
12:40:17.0257 0x2050  NcaSvc - ok
12:40:17.0304 0x2050  [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService      C:\WINDOWS\System32\ncbservice.dll
12:40:17.0405 0x2050  NcbService - ok
12:40:17.0420 0x2050  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
12:40:17.0505 0x2050  NcdAutoSetup - ok
12:40:17.0521 0x2050  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
12:40:17.0543 0x2050  ndfltr - ok
12:40:17.0605 0x2050  [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
12:40:17.0690 0x2050  NDIS - ok
12:40:17.0721 0x2050  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
12:40:17.0774 0x2050  NdisCap - ok
12:40:17.0806 0x2050  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
12:40:17.0875 0x2050  NdisImPlatform - ok
12:40:17.0891 0x2050  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:40:17.0942 0x2050  NdisTapi - ok
12:40:17.0959 0x2050  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
12:40:17.0975 0x2050  Ndisuio - ok
12:40:17.0990 0x2050  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:40:18.0022 0x2050  NdisVirtualBus - ok
12:40:18.0059 0x2050  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
12:40:18.0075 0x2050  NdisWan - ok
12:40:18.0091 0x2050  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:40:18.0122 0x2050  ndiswanlegacy - ok
12:40:18.0159 0x2050  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
12:40:18.0191 0x2050  ndproxy - ok
12:40:18.0222 0x2050  [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
12:40:18.0291 0x2050  Ndu - ok
12:40:18.0307 0x2050  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:40:18.0360 0x2050  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:40:18.0459 0x2050  Detect skipped due to KSN trusted
12:40:18.0459 0x2050  Net Driver HPZ12 - ok
12:40:18.0475 0x2050  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
12:40:18.0506 0x2050  NetBIOS - ok
12:40:18.0544 0x2050  [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:40:18.0675 0x2050  NetBT - ok

magigstar · 28.08.2016, 12:05

Code:

ATTFilter

12:40:18.0675 0x2050  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:40:18.0691 0x2050  Netlogon - ok
12:40:18.0740 0x2050  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
12:40:18.0775 0x2050  Netman - ok
12:40:18.0839 0x2050  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:18.0876 0x2050  NetMsmqActivator - ok
12:40:18.0891 0x2050  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:18.0891 0x2050  NetPipeActivator - ok
12:40:18.0945 0x2050  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
12:40:18.0992 0x2050  netprofm - ok
12:40:19.0023 0x2050  [ D8CAB1807EA429C2C647FBC33C30CC88, 8D7CD300A5345444ED39F7BD81B64DEDC4457AF66B5993E9F6A250AE6AD02130 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
12:40:19.0107 0x2050  NetSetupSvc - ok
12:40:19.0139 0x2050  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:19.0161 0x2050  NetTcpActivator - ok
12:40:19.0161 0x2050  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:19.0177 0x2050  NetTcpPortSharing - ok
12:40:19.0208 0x2050  [ 2BB62723C835F75F0C7C9E6A736881FB, CBA690F5205BE8AE1E8ED8A47BC1594E05391DAC30AAEE0A055366F24602346C ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
12:40:19.0244 0x2050  netvsc - ok
12:40:19.0277 0x2050  [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
12:40:19.0377 0x2050  NgcCtnrSvc - ok
12:40:19.0446 0x2050  [ 7AAA9916AA10F4B0E9743798A5BA6549, 2E38EEF3F487A7DD0B719A048FFA0EB36B2487A1068BB322553E9DD2FCE46711 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
12:40:19.0509 0x2050  NgcSvc - ok
12:40:19.0546 0x2050  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
12:40:19.0593 0x2050  NlaSvc - ok
12:40:19.0625 0x2050  [ 6E25BE911475B925A257D947A6DA07A9, 99E06AFE56C4F2D0850A570825A8D98BE0BFDBB44C6FD18D60AF34BB7A3BB38E ] NoIPDUCService4 C:\Program Files (x86)\No-IP\ducservice.exe
12:40:19.0662 0x2050  NoIPDUCService4 - detected UnsignedFile.Multi.Generic ( 1 )
12:40:19.0762 0x2050  Detect skipped due to KSN trusted
12:40:19.0762 0x2050  NoIPDUCService4 - ok
12:40:19.0793 0x2050  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:40:19.0843 0x2050  Npfs - ok
12:40:19.0862 0x2050  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
12:40:19.0947 0x2050  npsvctrig - ok
12:40:19.0978 0x2050  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
12:40:20.0046 0x2050  nsi - ok
12:40:20.0062 0x2050  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
12:40:20.0093 0x2050  nsiproxy - ok
12:40:20.0194 0x2050  [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
12:40:20.0293 0x2050  NTFS - ok
12:40:20.0347 0x2050  [ 14E66F603FB187713AEB02AD3B0390CF, E4025ECBEC50B85E3A860763053243C47E3FCE76F2348429C03827240A8DF3B6 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:40:20.0362 0x2050  NTI IScheduleSvc - ok
12:40:20.0409 0x2050  [ FD324CCE1D4D5BB5AF65F8E55B462C7E, 901287499F33EFD3B1EE6CBDAD4E4DD342DC62FCDCCEF5375CB9D7B0673EE1E6 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
12:40:20.0409 0x2050  NTIBackupSvc - ok
12:40:20.0446 0x2050  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
12:40:20.0446 0x2050  NTIDrvr - ok
12:40:20.0478 0x2050  [ 3F6268A2EC33CD38CF75C880AF8DED42, 6CA4A527878042C3BB40A7C0F4F9434827C7E60F989EB7C39BBAD0F270404EEE ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
12:40:20.0493 0x2050  NTISchedulerSvc - ok
12:40:20.0543 0x2050  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:40:20.0578 0x2050  Null - ok
12:40:20.0609 0x2050  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
12:40:20.0647 0x2050  nvraid - ok
12:40:20.0647 0x2050  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
12:40:20.0678 0x2050  nvstor - ok
12:40:20.0709 0x2050  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
12:40:20.0725 0x2050  nv_agp - ok
12:40:20.0763 0x2050  [ FDDC75FDB8F9B581E3D6513FB85256E8, 8CC4924E69E6008D30219BCE4C0FCCABB5F63ECF82C1A6C8BA374805D34B4FF1 ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
12:40:20.0794 0x2050  OneSyncSvc - ok
12:40:20.0963 0x2050  [ ADF2C72E6483D84C89DEC816EFABC01A, ECA0E0B716D143682B0575935F186821815F8439FDE130A4D89C96FA8FC9A26B ] OODefragAgent   C:\Program Files\OO Software\Defrag\oodag.exe
12:40:21.0095 0x2050  OODefragAgent - ok
12:40:21.0211 0x2050  [ 82FC4EAFF4156DDB621FADDC0741011D, 4F6772507BA700A3AF84974B72AA152949D383B62AA077D1CB1702A9BD6B1806 ] Orbiter         C:/Program Files (x86)/ORBTR/orbiter.dll
12:40:21.0242 0x2050  Orbiter - ok
12:40:21.0280 0x2050  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
12:40:21.0380 0x2050  p2pimsvc - ok
12:40:21.0464 0x2050  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
12:40:21.0527 0x2050  p2psvc - ok
12:40:21.0547 0x2050  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
12:40:21.0580 0x2050  Parport - ok
12:40:21.0627 0x2050  [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
12:40:21.0649 0x2050  partmgr - ok
12:40:21.0680 0x2050  [ A1E779A0CF7A21B42E8FD3E8856D8481, 40DE8155861E6126D6E39FF05E5E92E32C929874500671AB61592A659F09B88C ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
12:40:21.0765 0x2050  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
12:40:21.0881 0x2050  Detect skipped due to KSN trusted
12:40:21.0881 0x2050  PassThru Service - ok
12:40:21.0946 0x2050  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
12:40:21.0965 0x2050  PcaSvc - ok
12:40:22.0012 0x2050  [ 3F89E96BDA0A24A3D2DBB7CE1E625589, 63AAF83128B8AE279BC37331D2B27133EB9DE9C61392ADF18278A301697D0307 ] pci             C:\WINDOWS\system32\drivers\pci.sys
12:40:22.0028 0x2050  pci - ok
12:40:22.0066 0x2050  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
12:40:22.0081 0x2050  pciide - ok
12:40:22.0097 0x2050  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
12:40:22.0113 0x2050  pcmcia - ok
12:40:22.0148 0x2050  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
12:40:22.0150 0x2050  pcw - ok
12:40:22.0197 0x2050  [ 34DDBE73E42A4EDED7BEFF66F270C1A4, 420D6EC5B514423C4583839D4E185F7D71989C7BC8A854B0FCC54EE03A972381 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
12:40:22.0213 0x2050  pdc - ok
12:40:22.0350 0x2050  [ DFEF059EBBDC137DD242326EB67770C7, FEA245E7316A0567D4A0930F96C502BCB37350C80742F3FFEA668512EC5B9225 ] PDF Architect 4 C:\Program Files\PDF Architect 4\ws.exe
12:40:22.0429 0x2050  PDF Architect 4 - ok
12:40:22.0513 0x2050  [ 82AA78BB5365D76F5D9EF4A978BFEF5A, C5A99C748E1E43134CEADEF89CD439E411465242741241B38BA99032710D84A7 ] PDF Architect 4 CrashHandler C:\Program Files\PDF Architect 4\crash-handler-ws.exe
12:40:22.0551 0x2050  PDF Architect 4 CrashHandler - ok
12:40:22.0614 0x2050  [ 462724DA4AD38C159F8AFDB8F6A55BE2, 189F5C1B470DF6EAF9E02A8E294FA3B33DBCAD36695C6C17747B1D56FE8FC78D ] PDF Architect 4 Creator C:\Program Files\PDF Architect 4\creator-ws.exe
12:40:22.0651 0x2050  PDF Architect 4 Creator - ok
12:40:22.0783 0x2050  [ 08DAD53D89403158FC493FABAE217773, 833BF76818B984FE26A87A8DB75BA15A1143C9FCC0BBB5A8708656C7C09D6A28 ] PDF Architect 4 Manager C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
12:40:22.0814 0x2050  PDF Architect 4 Manager - ok
12:40:22.0914 0x2050  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
12:40:22.0967 0x2050  PDF Architect Helper Service - ok
12:40:23.0014 0x2050  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
12:40:23.0052 0x2050  PDF Architect Service - ok
12:40:23.0099 0x2050  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
12:40:23.0152 0x2050  PEAUTH - ok
12:40:23.0168 0x2050  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
12:40:23.0183 0x2050  percsas2i - ok
12:40:23.0199 0x2050  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
12:40:23.0214 0x2050  percsas3i - ok
12:40:23.0330 0x2050  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
12:40:23.0484 0x2050  PerfHost - ok
12:40:23.0568 0x2050  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
12:40:23.0653 0x2050  PhoneSvc - ok
12:40:23.0716 0x2050  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
12:40:23.0784 0x2050  PimIndexMaintenanceSvc - ok
12:40:23.0869 0x2050  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
12:40:23.0969 0x2050  pla - ok
12:40:23.0985 0x2050  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
12:40:24.0016 0x2050  PlugPlay - ok
12:40:24.0054 0x2050  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:40:24.0085 0x2050  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:40:24.0186 0x2050  Detect skipped due to KSN trusted
12:40:24.0186 0x2050  Pml Driver HPZ12 - ok
12:40:24.0217 0x2050  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
12:40:24.0252 0x2050  PNRPAutoReg - ok
12:40:24.0270 0x2050  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
12:40:24.0301 0x2050  PNRPsvc - ok
12:40:24.0355 0x2050  [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
12:40:24.0471 0x2050  PolicyAgent - ok
12:40:24.0486 0x2050  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
12:40:24.0533 0x2050  Power - ok
12:40:24.0571 0x2050  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
12:40:24.0586 0x2050  PptpMiniport - ok
12:40:24.0817 0x2050  [ C9908063F90F5541098BF19EA63E1327, AA6B5E4D01CD8061D5953FDE3025FE4AF01B265C182B8818107A035E4FFAD0DF ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:40:25.0055 0x2050  PrintNotify - ok
12:40:25.0087 0x2050  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
12:40:25.0118 0x2050  Processor - ok
12:40:25.0155 0x2050  [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
12:40:25.0202 0x2050  ProfSvc - ok
12:40:25.0233 0x2050  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
12:40:25.0255 0x2050  Psched - ok
12:40:25.0287 0x2050  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
12:40:25.0371 0x2050  QWAVE - ok
12:40:25.0402 0x2050  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
12:40:25.0433 0x2050  QWAVEdrv - ok
12:40:25.0455 0x2050  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:40:25.0518 0x2050  RasAcd - ok
12:40:25.0553 0x2050  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
12:40:25.0618 0x2050  RasAgileVpn - ok
12:40:25.0655 0x2050  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:40:25.0702 0x2050  RasAuto - ok
12:40:25.0734 0x2050  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
12:40:25.0771 0x2050  Rasl2tp - ok
12:40:25.0802 0x2050  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:40:25.0872 0x2050  RasMan - ok
12:40:25.0887 0x2050  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\System32\drivers\raspppoe.sys
12:40:25.0918 0x2050  RasPppoe - ok
12:40:25.0918 0x2050  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
12:40:25.0956 0x2050  RasSstp - ok
12:40:26.0003 0x2050  [ 1BB74617AE07539EC7C31C93F98644C7, 527F4F7ADA499814A97F68EE449F39D8A897A68B03AA24E2EE39A378D8D1DD27 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:40:26.0034 0x2050  rdbss - ok
12:40:26.0054 0x2050  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
12:40:26.0135 0x2050  rdpbus - ok
12:40:26.0155 0x2050  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
12:40:26.0172 0x2050  RDPDR - ok
12:40:26.0203 0x2050  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:40:26.0219 0x2050  RdpVideoMiniport - ok
12:40:26.0255 0x2050  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
12:40:26.0272 0x2050  rdyboost - ok
12:40:26.0335 0x2050  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
12:40:26.0373 0x2050  ReFSv1 - ok
12:40:26.0419 0x2050  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:40:26.0473 0x2050  RemoteAccess - ok
12:40:26.0520 0x2050  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:40:26.0557 0x2050  RemoteRegistry - ok
12:40:26.0658 0x2050  [ C439E5B6E3EB38C9C7611C393348503B, C9E3E3EDB134C2C5A3212CAD372A542DB1658A0263112E66EDF812FAE3F377BF ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
12:40:26.0789 0x2050  RetailDemo - ok
12:40:26.0836 0x2050  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
12:40:26.0858 0x2050  RpcEptMapper - ok
12:40:26.0890 0x2050  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:40:26.0936 0x2050  RpcLocator - ok
12:40:27.0036 0x2050  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:40:27.0090 0x2050  RpcSs - ok
12:40:27.0105 0x2050  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
12:40:27.0137 0x2050  rspndr - ok
12:40:27.0275 0x2050  [ B5A4B7D779CF4070DF408DE18BD33B02, 45D68D32AE10DB0D76F3455DF84ACD2289485C38FC411B71C2DD3E0FB9923473 ] RS_Service      C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
12:40:27.0322 0x2050  RS_Service - detected UnsignedFile.Multi.Generic ( 1 )
12:40:27.0422 0x2050  Detect skipped due to KSN trusted
12:40:27.0422 0x2050  RS_Service - ok
12:40:27.0460 0x2050  [ 7421A35C45484B95E83B5E9E107CEFC2, 128BB6A7552B9D57284056FB8946A6FE3C620F7B706F709F896828304A6FCD77 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtHDMIVX.sys
12:40:27.0475 0x2050  RTHDMIAzAudService - ok
12:40:27.0507 0x2050  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
12:40:27.0538 0x2050  s3cap - ok
12:40:27.0560 0x2050  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:40:27.0591 0x2050  SamSs - ok
12:40:27.0676 0x2050  [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\WNt500x64\Sandra.sys
12:40:27.0723 0x2050  SANDRA - ok
12:40:27.0738 0x2050  [ 65FCC1102E87462548AF8EC49620C9FC, 99FA15DA12D7550364F598EF78F04051FE1743A1D74BE6048DF840757FB08D0B ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\RpcAgentSrv.exe
12:40:27.0776 0x2050  SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
12:40:27.0876 0x2050  Detect skipped due to KSN trusted
12:40:27.0876 0x2050  SandraAgentSrv - ok
12:40:27.0923 0x2050  [ D2FA15AED5CEB66259F24B656A76B663, 009D273CFA4B2D7BBBFB69C7F722DC5F7AB3AA2562A66695ECAE6D30D5B997CD ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
12:40:27.0938 0x2050  SbieDrv - ok
12:40:27.0959 0x2050  [ B93AC7F63D395F19B3C77680FD84833D, BBCC7BA27A305E4E07F82AF11FF8A0E258DDB67E36BE5E74389A27A7D2DD5A05 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
12:40:27.0960 0x2050  SbieSvc - ok
12:40:28.0007 0x2050  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
12:40:28.0022 0x2050  sbp2port - ok
12:40:28.0058 0x2050  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
12:40:28.0092 0x2050  SCardSvr - ok
12:40:28.0107 0x2050  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
12:40:28.0138 0x2050  ScDeviceEnum - ok
12:40:28.0160 0x2050  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:40:28.0191 0x2050  scfilter - ok
12:40:28.0276 0x2050  [ 4D82582733D9F437F544D3F8F98CE159, 32603C9AFC4D56D505D2EA5B63EF33A484A20A3C82E28F6C30A7597BBF34F785 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:40:28.0375 0x2050  Schedule - ok
12:40:28.0422 0x2050  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
12:40:28.0438 0x2050  SCPolicySvc - ok
12:40:28.0507 0x2050  [ 1CDA6D0A2345AA589949AE9C83853913, 13E9164485BA7F7DB86CBA905C7F0E009488B03CC4F3F044EA37D04D0FB661C6 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
12:40:28.0523 0x2050  sdbus - ok
12:40:28.0538 0x2050  [ 723C6C3DE056D3EB76F7520BEF5947B4, 49FFDAD56BBD652404A587F282867161BAE6D9E61BC2C819DDC75CE10A8E3C63 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
12:40:28.0576 0x2050  SDRSVC - ok
12:40:28.0607 0x2050  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
12:40:28.0623 0x2050  sdstor - ok
12:40:28.0659 0x2050  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon        C:\WINDOWS\system32\seclogon.dll
12:40:28.0707 0x2050  seclogon - ok
12:40:28.0738 0x2050  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
12:40:28.0761 0x2050  SENS - ok
12:40:28.0857 0x2050  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
12:40:29.0007 0x2050  SensorDataService - ok
12:40:29.0056 0x2050  [ 3A96F324681545F135320A9E91793972, CD588AAF764705CAA8838776D20C88B60B9AC73EC3F4608FFCE63831AA80D3C4 ] SensorService   C:\WINDOWS\system32\SensorService.dll
12:40:29.0122 0x2050  SensorService - ok
12:40:29.0156 0x2050  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
12:40:29.0223 0x2050  SensrSvc - ok
12:40:29.0260 0x2050  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
12:40:29.0291 0x2050  SerCx - ok
12:40:29.0323 0x2050  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
12:40:29.0358 0x2050  SerCx2 - ok
12:40:29.0376 0x2050  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
12:40:29.0391 0x2050  Serenum - ok
12:40:29.0423 0x2050  [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial          C:\WINDOWS\System32\drivers\serial.sys
12:40:29.0438 0x2050  Serial - ok
12:40:29.0460 0x2050  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
12:40:29.0492 0x2050  sermouse - ok
12:40:29.0523 0x2050  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
12:40:29.0561 0x2050  SessionEnv - ok
12:40:29.0592 0x2050  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
12:40:29.0608 0x2050  sfloppy - ok
12:40:29.0661 0x2050  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:40:29.0708 0x2050  SharedAccess - ok
12:40:29.0761 0x2050  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:40:29.0824 0x2050  ShellHWDetection - ok
12:40:29.0824 0x2050  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:40:29.0839 0x2050  SiSRaid2 - ok
12:40:29.0862 0x2050  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
12:40:29.0877 0x2050  SiSRaid4 - ok
12:40:29.0978 0x2050  [ E6035ADBA3F13ACF1BEDA7B5D50FDBBB, A840D072395F2394E3B55A080F8F17CC3A02E8BCAFE8B8EC0374ECA1EFF05C23 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:40:30.0009 0x2050  SkypeUpdate - ok
12:40:30.0040 0x2050  [ ED3188A5AC871564D2598F289B5D36DF, CCDCA10105480DB16B4E0BD2767EA2DEF62C9996F2E059FBAA4A3B40AE3E97F6 ] SLEE_18_DRIVER  C:\Windows\Sleen1864.sys
12:40:30.0094 0x2050  SLEE_18_DRIVER - ok
12:40:30.0125 0x2050  [ 8E67E1EEE991636172E63239549AE2FD, CFA997A2DF056CF3A1AFF2132B52E9CC2FD3ED3A3689D19E90C30527EA3560C2 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
12:40:30.0140 0x2050  SmbDrvI - ok
12:40:30.0178 0x2050  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
12:40:30.0209 0x2050  smphost - ok
12:40:30.0278 0x2050  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
12:40:30.0341 0x2050  SmsRouter - ok
12:40:30.0394 0x2050  [ 67E7E7DB39769F2D8C4DC7BD4EBA02E6, 0FA9E2D4B100AA5BD258B152D1CA7CD7682DF2796584892710F822FEF1AF1A85 ] snapman         C:\WINDOWS\system32\DRIVERS\snapman.sys
12:40:30.0440 0x2050  snapman - ok
12:40:30.0463 0x2050  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
12:40:30.0478 0x2050  SNMPTRAP - ok
12:40:30.0525 0x2050  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
12:40:30.0563 0x2050  spaceport - ok
12:40:30.0579 0x2050  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
12:40:30.0594 0x2050  SpbCx - ok
12:40:30.0679 0x2050  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\WINDOWS\syswow64\speedfan.sys
12:40:30.0726 0x2050  speedfan - ok
12:40:30.0794 0x2050  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler         C:\WINDOWS\System32\spoolsv.exe
12:40:30.0910 0x2050  Spooler - ok
12:40:31.0161 0x2050  [ 49B666BCCF59226549F64656584318EA, D7751FB921CE526322DF8CD95430EEA5337E894CE76E0FAA47827CA3B2C953C5 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
12:40:31.0462 0x2050  sppsvc - ok
12:40:31.0515 0x2050  [ BE88248427A6AA548A904FD867667F70, 37E7BB76881F4E896311721B1FCB7B1908524591D36F7D63B233CA0115FECC2C ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:40:31.0584 0x2050  srv - ok
12:40:31.0615 0x2050  [ 2568B86F6A50D254324CB89022CA9EFC, 001B7A0061227E8E78A35FDC095C71A6974F18B1289FA392FA0B864A88C20672 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
12:40:31.0715 0x2050  srv2 - ok
12:40:31.0762 0x2050  [ 6E520D6B16EA8AE23D1F81C1194F00C8, 42CAB0772D351023DBF1DAD4BDB1FC214827CEA660284838B41062B8DF89DF10 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:40:31.0800 0x2050  srvnet - ok
12:40:31.0847 0x2050  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:40:31.0900 0x2050  SSDPSRV - ok
12:40:31.0915 0x2050  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
12:40:31.0962 0x2050  SstpSvc - ok
12:40:32.0062 0x2050  [ 99435AD1BC9E7E7CEA528868E5B1F9B2, 66C490EB12BFF8834842D28B1138E69180B972CCFDD3D33263A94A79DED0C6CB ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
12:40:32.0285 0x2050  StateRepository - ok
12:40:32.0401 0x2050  [ 296268EE8C9427D49DDA579017014244, 5EF5D88775219869FA8965F37E8E988813D7295A5466A736378BC51A76510C41 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:40:32.0448 0x2050  Steam Client Service - ok
12:40:32.0485 0x2050  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
12:40:32.0501 0x2050  stexstor - ok
12:40:32.0532 0x2050  [ 2834415C4EDD6CE35CB3CFEC50E08469, 28426616C709457DF38B5E2B4B9666C1255B81D2097589A95AAABD1BFACD302A ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
12:40:32.0586 0x2050  StillCam - ok
12:40:32.0633 0x2050  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
12:40:32.0686 0x2050  stisvc - ok
12:40:32.0717 0x2050  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
12:40:32.0733 0x2050  storahci - ok
12:40:32.0748 0x2050  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
12:40:32.0782 0x2050  storflt - ok
12:40:32.0802 0x2050  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
12:40:32.0818 0x2050  stornvme - ok
12:40:32.0833 0x2050  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
12:40:32.0918 0x2050  storqosflt - ok
12:40:33.0002 0x2050  [ FE42F8A07885E518ED1E846C93E4B78C, 264B21A5E07654F159A3E324F3B38A8C11AF619F61B5779A46367DD99EBD00A6 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
12:40:33.0102 0x2050  StorSvc - ok
12:40:33.0134 0x2050  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
12:40:33.0149 0x2050  storufs - ok
12:40:33.0149 0x2050  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
12:40:33.0165 0x2050  storvsc - ok
12:40:33.0202 0x2050  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
12:40:33.0234 0x2050  svsvc - ok
12:40:33.0249 0x2050  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
12:40:33.0265 0x2050  swenum - ok
12:40:33.0303 0x2050  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
12:40:33.0349 0x2050  swprv - ok
12:40:33.0755 0x2050  [ C653C8A3D3079A7D03F8DAB6C5FE6DD7, 7A0A6F6697227924F9EEB6CA020D807746FADAEC1D27096A9A9F7FC5B54DC593 ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
12:40:34.0147 0x2050  syncagentsrv - ok
12:40:34.0193 0x2050  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
12:40:34.0225 0x2050  Synth3dVsc - ok
12:40:34.0278 0x2050  [ 49C47B5DFFBC074EC0CDE4CAA8069AAE, 14F2F6DD72285DF2B0065CC695BA3ACCA967689EF1413CD700DF41A6B1A647A8 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:40:34.0309 0x2050  SynTP - ok
12:40:34.0410 0x2050  [ F89FAA98A67A93E26DDC16A5D1419D22, FABA1992BE66DF2589D19B940CC5F2AA988DF1A0D2B884F1B79F9FE261103773 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
12:40:34.0441 0x2050  SynTPEnhService - ok
12:40:34.0494 0x2050  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
12:40:34.0578 0x2050  SysMain - ok
12:40:34.0610 0x2050  [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:40:34.0679 0x2050  SystemEventsBroker - ok
12:40:34.0710 0x2050  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:40:34.0757 0x2050  TabletInputService - ok
12:40:34.0794 0x2050  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:40:34.0825 0x2050  TapiSrv - ok
12:40:34.0941 0x2050  [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
12:40:35.0094 0x2050  Tcpip - ok
12:40:35.0157 0x2050  [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
12:40:35.0241 0x2050  Tcpip6 - ok
12:40:35.0278 0x2050  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
12:40:35.0294 0x2050  tcpipreg - ok
12:40:35.0325 0x2050  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
12:40:35.0341 0x2050  tdx - ok
12:40:35.0626 0x2050  [ D6DDCFFF145CB7D334EECC2F9A8E304F, DC2E19A799F336DF299460C8DB4EE0B2597ADC6C4728F2BB3BBCFA1192BE809C ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
12:40:35.0927 0x2050  TeamViewer - ok
12:40:35.0942 0x2050  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
12:40:35.0958 0x2050  terminpt - ok
12:40:36.0026 0x2050  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
12:40:36.0095 0x2050  TermService - ok
12:40:36.0111 0x2050  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
12:40:36.0158 0x2050  Themes - ok
12:40:36.0258 0x2050  [ D66C989F0C86A11472A57963841643D4, B75C1645512DE29281DE28AB125CFB449E75D285BF3EF577FD4A096DF3FF7260 ] tib             C:\WINDOWS\system32\DRIVERS\tib.sys
12:40:36.0358 0x2050  tib - ok
12:40:36.0412 0x2050  [ 0F9FD35675C7B29AA01DF7CA038FC18C, E0FE87FBD73A9070D6C900BC535B9B99402005957306562CA1D68AB920CB0EE9 ] tib_mounter     C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
12:40:36.0443 0x2050  tib_mounter - ok
12:40:36.0480 0x2050  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
12:40:36.0543 0x2050  TieringEngineService - ok
12:40:36.0580 0x2050  [ EAB476E252CE866727624B5224A054E4, 1F84A1A99FA07AA1A8F4BF2FFD778562AE59612D549C1CC911CEE74CBE71F831 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
12:40:36.0681 0x2050  tiledatamodelsvc - ok
12:40:36.0712 0x2050  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
12:40:36.0728 0x2050  TimeBroker - ok
12:40:36.0781 0x2050  [ 21AFBEAC264AB4C6A399E41EF7B2A500, 005089F7F971BED5184A36C6FAE21A68117FB1C017B2F00021FA218131E9AC3A ] tnd             C:\WINDOWS\system32\DRIVERS\tnd.sys
12:40:36.0843 0x2050  tnd - ok
12:40:36.0897 0x2050  [ 0A03E85A641F2672796D34F506066594, B2AA139CC53F25DB1709844483D404A8FA1D010167BCF164B4A31A029C606F7D ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
12:40:36.0912 0x2050  TomTomHOMEService - ok
12:40:36.0982 0x2050  [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
12:40:37.0013 0x2050  TPM - ok
12:40:37.0028 0x2050  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
12:40:37.0060 0x2050  TrkWks - ok
12:40:37.0098 0x2050  [ 8DE922CD4FEA6F83B10805DF965B9A08, AD6BBBA1D6FD8D717CC2CC4BB9FCCF2AF14BB12E76E51BB8A5BA1642E143D324 ] truecrypt       C:\WINDOWS\system32\drivers\truecrypt.sys
12:40:37.0113 0x2050  truecrypt - ok
12:40:37.0144 0x2050  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:40:37.0213 0x2050  TrustedInstaller - ok
12:40:37.0244 0x2050  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
12:40:37.0297 0x2050  tsusbflt - ok
12:40:37.0313 0x2050  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:40:37.0329 0x2050  TsUsbGD - ok
12:40:37.0379 0x2050  [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB          C:\WINDOWS\system32\DRIVERS\TurboB.sys
12:40:37.0397 0x2050  TurboB - ok
12:40:37.0428 0x2050  [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
12:40:37.0444 0x2050  TurboBoost - ok
12:40:37.0482 0x2050  [ 127925766866C52F147A2FFC0C0358A5, DCDF38A456E0BAAEE1E54FD67C3DEB4A036F116036FBD28073201B6C27C2C2DD ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
12:40:37.0544 0x2050  tzautoupdate - ok
12:40:37.0576 0x2050  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
12:40:37.0598 0x2050  uagp35 - ok
12:40:37.0613 0x2050  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
12:40:37.0629 0x2050  UASPStor - ok
12:40:37.0645 0x2050  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
12:40:37.0660 0x2050  UBHelper - ok
12:40:37.0698 0x2050  [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
12:40:37.0783 0x2050  UcmCx0101 - ok
12:40:37.0798 0x2050  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
12:40:37.0830 0x2050  UcmUcsi - ok
12:40:37.0845 0x2050  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
12:40:37.0880 0x2050  Ucx01000 - ok
12:40:37.0883 0x2050  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
12:40:37.0930 0x2050  UdeCx - ok
12:40:37.0946 0x2050  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
12:40:37.0983 0x2050  udfs - ok
12:40:37.0999 0x2050  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
12:40:38.0015 0x2050  UEFI - ok
12:40:38.0030 0x2050  [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
12:40:38.0062 0x2050  Ufx01000 - ok
12:40:38.0083 0x2050  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
12:40:38.0099 0x2050  UfxChipidea - ok
12:40:38.0146 0x2050  [ 2A87EA182EA333D79AA0B03833EA67F2, 227792A8B4E63CF60A3DEECF829448C8FD59A40DEF3F42414E432820F8D34F64 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
12:40:38.0161 0x2050  ufxsynopsys - ok
12:40:38.0215 0x2050  [ 30B78A6296127B7A793CF42CA61B29B0, 13871F5E73C0CA5BA864384A0F4B3A6D12434DF9B3D6FFF8DF0EF76245E76BC5 ] UI Assistant Service C:\Program Files (x86)\Join Air\AssistantServices.exe
12:40:38.0215 0x2050  UI Assistant Service - ok
12:40:38.0262 0x2050  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
12:40:38.0284 0x2050  UI0Detect - ok
12:40:38.0315 0x2050  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
12:40:38.0331 0x2050  uliagpkx - ok
12:40:38.0346 0x2050  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
12:40:38.0362 0x2050  umbus - ok
12:40:38.0384 0x2050  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
12:40:38.0447 0x2050  UmPass - ok
12:40:38.0485 0x2050  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
12:40:38.0516 0x2050  UmRdpService - ok
12:40:38.0600 0x2050  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
12:40:38.0701 0x2050  UnistoreSvc - ok
12:40:38.0879 0x2050  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:40:38.0948 0x2050  UNS - ok
12:40:39.0017 0x2050  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:40:39.0032 0x2050  Updater Service - ok
12:40:39.0086 0x2050  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:40:39.0132 0x2050  upnphost - ok
12:40:39.0164 0x2050  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
12:40:39.0186 0x2050  UrsChipidea - ok
12:40:39.0201 0x2050  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
12:40:39.0217 0x2050  UrsCx01000 - ok
12:40:39.0233 0x2050  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
12:40:39.0264 0x2050  UrsSynopsys - ok
12:40:39.0302 0x2050  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
12:40:39.0317 0x2050  usbccgp - ok
12:40:39.0333 0x2050  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
12:40:39.0384 0x2050  usbcir - ok
12:40:39.0402 0x2050  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
12:40:39.0418 0x2050  usbehci - ok
12:40:39.0433 0x2050  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
12:40:39.0465 0x2050  usbhub - ok
12:40:39.0518 0x2050  [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
12:40:39.0565 0x2050  USBHUB3 - ok
12:40:39.0602 0x2050  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
12:40:39.0633 0x2050  usbohci - ok
12:40:39.0649 0x2050  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
12:40:39.0687 0x2050  usbprint - ok
12:40:39.0718 0x2050  [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
12:40:39.0765 0x2050  usbser - ok
12:40:39.0803 0x2050  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:40:39.0834 0x2050  USBSTOR - ok
12:40:39.0882 0x2050  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
12:40:39.0887 0x2050  usbuhci - ok
12:40:39.0950 0x2050  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
12:40:40.0003 0x2050  usbvideo - ok
12:40:40.0066 0x2050  [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:40:40.0088 0x2050  USBXHCI - ok
12:40:40.0150 0x2050  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
12:40:40.0251 0x2050  UserDataSvc - ok
12:40:40.0288 0x2050  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
12:40:40.0389 0x2050  UserManager - ok
12:40:40.0420 0x2050  [ BF6C588423B2F856015AE8F61D93D01F, D45A3409E4EF026ECF1F8295EF9CFAA4C111776C2BA04171591744CDAB912479 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
12:40:40.0536 0x2050  UsoSvc - ok
12:40:40.0552 0x2050  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
12:40:40.0567 0x2050  VaultSvc - ok
12:40:40.0604 0x2050  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
12:40:40.0620 0x2050  vdrvroot - ok
12:40:40.0651 0x2050  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
12:40:40.0705 0x2050  vds - ok
12:40:40.0736 0x2050  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
12:40:40.0752 0x2050  VerifierExt - ok
12:40:40.0767 0x2050  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
12:40:40.0805 0x2050  vhdmp - ok
12:40:40.0836 0x2050  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
12:40:40.0888 0x2050  vhf - ok
12:40:40.0905 0x2050  [ 593D66A1424176B07E1E04B581C636C2, D4E1FA96A1A24DD3EEB3FAB0F32C702C5A621F633007B3D7874995C77CB116E5 ] virtual_file    C:\WINDOWS\system32\DRIVERS\virtual_file.sys
12:40:41.0005 0x2050  virtual_file - ok
12:40:41.0052 0x2050  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
12:40:41.0090 0x2050  vmbus - ok
12:40:41.0105 0x2050  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
12:40:41.0137 0x2050  VMBusHID - ok
12:40:41.0205 0x2050  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
12:40:41.0268 0x2050  vmicguestinterface - ok
12:40:41.0289 0x2050  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
12:40:41.0321 0x2050  vmicheartbeat - ok
12:40:41.0337 0x2050  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:40:41.0368 0x2050  vmickvpexchange - ok
12:40:41.0390 0x2050  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
12:40:41.0421 0x2050  vmicrdv - ok
12:40:41.0437 0x2050  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
12:40:41.0468 0x2050  vmicshutdown - ok
12:40:41.0490 0x2050  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
12:40:41.0522 0x2050  vmictimesync - ok
12:40:41.0537 0x2050  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
12:40:41.0569 0x2050  vmicvmsession - ok
12:40:41.0591 0x2050  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
12:40:41.0622 0x2050  vmicvss - ok
12:40:41.0653 0x2050  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
12:40:41.0669 0x2050  volmgr - ok
12:40:41.0685 0x2050  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
12:40:41.0707 0x2050  volmgrx - ok
12:40:41.0722 0x2050  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
12:40:41.0753 0x2050  volsnap - ok
12:40:41.0785 0x2050  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
12:40:41.0791 0x2050  vpci - ok
12:40:41.0807 0x2050  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
12:40:41.0838 0x2050  vsmraid - ok
12:40:41.0907 0x2050  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
12:40:42.0007 0x2050  VSS - ok
12:40:42.0039 0x2050  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
12:40:42.0070 0x2050  VSTXRAID - ok
12:40:42.0091 0x2050  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
12:40:42.0123 0x2050  vwifibus - ok
12:40:42.0139 0x2050  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
12:40:42.0170 0x2050  vwififlt - ok
12:40:42.0187 0x2050  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
12:40:42.0192 0x2050  vwifimp - ok
12:40:42.0239 0x2050  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
12:40:42.0292 0x2050  W32Time - ok
12:40:42.0339 0x2050  [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
12:40:42.0370 0x2050  w3logsvc - ok
12:40:42.0407 0x2050  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
12:40:42.0454 0x2050  W3SVC - ok
12:40:42.0490 0x2050  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
12:40:42.0492 0x2050  WacomPen - ok
12:40:42.0539 0x2050  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
12:40:42.0639 0x2050  WalletService - ok
12:40:42.0670 0x2050  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:40:42.0707 0x2050  wanarp - ok
12:40:42.0707 0x2050  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:40:42.0739 0x2050  wanarpv6 - ok
12:40:42.0770 0x2050  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
12:40:42.0808 0x2050  WAS - ok
12:40:42.0889 0x2050  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
12:40:43.0008 0x2050  wbengine - ok
12:40:43.0070 0x2050  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
12:40:43.0192 0x2050  WbioSrvc - ok
12:40:43.0255 0x2050  [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
12:40:43.0308 0x2050  Wcmsvc - ok
12:40:43.0355 0x2050  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
12:40:43.0393 0x2050  wcncsvc - ok
12:40:43.0409 0x2050  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:40:43.0487 0x2050  WcsPlugInService - ok
12:40:43.0509 0x2050  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
12:40:43.0540 0x2050  WdBoot - ok
12:40:43.0571 0x2050  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
12:40:43.0609 0x2050  Wdf01000 - ok
12:40:43.0640 0x2050  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
12:40:43.0656 0x2050  WdFilter - ok
12:40:43.0689 0x2050  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
12:40:43.0709 0x2050  WdiServiceHost - ok
12:40:43.0709 0x2050  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
12:40:43.0740 0x2050  WdiSystemHost - ok
12:40:43.0793 0x2050  [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
12:40:43.0872 0x2050  wdiwifi - ok
12:40:43.0910 0x2050  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:40:43.0925 0x2050  WdNisDrv - ok
12:40:43.0956 0x2050  WdNisSvc - ok
12:40:43.0972 0x2050  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:40:44.0025 0x2050  WebClient - ok
12:40:44.0041 0x2050  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
12:40:44.0072 0x2050  Wecsvc - ok
12:40:44.0094 0x2050  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
12:40:44.0126 0x2050  WEPHOSTSVC - ok
12:40:44.0157 0x2050  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
12:40:44.0241 0x2050  wercplsupport - ok
12:40:44.0273 0x2050  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
12:40:44.0326 0x2050  WerSvc - ok
12:40:44.0357 0x2050  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
12:40:44.0373 0x2050  WFPLWFS - ok
12:40:44.0410 0x2050  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
12:40:44.0441 0x2050  WiaRpc - ok
12:40:44.0473 0x2050  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
12:40:44.0495 0x2050  WIMMount - ok
12:40:44.0495 0x2050  WinDefend - ok
12:40:44.0542 0x2050  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
12:40:44.0557 0x2050  WindowsTrustedRT - ok
12:40:44.0573 0x2050  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
12:40:44.0595 0x2050  WindowsTrustedRTProxy - ok
12:40:44.0642 0x2050  [ D4B30E23A3B373648F61290DAF432CB2, 7084E24A2E813BDD11C880F2B2D2626CD3600D9BABAA8AA8F068748E90BC8D58 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:40:44.0727 0x2050  WinHttpAutoProxySvc - ok
12:40:44.0773 0x2050  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
12:40:44.0795 0x2050  WinMad - ok
12:40:44.0895 0x2050  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:40:44.0995 0x2050  Winmgmt - ok
12:40:45.0194 0x2050  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
12:40:45.0358 0x2050  WinRM - ok
12:40:45.0412 0x2050  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
12:40:45.0491 0x2050  WINUSB - ok
12:40:45.0496 0x2050  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
12:40:45.0512 0x2050  WinVerbs - ok
12:40:45.0728 0x2050  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
12:40:45.0928 0x2050  WlanSvc - ok
12:40:46.0112 0x2050  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
12:40:46.0397 0x2050  wlidsvc - ok
12:40:46.0444 0x2050  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
12:40:46.0513 0x2050  WmiAcpi - ok
12:40:46.0544 0x2050  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:40:46.0597 0x2050  wmiApSrv - ok
12:40:46.0628 0x2050  WMPNetworkSvc - ok
12:40:46.0660 0x2050  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:40:46.0693 0x2050  Wof - ok
12:40:46.0860 0x2050  [ 3B6CCFF7AD385842A9638DCF654ABCD4, 2E6605E5E1BD214D7F47F30E73481C07AE70CAE3A3B565FA37D1A551A58BFDB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
12:40:47.0076 0x2050  workfolderssvc - ok
12:40:47.0098 0x2050  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:40:47.0114 0x2050  wpcfltr - ok
12:40:47.0145 0x2050  [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
12:40:47.0229 0x2050  WPDBusEnum - ok
12:40:47.0245 0x2050  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:40:47.0260 0x2050  WpdUpFltr - ok
12:40:47.0296 0x2050  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
12:40:47.0361 0x2050  WpnService - ok
12:40:47.0398 0x2050  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:40:47.0414 0x2050  ws2ifsl - ok
12:40:47.0445 0x2050  [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
12:40:47.0514 0x2050  wscsvc - ok
12:40:47.0545 0x2050  [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
12:40:47.0561 0x2050  WSDPrintDevice - ok
12:40:47.0576 0x2050  [ 3A3294E2E5CBFC51999180C06051DDE9, 2EEE0A5BEBB366E4C12245E8175685CF2173E260B482A8EEB7F8255BA43C6CE3 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
12:40:47.0598 0x2050  WSDScan - ok
12:40:47.0598 0x2050  WSearch - ok
12:40:47.0930 0x2050  [ 1E099AE79C6D58063E0B4F538732B87F, 0EDA8AA7CA1946DFF651AF6FBCBEBEE904FB269E67F6AB6739247C5242BCDC7E ] WSService       C:\WINDOWS\System32\WSService.dll
12:40:48.0114 0x2050  WSService - ok
12:40:48.0476 0x2050  [ BFB3F9076F9B6CBC540012842177DD63, 669C6BE8D7AF18FB8934267E713315F95B17AE6563352745FF594816BB581768 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
12:40:48.0676 0x2050  wuauserv - ok
12:40:48.0698 0x2050  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
12:40:48.0795 0x2050  WudfPf - ok
12:40:48.0814 0x2050  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
12:40:48.0845 0x2050  WUDFRd - ok
12:40:48.0893 0x2050  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
12:40:48.0914 0x2050  wudfsvc - ok
12:40:48.0914 0x2050  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:40:48.0945 0x2050  WUDFWpdFs - ok
12:40:48.0961 0x2050  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:40:48.0976 0x2050  WUDFWpdMtp - ok
12:40:49.0177 0x2050  [ A17D939E89831694963802A729191D1F, 5DE24F3A19BC83589D3FEE19C4E44ED04450AD2F3225745A45BA7B702E7DDFD6 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
12:40:49.0346 0x2050  WwanSvc - ok
12:40:49.0415 0x2050  [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
12:40:49.0531 0x2050  XblAuthManager - ok
12:40:49.0597 0x2050  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
12:40:49.0678 0x2050  XblGameSave - ok
12:40:49.0716 0x2050  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
12:40:49.0778 0x2050  xboxgip - ok
12:40:49.0847 0x2050  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
12:40:49.0932 0x2050  XboxNetApiSvc - ok
12:40:49.0963 0x2050  [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
12:40:50.0000 0x2050  xinputhid - ok
12:40:50.0000 0x2050  ================ Scan global ===============================
12:40:50.0032 0x2050  [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
12:40:50.0063 0x2050  [ 602060E8FD837EC184B10B32795D62AB, BC15589FF036A2FD2F598BA5D2E3F0D5EF348C73870F5CC763A3A04B8A9166F3 ] C:\WINDOWS\system32\winsrv.dll
12:40:50.0101 0x2050  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
12:40:50.0116 0x2050  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
12:40:50.0132 0x2050  [ Global ] - ok
12:40:50.0132 0x2050  ================ Scan MBR ==================================
12:40:50.0163 0x2050  [ F2634EFAB9E22A7870007C2453CEFE38 ] \Device\Harddisk0\DR0
12:40:51.0117 0x2050  \Device\Harddisk0\DR0 - ok
12:40:51.0117 0x2050  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
12:40:51.0602 0x2050  \Device\Harddisk1\DR3 - ok
12:40:51.0602 0x2050  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR8
12:40:51.0849 0x2050  \Device\Harddisk2\DR8 - ok
12:40:51.0864 0x2050  ================ Scan VBR ==================================
12:40:51.0880 0x2050  [ 13E51F3DD917BA781A65D4166D7189C5 ] \Device\Harddisk0\DR0\Partition1
12:40:51.0902 0x2050  \Device\Harddisk0\DR0\Partition1 - ok
12:40:51.0934 0x2050  [ B436714122AE16BA020A8F51120366D3 ] \Device\Harddisk0\DR0\Partition2
12:40:51.0949 0x2050  \Device\Harddisk0\DR0\Partition2 - ok
12:40:51.0949 0x2050  [ 88D4D6BF121381C1CFEA1B29A66B31E5 ] \Device\Harddisk1\DR3\Partition1
12:40:51.0949 0x2050  \Device\Harddisk1\DR3\Partition1 - ok
12:40:51.0965 0x2050  [ 498F6D66EABBAF3F16C6CBE0121FD258 ] \Device\Harddisk2\DR8\Partition1
12:40:51.0965 0x2050  \Device\Harddisk2\DR8\Partition1 - ok
12:40:51.0965 0x2050  ================ Scan generic autorun ======================
12:40:52.0439 0x2050  [ 0D7CF635D9888072015EBE3B232DFB99, 25F8BB678DA47D4C7D002964597A04EE651E1492C43C217E3987FBC8DA66FDE6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:40:52.0765 0x2050  RtHDVCpl - ok
12:40:52.0825 0x2050  [ 83EB66A70A21CE8589507C878CDCD4E9, 776A5B43DB0B15D9EF7385463136E4BD3DE51EF14190C4BFE5EAAC7C87779287 ] C:\Program Files\Apoint2K\Apoint.exe
12:40:52.0941 0x2050  Apoint - ok
12:40:52.0941 0x2050  SNUVCDSM - ok
12:40:52.0941 0x2050  PLFSetL - ok
12:40:52.0994 0x2050  [ FBFA45B2D8ABB107C79E0CA0F8ED0A6D, 4D00D414C0205A0BDBB570B158EF841CD5DC4C8E2A2A1AC582E27A663F46388D ] C:\Windows\PLFSetI.exe
12:40:53.0110 0x2050  PLFSetI - detected UnsignedFile.Multi.Generic ( 1 )
12:40:53.0210 0x2050  Detect skipped due to KSN trusted
12:40:53.0210 0x2050  PLFSetI - ok
12:40:53.0272 0x2050  [ 3F09D12C0DF3BFF61E80309063F165D2, BE2EDF10141094112EE79A457E6C0B547C2F424E9ADEC3F5C89F6B2604F8288D ] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
12:40:53.0294 0x2050  mwlDaemon - ok
12:40:53.0325 0x2050  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
12:40:53.0341 0x2050  IAAnotif - ok
12:40:53.0372 0x2050  [ 42EB7A79867ED8AD99349FF0F0A7F39A, AF289350D625123BB697532B53A35B48D574ADB9861A288DA68F8EC2AB6F2E3A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
12:40:53.0425 0x2050  AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
12:40:53.0541 0x2050  Detect skipped due to KSN trusted
12:40:53.0541 0x2050  AmIcoSinglun64 - ok
12:40:53.0626 0x2050  [ E64270B5DB7218E60AD62ED0C52E3A09, E9CC0CA9A19868C34EC782FA9F45617DB81C791393BED68EBF8E38BE2C27F8FA ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
12:40:53.0657 0x2050  Acer ePower Management - ok
12:40:53.0842 0x2050  [ 60EA24BA03CCFDD0CB5FBAD4E8FE0C7B, 4DF30888B316BD9D1FE3E07B687C4A89B93FD02336321C4D1C81FE3BA12C822D ] C:\Program Files\OO Software\Defrag\oodtray.exe
12:40:53.0995 0x2050  OODefragTray - ok
12:40:54.0011 0x2050  SynTPEnh - ok
12:40:54.0411 0x2050  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:40:54.0743 0x2050  OneDriveSetup - ok
12:40:55.0025 0x2050  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:40:55.0309 0x2050  OneDriveSetup - ok
12:40:55.0393 0x2050  [ 1F269C250F61514A18D0C863FDBA94E8, 0C65FC2572E5CEF2C625973D4074D84F7753AA23F6C151D6BAA0C54A8A566DC4 ] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe
12:40:55.0409 0x2050  WinPatrol - ok
12:40:55.0577 0x2050  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:40:55.0608 0x2050  OneDrive - ok
12:40:55.0777 0x2050  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
12:40:55.0862 0x2050  HP Photosmart 5520 series (NET) - ok
12:40:56.0024 0x2050  [ EE9D93E2688A461FE532A866E291111F, E13B996E31426DB41D9EB5DD210FF3BF92413FFEBB3A0A55BF92A413BA6D2D38 ] C:\Program Files (x86)\Steam\steam.exe
12:40:56.0147 0x2050  Steam - ok
12:40:56.0294 0x2050  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
12:40:56.0342 0x2050  Uninstall C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 - ok
12:40:56.0347 0x2050  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
12:40:56.0378 0x2050  Uninstall C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.5892.0626 - ok
12:40:56.0394 0x2050  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
12:40:56.0425 0x2050  Uninstall C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.6390.0509 - ok
12:40:56.0547 0x2050  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\EEEEE\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:40:56.0579 0x2050  OneDrive - ok
12:40:56.0610 0x2050  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
12:40:56.0645 0x2050  Uninstall C:\Users\EEEEE\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 - ok
12:40:56.0904 0x2050  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:40:57.0234 0x2050  OneDriveSetup - ok
12:40:57.0319 0x2050  [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe
12:40:57.0397 0x2050  WAB Migrate - ok
12:40:58.0098 0x2050  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:40:58.0429 0x2050  OneDriveSetup - ok
12:40:58.0440 0x2050  Waiting for KSN requests completion. In queue: 287
12:40:59.0482 0x2050  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.494 ), 0x61100 ( enabled : updated )
12:40:59.0497 0x2050  Win FW state via NFP2: enabled ( trusted )
12:40:59.0666 0x2050  ============================================================
12:40:59.0666 0x2050  Scan finished
12:40:59.0666 0x2050  ============================================================
12:40:59.0666 0x0fc0  Detected object count: 0
12:40:59.0666 0x0fc0  Actual detected object count: 0

M-K-D-B · 29.08.2016, 08:45

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

M-K-D-B · 01.09.2016, 13:23

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

magigstar · 03.09.2016, 09:17

Code:

ATTFilter

# AdwCleaner v6.010 - Bericht erstellt am 03/09/2016 um 07:40:40
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-03.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : DDDDD CCCCC - ARBEITSCOMPUTER
# Gestartet von : C:\Users\DDDDD CCCCC\Desktop\AdwCleaner_6.010.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****

[-] Dienst gelöscht: CltMngSvc


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\DDDDD CCCCC\AppData\Local\SearchProtect
[-] Ordner gelöscht: C:\Users\DDDDD CCCCC\AppData\Local\bvyvcvd
[-] Ordner gelöscht: C:\Program Files (x86)\ORBTR
[-] Ordner gelöscht: C:\Program Files (x86)\SearchProtect
[-] Ordner gelöscht: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\SearchProtect


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Program Files (x86)\Yahoo!\Common\unyt.exe
[-] Datei gelöscht: C:\WINDOWS\apppatch\apppatch64\vcldr64.dll
[-] Datei gelöscht: C:\WINDOWS\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
[-] Datei gelöscht: C:\WINDOWS\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
[-] Datei gelöscht: C:\WINDOWS\AppPatch\nbin\VC32Loader.dll


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SystemStoreService
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\YahooAUService
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\mailUpdate
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Sample.BrowserHandler
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Sample.BrowserHandler.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Sample.YTBPartnerSample
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Sample.YTBPartnerSample.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.CacheLoader
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.CacheLoader.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.Clickstream
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.Clickstream.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.YTHelper
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.YTHelper.2
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.YTNavAssistPlugin
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.YTNavAssistPlugin.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.YToolbarBand
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.YToolbarBand.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoSearchAssistant
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoSearchAssistant.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoUpdaterAssistant
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoUpdaterAssistant.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBGeneralAssistant
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBGeneralAssistant.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBSingleInstanceAssistant
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBSingleInstanceAssistant.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP.1
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{1E57256D-9F39-4267-AB39-D7813D644C5A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{31371420-098D-4C0E-A11E-EBEC2305DD01}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3A06AA27-D94B-48C2-BB55-9FD0FF2120E3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{46140CE4-76FE-440E-AE88-4C2272BC05C7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{9F9C4C5C-2BA8-4E00-A697-9F710BB1026B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{61A2027D-B837-4080-A925-6E30E10DEF32}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\Software\SearchProtect
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\Software\SEARCHPROTECT
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SearchProtect
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SEARCHPROTECT
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SearchProtect
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SPPDCOM
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\SEARCHPROTECT
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SEARCHPROTECT
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
[-] Daten  wiederhergestellt: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Schlüssel gelöscht: HKU\S-1-5-21-1242904208-471078349-2963378918-1000\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\yt.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\ytbbroker.EXE
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "browser.newtab.url" -  "hxxp://www.trovi.com/?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=1B7744E7-7043-4DBF-99F8-28D521D025C7&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP7018A729-DE12-4C9B-A0FE-933E764F75A9&D=081316"
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" -  "Trovi"
[-] [C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: flpcjncodpafbgdpnkljologafpionhb


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2182 Bytes] - [15/01/2016 12:12:41]
C:\AdwCleaner\AdwCleaner[C2].txt - [13826 Bytes] - [03/09/2016 07:40:40]
C:\AdwCleaner\AdwCleaner[S1].txt - [1824 Bytes] - [15/01/2016 12:10:29]
C:\AdwCleaner\AdwCleaner[S2].txt - [13592 Bytes] - [03/09/2016 07:38:12]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [14047 Bytes] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 03.09.2016
Suchlaufzeit: 07:57
Protokolldatei: mam_report.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.03.02
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DDDDD CCCCCC

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 595291
Abgelaufene Zeit: 1 Std., 36 Min., 55 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 3
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR  , In Quarantäne, [328ce588ceccec4aa5a1bcfdf112619f], 
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [9a2484e9d0ca3303cc471ec0778cf709], 
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [4d7134393961979f7a9a508e3fc404fc], 

Registrierungswerte: 7
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 131170951442749908, In Quarantäne, [a11da3ca92080c2a2b1a4c6d06fdf30d]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 131170951442749908, In Quarantäne, [97276b02841653e3f451ad0cb152d42c]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 131170951442749908, In Quarantäne, [88360a632a7090a6c481c0f9a162d030]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 131170951442749908, In Quarantäne, [a618a4c9f1a94cea4500823748bb01ff]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 131170951442749908, In Quarantäne, [2e90610ce8b2e155e065ab0e48bbd42c]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 131170951442749908, In Quarantäne, [8935333a74265cda281d9623d62db54b]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr  |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 131170951442749908, In Quarantäne, [328ce588ceccec4aa5a1bcfdf112619f]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.Managera, C:\Users\DDDDD CCCCCC\AppData\Local\Temp\39fdaae5-8e0e-493c-88ec-e05c3be06e42, In Quarantäne, [12ac402d31692c0aed15b70bad55b848], 
PUP.Optional.ExTutil, C:\Users\DDDDD CCCCCC\AppData\Local\Temp\D8ADFCCA-EE7E-442C-9999-C4D14FEF360B, In Quarantäne, [08b6c3aa91093ff7b464bd0533cf4cb4], 

Dateien: 12
PUP.Optional.Conduit, C:\Users\DDDDD CCCCCC\AppData\Local\Temp\offer-439E92CA-12B1-427D-BCCE-77BBC2FA4674.exe, In Quarantäne, [d0ee521b0d8d3cfaaaa6bf188e7209f7], 
PUP.Optional.SearchProtect, C:\Users\DDDDD CCCCCC\AppData\Local\Temp\Setup.exe, In Quarantäne, [8d31d39a9bff8aac5674e9ce7988619f], 
PUP.Optional.Conduit, C:\Users\DDDDD CCCCCC\AppData\Local\Temp\spstub.exe, In Quarantäne, [d4ea84e98f0be84e7fd1488f49b73cc4], 
PUP.Optional.Conduit, C:\Users\DDDDD CCCCCC\AppData\Local\Temp\dlLogic.exe, In Quarantäne, [b8061855edad6ec838f081349f62d62a], 
PUP.Optional.DownloadGuide, C:\Windows\Installer\33af6a3.msi, In Quarantäne, [45795b12702ad85e12a165647c88b14f], 
PUP.Optional.DownloadGuide, C:\Windows\Installer\{649C4BED-C473-4F9E-918E-B11DC0D95818}\ProductIcon.exe, In Quarantäne, [d3eba6c7a9f1cd69387bdeebed179d63], 
PUP.Optional.Managera, C:\Users\DDDDD CCCCCC\AppData\Local\Temp\39fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, In Quarantäne, [12ac402d31692c0aed15b70bad55b848], 
PUP.Optional.Managera, C:\Users\DDDDD CCCCCC\AppData\Local\Temp\39fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, In Quarantäne, [12ac402d31692c0aed15b70bad55b848], 
PUP.Optional.ExTutil, C:\Users\DDDDD CCCCCC\AppData\Local\Temp\D8ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, In Quarantäne, [08b6c3aa91093ff7b464bd0533cf4cb4], 
PUP.Optional.ExTutil, C:\Users\DDDDD CCCCCC\AppData\Local\Temp\D8ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, In Quarantäne, [08b6c3aa91093ff7b464bd0533cf4cb4], 
PUP.Optional.ExTutil, C:\Users\DDDDD CCCCCC\AppData\Local\Temp\D8ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, In Quarantäne, [08b6c3aa91093ff7b464bd0533cf4cb4], 
PUP.Optional.Trovi, C:\Users\DDDDD CCCCCC\AppData\Roaming\Mozilla\Firefox\Profiles\bp75l62n.default-1460733121568\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.selectedEngine", "Trovi");), Ersetzt,[ad11adc0504a67cf97da4950b64ecc34]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64 
Ran by DDDDDD CCCCC (Administrator) on 03.09.2016 at  9:58:41,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Failed to delete: C:\ProgramData\pdfforge (Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.09.2016 at 10:03:00,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von DDDDD CCCCC (Administrator) auf ARBEITSCOMPUTER (03-09-2016 10:04:58)
Gestartet von C:\Users\DDDDD CCCCC\Desktop
Geladene Profile: DDDDD CCCCC (Verfügbare Profile: DDDDD CCCCC & EEEEEE & Versuch & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Â© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.486_none_7640e086266ea227\TiWorker.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.227.1489.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-29] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe
HKLM\...\Run: [PLFSetL] => C:\Windows\PLFSetL.exe
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2011-11-13] ()
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-07-23] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SimpleScreenshot] => C:\Program Files (x86)\SSS\SimpleScreenshot.exe [2255360 2008-02-09] (Mirko Böer)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [421768 2016-04-25] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7377936 2016-05-10] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [533568 2014-04-23] (BillP Studios)
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2852128 2016-08-03] (Valve Corporation)
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\RunOnce: [Uninstall C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\RunOnce: [Uninstall C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\...\RunOnce: [Uninstall C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.6390.0509"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\DDDDD CCCCC\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
Startup: C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk [2014-09-23]
ShortcutTarget: RescueTime.lnk -> C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.)
Startup: C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5520 series (Netzwerk).lnk [2016-09-03]
ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart 5520 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{15ef09c9-ceb0-425c-a5ac-002b19b46047}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{c020751a-5210-47b5-9035-51239104e46c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c10dcd24-bf50-4b4b-b20c-22407fc328c8}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-1242904208-471078349-2963378918-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1242904208-471078349-2963378918-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1242904208-471078349-2963378918-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-08-11] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\DDDDD CCCCC\AppData\Roaming\Mozilla\Firefox\Profiles\bp75l62n.default-1460733121568
FF Homepage: hxxp://www.trojaner-board.de/181387-searchprotect-hintergrund-andere-sucheinstellungen-firefox.html
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1242904208-471078349-2963378918-1000: @citrixonline.com/appdetectorplugin -> C:\Users\DDDDD CCCCC\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-31] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: (FoxyProxy Standard) - C:\Users\DDDDD CCCCC\AppData\Roaming\Mozilla\Firefox\Profiles\bp75l62n.default-1460733121568\extensions\foxyproxy@eric.h.jung [2016-09-03]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-02-16] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR Profile: C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Google Präsentationen) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-10]
CHR Extension: (Google Drive) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]
CHR Extension: (YouTube) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-17]
CHR Extension: (Nanny for Google Chrome (TM)) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\cljcgchbnolheggdgaeclffeagnnmhno [2015-02-22]
CHR Extension: (Google-Suche) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-23]
CHR Extension: (Google Tabellen) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-10]
CHR Extension: (Google Docs Offline) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Google Mail) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\DDDDD CCCCC\AppData\Local\Google\Chrome\User Data\default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AAV UpdateService; C:\Program Files (x86)\Common Files\AAV\aavus.exe [122880 2007-10-04] () [Datei ist nicht signiert]
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1195840 2016-04-26] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463592 2016-06-05] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S4 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2013-10-10] () [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S4 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [241704 2014-03-25] (Foxit Corporation)
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S4 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [11264 2013-01-24] () [Datei ist nicht signiert]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [Datei ist nicht signiert]
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (Â© pdfforge GmbH.)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S4 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [Datei ist nicht signiert]
S4 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\RpcAgentSrv.exe [72344 2008-05-19] (SiSoftware) [Datei ist nicht signiert]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-10-22] (Sandboxie Holdings, LLC)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9698296 2016-04-16] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-07] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S4 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [247152 2010-04-27] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
R2 EkaProt6; C:\Windows\system32\DRIVERS\ekaprot6.sys [27288 2012-03-23] (Ekahau Inc.)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339800 2016-06-05] (Acronis International GmbH)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [192648 2015-10-22] (Sandboxie Holdings, LLC)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267552 2016-06-05] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [193376 2016-06-05] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [601432 2016-06-05] (Acronis International GmbH)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [279392 2016-05-02] (Acronis International GmbH)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-03 10:04 - 2016-09-03 10:05 - 00023393 _____ C:\Users\DDDDD CCCCC\Desktop\FRST.txt
2016-09-03 10:04 - 2016-09-03 10:04 - 00000000 ____D C:\Users\DDDDD CCCCC\Desktop\FRST-OlderVersion
2016-09-03 10:03 - 2016-09-03 10:03 - 00000611 _____ C:\Users\DDDDD CCCCC\Desktop\JRT.txt
2016-09-03 09:58 - 2016-09-03 09:58 - 01610560 _____ (Malwarebytes) C:\Users\DDDDD CCCCC\Desktop\JRT.exe
2016-09-03 09:56 - 2016-09-03 09:56 - 00005464 _____ C:\mam_report.txt
2016-09-03 07:30 - 2016-09-03 07:30 - 03826240 _____ C:\Users\DDDDD CCCCC\Desktop\AdwCleaner_6.010.exe
2016-08-28 14:53 - 2016-08-28 14:54 - 00275772 _____ C:\WINDOWS\Minidump\082816-79484-01.dmp
2016-08-28 14:53 - 2016-08-28 14:53 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-28 12:39 - 2016-08-28 13:02 - 00284390 _____ C:\TDSSKiller.3.1.0.11_28.08.2016_12.39.03_log.txt
2016-08-28 12:38 - 2016-08-28 12:38 - 01453048 _____ (RaMMicHaeL) C:\Users\DDDDD CCCCC\Downloads\unchecky_setup.exe
2016-08-28 11:51 - 2016-08-28 11:51 - 00000492 _____ C:\TDSSKiller.3.1.0.11_28.08.2016_11.51.09_log.txt
2016-08-28 11:17 - 2016-08-28 11:17 - 04747704 _____ (AO Kaspersky Lab) C:\Users\DDDDD CCCCC\Desktop\tdsskiller.exe
2016-08-28 11:11 - 2016-09-03 10:04 - 02397696 _____ (Farbar) C:\Users\DDDDD CCCCC\Desktop\FRST64.exe
2016-08-27 13:55 - 2016-08-27 14:15 - 00000000 ____D C:\Users\DDDDD CCCCC\Evernote
2016-08-27 13:55 - 2016-08-27 13:55 - 00002523 _____ C:\Users\Public\Desktop\Evernote.lnk
2016-08-27 13:55 - 2016-08-27 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-08-27 11:17 - 2016-08-27 11:17 - 00595275 _____ C:\Users\DDDDD CCCCC\Downloads\4SE9L6.pdf
2016-08-27 10:50 - 2016-08-27 10:50 - 00065585 _____ C:\Users\DDDDD CCCCC\Downloads\Efiliale_Rechnung_3128998518_2016.01.04.pdf
2016-08-24 23:09 - 2016-08-24 23:09 - 00113434 _____ C:\Users\DDDDD CCCCC\Downloads\1713912.pdf
2016-08-24 22:56 - 2016-08-24 22:56 - 00935383 _____ C:\Users\DDDDD CCCCC\Downloads\Plenarprotokoll-908.pdf
2016-08-24 22:56 - 2016-08-24 22:56 - 00154352 _____ C:\Users\DDDDD CCCCC\Downloads\0196-13.pdf
2016-08-23 16:27 - 2016-08-23 16:27 - 00000288 _____ C:\Users\DDDDD CCCCC\Desktop\Professionelle Zahnreinigung - Was Profis übersehen - Test - Stiftung Warentest.URL
2016-08-23 14:19 - 2016-08-23 14:19 - 00125773 _____ C:\Users\DDDDD CCCCC\Downloads\S_2-76_Oktober2013.pdf
2016-08-23 13:53 - 2016-08-23 13:53 - 00809518 _____ C:\Users\DDDDD CCCCC\Downloads\Anmeldebescheinigung Ines_07.2015.pdf
2016-08-23 13:53 - 2016-08-23 13:53 - 00397949 _____ C:\Users\DDDDD CCCCC\Downloads\UniversitätsBeitragszahlung.pdf
2016-08-23 13:53 - 2016-08-23 13:53 - 00294548 _____ C:\Users\DDDDD CCCCC\Downloads\Abmeldebescheinigung_02.2016.pdf
2016-08-23 13:53 - 2016-08-23 13:53 - 00124322 _____ C:\Users\DDDDD CCCCC\Downloads\Universitätsbescheinigung_2015.pdf
2016-08-21 11:50 - 2016-08-21 11:50 - 00765756 _____ C:\Users\DDDDD CCCCC\Downloads\BasicCoupon.pdf
2016-08-21 11:50 - 2016-08-21 11:50 - 00107681 _____ C:\Users\DDDDD CCCCC\Downloads\Zusammenfassung_Volkswagen_Bank_Plus%20Konto%20TopZins_Rosaria_CCCCC.pdf
2016-08-20 19:28 - 2016-08-28 17:23 - 00000000 ____D C:\Users\DDDDD CCCCC\Desktop\Lebenslauf Engagement
2016-08-20 17:35 - 2016-08-20 17:37 - 00000000 ____D C:\Users\DDDDD CCCCC\Desktop\Neuer Ordner (2)
2016-08-20 16:30 - 2016-08-20 16:30 - 00158950 _____ C:\Users\DDDDD CCCCC\Downloads\flyer_klimatage_2016_druck_web.pdf
2016-08-20 09:57 - 2016-08-20 09:57 - 00593539 _____ C:\Users\DDDDD CCCCC\Downloads\FLT_MCL8WR29124_0.pdf
2016-08-20 09:54 - 2016-08-20 09:54 - 00135658 _____ C:\Users\DDDDD CCCCC\Downloads\FLIX-Ticket-8023432456.pdf
2016-08-19 22:47 - 2016-08-19 22:47 - 00241167 _____ C:\Users\DDDDD CCCCC\Downloads\FLIX-Ticket-8023422190.pdf
2016-08-18 08:35 - 2016-08-18 08:35 - 00003386 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-15 08:50 - 2016-08-15 08:50 - 00008363 _____ C:\Users\DDDDD CCCCC\Downloads\Kreditkarten-Abrechnung_vom_11_08_2016.pdf
2016-08-13 10:34 - 2016-08-13 10:34 - 00007392 _____ C:\Users\DDDDD CCCCC\Desktop\Steuer.xlsx
2016-08-12 23:53 - 2016-08-12 23:53 - 00000000 ____D C:\Users\Public\Documents\sun
2016-08-12 23:51 - 2016-08-12 23:51 - 00001177 _____ C:\Users\Public\Desktop\LibreOffice 5.1.lnk
2016-08-12 23:51 - 2016-08-12 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1
2016-08-12 23:50 - 2016-08-12 23:51 - 00000000 ____D C:\Program Files\LibreOffice 5
2016-08-12 23:42 - 2016-08-12 23:42 - 00009323 _____ C:\Users\DDDDD CCCCC\Desktop\ESt Zeiten.odt
2016-08-12 14:15 - 2016-08-12 14:15 - 00002861 _____ C:\Users\DDDDD CCCCC\AppData\Local\recently-used.xbel
2016-08-12 14:10 - 2016-08-12 14:10 - 00007026 _____ C:\Users\DDDDD CCCCC\Downloads\Lidl_schwarz_beteiligungen.svg
2016-08-12 11:36 - 2016-08-12 11:36 - 00390379 _____ C:\Users\DDDDD CCCCC\Downloads\_Hin- und Rückflug.pdf
2016-08-12 11:35 - 2016-08-12 11:35 - 00393522 _____ C:\Users\DDDDD CCCCC\Downloads\image2016-08-04-084154.pdf
2016-08-12 11:34 - 2016-08-12 11:34 - 00057093 _____ C:\Users\DDDDD CCCCC\Downloads\_Hin- und Rückflug.pdf
2016-08-12 11:33 - 2016-08-12 11:33 - 00369647 _____ C:\Users\DDDDD CCCCC\Downloads\CCCCC_DDDDD_Hin- und Rückflug.pdf
2016-08-12 11:31 - 2016-08-12 11:31 - 00436804 _____ C:\Users\DDDDD CCCCC\Downloads\Bahn-Ticket.pdf
2016-08-12 11:30 - 2016-08-12 11:30 - 00314901 _____ C:\Users\DDDDD CCCCC\Downloads\_Hin- und Rückflug.pdf
2016-08-12 11:25 - 2016-08-12 11:25 - 00057620 _____ C:\Users\DDDDD CCCCC\Downloads\_Hin- und Rückflug.pdf
2016-08-12 11:18 - 2016-08-12 11:18 - 00137077 _____ C:\Users\DDDDD CCCCC\Downloads\Ryanair_Hin- und Rückflug.pdf
2016-08-12 11:15 - 2016-08-12 11:15 - 00252018 _____ C:\Users\DDDDD CCCCC\Downloads\Rückflug.pdf
2016-08-12 11:15 - 2016-08-12 11:15 - 00251330 _____ C:\Users\DDDDD CCCCC\Downloads\Hinflug.pdf
2016-08-12 10:57 - 2016-08-12 10:57 - 02051441 _____ C:\Users\DDDDD CCCCC\Documents\DAB Kreditkarte-Zahlungsreklamation.pdf
2016-08-11 17:42 - 2016-08-11 17:42 - 00054283 _____ C:\Users\DDDDD CCCCC\Downloads\20160811-101768265-umsatz.CSV
2016-08-11 15:36 - 2016-08-11 15:38 - 249442304 _____ C:\Users\DDDDD CCCCC\Downloads\LibreOffice_5.1.4_Win_x64.msi
2016-08-10 23:18 - 2016-08-26 21:13 - 00000000 ____D C:\Users\DDDDD CCCCC\Desktop\Weiterbildung
2016-08-10 19:26 - 2016-08-10 19:26 - 00046385 _____ C:\Users\DDDDD CCCCC\Downloads\Kontoauszug_201607.pdf
2016-08-10 19:26 - 2016-08-10 19:26 - 00040105 _____ C:\Users\DDDDD CCCCC\Downloads\Kontoauszug_201606.pdf
2016-08-10 16:45 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 16:45 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 16:45 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 16:45 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 16:45 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 16:45 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 16:45 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 16:45 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 16:45 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 16:45 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 16:45 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 16:45 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 16:45 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 16:45 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 16:45 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 16:45 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 16:45 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 16:45 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 16:45 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 16:45 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 16:45 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 16:45 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 16:45 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 16:45 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 16:45 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 16:45 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 16:45 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 16:45 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 16:45 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 16:45 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 16:45 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 16:45 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 16:45 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 16:45 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 16:45 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 16:45 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 16:45 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 16:45 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 16:45 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 16:45 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 16:45 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 16:45 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 16:45 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 16:45 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 16:45 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 16:45 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 16:45 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 16:45 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 16:45 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 16:45 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 16:45 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 16:45 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 16:45 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 16:45 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 16:45 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 16:45 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 16:45 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 16:45 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 16:44 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 16:44 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 16:44 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 16:44 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 16:44 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 16:44 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 16:44 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 16:44 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 16:44 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 16:44 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 16:44 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 16:44 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 16:44 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 16:44 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 16:44 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 16:44 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 16:44 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 16:44 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 16:44 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 16:44 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 16:44 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 16:44 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 16:44 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 16:44 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 16:44 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 16:44 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 16:44 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 16:44 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 16:44 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 16:44 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 16:44 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 16:44 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 16:44 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 16:44 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 16:44 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 16:44 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 16:44 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 16:44 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 16:44 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 16:44 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 16:44 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 16:44 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 16:44 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 16:44 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 16:44 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 16:44 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 16:44 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 16:44 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 16:44 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 16:44 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 16:44 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 16:44 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 16:44 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 16:44 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 16:44 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 16:44 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 16:44 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 16:44 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 16:44 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 16:44 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 16:44 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 16:44 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 16:44 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 16:44 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 16:44 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 16:44 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 16:44 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 16:44 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 16:44 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 16:44 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 16:44 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 14:53 - 2016-08-10 14:53 - 06633776 _____ C:\Users\DDDDD CCCCC\Downloads\NWB_Karrierefuehrer_2013.pdf
2016-08-09 17:48 - 2016-08-09 17:48 - 00136096 _____ C:\Users\DDDDD CCCCC\Downloads\Kontoauszug-1517643373-2016-07.pdf
2016-08-09 17:47 - 2016-08-09 17:47 - 00136075 _____ C:\Users\DDDDD CCCCC\Downloads\Kontoauszug-1517643373-2016-06.pdf
2016-08-09 15:00 - 2016-08-09 15:00 - 00071558 _____ C:\Users\DDDDD CCCCC\Downloads\RG150283788971.pdf
2016-08-08 10:07 - 2016-08-08 10:08 - 00006122 _____ C:\Users\DDDDD CCCCC\Downloads\Kontoauszug_zum_29_07_2016.pdf
2016-08-07 17:26 - 2016-08-07 17:26 - 00000000 ____D C:\Users\DDDDD CCCCC\Documents\Egosoft
2016-08-07 17:21 - 2016-08-07 17:21 - 00014180 _____ C:\Users\DDDDD CCCCC\Desktop\Dok1.odt
2016-08-07 17:20 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-08-07 17:20 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-08-07 17:20 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-08-07 17:20 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-08-07 17:19 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-08-07 17:19 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-08-07 17:19 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-08-07 17:19 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-08-07 17:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-08-07 17:19 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-08-07 17:19 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-08-07 17:19 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-08-07 17:19 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-08-07 17:19 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-08-07 17:19 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-08-07 17:19 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-08-07 17:19 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-08-07 17:19 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-08-07 17:19 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-08-07 17:19 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-08-07 17:19 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-08-07 17:19 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-08-07 17:19 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-08-07 17:19 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-08-07 17:19 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-08-07 17:19 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-08-07 17:19 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-08-07 17:19 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-08-07 17:19 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-08-07 17:19 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-08-07 17:19 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-08-07 17:19 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-08-07 17:19 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-08-07 17:19 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-08-07 17:19 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-08-07 17:19 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-08-07 17:19 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-08-07 17:19 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-08-07 17:19 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-08-07 17:19 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-08-07 17:19 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-08-07 17:19 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-08-07 17:19 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-08-07 17:19 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-08-07 17:19 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-08-07 17:19 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-08-07 17:19 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-08-07 17:19 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-08-07 17:19 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-08-07 17:19 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-08-07 17:19 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-08-07 17:19 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-08-07 17:19 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-08-07 17:19 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-08-07 17:19 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-08-07 17:19 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-08-07 17:19 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-08-07 17:19 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-08-07 17:19 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-08-07 17:19 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-08-07 17:19 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-08-07 17:19 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-08-07 17:19 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-08-07 17:19 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-08-07 17:19 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-08-07 17:19 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-08-07 17:19 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-08-07 17:19 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-08-07 17:19 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-08-07 17:19 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-08-07 17:19 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-08-07 17:19 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-08-07 17:19 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-08-07 17:19 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-08-07 17:19 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-08-07 17:19 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-08-07 17:19 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-08-07 17:19 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-08-07 17:19 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-08-07 17:19 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-08-07 17:19 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-08-07 17:19 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-08-07 17:19 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-08-07 17:18 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-08-07 17:18 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-08-07 17:18 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-08-07 17:18 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-08-07 17:18 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-08-07 17:18 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-08-07 17:18 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-08-07 17:18 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-08-07 17:18 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-08-07 17:18 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-08-07 17:18 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-08-07 17:18 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-08-07 17:18 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-08-07 17:18 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-08-07 17:18 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-08-07 17:18 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-08-07 17:18 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-08-07 17:18 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-08-07 17:18 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-08-07 17:18 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-08-07 17:18 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-08-07 17:18 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-08-07 17:18 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-08-07 17:18 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-08-07 17:18 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-08-07 17:18 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-08-07 17:18 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-08-07 17:18 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-08-07 17:18 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-08-07 17:18 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-08-07 17:18 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-08-07 17:18 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-08-07 17:18 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-08-07 16:29 - 2016-08-07 16:29 - 00000220 _____ C:\Users\DDDDD CCCCC\Desktop\X Rebirth.url
2016-08-07 16:29 - 2016-08-07 16:29 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-07 16:22 - 2016-08-07 16:22 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Local\Steam
2016-08-07 16:19 - 2016-08-28 15:31 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-07 16:19 - 2016-08-07 16:19 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk
2016-08-07 16:19 - 2016-08-07 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-04 10:26 - 2016-08-04 10:26 - 00003798 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 41ef4bbbee3b49c3a813725f7b93d37d63ad611e24cd4ecc9aa891fa5366d204

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-03 10:04 - 2016-01-15 12:24 - 00000000 ____D C:\FRST
2016-09-03 09:56 - 2014-08-05 15:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-03 09:52 - 2012-09-20 05:21 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-03 09:49 - 2016-02-13 19:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-03 09:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Performance
2016-09-03 09:48 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-09-03 09:39 - 2016-02-21 12:07 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-03 09:39 - 2015-06-08 17:32 - 00000756 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1242904208-471078349-2963378918-1000.job
2016-09-03 09:35 - 2012-09-20 05:21 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-03 09:24 - 2015-05-31 14:23 - 00000660 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1242904208-471078349-2963378918-1000.job
2016-09-03 07:50 - 2015-01-31 16:22 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-03 07:50 - 2014-08-05 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-09-03 07:50 - 2014-08-05 15:08 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-09-03 07:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-03 07:40 - 2016-01-15 12:10 - 00000000 ____D C:\AdwCleaner
2016-09-03 07:35 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-03 07:35 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-03 07:31 - 2016-05-22 07:59 - 00004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01E0E035-8801-47A3-8026-B8DAA69A5C75}
2016-08-31 07:32 - 2015-06-08 17:32 - 00003946 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1242904208-471078349-2963378918-1000
2016-08-31 07:32 - 2015-05-31 14:23 - 00003850 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1242904208-471078349-2963378918-1000
2016-08-28 22:17 - 2016-08-01 01:17 - 00000000 ____D C:\Users\DDDDD CCCCC
2016-08-28 16:09 - 2012-03-25 12:40 - 00000000 ____D C:\Users\DDDDD CCCCC\Documents\Steuerfälle
2016-08-28 14:53 - 2016-02-13 10:21 - 00417976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-28 14:53 - 2015-08-07 22:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-28 13:21 - 2016-05-22 20:03 - 00001024 ____H C:\AMTAG.BIN
2016-08-28 13:21 - 2016-05-22 20:03 - 00000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0
2016-08-28 12:18 - 2012-04-29 18:04 - 00000000 ____D C:\Users\DDDDD CCCCC\FrostWire
2016-08-28 12:18 - 2011-11-23 17:34 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\BitTorrent
2016-08-26 23:41 - 2015-11-29 23:25 - 00003566 _____ C:\WINDOWS\Sandboxie.ini
2016-08-25 08:42 - 2015-08-28 22:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-23 18:35 - 2016-06-18 00:47 - 00006264 _____ C:\Users\DDDDD CCCCC\Desktop\1822direct-Sparquote.xlsx
2016-08-18 08:35 - 2016-05-22 08:07 - 00002465 _____ C:\Users\DDDDD CCCCC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-18 08:35 - 2016-05-22 08:07 - 00000000 ___RD C:\Users\DDDDD CCCCC\OneDrive
2016-08-18 08:33 - 2013-11-02 10:43 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Roaming\Skype
2016-08-12 14:15 - 2014-06-15 20:34 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Local\gtk-2.0
2016-08-12 14:15 - 2012-08-29 11:11 - 00000000 ____D C:\Users\DDDDD CCCCC\.gimp-2.8
2016-08-12 12:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-11 11:25 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-11 11:20 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 11:19 - 2014-09-23 19:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-11 02:38 - 2016-02-13 19:12 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-11 02:38 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-11 02:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-11 01:28 - 2014-08-15 16:44 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Local\Adobe
2016-08-10 19:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 19:08 - 2013-07-13 09:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 18:58 - 2011-11-18 20:58 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-09 15:43 - 2016-08-01 01:17 - 02086168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-09 15:43 - 2016-02-13 18:59 - 00889404 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-09 15:43 - 2016-02-13 18:59 - 00197452 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-09 15:39 - 2012-04-07 12:49 - 00000000 ____D C:\Users\DDDDD CCCCC\Documents\Finanzen
2016-08-09 12:18 - 2016-03-15 15:58 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-09 12:18 - 2015-08-02 17:38 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 11:29 - 2016-05-22 07:50 - 00000000 ____D C:\Users\DDDDD CCCCC\AppData\Local\Packages
2016-08-04 13:35 - 2016-05-02 14:08 - 00000000 ____D C:\Users\DDDDD CCCCC\Desktop\Desktop2
2016-08-04 11:18 - 2015-12-06 13:57 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-06-28 08:10 - 2014-07-23 22:30 - 14159872 _____ () C:\Users\DDDDD CCCCC\AppData\Roaming\Sandra.mdb
2015-01-30 21:51 - 2016-01-14 05:21 - 0000600 _____ () C:\Users\DDDDD CCCCC\AppData\Roaming\winscp.rnd
2012-04-20 19:28 - 2014-07-07 02:20 - 0006656 _____ () C:\Users\DDDDD CCCCC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-22 22:07 - 2014-09-22 22:07 - 0001482 _____ () C:\Users\DDDDD CCCCC\AppData\Local\RecConfig.xml
2016-08-12 14:15 - 2016-08-12 14:15 - 0002861 _____ () C:\Users\DDDDD CCCCC\AppData\Local\recently-used.xbel
2013-08-12 22:15 - 2016-04-30 09:53 - 0007603 _____ () C:\Users\DDDDD CCCCC\AppData\Local\Resmon.ResmonCfg
2012-03-31 11:26 - 2012-03-31 11:26 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-11-13 23:53 - 2011-11-13 23:57 - 0008282 _____ () C:\ProgramData\ArcadeDeluxe3.log
2014-09-22 20:19 - 2014-10-06 20:45 - 0008737 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\DDDDD CCCCC\AppData\Local\Temp\AcronisProductUpdateUtility.exe
C:\Users\DDDDD CCCCC\AppData\Local\Temp\libeay32.dll
C:\Users\DDDDD CCCCC\AppData\Local\Temp\msvcr120.dll
C:\Users\DDDDD CCCCC\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-26 20:31

==================== Ende von FRST.txt ============================

26.08.2016, 21:39	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	SearchProtect im Hintergrund und andere Sucheinstellungen im Firefox maggistar schon wieder __________________ __________________

26.08.2016, 22:32	#4
M-K-D-B /// TB-Ausbilder	SearchProtect im Hintergrund und andere Sucheinstellungen im Firefox reinhüpf Ich würde dir ja gerne helfen, aber da Cosinus zuerst geantwortet hat, ist es sein Thema. raushüpf

SearchProtect im Hintergrund und andere Sucheinstellungen im Firefox

Plagegeister aller Art und deren Bekämpfung: SearchProtect im Hintergrund und andere Sucheinstellungen im Firefox